This topic is locked
Hi All!
I have been receiving alerts from Avast about a Url:Mal at startup. The notification says the infection is URL:Mal and the process is C://Windows/System32/svchost.exe. Some different URLs are comming up for example http:epictory.com.
I have read other posts about this and run all suggested tools (HitmanPro, Malwarebytes, Spybot, tdskiller, EmisoftAntiMalware) but cannot get rid of it.
This has been there for ~2 months and I have not been able to get rid of it.
I include OTL reports below.
I also include a FRST log.
I hope that I can get help!
Thanks
OTL logfile created on: 2015-02-25 21:07:44 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Städning
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17633)
Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd
7,95 Gb Total Physical Memory | 4,97 Gb Available Physical Memory | 62,50% Memory free
15,90 Gb Paging File | 11,93 Gb Available in Paging File | 74,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 37,25 Gb Free Space | 33,35% Space Free | Partition Type: NTFS
Drive F: | 1863,01 Gb Total Space | 501,60 Gb Free Space | 26,92% Space Free | Partition Type: NTFS
Computer Name: UST1207276-COM | User Name: UST1207276 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
========== Processes (SafeList) ==========
PRC - [2015-02-25 20:41:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Städning\OTL.exe
PRC - [2015-02-20 01:18:00 | 001,794,704 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2015-02-05 18:57:45 | 000,410,952 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2015-01-27 07:06:13 | 005,227,112 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2015-01-23 11:37:03 | 000,338,032 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014-12-31 14:48:14 | 004,920,104 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
PRC - [2014-12-16 12:10:34 | 001,351,512 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpService.exe
PRC - [2014-12-16 12:09:04 | 001,367,360 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
PRC - [2014-12-14 00:38:17 | 006,737,976 | ---- | M] (Spotify Ltd) -- C:\Users\UST1207276\AppData\Roaming\Spotify\spotify.exe
PRC - [2014-12-14 00:38:16 | 001,676,344 | ---- | M] (Spotify Ltd) -- C:\Users\UST1207276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2014-12-14 00:38:16 | 000,374,840 | ---- | M] () -- C:\Users\UST1207276\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
PRC - [2014-12-03 07:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014-11-24 06:32:36 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014-11-21 06:12:46 | 007,229,752 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014-10-20 03:59:12 | 000,254,464 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe
PRC - [2014-10-20 03:59:10 | 000,367,616 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
PRC - [2014-06-27 11:52:26 | 002,088,408 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2014-06-24 10:42:12 | 004,101,576 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2014-06-24 10:41:42 | 001,738,168 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2014-04-25 14:12:20 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2012-02-07 16:53:34 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012-02-07 16:53:32 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012-02-07 16:52:04 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
PRC - [2012-01-04 20:59:50 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2011-11-29 19:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011-11-29 19:04:54 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2011-03-02 12:00:07 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe
========== Modules (No Company Name) ==========
MOD - [2015-01-26 01:48:26 | 010,069,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\d18e2115a3270f89663fce831547f534\System.ni.dll
MOD - [2015-01-26 01:47:27 | 000,118,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\93a0883923e78cc3e80b7ac4a9768c60\SMDiagnostics.ni.dll
MOD - [2015-01-26 01:47:04 | 019,734,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\f9d8efe5e01d08740774a12f20a3e640\System.ServiceModel.ni.dll
MOD - [2015-01-26 01:43:12 | 003,049,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\201032e5afa8609da580589102a67857\System.IdentityModel.ni.dll
MOD - [2015-01-25 23:49:08 | 012,895,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\d8223c30928e02bc7ed5b8b81effa7b5\System.Windows.Forms.ni.dll
MOD - [2015-01-25 23:49:01 | 002,855,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\187177229c00aec6dec613ea4b9ff209\System.Runtime.Serialization.ni.dll
MOD - [2015-01-25 23:49:00 | 001,642,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\dd2f9ea99ac0f984b9dc430824638c9f\System.Drawing.ni.dll
MOD - [2015-01-25 23:48:59 | 000,790,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\14cc73701aac461eb89d6473a88fcd56\System.ServiceModel.Internals.ni.dll
MOD - [2015-01-25 23:48:39 | 007,793,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\3d6ee4ffbd9a86ac1e7b01800b6fe9c7\System.Xml.ni.dll
MOD - [2015-01-25 23:48:36 | 000,972,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5a977e1f055b4f8f41da5d9142a1913c\System.Configuration.ni.dll
MOD - [2015-01-25 23:48:24 | 000,458,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\5e3e26e6c81809aab854ea76a884fde2\PresentationFramework.Aero.ni.dll
MOD - [2015-01-25 23:48:19 | 018,761,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\9f1f464b854d655c74c8cd4ee5b731bd\PresentationFramework.ni.dll
MOD - [2015-01-25 23:48:16 | 007,002,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\23d1162d1943c1b1d6c4fd7c6d8512d4\System.Core.ni.dll
MOD - [2015-01-25 23:48:11 | 011,013,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\eb3ba0fe2449d7ca96b51f71b2061cf6\PresentationCore.ni.dll
MOD - [2015-01-25 23:47:56 | 003,945,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\61c8a838d217ea8b4f68bbf38172114f\WindowsBase.ni.dll
MOD - [2015-01-25 23:47:52 | 001,873,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\1196cc375887ce75f134047505fe19bf\System.Xaml.ni.dll
MOD - [2015-01-25 23:47:43 | 017,207,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\d1265d6159ea876f9d63ea4c1361b587\mscorlib.ni.dll
MOD - [2015-01-23 11:37:32 | 003,925,104 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014-12-16 12:10:00 | 000,041,304 | ---- | M] () -- C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.PUP.Management.dll
MOD - [2014-12-16 12:08:58 | 000,089,928 | ---- | M] () -- C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll
MOD - [2014-12-16 12:08:58 | 000,070,464 | ---- | M] () -- C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll
MOD - [2014-12-16 12:08:56 | 000,015,696 | ---- | M] () -- C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll
MOD - [2014-12-16 12:08:50 | 000,171,368 | ---- | M] () -- C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll
MOD - [2014-12-16 12:08:50 | 000,033,136 | ---- | M] () -- C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Repositories.dll
MOD - [2014-12-14 00:38:16 | 036,966,968 | ---- | M] () -- C:\Users\UST1207276\AppData\Roaming\Spotify\Data\libcef.dll
MOD - [2014-12-14 00:38:16 | 000,886,840 | ---- | M] () -- C:\Users\UST1207276\AppData\Roaming\Spotify\Data\libglesv2.dll
MOD - [2014-12-14 00:38:16 | 000,867,896 | ---- | M] () -- C:\Users\UST1207276\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
MOD - [2014-12-14 00:38:16 | 000,374,840 | ---- | M] () -- C:\Users\UST1207276\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
MOD - [2014-12-14 00:38:16 | 000,108,600 | ---- | M] () -- C:\Users\UST1207276\AppData\Roaming\Spotify\Data\libegl.dll
MOD - [2014-11-24 06:32:36 | 038,562,088 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014-11-24 06:32:36 | 000,888,216 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\ffmpegsumo.dll
MOD - [2014-11-13 19:32:13 | 000,487,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\72371e4161a77e12fbdf954f0c312729\IAStorUtil.ni.dll
MOD - [2014-11-13 11:23:36 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\875c35969785fa170d186e7ca546ac9e\System.Runtime.Remoting.ni.dll
MOD - [2014-11-13 11:23:34 | 000,628,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\abecd46ce0b212dad31a9e8f9adf073f\System.EnterpriseServices.ni.dll
MOD - [2014-10-16 05:51:20 | 001,358,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\9c41049a9716f9c34e8dfad27ac45153\System.WorkflowServices.ni.dll
MOD - [2014-10-16 05:51:10 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\26e521624e8e8c879ac83245694d809a\System.ServiceModel.Web.ni.dll
MOD - [2014-10-16 05:51:07 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\3063abda312516739bc808360071bad9\System.Xml.Linq.ni.dll
MOD - [2014-10-16 05:50:49 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\8d244c1a1a93f7112ce256a5ef8f835e\System.ComponentModel.DataAnnotations.ni.dll
MOD - [2014-10-16 05:50:36 | 002,297,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\e3641fa3359f37ad12c84183ce765093\System.Core.ni.dll
MOD - [2014-10-16 05:50:18 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\741ce83693f870bcc767b0f487b5de87\System.IdentityModel.Selectors.ni.dll
MOD - [2014-10-16 05:50:17 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\b1e0939384cc320d6ac7b8921ccc2877\System.Runtime.Serialization.ni.dll
MOD - [2014-10-16 05:50:17 | 001,084,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\11295b4ad79dbeadee6c83ae45a8a07f\System.IdentityModel.ni.dll
MOD - [2014-10-16 05:50:16 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\da4175d4363c1bcecb984a44cd53664f\SMDiagnostics.ni.dll
MOD - [2014-10-16 05:50:15 | 017,477,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\0d51a457c4cb85cd5ae8439094387ad3\System.ServiceModel.ni.dll
MOD - [2014-10-16 05:30:42 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7b22741531a2850c807656d0298a96bd\PresentationFramework.Aero.ni.dll
MOD - [2014-10-16 05:30:41 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\a229c5bed4a12b5db6ca55d223ada6df\System.ServiceProcess.ni.dll
MOD - [2014-10-16 05:30:37 | 011,922,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\b4001d722e320fa42cd87b04b5249b2d\System.Web.ni.dll
MOD - [2014-10-16 05:30:33 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\f45bc0251cceb599622f55cc1c7f4aba\System.Transactions.ni.dll
MOD - [2014-10-16 05:30:32 | 006,638,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\4b335bfaa07fc54f2d72213d33f53e97\System.Data.ni.dll
MOD - [2014-10-16 05:30:27 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1f539baa94516139240877cb6afd72c2\PresentationFramework.ni.dll
MOD - [2014-10-16 05:30:20 | 012,435,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll
MOD - [2014-10-16 05:30:16 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll
MOD - [2014-10-16 05:30:14 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2014-10-16 05:30:12 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll
MOD - [2014-10-16 05:30:11 | 012,236,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\3d4f835b8078dacc8d5da623e2c3f0ee\PresentationCore.ni.dll
MOD - [2014-10-16 05:30:05 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d97a5aa0eb7697aca7c6e90ae471af2b\WindowsBase.ni.dll
MOD - [2014-10-16 05:30:03 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014-09-11 05:38:06 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\b3131ca726aaef63c3306c2a7636449f\IAStorCommon.ni.dll
MOD - [2014-09-11 05:07:01 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2014-05-13 12:04:48 | 000,167,768 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2014-05-13 12:04:46 | 000,109,400 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2014-05-13 12:04:42 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2014-03-20 23:49:19 | 002,952,704 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2014-03-04 06:57:21 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2013-07-09 07:43:58 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_sv_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2012-11-19 08:33:34 | 000,065,656 | ---- | M] () -- C:\Windows\SysWOW64\bdmpega.acm
MOD - [2010-11-13 03:37:01 | 000,299,008 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_sv_b77a5c561934e089\mscorlib.resources.dll
========== Services (SafeList) ==========
SRV:64bit: - [2015-02-19 18:15:35 | 000,127,752 | ---- | M] (SurfRight B.V.) [Auto | Running] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler)
SRV:64bit: - [2015-01-12 03:34:30 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014-12-18 15:09:42 | 000,713,568 | ---- | M] () [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareService.exe -- (LavasoftAdAwareService11)
SRV:64bit: - [2014-11-24 06:32:36 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013-05-27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012-02-02 21:29:52 | 000,628,448 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV - [2015-02-05 21:25:05 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015-02-05 18:57:45 | 000,410,952 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2015-01-23 23:33:44 | 000,834,752 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2015-01-23 11:37:25 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015-01-12 11:25:20 | 000,009,216 | ---- | M] (Hi-Rez Studios) [Auto | Paused] -- F:\Spel\HiPatchService.exe -- (HiPatchService)
SRV - [2014-12-31 14:48:14 | 004,920,104 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2014-12-16 12:10:34 | 001,351,512 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpService.exe -- (LavasoftTcpService)
SRV - [2014-12-16 12:08:54 | 000,015,208 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe -- (SearchProtectionService)
SRV - [2014-12-11 10:30:48 | 000,315,496 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014-12-03 07:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014-10-20 03:59:10 | 000,367,616 | ---- | M] (Razer Inc.) [Auto | Running] -- C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe -- (RzWizardService)
SRV - [2014-04-11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014-03-20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013-02-25 23:32:22 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-02-07 16:53:34 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012-02-07 16:53:32 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012-02-07 16:52:04 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012-01-18 13:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012-01-12 07:24:26 | 000,274,200 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2011-11-29 19:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2015-02-25 20:34:28 | 000,129,752 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2015-02-20 01:18:34 | 000,195,728 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2015-02-04 11:13:55 | 000,035,064 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\TrueSight.sys -- (TrueSight)
DRV:64bit: - [2014-12-24 15:44:03 | 000,941,784 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2014-11-24 06:32:39 | 001,050,432 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2014-11-24 06:32:37 | 000,436,624 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014-11-24 06:32:37 | 000,267,632 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014-11-24 06:32:37 | 000,116,728 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014-11-24 06:32:37 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014-11-24 06:32:37 | 000,083,280 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014-11-24 06:32:37 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014-11-24 06:32:37 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014-10-09 10:09:28 | 000,389,240 | ---- | M] (BitDefender S.R.L.) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Trufos.sys -- (Trufos)
DRV:64bit: - [2014-05-04 19:28:28 | 000,100,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:64bit: - [2014-05-04 19:28:24 | 000,058,368 | ---- | M] (GenesysLogic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GeneStor.sys -- (GeneStor)
DRV:64bit: - [2013-10-02 03:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012-12-02 19:16:38 | 000,027,760 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2012-12-02 19:16:38 | 000,014,448 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2012-08-23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012-08-23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012-08-19 20:03:25 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-01-05 12:36:54 | 014,652,768 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012-01-04 20:58:50 | 000,786,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012-01-04 20:58:50 | 000,355,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012-01-04 20:58:50 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2011-12-05 20:23:08 | 000,331,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011-11-29 18:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011-03-02 11:57:24 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-08-17 18:28:32 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2014-05-12 17:43:58 | 000,071,472 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Running] -- C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys -- (a2acc)
DRV - [2014-05-12 17:43:56 | 000,023,088 | ---- | M] (Emsisoft GmbH) [File_System | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys -- (a2util)
DRV - [2013-12-04 18:23:36 | 000,057,024 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys -- (cleanhlp)
DRV - [2013-09-30 17:23:02 | 000,045,208 | ---- | M] (Emsisoft GmbH) [File_System | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys -- (a2injectiondriver)
DRV - [2013-03-28 18:03:02 | 000,026,176 | ---- | M] (Emsisoft GmbH) [File_System | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys -- (A2DDA)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft..../?LinkId=255141
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft..../?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://se.msn.com/?ocid=OIE9HP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://se.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv-SE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CC BE 9C E9 F7 7D CD 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = www.google.com
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{2583B631-485B-4F55-92AB-816ABC53CF25}: "URL" = http://www.bing.com/...Box&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.highlightCount: 0
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.order.1: "google.se"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.superstart.se/"
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:2.3
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:10.1.0.170
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:35.0.1
FF - prefs.js..browser.startup.homepage: "about:home"
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1214154.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.31.2: C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2: C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\UST1207276\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\UST1207276\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-27 14:47:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\K-Meleon\Extensions\\Plugins: C:\Program Files (x86)\K-Meleon\Plugins [2015-01-25 20:24:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\K-Meleon\Extensions\\Components: C:\Program Files (x86)\K-Meleon\Components [2013-08-28 16:52:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2012-08-19 15:59:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\UST1207276\AppData\Roaming\mozilla\Extensions
[2015-01-25 23:00:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\UST1207276\AppData\Roaming\mozilla\Firefox\Profiles\1yptopgm.default-1347815165264\extensions
[2014-12-28 15:44:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\UST1207276\AppData\Roaming\mozilla\Firefox\Profiles1yptopgm.default-1347815165264\extensions
[2014-12-28 15:44:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\UST1207276\AppData\Roaming\mozilla\Firefox\Profiles1yptopgm.default-1347815165264\extensions\staged
[2015-01-25 23:00:18 | 000,985,112 | ---- | M] () (No name found) -- C:\Users\UST1207276\AppData\Roaming\mozilla\firefox\profiles\1yptopgm.default-1347815165264\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014-10-29 21:36:17 | 000,304,000 | ---- | M] () (No name found) -- C:\Users\UST1207276\AppData\Roaming\mozilla\firefox\profiles\1yptopgm.default-1347815165264\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2015-01-26 19:13:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2015-01-26 19:13:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}
[2015-01-26 19:13:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}
[2015-02-02 21:05:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2015-02-02 21:05:27 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2015-01-27 14:47:29 | 000,000,000 | ---D | M] ("Avast Online Security") -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\UST1207276\AppData\Local\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\UST1207276\AppData\Local\Google\Chrome\Application\40.0.2214.115\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\UST1207276\AppData\Local\Google\Chrome\Application\40.0.2214.115\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\UST1207276\AppData\Local\Google\Chrome\Application\40.0.2214.115\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Intel\\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Google Update (Enabled) = C:\Users\UST1207276\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll
CHR - Extension: No name found = C:\Users\UST1207276\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\UST1207276\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\UST1207276\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\UST1207276\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [AdAwareTray] C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareTray.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [RzWizard] C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe (Razer Inc.)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [Google Update] C:\Users\UST1207276\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Spotify] C:\Users\UST1207276\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\UST1207276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKCU..\Run: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe (Lavasoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ent/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7B948965-A552-4671-B88D-58B51D931263}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015-01-25 15:38:13 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{cf6e687b-3c47-11e2-9306-10bf4885de31}\Shell - "" = AutoRun
O33 - MountPoints2\{cf6e687b-3c47-11e2-9306-10bf4885de31}\Shell\AutoRun\command - "" = H:\Startme.exe
O33 - MountPoints2\{cf6e68b6-3c47-11e2-9306-10bf4885de31}\Shell - "" = AutoRun
O33 - MountPoints2\{cf6e68b6-3c47-11e2-9306-10bf4885de31}\Shell\AutoRun\command - "" = D:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 90 Days ==========
[2015-02-25 20:34:25 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015-02-25 20:34:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015-02-25 20:34:18 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2015-02-25 20:34:18 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2015-02-25 20:34:18 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2015-02-25 20:34:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2015-02-25 20:30:33 | 000,000,000 | ---D | C] -- C:\Users\UST1207276\AppData\Local\CrashDumps
[2015-02-25 20:28:02 | 000,621,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2015-02-20 01:18:50 | 000,877,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2015-02-20 01:18:46 | 013,294,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2015-02-20 01:18:44 | 032,106,640 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2015-02-20 01:18:44 | 010,773,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2015-02-20 01:18:42 | 024,768,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2015-02-20 01:18:40 | 000,353,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2015-02-20 01:18:40 | 000,305,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2015-02-20 01:18:38 | 000,969,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2015-02-20 01:18:38 | 000,390,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
[2015-02-20 01:18:38 | 000,345,744 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2015-02-20 01:18:38 | 000,177,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2015-02-20 01:18:38 | 000,164,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2015-02-20 01:18:36 | 000,929,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2015-02-20 01:18:34 | 001,540,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll
[2015-02-20 01:18:34 | 000,943,760 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2015-02-20 01:18:34 | 000,908,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2015-02-20 01:18:34 | 000,496,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2015-02-20 01:18:34 | 000,399,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2015-02-20 01:18:34 | 000,195,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2015-02-20 01:18:34 | 000,030,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2015-02-20 01:18:32 | 017,253,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2015-02-20 01:18:32 | 001,895,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6434752.dll
[2015-02-20 01:18:32 | 001,557,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6434752.dll
[2015-02-20 01:18:30 | 003,610,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2015-02-20 01:18:28 | 013,208,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2015-02-20 01:18:28 | 010,713,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2015-02-20 01:18:28 | 003,247,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2015-02-20 01:18:04 | 020,466,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2015-02-20 01:18:02 | 025,460,880 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2015-02-20 01:18:00 | 002,902,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2015-02-15 19:53:26 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2015-02-14 14:55:53 | 006,041,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015-02-14 14:55:53 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015-02-14 14:55:52 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015-02-12 14:32:19 | 000,000,000 | ---D | C] -- C:\ProgramData\F33D770B2FF3CC64EA5EBEC025FB5D9A
[2015-02-12 13:03:00 | 000,000,000 | ---D | C] -- C:\ProgramData\gamemaker_studio
[2015-02-11 23:38:51 | 000,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perftrack.dll
[2015-02-11 23:38:51 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powertracker.dll
[2015-02-11 23:38:47 | 001,239,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aitstatic.exe
[2015-02-11 23:38:47 | 001,098,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015-02-11 23:38:47 | 000,894,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015-02-11 23:38:47 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015-02-11 23:38:47 | 000,609,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015-02-11 23:38:47 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015-02-11 23:38:46 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015-02-11 23:38:46 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2015-02-11 23:38:44 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015-02-11 23:38:40 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015-02-11 23:38:40 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015-02-11 23:38:40 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015-02-11 23:38:40 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015-02-11 23:38:40 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015-02-11 23:38:40 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015-02-11 23:38:39 | 000,718,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015-02-11 23:38:39 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015-02-11 23:38:39 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015-02-11 23:38:39 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015-02-11 23:38:38 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015-02-11 23:38:38 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015-02-11 23:38:38 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015-02-11 23:38:37 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015-02-11 23:38:37 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015-02-11 23:38:37 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015-02-11 23:38:37 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015-02-11 23:38:37 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015-02-11 23:38:37 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015-02-11 23:38:36 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015-02-11 23:38:36 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015-02-11 23:38:36 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015-02-11 23:38:35 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015-02-11 23:38:35 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015-02-11 23:38:35 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015-02-11 23:38:34 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015-02-11 23:38:34 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015-02-11 23:38:34 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015-02-11 23:38:34 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015-02-11 23:38:33 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015-02-11 23:38:33 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015-02-11 23:38:33 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015-02-11 23:38:28 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2015-02-11 23:38:27 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015-02-11 23:38:26 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015-02-11 23:38:26 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015-02-11 23:38:26 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015-02-11 23:38:26 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015-02-11 23:38:26 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015-02-11 23:38:26 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015-02-11 23:38:26 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015-02-11 23:38:26 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015-02-11 23:38:26 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015-02-11 23:38:26 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015-02-11 23:38:26 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015-02-11 23:38:23 | 001,480,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2015-02-11 23:38:22 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2015-02-11 23:38:13 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scesrv.dll
[2015-02-11 23:38:13 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scesrv.dll
[2015-02-11 23:38:06 | 005,554,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015-02-11 23:38:05 | 003,972,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015-02-11 23:38:05 | 003,917,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015-02-11 23:38:04 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2015-02-11 23:38:04 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2015-02-11 23:38:04 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2015-02-04 11:13:53 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2015-02-04 09:38:54 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2015-02-02 23:25:39 | 000,000,000 | ---D | C] -- C:\FRST
[2015-02-02 22:58:11 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2015-02-02 21:23:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2015-02-02 21:05:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2015-01-27 17:39:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2015-01-27 17:39:17 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2015-01-27 17:39:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2015-01-27 17:38:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2015-01-26 19:13:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015-01-26 00:02:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Auslogics
[2015-01-25 21:18:15 | 000,000,000 | ---D | C] -- C:\Users\UST1207276\AppData\Roaming\addpcs
[2015-01-25 21:18:04 | 000,000,000 | ---D | C] -- C:\Program Files\Temp File Cleaner
[2015-01-25 21:09:43 | 000,000,000 | ---D | C] -- C:\Users\UST1207276\AppData\Roaming\LavasoftStatistics
[2015-01-25 21:09:34 | 000,000,000 | ---D | C] -- C:\Users\UST1207276\AppData\Local\Lavasoft
[2015-01-25 21:09:29 | 000,358,736 | ---- | C] (Lavasoft Limited) -- C:\Windows\SysNative\LavasoftTcpService64.dll
[2015-01-25 21:09:28 | 000,312,424 | ---- | C] (Lavasoft Limited) -- C:\Windows\SysWow64\LavasoftTcpService.dll
[2015-01-25 21:08:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft
[2015-01-25 21:05:36 | 000,000,000 | ---D | C] -- C:\Users\UST1207276\AppData\Roaming\Lavasoft
[2015-01-25 21:03:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
[2015-01-25 20:55:31 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2015-01-25 20:51:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lavasoft
[2015-01-25 20:47:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2015-01-25 16:01:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Emsisoft
[2015-01-25 15:37:56 | 000,000,000 | ---D | C] -- C:\Users\UST1207276\Start Menu
[2015-01-25 14:48:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
[2015-01-25 14:47:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware
[2015-01-25 14:41:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
[2015-01-25 14:41:07 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2015-01-25 14:40:08 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2015-01-25 14:14:01 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2015-01-18 09:04:07 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2015-01-18 08:48:30 | 000,000,000 | ---D | C] -- C:\Users\UST1207276\AppData\Roaming\Awesomium
[2015-01-18 08:47:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
[2015-01-18 08:47:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Hi-Rez Studios
[2015-01-14 07:13:41 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2015-01-14 07:13:40 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2015-01-11 16:03:28 | 000,000,000 | ---D | C] -- C:\Users\UST1207276\Desktop\Ny mapp
[2015-01-09 18:49:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
[2015-01-01 12:42:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2015-01-01 12:42:39 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2014-12-28 22:07:51 | 000,000,000 | ---D | C] -- C:\Users\UST1207276\Documents\ProcAlyzer Dumps
[2014-12-28 19:53:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2014-12-28 19:53:17 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2014-12-28 19:53:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2014-12-28 19:53:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2014-12-28 19:37:12 | 000,000,000 | ---D | C] -- C:\Städning
[2014-12-28 18:41:53 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014-12-28 18:07:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014-12-28 15:44:32 | 000,000,000 | ---D | C] -- C:\Users\UST1207276\AppData\Roaming\WebTest
[2014-12-27 12:03:40 | 000,000,000 | ---D | C] -- C:\Users\UST1207276\Documents\MKGame
[2014-12-27 11:20:33 | 000,000,000 | ---D | C] -- C:\Users\UST1207276\Documents\MK-LOL
[2014-12-27 11:20:32 | 000,000,000 | ---D | C] -- C:\Users\UST1207276\Documents\MKJogo
[2014-12-27 11:19:58 | 000,000,000 | ---D | C] -- C:\Users\UST1207276\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo
[2014-12-25 18:14:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
[2014-12-25 18:14:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2014-12-25 18:14:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2014-12-25 18:12:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2014-12-25 18:12:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
[2014-12-25 18:12:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battle.net
[2014-12-25 18:11:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2014-12-24 15:44:03 | 000,941,784 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2014-12-24 15:44:03 | 000,073,800 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll
[2014-12-24 15:33:20 | 001,876,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6434411.dll
[2014-12-24 15:33:20 | 001,539,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6434411.dll
[2014-12-24 13:41:32 | 000,000,000 | ---D | C] -- C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
[2014-12-24 13:41:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\IObit
[2014-12-24 13:41:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
[2014-12-24 13:41:06 | 000,000,000 | ---D | C] -- C:\Windows\tasks\ImCleanDisabled
[2014-12-23 21:47:21 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2014-12-19 22:26:02 | 000,466,456 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2014-12-19 22:26:02 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2014-12-19 22:26:02 | 000,122,904 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2014-12-19 22:26:02 | 000,109,080 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2014-12-19 22:26:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2014-12-11 11:11:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appraiser
[2014-12-11 08:54:35 | 004,121,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2014-12-11 08:54:35 | 003,209,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2014-12-11 06:56:02 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSManMigrationPlugin.dll
[2014-12-11 06:56:02 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmWmiPl.dll
[2014-12-11 06:56:02 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSManHTTPConfig.exe
[2014-12-11 06:56:02 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManMigrationPlugin.dll
[2014-12-11 06:56:02 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmWmiPl.dll
[2014-12-11 06:56:02 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManHTTPConfig.exe
[2014-12-11 06:56:02 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmAuto.dll
[2014-12-11 06:56:02 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\charmap.exe
[2014-12-11 06:56:02 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\charmap.exe
[2014-12-11 06:56:02 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmAuto.dll
[2014-12-04 17:27:31 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2014-12-04 17:27:31 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2014-12-04 17:27:31 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2014-12-04 17:27:31 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2014-12-04 17:27:17 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2014-12-04 17:27:17 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2014-12-04 17:27:02 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2014-12-04 17:27:02 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2014-12-04 17:26:48 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2014-12-04 17:26:48 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2014-12-04 17:26:33 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2014-12-04 17:26:33 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2014-12-04 17:26:19 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2014-12-04 17:26:19 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2014-12-04 17:26:04 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2014-12-04 17:26:04 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2014-12-04 17:25:50 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2014-12-04 17:25:50 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2014-12-04 17:25:50 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2014-12-04 17:25:35 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2014-12-04 17:25:21 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2014-12-04 17:25:07 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2014-12-04 17:25:07 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2014-12-04 17:24:52 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2014-12-04 17:24:52 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2014-12-04 17:24:38 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2014-12-04 17:24:38 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2014-12-04 17:24:23 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2014-12-04 17:24:23 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2014-12-04 17:24:08 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2014-12-04 17:24:08 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2014-12-04 17:23:54 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2014-12-04 17:23:54 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2014-12-04 17:23:39 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2014-12-04 17:23:39 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2014-12-04 17:23:25 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2014-12-04 17:23:25 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2014-12-04 17:23:25 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2014-12-04 17:23:25 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2014-12-04 17:23:10 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2014-12-04 17:22:56 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2014-12-04 17:22:56 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2014-12-04 17:22:56 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2014-12-04 17:22:56 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2014-12-04 17:22:41 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2014-12-04 17:22:41 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2014-12-04 17:22:27 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2014-12-04 17:22:27 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2014-12-04 17:22:12 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2014-12-04 17:22:12 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2014-12-04 17:22:12 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2014-12-04 17:22:12 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2014-12-04 17:21:57 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2014-12-04 17:21:57 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2014-12-04 17:21:43 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2014-12-04 17:21:43 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2014-12-04 17:21:43 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2014-12-04 17:21:43 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2014-12-04 17:21:28 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2014-12-04 17:21:28 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2014-12-04 17:21:14 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2014-12-04 17:21:14 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2014-12-04 17:21:00 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2014-12-04 17:21:00 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2014-12-04 17:20:45 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2014-12-04 17:20:45 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2014-12-04 17:20:31 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2014-12-04 17:20:31 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2014-12-04 17:20:16 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2014-12-04 17:20:01 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2014-12-04 17:20:01 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2014-12-04 17:20:01 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2014-12-04 17:20:01 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2014-12-04 17:19:47 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2014-12-04 17:19:47 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2014-12-04 17:19:33 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2014-12-04 17:19:33 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2014-12-04 17:19:18 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2014-12-04 17:19:18 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2014-12-04 17:19:18 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2014-12-04 17:19:18 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2014-12-04 17:19:03 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2014-12-04 17:19:03 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2014-12-04 17:18:49 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2014-12-04 17:18:49 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2014-12-04 17:18:34 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2014-12-04 17:18:34 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2014-12-04 17:18:20 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2014-12-04 17:18:20 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2014-12-04 17:18:05 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2014-12-04 17:18:05 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2014-12-04 17:18:05 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2014-12-04 17:18:05 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2014-12-04 17:17:51 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2014-12-04 17:17:51 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2014-12-04 17:17:36 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2014-12-04 17:17:36 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2014-12-04 17:17:07 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2014-12-04 17:17:07 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2014-12-04 17:17:07 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2014-12-04 17:17:07 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2014-12-04 17:16:53 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2014-12-04 17:16:53 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2014-12-04 17:16:38 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2014-12-04 17:16:38 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2014-12-04 17:16:24 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2014-12-04 17:16:24 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2014-12-04 17:16:24 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2014-12-04 17:16:24 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2014-12-04 17:16:09 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2014-12-04 17:16:09 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2014-12-04 17:15:54 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2014-12-04 17:15:54 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2014-12-04 17:15:54 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2014-12-04 17:15:54 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2014-12-04 17:15:40 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2014-12-04 17:15:40 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2014-12-04 17:15:40 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2014-12-04 17:15:40 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2014-12-04 17:15:25 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2014-12-04 17:15:25 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2014-12-04 17:15:11 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2014-12-04 17:14:56 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2014-12-04 17:14:56 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2014-12-04 17:14:42 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2014-12-04 17:14:42 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2014-12-04 17:14:42 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2014-12-04 17:14:42 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2014-12-04 17:14:27 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2014-12-04 17:14:27 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2014-12-04 17:14:13 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2014-12-04 17:14:13 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2014-12-04 17:13:58 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2014-12-04 17:13:58 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2014-12-04 17:13:44 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2014-12-04 17:13:44 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2014-12-04 17:13:29 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2014-12-04 17:13:29 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2014-12-04 17:13:15 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2014-12-04 17:13:15 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2014-12-04 17:13:15 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2014-12-04 17:13:15 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2014-12-04 17:13:00 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2014-12-04 17:13:00 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2014-12-04 17:12:45 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2014-12-04 17:12:45 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2014-12-04 17:12:31 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2014-12-04 17:12:31 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2014-12-04 17:12:17 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2014-12-04 17:12:17 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2014-12-04 17:12:02 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2014-12-04 17:12:02 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2014-12-04 17:11:48 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2014-12-04 17:11:48 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2014-12-04 17:11:32 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2014-12-04 17:11:32 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2014-12-04 17:11:17 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2014-12-04 17:11:17 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2014-12-04 17:11:17 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2014-12-04 17:11:17 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2014-12-04 17:11:03 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2014-12-04 17:11:03 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2014-12-04 17:10:48 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2014-12-04 17:10:48 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2014-12-04 17:10:33 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2014-12-04 17:10:33 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2014-12-04 17:10:19 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2014-12-04 17:10:19 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2014-12-04 17:10:04 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2014-12-04 17:10:04 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2014-12-04 17:09:49 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2014-12-04 17:09:49 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2014-12-03 18:40:51 | 000,000,000 | ---D | C] -- C:\Users\UST1207276\Desktop\Pappa
[2014-12-02 16:00:39 | 000,000,000 | ---D | C] -- C:\Users\UST1207276\Documents\The Crew
[2014-12-02 16:00:38 | 000,000,000 | ---D | C] -- C:\Users\UST1207276\Documents\ProfileCache
[2014-12-02 15:56:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2014-12-02 15:55:55 | 000,000,000 | ---D | C] -- C:\Users\UST1207276\AppData\Local\Ubisoft
[2014-12-02 15:13:04 | 000,000,000 | ---D | C] -- C:\Users\UST1207276\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2014-12-02 15:13:03 | 000,000,000 | ---D | C] -- C:\Users\UST1207276\AppData\Local\Ubisoft Game Launcher
[2014-12-02 15:13:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2014-11-28 12:02:57 | 000,000,000 | -HSD | C] -- C:\Users\UST1207276\AppData\Local\EmieBrowserModeList
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 90 Days ==========
[2015-02-25 20:37:26 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015-02-25 20:37:26 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015-02-25 20:36:12 | 001,580,482 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015-02-25 20:36:12 | 000,663,802 | ---- | M] () -- C:\Windows\SysNative\perfh01D.dat
[2015-02-25 20:36:12 | 000,654,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015-02-25 20:36:12 | 000,142,602 | ---- | M] () -- C:\Windows\SysNative\perfc01D.dat
[2015-02-25 20:36:12 | 000,122,126 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015-02-25 20:34:28 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015-02-25 20:34:21 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015-02-25 20:30:23 | 000,002,281 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2015-02-25 20:30:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015-02-25 20:30:02 | 2109,575,167 | -HS- | M] () -- C:\hiberfil.sys
[2015-02-25 20:29:02 | 001,555,116 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015-02-25 20:25:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015-02-25 20:12:00 | 000,001,024 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3638636406-2910424779-70769426-1002UA.job
[2015-02-20 15:07:10 | 000,000,972 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3638636406-2910424779-70769426-1002Core.job
[2015-02-20 01:18:54 | 018,575,880 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2015-02-20 01:18:54 | 016,017,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2015-02-20 01:18:50 | 000,995,248 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2015-02-20 01:18:50 | 000,877,816 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2015-02-20 01:18:46 | 013,294,528 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2015-02-20 01:18:44 | 032,106,640 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2015-02-20 01:18:44 | 010,773,704 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2015-02-20 01:18:42 | 024,768,144 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2015-02-20 01:18:40 | 000,353,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2015-02-20 01:18:40 | 000,305,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2015-02-20 01:18:38 | 000,969,872 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2015-02-20 01:18:38 | 000,390,472 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
[2015-02-20 01:18:38 | 000,345,744 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2015-02-20 01:18:38 | 000,177,624 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2015-02-20 01:18:38 | 000,164,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2015-02-20 01:18:38 | 000,027,441 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2015-02-20 01:18:36 | 000,929,936 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2015-02-20 01:18:34 | 001,540,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll
[2015-02-20 01:18:34 | 000,943,760 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2015-02-20 01:18:34 | 000,908,104 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2015-02-20 01:18:34 | 000,496,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2015-02-20 01:18:34 | 000,399,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2015-02-20 01:18:34 | 000,195,728 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2015-02-20 01:18:34 | 000,030,536 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2015-02-20 01:18:32 | 017,253,848 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2015-02-20 01:18:32 | 001,895,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6434752.dll
[2015-02-20 01:18:32 | 001,557,648 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6434752.dll
[2015-02-20 01:18:30 | 014,119,744 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2015-02-20 01:18:30 | 003,610,768 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2015-02-20 01:18:28 | 013,208,200 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2015-02-20 01:18:28 | 010,713,256 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2015-02-20 01:18:28 | 003,247,248 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2015-02-20 01:18:04 | 020,466,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2015-02-20 01:18:02 | 025,460,880 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2015-02-20 01:18:00 | 003,299,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2015-02-20 01:18:00 | 002,902,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2015-02-19 23:13:54 | 000,002,391 | ---- | M] () -- C:\Users\UST1207276\Desktop\Google Chrome.lnk
[2015-02-15 17:32:48 | 000,000,204 | ---- | M] () -- C:\Users\UST1207276\Desktop\Counter-Strike Global Offensive.url
[2015-02-12 12:55:10 | 000,294,544 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015-02-05 21:25:04 | 000,701,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015-02-05 21:25:04 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015-02-05 20:07:04 | 006,861,128 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2015-02-05 20:07:03 | 003,517,584 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2015-02-05 20:07:00 | 002,558,792 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2015-02-05 20:07:00 | 000,062,792 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2015-02-05 20:06:59 | 000,385,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2015-02-05 18:57:47 | 000,621,384 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2015-02-05 13:50:11 | 004,236,870 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2015-02-04 11:21:46 | 000,000,782 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015-02-04 11:13:55 | 000,035,064 | ---- | M] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2015-02-04 09:38:54 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2015-02-04 04:16:29 | 000,609,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015-02-04 04:16:20 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015-02-04 04:16:16 | 000,414,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015-02-04 04:16:14 | 000,894,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015-02-04 04:16:13 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015-02-04 04:16:13 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2015-02-04 04:13:28 | 001,098,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015-02-02 21:05:29 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015-01-28 00:36:21 | 001,239,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aitstatic.exe
[2015-01-27 17:38:57 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2015-01-25 21:09:30 | 000,004,616 | ---- | M] () -- C:\Windows\SysWow64\LavasoftTcpService.ini
[2015-01-25 21:09:30 | 000,002,448 | ---- | M] () -- C:\Windows\SysWow64\LavasoftTcpServiceOff.ini
[2015-01-25 21:09:30 | 000,002,448 | ---- | M] () -- C:\Windows\SysNative\LavasoftTcpServiceOff.ini
[2015-01-25 15:38:13 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2015-01-25 14:43:27 | 000,000,466 | ---- | M] () -- C:\Windows\SysNative\.crusader
[2015-01-23 05:42:35 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015-01-23 05:41:36 | 006,041,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015-01-23 04:43:04 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015-01-18 08:47:50 | 000,000,632 | ---- | M] () -- C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk
[2015-01-18 08:47:49 | 000,000,641 | ---- | M] () -- C:\Users\Public\Desktop\Smite.lnk
[2015-01-15 09:09:58 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015-01-15 09:09:58 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015-01-15 09:09:57 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015-01-15 09:09:51 | 001,461,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015-01-15 09:08:59 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015-01-15 09:06:22 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015-01-15 09:06:11 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015-01-15 09:04:23 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015-01-15 08:42:05 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015-01-15 08:39:53 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015-01-15 08:39:36 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015-01-15 08:37:55 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015-01-14 07:09:27 | 005,554,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015-01-14 07:05:30 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2015-01-14 07:05:30 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2015-01-14 07:04:56 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2015-01-14 06:44:59 | 003,972,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015-01-14 06:44:58 | 003,917,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015-01-13 04:10:22 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2015-01-12 04:05:19 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015-01-12 03:49:42 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015-01-12 03:48:57 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015-01-12 03:48:52 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015-01-12 03:47:25 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015-01-12 03:39:41 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015-01-12 03:36:07 | 000,633,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015-01-12 03:34:42 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015-01-12 03:34:30 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015-01-12 03:25:28 | 000,968,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015-01-12 03:21:33 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015-01-12 03:13:27 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015-01-12 03:08:06 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015-01-12 03:07:51 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015-01-12 03:07:10 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015-01-12 03:07:06 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015-01-12 03:05:36 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015-01-12 03:04:10 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015-01-12 02:59:28 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015-01-12 02:57:06 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015-01-12 02:55:47 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015-01-12 02:48:50 | 000,718,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015-01-12 02:48:32 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015-01-12 02:46:29 | 001,359,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015-01-12 02:46:00 | 002,125,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015-01-12 02:40:43 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015-01-12 02:36:52 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015-01-12 02:35:55 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015-01-12 02:23:09 | 002,052,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015-01-12 02:22:17 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015-01-12 02:02:43 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015-01-12 01:55:26 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015-01-10 07:48:13 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015-01-09 18:49:15 | 000,001,503 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends.lnk
[2015-01-09 04:14:19 | 000,950,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\perftrack.dll
[2015-01-09 04:14:19 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\powertracker.dll
[2014-12-29 21:51:24 | 000,000,609 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2014-12-27 11:20:32 | 000,000,058 | ---- | M] () -- C:\Windows\JQHApp.dat
[2014-12-25 18:14:58 | 000,000,686 | ---- | M] () -- C:\Users\Public\Desktop\Hearthstone.lnk
[2014-12-25 18:14:16 | 000,000,727 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2014-12-25 18:12:16 | 000,001,144 | ---- | M] () -- C:\Users\Public\Desktop\Battle.net.lnk
[2014-12-24 15:44:03 | 000,941,784 | ---- | M] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2014-12-24 15:44:03 | 000,107,552 | ---- | M] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2014-12-24 15:44:03 | 000,073,800 | ---- | M] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll
[2014-12-24 15:33:20 | 001,876,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6434411.dll
[2014-12-24 15:33:20 | 001,539,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6434411.dll
[2014-12-19 22:26:02 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2014-12-19 22:26:02 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2014-12-19 22:26:02 | 000,122,904 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2014-12-19 22:26:02 | 000,109,080 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2014-12-16 12:10:34 | 000,358,736 | ---- | M] (Lavasoft Limited) -- C:\Windows\SysNative\LavasoftTcpService64.dll
[2014-12-16 12:10:32 | 000,312,424 | ---- | M] (Lavasoft Limited) -- C:\Windows\SysWow64\LavasoftTcpService.dll
[2014-12-12 06:31:39 | 001,480,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2014-12-11 18:47:17 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2014-12-08 04:09:05 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\scesrv.dll
[2014-12-08 03:46:05 | 000,308,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\scesrv.dll
[2014-12-06 04:50:18 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2014-12-02 15:55:54 | 000,000,633 | ---- | M] () -- C:\Users\Public\Desktop\The Crew (Worldwide).lnk
[2014-12-02 15:22:21 | 000,001,201 | ---- | M] () -- C:\Users\UST1207276\Desktop\Uplay.lnk
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2015-02-25 20:34:21 | 000,001,102 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015-02-15 17:32:48 | 000,000,204 | ---- | C] () -- C:\Users\UST1207276\Desktop\Counter-Strike Global Offensive.url
[2015-02-04 11:21:46 | 000,000,782 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015-02-04 11:13:55 | 000,035,064 | ---- | C] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2015-02-02 21:05:29 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2015-02-02 21:05:29 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015-01-25 21:09:30 | 000,004,616 | ---- | C] () -- C:\Windows\SysWow64\LavasoftTcpService.ini
[2015-01-25 21:09:30 | 000,002,448 | ---- | C] () -- C:\Windows\SysWow64\LavasoftTcpServiceOff.ini
[2015-01-25 21:09:30 | 000,002,448 | ---- | C] () -- C:\Windows\SysNative\LavasoftTcpServiceOff.ini
[2015-01-25 21:03:37 | 000,002,281 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2015-01-25 15:38:13 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2015-01-25 14:43:27 | 000,000,466 | ---- | C] () -- C:\Windows\SysNative\.crusader
[2015-01-18 08:47:50 | 000,000,632 | ---- | C] () -- C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk
[2015-01-18 08:47:49 | 000,000,641 | ---- | C] () -- C:\Users\Public\Desktop\Smite.lnk
[2015-01-09 18:49:15 | 000,001,503 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends.lnk
[2014-12-29 21:51:24 | 000,000,609 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2014-12-28 19:53:19 | 000,001,391 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2014-12-27 11:20:32 | 000,000,058 | ---- | C] () -- C:\Windows\JQHApp.dat
[2014-12-25 18:14:58 | 000,000,686 | ---- | C] () -- C:\Users\Public\Desktop\Hearthstone.lnk
[2014-12-25 18:14:16 | 000,000,727 | ---- | C] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2014-12-25 18:12:16 | 000,001,144 | ---- | C] () -- C:\Users\Public\Desktop\Battle.net.lnk
[2014-12-02 15:55:54 | 000,000,633 | ---- | C] () -- C:\Users\Public\Desktop\The Crew (Worldwide).lnk
[2014-12-02 15:13:04 | 000,001,201 | ---- | C] () -- C:\Users\UST1207276\Desktop\Uplay.lnk
[2014-05-04 19:29:21 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2012-08-19 16:02:07 | 000,000,027 | ---- | C] () -- C:\Program Files\plugins.dat
========== ZeroAccess Check ==========
[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014-06-25 03:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014-06-25 02:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2011-03-02 11:58:37 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report >
OTL Extras logfile created on: 2015-02-25 21:07:44 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Städning
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17633)
Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd
7,95 Gb Total Physical Memory | 4,97 Gb Available Physical Memory | 62,50% Memory free
15,90 Gb Paging File | 11,93 Gb Available in Paging File | 74,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 37,25 Gb Free Space | 33,35% Space Free | Partition Type: NTFS
Drive F: | 1863,01 Gb Total Space | 501,60 Gb Free Space | 26,92% Space Free | Partition Type: NTFS
Computer Name: UST1207276-COM | User Name: UST1207276 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistUMP] -- "C:\Program Files (x86)\UMPlayer\umplayer.exe" -add-to-playlist "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithUMP] -- "C:\Program Files (x86)\UMPlayer\umplayer.exe" -play-dir "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistUMP] -- "C:\Program Files (x86)\UMPlayer\umplayer.exe" -add-to-playlist "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithUMP] -- "C:\Program Files (x86)\UMPlayer\umplayer.exe" -play-dir "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1E8D7DC7-5B3F-4A12-B2A9-7AEFF382CB10}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2144F437-C79A-4AB7-BDAF-4CFB4E734DF4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{22BDEC2F-AC73-4B62-9157-F9EA12D6FE5D}" = rport=137 | protocol=17 | dir=out | app=system |
"{333A7545-A15C-4C70-8D3A-CC0EB963A6BB}" = lport=138 | protocol=17 | dir=in | app=system |
"{33BAEF93-F457-4137-BF18-D4C6D92B0AFC}" = lport=137 | protocol=17 | dir=in | app=system |
"{3649D410-AD97-45F2-AD80-75D648B1C445}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{391F02CB-DAC2-4657-B73D-AFC681445325}" = rport=138 | protocol=17 | dir=out | app=system |
"{3DFB0627-E7C2-4014-9DE1-ADEE4248A43F}" = rport=445 | protocol=6 | dir=out | app=system |
"{4C71B908-79CB-43AE-A421-C8562A275C31}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{533EAD63-5ED1-4EF7-8129-962D3E8EF00F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6F5A668D-97F5-4A6A-941A-F5421B407FF3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7BF0D753-2BD6-427E-9BC6-A21E8E966108}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7C1DC5A4-C12C-443D-BDF4-AE094AD457C9}" = lport=139 | protocol=6 | dir=in | app=system |
"{7F4A266F-5905-498A-9B13-E6BA89EA9755}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{80E692FA-3841-460F-A067-B80D8D080120}" = rport=139 | protocol=6 | dir=out | app=system |
"{8D8EB28A-53F7-4A47-9BBB-95A18C01AD44}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8D9571AB-E9C6-4053-8323-5F11A6710BDD}" = lport=10243 | protocol=6 | dir=in | app=system |
"{956767AB-753A-4F30-A1FE-B77B51E814B2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{980FBB48-2E40-4A39-A5B6-BAE721808694}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9BD617DA-9EA2-4D63-BA9D-E492A8984D63}" = lport=445 | protocol=6 | dir=in | app=system |
"{A9FBEB15-B860-4070-93B0-C8DEA659E938}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AC7EDD98-16A0-40FF-AEBD-FC4E70B3E61F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B6ACAC8F-5A09-45A7-B619-914828AB7B88}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BEC9C32F-778F-4CD1-9A89-2D9B52382537}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BFF28426-D1FE-4774-B9D8-AF08B76BBE9D}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{C71ABDED-8938-4BC0-B4A3-59E0661A09D7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{D28AD900-00AE-4085-9EBE-724516238A74}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D63A0C46-0B20-4448-9F1E-E2D0FFB22C10}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E3675E22-9F84-45A1-BE9F-02532B129D69}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E8C19035-1505-4AA4-8F2E-498EA7855171}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{EDC87005-FD3E-424A-83EC-0CDA9682EA2C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00922493-BE18-4750-A55A-C198D89ED723}" = protocol=58 | dir=in | [email protected],-28545 |
"{00CFE1F5-A397-4C9A-A938-F34D12F3B8CB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0E2E9CF8-DAF7-4269-9C7D-FCE193F6DD64}" = protocol=17 | dir=in | app=f:\spel\steam\steamapps\common\gamemaker_studio\gamemakerplayer.exe |
"{18A36142-3136-4152-A198-E687250B02B5}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{1BB6F7D8-E71B-4E42-B4A7-CCB2A04D883B}" = protocol=1 | dir=out | [email protected],-28544 |
"{213C9FEA-5647-4285-B3B5-0B2EBA2D64EE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{24020CD7-D534-46AD-93CE-93FF34267D91}" = protocol=6 | dir=in | app=f:\spel\steam\steamapps\common\overlord ii\config.exe |
"{2555210F-92B1-40A4-9FB0-41A750FE6BDF}" = protocol=6 | dir=in | app=f:\spel\steam\steamapps\common\prison architect\prison architect.exe |
"{25879C96-E7D7-49A0-A557-0577814B6BDA}" = protocol=58 | dir=out | [email protected],-28546 |
"{2A9B2DC6-CD85-4655-B4D2-314F32D4D1F3}" = protocol=6 | dir=in | app=f:\spel\steam\bin\steamwebhelper.exe |
"{2F35EC52-DFA2-4BA5-A6F4-17B79293A0E5}" = protocol=6 | dir=in | app=f:\spel\steam\steamapps\common\banished\application-steam-x64.exe |
"{317FD667-8E1C-4955-BFEA-AA325F1B423B}" = protocol=17 | dir=in | app=f:\spel\steam\steamapps\common\trine 2\trine2_launcher.exe |
"{32A43119-A271-4164-A527-C59B766C4EFF}" = protocol=6 | dir=in | app=f:\spel\steam\steamapps\common\the escapists\theescapists.exe |
"{3328308F-D0C4-4332-BE39-A112DC057AB9}" = protocol=6 | dir=in | app=f:\spel\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{339AC9BB-E77A-465E-BF82-61A6742953F3}" = protocol=17 | dir=in | app=f:\spel\steam\steamapps\common\overlord\config.exe |
"{34577827-5B69-4C7B-A032-FA5C8C417C80}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3634\agent.exe |
"{3621E053-E939-4B27-B4CF-88DA8BDDC106}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3849979B-38FD-46A0-A78A-7F132F67FBB7}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3634\agent.exe |
"{38C9CB99-55E7-4611-8AFE-9333DAF4B093}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3E1B475A-B466-4C27-A328-43E8A8D67B7D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{49768501-57D1-4345-9EA5-22B4BF719FA7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4F22EC42-5CA2-42CA-B817-12244912346C}" = protocol=17 | dir=in | app=f:\spel\steam\bin\steamwebhelper.exe |
"{554515CE-0A34-4ABC-B54A-E330C98E708B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{555E072F-8239-402A-8E23-17759BE8F836}" = protocol=6 | dir=in | app=f:\spel\steam\steamapps\common\dota 2 beta\dota.exe |
"{57481472-A29C-4C6A-BE4D-6C2586C70CBC}" = protocol=6 | dir=in | app=f:\spel\steam\steamapps\common\overlord\overlord.exe |
"{581052AD-609F-4218-AA21-2EFFFC569A91}" = protocol=17 | dir=in | app=f:\spel\steam\steamapps\common\sid meier's civilization beyond earth\civilizationbe_mantle.exe |
"{591EDDC7-AAC6-4CFD-A557-6CA859FF0011}" = protocol=17 | dir=in | app=c:\users\ust1207276\appdata\roaming\utorrent\utorrent.exe |
"{595EB8E7-D1E2-4E87-A886-7623C68BCE0D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6AAE8F61-DD4D-4206-8E04-832878C77A3F}" = protocol=17 | dir=in | app=f:\hearthstone\hearthstone.exe |
"{6B32E2CC-71D1-4618-9219-6EF95932E671}" = protocol=6 | dir=in | app=f:\spel\steam\steamapps\common\terraria\terraria.exe |
"{6CDA2118-758A-4B92-81BB-7456EFC3B320}" = protocol=6 | dir=in | app=f:\spel\steam\steamapps\common\sid meier's civilization beyond earth\civilizationbe_dx11.exe |
"{70B646BB-B076-4EAB-BB27-83C3B39A1FD1}" = protocol=17 | dir=in | app=f:\spel\steam\steamapps\common\prison architect\prison architect.exe |
"{714C8D7F-4129-4C12-85D5-AA2F729E3AD3}" = protocol=6 | dir=in | app=f:\the crew (worldwide)\thecrew.exe |
"{75D58AB4-F67D-4F7A-9563-A880384D6EAD}" = protocol=6 | dir=in | app=f:\spel\steam\steamapps\common\trine 2\trine2_launcher.exe |
"{76C14A1D-56DB-4562-A8D7-07ABECE119B8}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{77A98F42-B3F3-4E1A-870A-C0CDC43CAA47}" = protocol=17 | dir=in | app=f:\spel\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{79791152-C507-4723-AEE3-218CFA011555}" = protocol=6 | dir=in | app=f:\spel\steam\steamapps\common\overlord ii\overlord2.exe |
"{7AA92B3F-80D8-45C6-A468-1DD0E7E8B1D5}" = protocol=17 | dir=in | app=f:\spel\steam\steamapps\common\overlord ii\overlord2.exe |
"{7B971C18-185D-4826-A8BD-E397DB1C6156}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{81C9350A-0010-4124-A363-46B6C6A3A751}" = protocol=6 | dir=in | app=f:\spel\steam\steamapps\common\overlord\config.exe |
"{83623E7D-DD38-494F-B10E-B638CA55503D}" = protocol=6 | dir=out | app=system |
"{83DB0603-6F46-42E2-8E25-E28EDCD57D8F}" = protocol=17 | dir=in | app=f:\spel\steam\steamapps\common\dota 2 beta\dota.exe |
"{85C38C9F-D7B0-4419-B1B7-3B013C129AF2}" = protocol=17 | dir=in | app=f:\spel\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{91BD81F9-E362-431E-BE4F-D12AF4AD40A3}" = protocol=1 | dir=in | [email protected],-28543 |
"{94291B30-28D3-4E61-B65F-FAA9B7DBFAE3}" = protocol=17 | dir=in | app=f:\spel\steam\steamapps\common\don't starve together beta\bin\dontstarve_steam.exe |
"{94D39360-53A4-49C9-B14C-A05C59002C82}" = protocol=6 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{9D568928-F348-4479-9A79-BAA61C96B0CD}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A49B62D2-B7C9-4D0F-A5C7-3C89AFA9E6A6}" = protocol=17 | dir=in | app=f:\spel\steam\steam.exe |
"{A6E3B096-A0D7-4110-97C4-241054FCA48C}" = protocol=17 | dir=in | app=f:\spel\steam\steamapps\common\sid meier's civilization beyond earth\civilizationbe_dx11.exe |
"{A9395A7F-AA57-4A2A-9430-79424EB64460}" = protocol=17 | dir=in | app=f:\the crew (worldwide)\thecrew.exe |
"{ACFAF40C-7D4D-4491-A30F-8B97D135A547}" = protocol=6 | dir=in | app=f:\hearthstone\hearthstone.exe |
"{AD34878C-FC26-465A-92D0-0531FE2D0482}" = protocol=17 | dir=in | app=f:\spel\origin\simcity\simcity\simcity.exe |
"{AD8F4234-9472-46F9-88BB-2D369EC14516}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{B0FC596F-621C-4A33-BE28-1C3461458B7E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B3AD2151-6A1B-4820-9012-220E0DF4FB6B}" = protocol=6 | dir=in | app=f:\spel\origin\simcity\simcity\simcity.exe |
"{BAB84EA8-FCD3-41BB-BB3C-FC05A874400B}" = protocol=17 | dir=in | app=f:\spel\steam\steamapps\common\garrysmod\hl2.exe |
"{BD303386-A07B-4BA4-9325-2F2C80C60680}" = protocol=6 | dir=in | app=f:\spel\steam\steamapps\common\garrysmod\hl2.exe |
"{C146A5F1-463F-4438-81D8-6B9A54A306EE}" = protocol=17 | dir=in | app=f:\spel\steam\steamapps\common\banished\application-steam-x64.exe |
"{C2D925C0-8834-402E-A63E-89EBDEE7F7B8}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{CADF691F-1602-4589-B864-2D049BCE55BD}" = protocol=6 | dir=in | app=f:\spel\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{CFB6DC95-28E1-42E4-AD38-8936A9CBADD4}" = protocol=17 | dir=in | app=f:\spel\steam\steamapps\common\the escapists\theescapists.exe |
"{D18E762F-AD3A-47A7-9AE4-9823FE8E92E8}" = protocol=6 | dir=in | app=f:\spel\steam\steamapps\common\gamemaker_studio\gamemakerplayer.exe |
"{D36CB0DB-C980-42A3-B2BE-51D65FFE423B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D4AA198C-8729-4DD0-AD6A-755ABF72F658}" = protocol=6 | dir=in | app=f:\spel\steam\steamapps\common\don't starve together beta\bin\dontstarve_steam.exe |
"{D5A05271-2064-464A-AD02-92EE6304031A}" = protocol=17 | dir=in | app=f:\spel\steam\steamapps\common\overlord ii\config.exe |
"{D5F861A8-5A6D-43BC-861D-A55B347A2EC6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D95B2A23-74E9-41E3-AA45-BE11184FF2AB}" = protocol=6 | dir=in | app=f:\spel\steam\steam.exe |
"{DED823EB-EB5B-412C-A686-FE490997A52E}" = protocol=6 | dir=in | app=c:\users\ust1207276\appdata\roaming\utorrent\utorrent.exe |
"{E28A8F98-355F-44D6-AE10-E5AAE9DC5DCB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E83472C2-B1BB-4D67-B89C-641EA7F345CE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E9C8792E-A9BD-4C7D-96A4-33E36D23AB67}" = protocol=6 | dir=in | app=f:\spel\steam\steamapps\common\sid meier's civilization beyond earth\civilizationbe_mantle.exe |
"{F4EEF581-7D66-439B-BBDC-0FE41CA794A8}" = protocol=17 | dir=in | app=f:\spel\steam\steamapps\common\overlord\overlord.exe |
"{F671CD00-FA8F-45CB-BB0D-8F3DFBCA418A}" = protocol=17 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{F910BF17-FC28-4860-AFD6-73C3E1E7452A}" = protocol=17 | dir=in | app=f:\spel\steam\steamapps\common\terraria\terraria.exe |
"{FB4C65B5-AE75-4382-B55D-2473B764D1D7}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{08F317D4-D959-476F-AF3B-660BC1B1B111}F:\spel\hirezgames\smite\binaries\win32\smite.exe" = protocol=6 | dir=in | app=f:\spel\hirezgames\smite\binaries\win32\smite.exe |
"TCP Query User{1859059E-1646-4E1D-8ADA-F673D296CB90}C:\users\ust1207276\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\ust1207276\appdata\roaming\spotify\spotify.exe |
"TCP Query User{28A80D50-281C-462F-9D77-99DB9B61ACCB}C:\users\ella\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\ella\appdata\roaming\spotify\spotify.exe |
"TCP Query User{298BFB90-12E6-4CCE-B20F-8EB455D93B23}C:\users\ella\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\ella\appdata\roaming\spotify\spotify.exe |
"TCP Query User{29B3FA88-1086-4DFD-A7AB-814A31BF0AFB}F:\spel\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=f:\spel\guild wars 2\gw2.exe |
"TCP Query User{4D9A3DA6-E29F-4627-A132-584E02E998FB}C:\users\theo\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\theo\appdata\roaming\spotify\spotify.exe |
"TCP Query User{54A8F5FF-6531-4EA6-9D37-F3ED0AC786CD}C:\users\ust1207276\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\ust1207276\appdata\roaming\spotify\spotify.exe |
"TCP Query User{8D02C1CD-C54C-4A5C-A455-703E4B25376A}C:\users\theo\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\theo\appdata\roaming\spotify\spotify.exe |
"TCP Query User{D7804A8F-B046-453C-BB4E-C52D131980B3}F:\kproxy\kproxyagent\jre\bin\javaw.exe" = protocol=6 | dir=in | app=f:\kproxy\kproxyagent\jre\bin\javaw.exe |
"TCP Query User{E1657964-E91E-460E-BA56-A186DB47EE6C}C:\users\theo\appdata\roaming\gamemaker-studio\runner.exe" = protocol=6 | dir=in | app=c:\users\theo\appdata\roaming\gamemaker-studio\runner.exe |
"UDP Query User{4B87E70D-9BF8-4EBE-8A16-156164407852}F:\kproxy\kproxyagent\jre\bin\javaw.exe" = protocol=17 | dir=in | app=f:\kproxy\kproxyagent\jre\bin\javaw.exe |
"UDP Query User{64310738-E786-40A8-B295-FAA181E81C53}F:\spel\hirezgames\smite\binaries\win32\smite.exe" = protocol=17 | dir=in | app=f:\spel\hirezgames\smite\binaries\win32\smite.exe |
"UDP Query User{7E598FAA-6990-4D0F-876F-1BD93DF353B4}C:\users\theo\appdata\roaming\gamemaker-studio\runner.exe" = protocol=17 | dir=in | app=c:\users\theo\appdata\roaming\gamemaker-studio\runner.exe |
"UDP Query User{8F3F4F89-4966-47C6-A40F-D5C0584BC73E}F:\spel\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=f:\spel\guild wars 2\gw2.exe |
"UDP Query User{9DD77F50-7988-4B07-BC44-B419B7D697A6}C:\users\ust1207276\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\ust1207276\appdata\roaming\spotify\spotify.exe |
"UDP Query User{A3745CC3-CB29-488F-9C05-2D2A27756886}C:\users\ella\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\ella\appdata\roaming\spotify\spotify.exe |
"UDP Query User{AAA9A340-FCFB-4A20-A388-D4E91739DC05}C:\users\theo\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\theo\appdata\roaming\spotify\spotify.exe |
"UDP Query User{B3B973C4-1B63-4EEC-83B8-F9200444967B}C:\users\ella\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\ella\appdata\roaming\spotify\spotify.exe |
"UDP Query User{D33F6ADA-ED71-47B1-9592-9E1DCFA9A1AF}C:\users\ust1207276\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\ust1207276\appdata\roaming\spotify\spotify.exe |
"UDP Query User{F387D8EE-3BFC-4D6B-8880-EC0194650C2E}C:\users\theo\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\theo\appdata\roaming\spotify\spotify.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{17DB0909-D123-43E1-B5F2-CC356E08B4AA}" = AdAwareInstaller
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0922-000001000000}" = 7-Zip 9.22 (x64 edition)
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{400C1876-77C4-3B30-96E6-D0FDF0379922}" = Microsoft .NET Framework 4.5.2 (SVE)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1053" = Microsoft .NET Framework 4.5.2 (svenska)
"{A5C0392D-46A7-4CB3-800B-5794909453BD}" = AdAwareUpdater
"{A5C0392D-46A7-4CB3-800B-5794909453BD}_AdAwareUpdater" = Ad-Aware Antivirus
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision drivrutin 347.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIAs kontrollpanel 347.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafikdrivrutin 347.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision drivrutin för styrenhet 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX systemprogramvara 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA-uppdatering 10.4.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD audiodrivrutin 1.3.33.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{CC347FC6-C8D7-493A-B70E-1D89E22691A7}" = AntimalwareEngine
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"CCleaner" = CCleaner
"HitmanPro37" = HitmanPro 3.7
"Temp File Cleaner" = Temp File Cleaner
"WhoCrashed_is1" = WhoCrashed 4.01
"WinRAR archiver" = WinRAR 4.20 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D.com FurMark 1.10.1
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.0
"{26A24AE4-039D-4CA4-87B4-2F83218031F0}" = Java 8 Update 31
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}" = Smite
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{3FD0C489-0F02-481a-A3E1-9754CD396761}" = Intel® Watchdog Timer Driver (Intel® WDT)
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A49BF17-D3D0-49F1-B17E-ACAE15F94CE2}}_is1" = New Star Soccer 5 v1.12
"{4E2EA555-3DAE-4BE1-96BF-6A632ACFE8DE}" = LEGO® Batman™ 2: DC Super Heroes
"{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1" = Emsisoft Anti-Malware
"{5F51441D-48C6-4308-9824-5D34211BB715}" = OpenOffice.org 3.3
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{655F6B43-070A-403C-9DAF-3FCC813C2E59}" = LavasoftTcpService
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" = League of Legends
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{96E3AED5-3D0B-4BB0-84C2-1EDADB204487}" = FlashFXP v4.2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1053-7B44-AB0000000001}" = Adobe Reader XI (11.0.10) - Svenska
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B810D852-DFD6-DARKSIII-89A5-CC4D47756DAF}_is1" = DarkSiders II version 5.1
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{D5116390-5C95-4FEA-A719-78C3C8B5DFB5}" = Ad-Aware Web Companion
"{D5116390-5C95-4FEA-A719-78C3C8B5DFB5}_WebCompanion" = Web Companion
"{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1" = Cube World version 0.0.1
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.136
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}" = SimCity™
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® OpenCL CPU Runtime
"Actual Multiple Monitors_is1" = Actual Multiple Monitors 4.2
"Adobe Digital Editions 3.0" = Adobe Digital Editions 3.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 16 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 16 NPAPI
"Adobe Shockwave Player" = Adobe Shockwave Player 12.1
"avast" = Avast Free Antivirus
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"Battle.net" = Battle.net
"DAEMON Tools Lite" = DAEMON Tools Lite
"ESET Online Scanner" = ESET Online Scanner v3
"FileZilla Client" = FileZilla Client 3.5.3
"Guild Wars 2" = Guild Wars 2
"Hearthstone" = Hearthstone
"ImgBurn" = ImgBurn
"K-Meleon" = K-Meleon 1.5.4 en-US (remove only)
"League of Legends 3.0.1" = League of Legends
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.4.1028
"Mozilla Firefox 35.0.1 (x86 en-US)" = Mozilla Firefox 35.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Origin" = Origin
"Steam" = Steam
"Steam App 105600" = Terraria
"Steam App 11450" = Overlord
"Steam App 12710" = Overlord: Raising [bleep]
"Steam App 12810" = Overlord II
"Steam App 214850" = GameMaker: Studio
"Steam App 233450" = Prison Architect
"Steam App 242920" = Banished
"Steam App 298630" = The Escapists
"Steam App 322330" = Don't Starve Together Beta
"Steam App 35720" = Trine 2
"Steam App 4000" = Garry's Mod
"Steam App 570" = Dota 2
"Steam App 65980" = Sid Meier's Civilization: Beyond Earth
"Steam App 730" = Counter-Strike: Global Offensive
"Steam App 8930" = Sid Meier's Civilization V
"Stencyl" = Stencyl
"UMPlayer" = UMPlayer 0.98 [P4]
"Update Engine" = Sony Ericsson Update Engine
"Uplay" = Uplay
"Uplay Install 413" = The Crew (Worldwide)
"VLC media player" = VLC media player
"World of Warcraft" = World of Warcraft
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Spotify" = Spotify
"uTorrent" = µTorrent
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 2015-02-22 19:24:34 | Computer Name = UST1207276-COM | Source = Windows Search Service | ID = 3029
Description =
Error - 2015-02-22 19:24:34 | Computer Name = UST1207276-COM | Source = Windows Search Service | ID = 3028
Description =
Error - 2015-02-22 19:24:34 | Computer Name = UST1207276-COM | Source = Windows Search Service | ID = 3058
Description =
Error - 2015-02-22 19:24:34 | Computer Name = UST1207276-COM | Source = Windows Search Service | ID = 7010
Description =
Error - 2015-02-22 19:48:21 | Computer Name = UST1207276-COM | Source = Windows Backup | ID = 4104
Description =
Error - 2015-02-25 15:30:26 | Computer Name = UST1207276-COM | Source = Application Error | ID = 1000
Description = Felet uppstod i programmet med namn: nvtray.exe, version 7.17.13.4752,
tidsstämpel 0x54d3b58e , felet uppstod i modulen med namn: ntdll.dll, version 6.1.7601.18247,
tidsstämpel 0x521eaf24 Undantagskod: 0xc0000374 Felförskjutning: 0x00000000000c4102
Process-ID:
0x117c Programmets starttid: 0x01d051317be03a4d Sökväg till program: C:\Program Files\NVIDIA
Corporation\Display\nvtray.exe Sökväg till modul: C:\Windows\SYSTEM32\ntdll.dll Rapport-ID:
bf4980b6-bd24-11e4-8999-10bf4885de31
Error - 2015-02-25 15:35:57 | Computer Name = UST1207276-COM | Source = Application Error | ID = 1000
Description = Felet uppstod i programmet med namn: nvtray.exe, version 7.17.13.4752,
tidsstämpel 0x54d3b58e , felet uppstod i modulen med namn: ntdll.dll, version 6.1.7601.18247,
tidsstämpel 0x521eaf24 Undantagskod: 0xc0000374 Felförskjutning: 0x00000000000c4102
Process-ID:
0x1f64 Programmets starttid: 0x01d051320147e3eb Sökväg till program: C:\Program Files\NVIDIA
Corporation\Display\nvtray.exe Sökväg till modul: C:\Windows\SYSTEM32\ntdll.dll Rapport-ID:
84d6ebea-bd25-11e4-8999-10bf4885de31
Error - 2015-02-25 15:41:51 | Computer Name = UST1207276-COM | Source = SideBySide | ID = 16842832
Description = Det gick inte att skapa aktiveringskontext för C:\Users\UST1207276\Downloads\esetsmartinstaller_enu.exe.
Det finns ett fel i manifest- eller principfilen på rad . En komponentversion som
begärs av programmet står i konflikt med en annan komponentversion som redan är
aktiv. Följande komponenter orsakar konflikten: Komponent 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponent
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 2015-02-25 15:41:51 | Computer Name = UST1207276-COM | Source = SideBySide | ID = 16842832
Description = Det gick inte att skapa aktiveringskontext för C:\Users\UST1207276\Downloads\esetsmartinstaller_enu(1).exe.
Det finns ett fel i manifest- eller principfilen på rad . En komponentversion som
begärs av programmet står i konflikt med en annan komponentversion som redan är
aktiv. Följande komponenter orsakar konflikten: Komponent 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponent
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 2015-02-25 15:42:21 | Computer Name = UST1207276-COM | Source = Application Error | ID = 1000
Description = Felet uppstod i programmet med namn: nvtray.exe, version 7.17.13.4752,
tidsstämpel 0x54d3b58e , felet uppstod i modulen med namn: ntdll.dll, version 6.1.7601.18247,
tidsstämpel 0x521eaf24 Undantagskod: 0xc0000374 Felförskjutning: 0x00000000000c4102
Process-ID:
0x44c Programmets starttid: 0x01d051332263d831 Sökväg till program: C:\Program Files\NVIDIA
Corporation\Display\nvtray.exe Sökväg till modul: C:\Windows\SYSTEM32\ntdll.dll Rapport-ID:
69bf3a46-bd26-11e4-8999-10bf4885de31
[ System Events ]
Error - 2015-02-22 19:24:34 | Computer Name = UST1207276-COM | Source = Service Control Manager | ID = 7031
Description = Tjänsten Windows Search avslutades oväntat. Den har gjort detta 1
gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.
Error - 2015-02-22 19:25:03 | Computer Name = UST1207276-COM | Source = Service Control Manager | ID = 7038
Description = Tjänsten nvUpdatusService kunde inte logga in som .\UpdatusUser med
det för närvarande konfigurerade lösenordet på grund av följande fel: %%1330 Kontrollera
att tjänsten är korrekt konfigurerad med hjälp av snapin-modulen Tjänster i MMC
(Microsoft Management Console).
Error - 2015-02-22 19:25:03 | Computer Name = UST1207276-COM | Source = Service Control Manager | ID = 7000
Description = Tjänsten NVIDIA Update Service Daemon kunde inte startas på grund
av följande fel: %%1069
Error - 2015-02-22 19:25:04 | Computer Name = UST1207276-COM | Source = Service Control Manager | ID = 7032
Description = Tjänsthanteraren försökte utföra en korrigeringsåtgärd (Starta om
tjänsten) efter att tjänsten Windows Search avslutats oväntat, men denna åtgärd
misslyckades med följande fel: %%1056
Error - 2015-02-25 08:58:21 | Computer Name = UST1207276-COM | Source = Service Control Manager | ID = 7038
Description = Tjänsten nvUpdatusService kunde inte logga in som .\UpdatusUser med
det för närvarande konfigurerade lösenordet på grund av följande fel: %%1330 Kontrollera
att tjänsten är korrekt konfigurerad med hjälp av snapin-modulen Tjänster i MMC
(Microsoft Management Console).
Error - 2015-02-25 08:58:21 | Computer Name = UST1207276-COM | Source = Service Control Manager | ID = 7000
Description = Tjänsten NVIDIA Update Service Daemon kunde inte startas på grund
av följande fel: %%1069
Error - 2015-02-25 15:02:59 | Computer Name = UST1207276-COM | Source = Service Control Manager | ID = 7038
Description = Tjänsten nvUpdatusService kunde inte logga in som .\UpdatusUser med
det för närvarande konfigurerade lösenordet på grund av följande fel: %%1330 Kontrollera
att tjänsten är korrekt konfigurerad med hjälp av snapin-modulen Tjänster i MMC
(Microsoft Management Console).
Error - 2015-02-25 15:02:59 | Computer Name = UST1207276-COM | Source = Service Control Manager | ID = 7000
Description = Tjänsten NVIDIA Update Service Daemon kunde inte startas på grund
av följande fel: %%1069
Error - 2015-02-25 15:32:24 | Computer Name = UST1207276-COM | Source = Service Control Manager | ID = 7038
Description = Tjänsten nvUpdatusService kunde inte logga in som .\UpdatusUser med
det för närvarande konfigurerade lösenordet på grund av följande fel: %%1330 Kontrollera
att tjänsten är korrekt konfigurerad med hjälp av snapin-modulen Tjänster i MMC
(Microsoft Management Console).
Error - 2015-02-25 15:32:24 | Computer Name = UST1207276-COM | Source = Service Control Manager | ID = 7000
Description = Tjänsten NVIDIA Update Service Daemon kunde inte startas på grund
av följande fel: %%1069
< End of report >
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-02-2015 01
Ran by UST1207276 (administrator) on UST1207276-COM on 25-02-2015 21:15:24
Running from C:\Städning
Loaded Profiles: UST1207276 (Available profiles: UpdatusUser & UST1207276 & Theo & Ella)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Svenska (Sverige)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Hi-Rez Studios) F:\Spel\HiPatchService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareService.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareTray.exe
(Spotify Ltd) C:\Users\UST1207276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\UST1207276\AppData\Roaming\Spotify\spotify.exe
(Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Razer Inc.) C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Users\UST1207276\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\UST1207276\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
() C:\Users\UST1207276\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
() C:\Users\UST1207276\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\UST1207276\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(OldTimer Tools) C:\Städning\OTL.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575768 2014-09-07] (Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareTray.exe [8947008 2014-12-18] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1794704 2015-02-20] (NVIDIA Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-04] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [RzWizard] => C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe [254464 2014-10-20] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3638636406-2910424779-70769426-1002\...\Run: [Google Update] => C:\Users\UST1207276\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-19] (Google Inc.)
HKU\S-1-5-21-3638636406-2910424779-70769426-1002\...\Run: [Spotify Web Helper] => C:\Users\UST1207276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-14] (Spotify Ltd)
HKU\S-1-5-21-3638636406-2910424779-70769426-1002\...\Run: [Spotify] => C:\Users\UST1207276\AppData\Roaming\Spotify\Spotify.exe [6737976 2014-12-14] (Spotify Ltd)
HKU\S-1-5-21-3638636406-2910424779-70769426-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-3638636406-2910424779-70769426-1002\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1367360 2014-12-16] (Lavasoft)
HKU\S-1-5-21-3638636406-2910424779-70769426-1002\...\MountPoints2: {cf6e687b-3c47-11e2-9306-10bf4885de31} - H:\Startme.exe
HKU\S-1-5-21-3638636406-2910424779-70769426-1002\...\MountPoints2: {cf6e68b6-3c47-11e2-9306-10bf4885de31} - D:\Startme.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3638636406-2910424779-70769426-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://se.msn.com/?ocid=iehp
HKU\S-1-5-21-3638636406-2910424779-70769426-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://se.msn.com/?ocid=OIE9HP
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ent/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\UST1207276\AppData\Roaming\Mozilla\Firefox\Profiles\1yptopgm.default-1347815165264
FF NewTab: hxxp://www.google.com
FF SearchEngineOrder.1: google.se
FF Homepage: hxxp://www.superstart.se/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1214154.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3638636406-2910424779-70769426-1002: @tools.google.com/Google Update;version=3 -> C:\Users\UST1207276\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3638636406-2910424779-70769426-1002: @tools.google.com/Google Update;version=9 -> C:\Users\UST1207276\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Extension: Adblock Plus - C:\Users\UST1207276\AppData\Roaming\Mozilla\Firefox\Profiles\1yptopgm.default-1347815165264\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-25]
FF Extension: Greasemonkey - C:\Users\UST1207276\AppData\Roaming\Mozilla\Firefox\Profiles\1yptopgm.default-1347815165264\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-04-14]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} [2015-01-26]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} [2015-01-26]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-08-19]
Chrome:
=======
CHR HomePage: Default -> hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=SE&userid=f9f8cb6d-9b76-4e80-a315-3d5892090278&affid=111585&searchtype=hp&babsrc=lnkry
CHR StartupUrls: Default -> "hxxp://www.superstart.se/"
CHR Plugin: (Shockwave Flash) - C:\Users\UST1207276\AppData\Local\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\UST1207276\AppData\Local\Google\Chrome\Application\40.0.2214.115\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\UST1207276\AppData\Local\Google\Chrome\Application\40.0.2214.115\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\UST1207276\AppData\Local\Google\Chrome\Application\40.0.2214.115\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Intel\® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Google Update) - C:\Users\UST1207276\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll No File
CHR Profile: C:\Users\UST1207276\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\UST1207276\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-08-19]
CHR Extension: (Google Search) - C:\Users\UST1207276\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-08-19]
CHR Extension: (Google Wallet) - C:\Users\UST1207276\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-20]
CHR Extension: (Gmail) - C:\Users\UST1207276\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-08-19]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-24]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4920104 2014-12-31] (Emsisoft GmbH)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-24] (AVAST Software)
U2 HiPatchService; F:\Spel\HiPatchService.exe [9216 2015-01-12] (Hi-Rez Studios) [File not signed]
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-02-19] (SurfRight B.V.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareService.exe [713568 2014-12-18] ()
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpService.exe [1351512 2014-12-16] (Lavasoft Limited)
R2 RzWizardService; C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [367616 2014-10-20] (Razer Inc.) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [15208 2014-12-16] ()
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155320 2012-01-18] (Avanquest Software) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [23088 2014-05-12] (Emsisoft GmbH)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-24] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-24] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-24] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-24] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-24] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-24] ()
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-08-19] (DT Soft Ltd)
R3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [58368 2014-05-04] (GenesysLogic)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-25] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2014-05-04] (Intel Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-02-04] ()
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-10-09] (BitDefender S.R.L.)
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-25 20:34 - 2015-02-25 20:34 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-25 20:34 - 2015-02-25 20:34 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-25 20:34 - 2015-02-25 20:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-25 20:34 - 2015-02-25 20:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-25 20:34 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-25 20:34 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-25 20:34 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-25 20:30 - 2015-02-25 20:42 - 00000000 ____D () C:\Users\UST1207276\AppData\Local\CrashDumps
2015-02-25 20:28 - 2015-02-05 18:57 - 00621384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-02-25 20:07 - 2015-02-25 20:07 - 05325696 _____ (Piriform Ltd) C:\Users\UST1207276\Downloads\ccsetup503.exe
2015-02-25 14:17 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 14:17 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-23 00:22 - 2015-02-25 20:30 - 00000831 _____ () C:\Windows\setupact.log
2015-02-23 00:22 - 2015-02-23 00:22 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-20 09:31 - 2015-02-20 09:31 - 00000000 __SHD () C:\Users\Ella\AppData\Local\EmieBrowserModeList
2015-02-20 01:18 - 2015-02-20 01:18 - 32106640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 24768144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 20466496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 17253848 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 13294528 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 13208200 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 10773704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 10713256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 10284872 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-02-20 01:18 - 2015-02-20 01:18 - 03610768 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 03247248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 02902784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434752.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434752.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 00969872 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 00943760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 00929936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 00908104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 00877816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 00399504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 00345744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 00305136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-02-20 01:18 - 2015-02-20 01:18 - 00177624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 00164752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-02-15 19:53 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-02-15 17:32 - 2015-02-15 17:32 - 00000204 _____ () C:\Users\UST1207276\Desktop\Counter-Strike Global Offensive.url
2015-02-15 16:08 - 2015-02-15 16:08 - 00003118 _____ () C:\Windows\System32\Tasks\{241863CD-B1DE-470D-A17E-B76C25864E70}
2015-02-15 16:01 - 2015-02-15 16:01 - 00033003 _____ () C:\Users\UST1207276\Downloads\Addition.txt
2015-02-15 16:00 - 2015-02-15 16:01 - 00048175 _____ () C:\Users\UST1207276\Downloads\FRST.txt
2015-02-15 16:00 - 2015-02-15 16:00 - 02134528 _____ (Farbar) C:\Users\UST1207276\Downloads\FRST64.exe
2015-02-15 15:55 - 2015-02-15 15:55 - 00000630 _____ () C:\Users\UST1207276\Desktop\JRT.txt
2015-02-15 15:43 - 2015-02-15 15:43 - 02112512 _____ () C:\Users\UST1207276\Downloads\adwcleaner_4.110.exe
2015-02-14 14:55 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-14 14:55 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-14 14:55 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-14 14:55 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-12 14:32 - 2015-02-12 14:32 - 00000000 ____D () C:\ProgramData\F33D770B2FF3CC64EA5EBEC025FB5D9A
2015-02-12 13:16 - 2015-02-12 13:16 - 00000000 ____D () C:\Users\Theo\AppData\Local\SuperDonut
2015-02-12 13:03 - 2015-02-12 14:32 - 00000000 ____D () C:\Users\Theo\AppData\Local\gamemaker_studio
2015-02-12 13:03 - 2015-02-12 13:03 - 00000000 ____D () C:\ProgramData\gamemaker_studio
2015-02-12 12:57 - 2015-02-12 12:58 - 163904608 _____ () C:\Users\Theo\Downloads\GoProStudioPC-2.5.4.404.exe
2015-02-11 23:38 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 23:38 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 23:38 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 23:38 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 23:38 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 23:38 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 23:38 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 23:38 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 23:38 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 23:38 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 23:38 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 23:38 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 23:38 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 23:38 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 23:38 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 23:38 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 23:38 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 23:38 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 23:38 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 23:38 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 23:38 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 23:38 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 23:38 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 23:38 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 23:38 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 23:38 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 23:38 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 23:38 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 23:38 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 23:38 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 23:38 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 23:38 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 23:38 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 23:38 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 23:38 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 23:38 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 23:38 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 23:38 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 23:38 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 23:38 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 23:38 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 23:38 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 23:38 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 23:38 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 23:38 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 23:38 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 23:38 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 23:38 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 23:38 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 23:38 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 23:38 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 23:38 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 23:38 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 23:38 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 23:38 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 23:38 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 23:38 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 23:38 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 23:38 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 23:38 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 23:38 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 23:38 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 23:38 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 23:38 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 23:38 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 23:38 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 23:38 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 23:38 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 23:38 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 23:38 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 23:38 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 23:38 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 23:38 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 23:38 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 23:38 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 23:38 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 23:38 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 23:38 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 23:38 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 23:38 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 23:38 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 23:38 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 23:38 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 23:38 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 23:38 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 23:38 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 23:38 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 23:38 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 23:38 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 23:38 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 23:38 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 23:38 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 23:38 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 23:38 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 23:38 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 23:38 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 23:38 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 23:38 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 23:38 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 23:38 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 23:38 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 23:38 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-11 23:38 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-11 23:38 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-11 23:38 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-11 23:38 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 23:38 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 23:38 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 23:38 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 23:38 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 23:38 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 23:37 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-05 21:28 - 2015-02-05 21:30 - 00000000 ____D () C:\Users\Theo\Desktop\Sv film
2015-02-04 12:37 - 2015-02-04 12:37 - 02347384 _____ (ESET) C:\Users\UST1207276\Downloads\esetsmartinstaller_enu(1).exe
2015-02-04 11:21 - 2015-02-04 11:21 - 00000782 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-02-04 11:13 - 2015-02-04 11:13 - 15431256 _____ () C:\Users\UST1207276\Downloads\RogueKiller.exe
2015-02-04 11:13 - 2015-02-04 11:13 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-02-04 11:13 - 2015-02-04 11:13 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-02-04 09:38 - 2015-02-04 09:38 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2015-02-03 06:07 - 2015-02-03 06:07 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-02-02 23:25 - 2015-02-25 21:15 - 00000000 ____D () C:\FRST
2015-02-02 22:58 - 2015-02-02 23:21 - 00000000 ____D () C:\ProgramData\IObit
2015-02-02 21:33 - 2015-02-02 21:33 - 01388274 _____ (Thisisu) C:\Users\UST1207276\Downloads\JRT.exe
2015-02-02 21:23 - 2015-02-02 21:23 - 02347384 _____ (ESET) C:\Users\UST1207276\Downloads\esetsmartinstaller_enu.exe
2015-02-02 21:23 - 2015-02-02 21:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-02-02 21:05 - 2015-02-02 21:05 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-02 21:05 - 2015-02-02 21:05 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-02-02 21:05 - 2015-02-02 21:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-02 21:04 - 2015-02-02 21:04 - 00243440 _____ () C:\Users\UST1207276\Downloads\Firefox Setup Stub 35.0.1.exe
2015-01-28 07:07 - 2015-01-28 07:07 - 01080608 _____ (Unity Technologies ApS) C:\Users\Theo\Downloads\UnityWebPlayer(1).exe
2015-01-27 17:40 - 2015-01-27 17:40 - 00000000 ____D () C:\Users\Theo\AppData\Roaming\java
2015-01-27 17:39 - 2015-01-27 17:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-27 17:39 - 2015-01-27 17:38 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-27 17:38 - 2015-01-27 17:38 - 00639912 _____ (Oracle Corporation) C:\Users\Theo\Downloads\jxpiinstall.exe
2015-01-27 17:38 - 2015-01-27 17:38 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-26 19:13 - 2015-02-02 21:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-26 00:02 - 2015-01-26 00:02 - 00000000 ____D () C:\ProgramData\Auslogics
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-25 21:15 - 2014-12-28 19:37 - 00000000 ____D () C:\Städning
2015-02-25 21:12 - 2012-08-19 15:58 - 00001024 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3638636406-2910424779-70769426-1002UA.job
2015-02-25 21:03 - 2012-05-09 20:14 - 01336326 _____ () C:\Windows\WindowsUpdate.log
2015-02-25 20:37 - 2009-07-14 05:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-25 20:37 - 2009-07-14 05:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-25 20:36 - 2009-07-14 08:43 - 00663802 _____ () C:\Windows\system32\perfh01D.dat
2015-02-25 20:36 - 2009-07-14 08:43 - 00142602 _____ () C:\Windows\system32\perfc01D.dat
2015-02-25 20:36 - 2009-07-14 06:13 - 01580482 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-25 20:35 - 2012-08-19 16:03 - 00000000 ____D () C:\Users\UST1207276\AppData\Roaming\Spotify
2015-02-25 20:30 - 2015-01-25 21:03 - 00002281 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2015-02-25 20:30 - 2015-01-25 14:47 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2015-02-25 20:30 - 2012-08-19 19:42 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-02-25 20:30 - 2012-05-09 14:29 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-25 20:30 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-25 20:29 - 2012-08-21 16:44 - 01555116 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-02-25 20:28 - 2012-05-09 14:28 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-02-25 20:28 - 2012-05-09 14:28 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-02-25 20:28 - 2012-05-09 14:28 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-02-25 20:25 - 2012-05-09 14:26 - 00000868 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-25 20:01 - 2012-08-19 16:03 - 00000000 ____D () C:\Users\UST1207276\AppData\Local\Spotify
2015-02-25 14:11 - 2012-09-08 14:42 - 00000000 ____D () C:\Users\Theo\AppData\Roaming\Spotify
2015-02-25 13:56 - 2012-09-08 14:42 - 00000000 ____D () C:\Users\Theo\AppData\Local\Spotify
2015-02-20 18:31 - 2012-09-08 14:39 - 00000000 ____D () C:\Users\Ella\AppData\Roaming\Spotify
2015-02-20 17:13 - 2012-08-28 16:45 - 00000000 ____D () C:\Windows\Minidump
2015-02-20 15:07 - 2012-09-08 14:39 - 00000000 ____D () C:\Users\Ella\AppData\Local\Spotify
2015-02-20 15:07 - 2012-08-19 15:58 - 00000972 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3638636406-2910424779-70769426-1002Core.job
2015-02-20 01:18 - 2013-02-25 23:32 - 18575880 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-02-20 01:18 - 2013-02-25 23:32 - 16017040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-02-20 01:18 - 2013-02-25 23:32 - 14119744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-02-20 01:18 - 2013-02-25 23:32 - 03299512 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-02-20 01:18 - 2013-02-25 23:32 - 00995248 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-02-20 01:18 - 2012-05-09 14:28 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-02-19 23:13 - 2012-08-19 15:58 - 00002391 _____ () C:\Users\UST1207276\Desktop\Google Chrome.lnk
2015-02-16 18:30 - 2012-08-21 14:30 - 00000000 ____D () C:\Users\Theo\AppData\Roaming\Skype
2015-02-15 17:32 - 2013-02-04 15:15 - 00000000 ____D () C:\Users\UST1207276\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-02-15 16:54 - 2012-08-19 19:54 - 00000000 ____D () C:\Users\UST1207276\AppData\Roaming\Skype
2015-02-15 16:08 - 2014-12-27 11:19 - 00000000 ____D () C:\Users\UST1207276\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo
2015-02-15 15:45 - 2014-12-28 18:41 - 00000000 ____D () C:\AdwCleaner
2015-02-15 03:53 - 2014-09-07 12:18 - 00000000 ____D () C:\Windows\rescache
2015-02-12 12:55 - 2009-07-14 05:45 - 00294544 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 12:54 - 2014-12-11 11:11 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 12:54 - 2014-05-06 23:19 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-12 12:54 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-11 23:48 - 2014-12-02 15:56 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-11 23:47 - 2013-08-14 22:34 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 23:44 - 2012-05-09 14:41 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-07 13:07 - 2012-08-19 15:58 - 00004004 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3638636406-2910424779-70769426-1002UA
2015-02-07 13:07 - 2012-08-19 15:58 - 00003608 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3638636406-2910424779-70769426-1002Core
2015-02-07 13:05 - 2009-07-14 06:08 - 00032514 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-06 15:09 - 2012-08-21 17:05 - 00000000 ____D () C:\Users\Theo\AppData\Roaming\vlc
2015-02-05 21:25 - 2012-05-09 14:26 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 21:25 - 2012-05-09 14:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-05 21:25 - 2012-05-09 14:26 - 00003806 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-05 20:07 - 2012-05-09 14:28 - 06861128 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-02-05 20:07 - 2012-05-09 14:28 - 03517584 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-02-05 20:07 - 2012-05-09 14:28 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-02-05 20:07 - 2012-05-09 14:28 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-02-05 20:07 - 2012-05-09 14:28 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-02-05 20:06 - 2012-05-09 14:28 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-02-05 13:50 - 2012-05-09 14:28 - 04236870 _____ () C:\Windows\system32\nvcoproc.bin
2015-02-04 11:21 - 2013-04-01 19:32 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-04 11:01 - 2012-08-21 14:29 - 00000000 ____D () C:\Users\Theo
2015-02-04 11:01 - 2012-08-20 05:57 - 00000000 ____D () C:\Users\Ella
2015-01-29 05:58 - 2014-05-04 19:24 - 00000000 ____D () C:\ProgramData\ProductData
2015-01-28 07:04 - 2012-08-21 14:32 - 00000000 ____D () C:\Users\Theo\AppData\Roaming\.minecraft
2015-01-27 17:39 - 2013-12-12 19:58 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-26 06:27 - 2012-08-19 20:07 - 00000000 ____D () C:\Users\UST1207276\AppData\Roaming\uTorrent
2015-01-26 00:04 - 2014-12-24 13:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2015-01-26 00:04 - 2013-05-27 15:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
==================== Files in the root of some directories =======
2012-08-19 16:02 - 2014-09-20 17:22 - 0000027 _____ () C:\Program Files\plugins.dat
2014-05-04 19:29 - 2014-05-04 19:29 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-01-25 01:13 - 2015-01-25 01:13 - 0001392 _____ () C:\ProgramData\HirezPipeError.txt
Files to move or delete:
====================
C:\Users\Theo\jagex_cl_runescape_LIVE.dat
C:\Users\Theo\random.dat
Some content of TEMP:
====================
C:\Users\UST1207276\AppData\Local\Temp\HitmanPro.exe
C:\Users\UST1207276\AppData\Local\Temp\Quarantine.exe
C:\Users\UST1207276\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-14 15:36
==================== End Of Log ============================
Edited by nattspindel, 25 February 2015 - 02:16 PM.
![How to get rid of URL:MAL [Solved] - last post by Dakeyras](https://www.geekstogo.com/forum/uploads/profile/photo-thumb-235300.jpg?_r=1436720488)
Sign In
Create Account
