Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

www.221199.com hijack and IE disabled


  • This topic is locked This topic is locked
6 replies to this topic

#1 d999

d999

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:51 AM

Posted 10 December 2013 - 08:30 PM

When I try to reset my homepage in the control panel and open the control panel again it has been reset to 221199.com. IE won't start. If I try to reset browser settings it fails on the default settings step. The problem persists in safe mode. No virus scan finds anything. I had accidentally downloaded baidu browser. I have uninstalled a ton of programs and cleaned the registry a number of times. 
 
 
DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 10.0.9200.16736
Run by Administrator at 8:51:46 on 2013-12-11
Microsoft Windows 7 Ultimate   6.1.7601.1.936.86.2052.18.2940.1380 [GMT 8:00]
.
AV: Panda Cloud Antivirus *Enabled/Updated* {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Ad-Aware Antivirus *Disabled/Outdated* {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: 360 Internet Security 2013 *Enabled/Updated* {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
SP: Ad-Aware Antivirus *Disabled/Outdated* {631A84A5-349B-D564-3A83-A0F22C2DF32B}
SP: 360 Internet Security 2013 *Enabled/Updated* {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
SP: Panda Cloud Antivirus *Enabled/Updated* {8F3797EF-DB90-F073-3C72-40C753554CD1}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Cloud Antivirus Firewall *Disabled* {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}
FW: Ad-Aware Firewall *Disabled* {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
.
============== Running Processes ================
.
C:\PROGRA~1\AVG\AVG2014\avgrsx.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareService.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\AVG\AVG2014\avgidsagent.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
C:\Program Files\Microsoft Office 15\ClientX86\integratedoffice.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\AVG\AVG2014\avgnsx.exe
C:\Program Files\AVG\AVG2014\avgemcx.exe
C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\ClamWin\bin\ClamTray.exe
C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareTray.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
C:\Program Files\DAP\DAP.exe
C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
E:\program files\ResophNotes\ResophNotes.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
E:\program files\The Journal 5\Journal5.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.221199.com/
uDefault_Page_URL = about:blank
uRun: [DownloadAccelerator] "c:\program files\dap\DAP.EXE" /STARTUP
mRun: [360sd] "c:\program files\360\360 internet security\360sdrun.exe"
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
mRun: [ClamWin] "c:\program files\clamwin\bin\ClamTray.exe" --logon
mRun: [AVG_UI] "c:\program files\avg\avg2014\avgui.exe" /TRAYONLY
mRun: [AdAwareTray] "c:\program files\lavasoft\ad-aware antivirus\ad-aware antivirus\11.0.4555.0\AdAwareTray.exe"
mRun: [PSUAMain] "c:\program files\panda security\panda cloud antivirus\PSUAMain.exe" /LaunchSysTray
uPolicies-Explorer: NoResolveTrack = dword:1
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: HideSCAHealth = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: SynchronousUserGroupPolicy = dword:0
mPolicies-System: SynchronousMachineGroupPolicy = dword:0
Trusted Zone: alipay.com
Trusted Zone: alisoft.com
Trusted Zone: taobao.com
TCP: NameServer = 222.246.129.81 59.51.78.211
TCP: Interfaces\{01D8AA3A-BD51-432A-9F16-2B2497777EEF} : DHCPNameServer = 222.246.129.81 59.51.78.211
TCP: Interfaces\{01D8AA3A-BD51-432A-9F16-2B2497777EEF}\4556E64616F5530334234403 : DHCPNameServer = 222.246.129.81 59.51.78.211 222.246.129.80
TCP: Interfaces\{AAD02555-D039-4928-B745-38EB99785CCB} : NameServer = 208.67.222.222 70.32.45.42
Handler: cdl - <Clsid value has no data>
Handler: file - <Clsid value has no data>
Handler: ftp - <Clsid value has no data>
Handler: http - <Clsid value has no data>
Handler: https - <Clsid value has no data>
Handler: javascript - <Clsid value has no data>
Handler: local - <Clsid value has no data>
Handler: mailto - <Clsid value has no data>
Handler: mk - <Clsid value has no data>
Handler: res - <Clsid value has no data>
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\program files\dap\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\program files\dap\dapie.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\31.0.1650.63\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys [2013-9-18 32384]
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-12-10 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2013-12-10 178304]
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-10-24 147768]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-10-31 222520]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-10-1 102712]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-9-10 27448]
R0 HookPort;HookPort;c:\windows\system32\drivers\hookport.sys [2013-12-9 75968]
R1 360AntiHacker;360Safe Anti Hacker Service;c:\windows\system32\drivers\360AntiHacker.sys [2013-12-9 86216]
R1 360Box;360Box mini-filter driver;c:\windows\system32\drivers\360Box.sys [2013-12-9 192184]
R1 360SelfProtection;360SelfProtection;c:\windows\system32\drivers\360SelfProtection.sys [2013-12-9 166480]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-12-10 774392]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-12-10 403440]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2013-11-5 120600]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-11-4 209176]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-9-17 22840]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-10-31 176952]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-8-1 193848]
R1 BAPIDRV;BAPIDRV;c:\windows\system32\drivers\BAPIDRV.SYS [2013-12-9 165048]
R1 EfiMon;EfiSystemMon;c:\windows\system32\drivers\efimon.sys [2013-12-9 22584]
R1 NNSALPC;NNSAlpc;c:\windows\system32\drivers\NNSAlpc.sys [2013-5-29 84200]
R1 NNSHTTP;NNSHttp;c:\windows\system32\drivers\NNSHttp.sys [2013-5-29 126184]
R1 NNSHTTPS;NNSHttps;c:\windows\system32\drivers\NNSHttps.sys [2013-5-29 107752]
R1 NNSIDS;NNSids;c:\windows\system32\drivers\NNSIds.sys [2013-5-29 124648]
R1 NNSPICC;NNSPicc;c:\windows\system32\drivers\NNSpicc.sys [2013-5-29 95464]
R1 NNSPOP3;NNSPop3;c:\windows\system32\drivers\NNSPop3.sys [2013-5-29 106344]
R1 NNSPROT;NNSProt;c:\windows\system32\drivers\NNSProt.sys [2013-5-29 287336]
R1 NNSPRV;NNSPrv;c:\windows\system32\drivers\NNSPrv.sys [2013-5-29 161384]
R1 NNSSMTP;NNSSmtp;c:\windows\system32\drivers\NNSSmtp.sys [2013-5-29 108904]
R1 NNSSTRM;NNSStrm;c:\windows\system32\drivers\NNSStrm.sys [2013-5-29 230376]
R1 NNSTLSC;NNSTlsc;c:\windows\system32\drivers\NNStlsc.sys [2013-5-29 93928]
R1 PSINKNC;PSINKnc;c:\windows\system32\drivers\PSINKNC.sys [2013-10-11 175848]
R1 qutmdserv;Quantum DeepScanner Servers;c:\windows\system32\drivers\qutmdrv.sys [2013-12-9 233400]
R1 qutmipc;qutmipc;c:\windows\system32\drivers\qutmipc.sys [2013-12-9 43576]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-12-10 35656]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-12-10 70384]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-12-10 50344]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2014\avgidsagent.exe [2013-11-11 3478544]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2014\avgwdsvc.exe [2013-9-24 348008]
R2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2013-4-22 822504]
R2 LavasoftAdAwareService11;Ad-Aware Service 11;c:\program files\lavasoft\ad-aware antivirus\ad-aware antivirus\11.0.4555.0\AdAwareService.exe [2013-10-18 497744]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-12-1 418376]
R2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files\panda security\panda cloud antivirus\PSANHost.exe [2013-10-3 140768]
R2 OfficeSvc;Microsoft Office Service;c:\program files\microsoft office 15\clientx86\integratedoffice.exe [2013-11-30 1320120]
R2 PSINAflt;PSINAflt;c:\windows\system32\drivers\PSINAflt.sys [2013-10-18 145640]
R2 PSINFile;PSINFile;c:\windows\system32\drivers\PSINFile.sys [2013-10-11 105704]
R2 PSINProc;PSINProc;c:\windows\system32\drivers\PSINProc.sys [2013-10-11 114920]
R2 PSINProt;PSINProt;c:\windows\system32\drivers\PSINProt.sys [2013-10-11 127720]
R2 PSUAService;Panda Product Service;c:\program files\panda security\panda cloud antivirus\PSUAService.exe [2013-10-19 37344]
R2 sftlist;Application Virtualization Client;c:\program files\microsoft application virtualization client\sftlist.exe [2013-6-26 523944]
R2 ZhuDongFangYu;Proactive Defence;c:\program files\360\360 internet security\deepscan\ZhuDongFangYu.exe [2013-12-9 225216]
R3 360AvFlt;360AvFlt mini-filter driver;c:\windows\system32\drivers\360AvFlt.sys [2013-12-9 56512]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2013-11-22 100504]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-12-1 22856]
R3 PSINReg;PSINReg;c:\windows\system32\drivers\PSINReg.sys [2013-10-11 97512]
R3 PSKMAD;PSKMAD;c:\windows\system32\drivers\PSKMAD.sys [2013-12-10 47632]
R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfswin7.sys [2013-6-26 584872]
R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplaywin7.sys [2013-6-26 197800]
R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirwin7.sys [2013-6-26 24232]
R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvolwin7.sys [2013-6-26 20136]
R3 sftvsa;Application Virtualization Service Agent;c:\program files\microsoft application virtualization client\sftvsa.exe [2013-6-26 207528]
S2 360rp;360 Internet Security 2013 Real-time Protection Loading Service;c:\program files\360\360 internet security\360rps.exe [2013-12-9 429488]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-12-1 701512]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192]
S3 360Camera;360Safe Camera Filter Service;c:\windows\system32\drivers\360Camera.sys [2013-12-9 36032]
S3 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys [2013-9-18 66176]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2011-4-12 62464]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-21 15872]
S3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys [2011-4-12 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2011-4-12 25600]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 27264]
S3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys [2011-4-12 112640]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2013-11-25 1343400]
S4 LULU Software CrashHandler;LULU Software CrashHandler;c:\program files\soda pdf 6\crash-handler-ws.exe [2013-11-14 833888]
S4 NNSPIHSW;NNSPihsw;c:\windows\system32\drivers\NNSPihsw.sys [2013-5-29 61672]
S4 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2013-10-9 3275136]
S4 Soda PDF 6;Soda PDF 6;c:\program files\soda pdf 6\ws.exe [2013-11-14 1512800]
SUnknown TsUsbFlt;TsUsbFlt; [x]
.
=============== File Associations ===============
.
ShellExec: Opera.exe: open="c:\program files\opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2013-12-10 14:12:19 -------- d-----w- c:\program files\Anki
2013-12-10 13:00:19 47632 ----a-w- c:\windows\system32\drivers\PSKMAD.sys
2013-12-10 12:58:33 -------- d-----w- c:\users\administrator\appdata\roaming\Panda Security
2013-12-10 12:55:55 -------- d-----w- c:\programdata\Panda Security
2013-12-10 12:55:55 -------- d-----w- c:\program files\Panda Security
2013-12-10 11:05:32 -------- d-----w- c:\users\administrator\appdata\local\NPE
2013-12-10 11:05:32 -------- d-----w- c:\programdata\Norton
2013-12-10 09:22:01 -------- d-----w- c:\users\administrator\appdata\roaming\AVAST Software
2013-12-10 09:20:18 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-12-10 09:20:17 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-12-10 09:20:16 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-12-10 09:20:16 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-12-10 09:20:08 43152 ----a-w- c:\windows\avastSS.scr
2013-12-10 09:19:50 -------- d-----w- c:\program files\AVAST Software
2013-12-10 09:18:49 -------- d-----w- c:\programdata\AVAST Software
2013-12-10 07:57:12 -------- d-----w- c:\users\administrator\appdata\roaming\LavasoftStatistics
2013-12-10 07:13:28 -------- d-----w- c:\program files\Lavasoft
2013-12-10 07:12:31 -------- d-----w- c:\program files\common files\Lavasoft
2013-12-10 06:32:10 -------- d-----w- c:\windows\system32\appmgmt
2013-12-08 06:04:34 -------- d-----w- c:\program files\Unlocker
2013-12-07 11:30:03 -------- d-----w- c:\users\administrator\appdata\roaming\.clamwin
2013-12-07 11:29:37 -------- d-----w- c:\programdata\.clamwin
2013-12-07 11:29:37 -------- d-----w- c:\program files\ClamWin
2013-12-07 10:53:14 388096 ----a-r- c:\users\administrator\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2013-12-07 10:53:14 -------- d-----w- c:\program files\Trend Micro
2013-12-07 08:20:16 -------- d-----w- c:\users\administrator\.OpenRPGMaker
2013-12-06 07:02:00 -------- d-----w- c:\program files\PFPortChecker
2013-12-06 07:01:04 -------- d-----w- c:\users\administrator\appdata\local\SearchProtect
2013-12-04 13:51:49 -------- d-----w- c:\users\administrator\appdata\roaming\uTorrent
2013-12-04 04:47:41 -------- d-----w- c:\users\administrator\appdata\local\ElevatedDiagnostics
2013-12-01 16:56:47 -------- d-----w- c:\program files\ResophNotes
2013-12-01 16:50:50 -------- d-----w- c:\users\administrator\.ResophNotes
2013-12-01 15:52:14 0 ----a-w- c:\windows\system32\nsh5EE6.tmp
2013-12-01 12:13:50 -------- d-----w- c:\users\administrator\appdata\roaming\Malwarebytes
2013-12-01 12:13:43 -------- d-----w- c:\programdata\Malwarebytes
2013-12-01 12:13:42 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-12-01 12:13:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-12-01 08:45:16 -------- d--h--w- c:\windows\msdownld.tmp
2013-12-01 04:16:56 -------- d-----w- c:\users\administrator\appdata\local\Deployment
2013-12-01 04:16:56 -------- d-----w- c:\users\administrator\appdata\local\Apps
2013-11-30 14:50:49 -------- d-----w- C:\test
2013-11-30 14:12:37 -------- d-----w- c:\users\administrator\appdata\roaming\avidemux
2013-11-30 13:31:46 -------- d-----w- c:\program files\AviSynth 2.5
2013-11-30 12:22:52 -------- d-----w- c:\programdata\AVS4YOU
2013-11-30 12:22:42 -------- d-----w- c:\users\administrator\appdata\roaming\AVS4YOU
2013-11-30 12:20:28 24576 ----a-w- c:\windows\system32\msxml3a.dll
2013-11-30 12:20:28 1700352 ----a-w- c:\windows\system32\GdiPlus.dll
2013-11-30 12:20:28 -------- d-----w- c:\program files\common files\AVSMedia
2013-11-30 12:20:28 -------- d-----w- c:\program files\AVS4YOU
2013-11-30 02:38:06 -------- d-----w- c:\program files\Microsoft SkyDrive
2013-11-30 02:38:05 -------- d-----r- c:\users\administrator\SkyDrive
2013-11-30 02:37:30 -------- d-----w- c:\programdata\Microsoft SkyDrive
2013-11-29 18:10:45 566480 ----a-w- c:\programdata\microsoft\clicktorun\{9ac08e99-230b-47e8-9721-4577b7f124ea}\integrator.exe
2013-11-29 17:56:54 -------- d-----w- c:\programdata\regid.1991-06.com.microsoft
2013-11-29 17:41:13 -------- d-----w- c:\program files\Microsoft Office 15
2013-11-29 06:05:38 -------- d-----w- c:\users\administrator\appdata\local\Microsoft Help
2013-11-28 16:00:39 0 ----a-w- c:\windows\system32\nsb49B6.tmp
2013-11-28 15:32:30 -------- d--h--w- c:\program files\InstallJammer Registry
2013-11-28 14:53:45 -------- d-----w- c:\users\administrator\appdata\local\WinZip
2013-11-28 14:53:30 -------- d-----w- c:\program files\File Association Helper
2013-11-28 14:45:19 -------- d-----w- c:\program files\Smith Micro
2013-11-26 07:02:03 -------- d-----w- c:\users\administrator\Microsoft Robotics Dev Studio 4
2013-11-26 07:00:24 -------- d-----w- c:\program files\Microsoft XNA
2013-11-26 06:56:27 -------- d-----w- c:\users\administrator\appdata\roaming\WWApk
2013-11-26 06:55:34 -------- d-----w- c:\users\administrator\appdata\local\Downloaded Installations
2013-11-26 06:15:49 -------- d-----w- c:\users\administrator\appdata\roaming\SpeedBit
2013-11-26 06:15:44 -------- d-----w- c:\program files\DAP
2013-11-26 06:15:31 172032 ----a-w- c:\windows\system32\AniGIF.ocx
2013-11-26 06:15:27 -------- d-----w- c:\programdata\SpeedBit
2013-11-26 06:06:59 -------- d-----w- c:\program files\common files\SpeedBit
2013-11-26 06:01:22 -------- d-----w- c:\users\administrator\appdata\roaming\Unity
2013-11-26 05:47:18 -------- d-----w- c:\users\administrator\appdata\local\Unity
2013-11-26 04:05:03 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-11-26 04:05:03 6016 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-11-26 04:05:03 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-11-26 04:05:03 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-11-26 04:05:03 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-11-26 04:05:02 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-11-26 04:05:02 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-11-25 06:30:49 -------- d-----w- c:\program files\ezvid
2013-11-25 06:18:51 -------- d-----w- c:\users\administrator\appdata\local\Programs
2013-11-25 00:12:12 -------- d-----w- c:\windows\system32\Wat
2013-11-24 07:06:03 -------- d-----w- c:\programdata\VirtualizedApplications
2013-11-24 05:29:54 680960 ----a-w- c:\program files\windows defender\MpSvc.dll
2013-11-24 05:29:54 392704 ----a-w- c:\program files\windows defender\MpClient.dll
2013-11-24 05:29:54 224768 ----a-w- c:\program files\windows defender\MpCommu.dll
2013-11-24 04:40:07 -------- d-----w- c:\users\administrator\appdata\local\SoftGrid Client
2013-11-24 04:38:48 -------- d-----w- c:\users\administrator\appdata\roaming\SoftGrid Client
2013-11-24 04:36:15 -------- d-----w- c:\windows\PCHEALTH
2013-11-24 04:36:15 -------- d-----w- c:\program files\Microsoft Application Virtualization Client
2013-11-24 04:32:38 -------- d-----w- c:\users\administrator\appdata\roaming\TP
2013-11-24 04:27:33 -------- d-----w- c:\users\administrator\appdata\roaming\LULU_Software_Limited
2013-11-24 04:23:32 -------- d-----w- c:\program files\Soda PDF 6
2013-11-24 04:21:19 -------- d-----w- c:\programdata\Soda PDF 6
2013-11-23 19:00:31 -------- d-----w- c:\windows\CheckSur
2013-11-23 08:12:23 317440 ----a-w- c:\windows\system32\spoolsv.exe
2013-11-23 08:12:17 80256 ----a-w- c:\windows\system32\drivers\amdsata.sys
2013-11-23 08:12:17 74240 ----a-w- c:\windows\system32\fsutil.exe
2013-11-23 08:12:17 332160 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2013-11-23 08:12:17 22400 ----a-w- c:\windows\system32\drivers\amdxata.sys
2013-11-23 08:12:17 1699328 ----a-w- c:\windows\system32\esent.dll
2013-11-23 08:12:17 148864 ----a-w- c:\windows\system32\drivers\storport.sys
2013-11-23 08:12:17 143744 ----a-w- c:\windows\system32\drivers\nvstor.sys
2013-11-23 08:12:17 117120 ----a-w- c:\windows\system32\drivers\nvraid.sys
2013-11-23 08:12:07 2616320 ----a-w- c:\windows\explorer.exe
2013-11-23 08:12:06 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-11-23 07:04:11 -------- d-----w- c:\windows\system32\aliedit
2013-11-23 07:04:00 -------- d-----w- c:\program files\AliWangWang
2013-11-23 05:29:19 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-11-23 05:29:19 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-11-23 05:29:18 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-11-23 05:29:18 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-11-23 05:29:15 613888 ----a-w- c:\windows\system32\WUDFx.dll
2013-11-23 05:29:15 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-11-23 05:29:15 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2013-11-22 12:46:26 -------- d-----w- c:\users\administrator\appdata\roaming\AVG2014
2013-11-22 12:45:39 -------- d-----w- c:\users\administrator\appdata\roaming\TuneUp Software
2013-11-22 12:45:05 -------- d--h--w- C:\$AVG
2013-11-22 12:45:05 -------- d-----w- c:\programdata\AVG2014
2013-11-22 12:44:53 -------- d-----w- c:\program files\AVG
2013-11-22 12:34:38 -------- d--h--w- c:\programdata\Common Files
2013-11-22 12:34:38 -------- d-----w- c:\users\administrator\appdata\local\MFAData
2013-11-22 12:34:38 -------- d-----w- c:\users\administrator\appdata\local\Avg2014
2013-11-22 12:34:38 -------- d-----w- c:\programdata\MFAData
2013-11-22 11:51:18 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2013-11-22 11:50:27 434688 ----a-w- c:\windows\system32\scavengeui.dll
2013-11-22 11:50:13 52224 ----a-w- c:\windows\system32\nlaapi.dll
2013-11-22 11:50:13 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2013-11-22 11:50:13 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2013-11-22 11:50:13 242176 ----a-w- c:\windows\system32\nlasvc.dll
2013-11-22 11:50:13 18944 ----a-w- c:\windows\system32\netevent.dll
2013-11-22 11:50:13 175104 ----a-w- c:\windows\system32\netcorehc.dll
2013-11-22 11:50:13 156672 ----a-w- c:\windows\system32\ncsi.dll
2013-11-22 11:47:01 47104 ----a-w- c:\windows\system32\appinfo.dll
2013-11-22 11:47:01 101720 ----a-w- c:\windows\system32\consent.exe
2013-11-22 11:27:39 -------- d-----w- c:\users\administrator\appdata\local\Adobe
2013-11-22 11:21:28 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-11-22 11:20:14 1505280 ----a-w- c:\windows\system32\d3d11.dll
2013-11-22 11:19:21 -------- d-----w- c:\users\administrator\appdata\local\Scrivener
2013-11-22 09:33:13 -------- d-----w- c:\programdata\APN
2013-11-22 09:09:27 -------- d-----w- c:\users\administrator\appdata\local\Opera Software
2013-11-22 09:09:26 -------- d-----w- c:\users\administrator\appdata\roaming\Opera Software
2013-11-22 08:14:11 -------- d-----w- c:\users\administrator\appdata\local\Thunderbird
2013-11-22 08:14:05 -------- d-----w- c:\program files\Mozilla Maintenance Service
2013-11-22 08:07:11 -------- d-----w- c:\users\administrator\appdata\roaming\OpenOffice
2013-11-22 08:06:13 -------- d-----w- c:\program files\OpenOffice 4
2013-11-22 07:36:55 -------- d-----r- c:\program files\Skype
2013-11-22 07:15:23 -------- d-----w- c:\program files\CCleaner
2013-11-22 07:03:09 -------- d-----w- c:\users\administrator\appdata\local\The Journal 5
2013-11-22 07:03:08 -------- d-----w- c:\users\administrator\appdata\roaming\The Journal 5
2013-11-22 06:55:36 -------- d-----w- c:\program files\DVD Maker
2013-11-22 06:55:24 -------- d-----w- c:\windows\system32\Speech
2013-11-22 06:55:24 -------- d-----w- c:\windows\Speech
2013-11-22 06:48:19 3584 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\en-us\LXKPTPRC.DLL.mui
2013-11-22 06:33:46 -------- dc----w- c:\users\administrator\appdata\local\MigWiz
2013-11-22 06:19:04 2348544 ----a-w- c:\windows\system32\win32k.sys
2013-11-22 06:18:26 729024 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-11-22 06:17:43 86016 ----a-w- c:\windows\system32\drivers\usbcir.sys
2013-11-22 06:17:43 80896 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2013-11-22 06:17:07 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-11-22 06:17:07 527064 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-11-22 06:17:07 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-11-22 06:16:35 530432 ----a-w- c:\windows\system32\comctl32.dll
2013-11-22 06:16:03 25728 ----a-w- c:\windows\system32\drivers\hidparse.sys
2013-11-22 06:16:02 55808 ----a-w- c:\windows\system32\drivers\hidclass.sys
2013-11-22 06:15:00 70656 ----a-w- c:\windows\system32\fontsub.dll
2013-11-22 06:15:00 34304 ----a-w- c:\windows\system32\atmlib.dll
2013-11-22 06:15:00 295424 ----a-w- c:\windows\system32\atmfd.dll
2013-11-22 06:15:00 26112 ----a-w- c:\windows\system32\lpk.dll
2013-11-22 06:15:00 10240 ----a-w- c:\windows\system32\dciman32.dll
2013-11-22 06:13:11 102608 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-11-22 05:57:17 442880 ----a-w- c:\windows\system32\ntshrui.dll
2013-11-22 05:56:06 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-11-22 05:54:57 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2013-11-22 05:54:57 231424 ----a-w- c:\windows\system32\mswsock.dll
2013-11-22 05:54:57 1294272 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-11-22 05:54:50 626688 ----a-w- c:\windows\system32\usp10.dll
2013-11-22 05:54:48 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2013-11-22 05:54:48 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2013-11-22 05:54:47 31232 ----a-w- c:\windows\system32\prevhost.exe
2013-11-22 05:54:47 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2013-11-22 05:54:09 164352 ----a-w- c:\windows\system32\profsvc.dll
2013-11-22 05:53:45 123904 ----a-w- c:\windows\system32\poqexec.exe
2013-11-22 05:53:44 81920 ----a-w- c:\windows\system32\davclnt.dll
2013-11-22 05:53:44 205824 ----a-w- c:\windows\system32\WebClnt.dll
2013-11-22 05:53:44 115712 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2013-11-22 05:53:43 400896 ----a-w- c:\windows\system32\srcore.dll
2013-11-22 05:53:42 2342400 ----a-w- c:\windows\system32\msi.dll
2013-11-22 05:53:39 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2013-11-22 05:51:51 478720 ----a-w- c:\windows\system32\timedate.cpl
2013-11-22 05:27:35 -------- d-----w- c:\program files\QQMailPlugin
2013-11-22 05:20:43 305152 ----a-w- c:\windows\system32\gdi32.dll
2013-11-22 05:20:22 1168384 ----a-w- c:\windows\system32\crypt32.dll
2013-11-22 05:19:46 679424 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-11-22 05:19:46 656896 ----a-w- c:\windows\system32\nshwfp.dll
2013-11-22 05:19:46 216576 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-11-22 05:15:19 2422272 ----a-w- c:\windows\system32\wucltux.dll
2013-11-22 05:15:10 88576 ----a-w- c:\windows\system32\wudriver.dll
2013-11-22 05:15:08 33792 ----a-w- c:\windows\system32\wuapp.exe
2013-11-22 05:15:08 171904 ----a-w- c:\windows\system32\wuwebv.dll
2013-11-22 04:58:15 -------- d-----w- c:\programdata\360safe
2013-11-22 04:55:14 -------- d-----w- c:\users\administrator\appdata\roaming\360Login
2013-11-22 04:54:45 724120 ----a-w- c:\windows\system32\baiducn.ime.old_306775_0
2013-11-22 04:54:45 -------- d-----w- c:\users\administrator\appdata\local\Baidu
2013-11-22 04:50:45 974848 ----a-w- c:\windows\system32\mfc70.dll
2013-11-22 04:49:27 -------- d-----w- c:\program files\CONEXANT
2013-11-22 04:48:53 506368 ----a-w- c:\windows\system32\sqlite3.dll
.
==================== Find3M  ====================
.
2013-11-22 12:13:47 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-22 12:13:47 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-11-22 11:21:28 906240 ----a-w- c:\windows\system32\FntCache.dll
2013-11-18 07:29:25 86216 ----a-w- c:\windows\system32\drivers\360AntiHacker.sys
2013-11-13 04:00:58 43576 ----a-w- c:\windows\system32\drivers\qutmipc.sys
2013-11-10 11:24:20 2449920 ----a-w- c:\windows\system32\python27.dll
2013-11-05 13:50:48 120600 ----a-w- c:\windows\system32\drivers\avgdiskx.sys
2013-11-04 13:57:30 209176 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2013-10-31 15:00:28 176952 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2013-10-31 14:30:08 222520 ----a-w- c:\windows\system32\drivers\avglogx.sys
2013-10-24 14:28:32 147768 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2013-10-24 11:02:13 36032 ----a-w- c:\windows\system32\drivers\360Camera.sys
2013-10-17 19:31:28 145640 ----a-w- c:\windows\system32\drivers\PSINAflt.sys
2013-10-11 09:46:25 97512 ----a-w- c:\windows\system32\drivers\PSINReg.sys
2013-10-11 09:46:25 127720 ----a-w- c:\windows\system32\drivers\PSINProt.sys
2013-10-11 09:46:24 114920 ----a-w- c:\windows\system32\drivers\PSINProc.sys
2013-10-11 09:45:49 175848 ----a-w- c:\windows\system32\drivers\PSINKNC.sys
2013-10-11 09:45:49 105704 ----a-w- c:\windows\system32\drivers\PSINFile.sys
2013-10-04 01:58:50 152576 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2013-10-04 01:56:25 168960 ----a-w- c:\windows\system32\credui.dll
2013-10-04 01:56:00 1796096 ----a-w- c:\windows\system32\authui.dll
2013-09-25 02:01:08 136640 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-09-25 02:01:06 67520 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-09-25 01:57:46 99840 ----a-w- c:\windows\system32\sspicli.dll
2013-09-25 01:57:26 22016 ----a-w- c:\windows\system32\secur32.dll
2013-09-25 01:57:24 247808 ----a-w- c:\windows\system32\schannel.dll
2013-09-25 01:56:42 220160 ----a-w- c:\windows\system32\ncrypt.dll
2013-09-25 01:56:02 1038848 ----a-w- c:\windows\system32\lsasrv.dll
2013-09-25 00:49:20 22016 ----a-w- c:\windows\system32\lsass.exe
2013-09-25 00:49:18 15872 ----a-w- c:\windows\system32\sspisrv.dll
2013-09-16 16:57:26 22840 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2013-09-13 07:07:07 165048 ----a-w- c:\windows\system32\drivers\BAPIDRV.SYS
.
============= FINISH:  8:53:40.52 ===============
 


BC AdBot (Login to Remove)

 


#2 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:06:51 PM

Posted 11 December 2013 - 11:13 AM

d999,

:welcome: to Bleeping Computer.

My name is Jason and I'll be helping you with your computer problems. You can call me by my screename jntkwx or Jason is fine.

Some things to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • Please do not attach logs or put logs in code or quote boxes (unless explicitly asked to)
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can also help.
  • Do not run anything while running a fix.
  • If you don't understand a step, please ask for clarification before continuing with any future steps.

In the upper right hand corner of the topic you will see the Follow This Topic button. Click on this then choose Receive Notification Immediately and then click Follow This Topic and you will be sent an email once I have posted a response and make the cleaning process faster.

Note to others: The instructions here are intended for the person who began this topic. If you need help, please create your own topic in the appropriate forum.
 
 



:step1: Uninstall Multiple Antivirus Programs
I do not recommend that you have more than one anti-virus product installed and running on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti-virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:

  1. False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
  2. System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.

Therefore please go to Programs and Features in the Control Panel, and remove all but one of the following:

  • Panda Cloud Antivirus
  • AVG
  • Ad-Aware Antivirus
  • avast
  • 360 Internet Security

 

 

:step2: FRST
Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right-click FRST then click "Run as administrator"
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.

Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.


Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#3 d999

d999
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:51 AM

Posted 11 December 2013 - 11:30 PM

Thanks. I was impatient and downloaded spyhunter, which seems to have a protection feature that keeps the homepage from being changed. When I saw your reply I uninstalled everything but ad-aware and the homepage still seems okay but IE still won't open. Here are the Farbar reports: Also, it's Chinese windows with an english language pack. The problems may have also started when I downloaded "search protect". 
 
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-12-2013
Ran by Administrator at 2013-12-12 12:21:00
Running from C:\Users\Administrator\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
 
==================== Installed Programs ======================
 
µTorrent (HKCU Version: 3.3.2.30303)
Ad-Aware Antivirus (Version: 11.0.4555.0)
AdAwareInstaller (Version: 11.0.4555.0)
AdAwareUpdater (Version: 11.0.4555.0)
Anki
AntimalwareEngine (Version: 2.6.0.0)
AVS Video Editor 6 (Version: 6.4.2.241)
CCleaner (Version: 4.07)
Conexant HD Audio (Version: 4.128.0.66)
Download Accelerator Plus (DAP)
File Association Helper (Version: 1.1.6.53763)
Google Chrome (Version: 31.0.1650.63)
Google Update Helper (Version: 1.3.22.3)
HanYu Dictionary 0.2
HiJackThis (Version: 1.0.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft CCR and DSS Runtime 4 (Version: 4.0.2610)
Microsoft Office 365 Home Premium - en-us (Version: 15.0.4551.1011)
Microsoft Office Click-to-Run 2010 (Version: 14.0.6122.5000)
Microsoft Office Starter 2010 - English (Version: 14.0.6137.5006)
Microsoft SkyDrive (HKCU Version: 17.0.2015.0811)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
Mozilla Maintenance Service (Version: 24.1.1)
Mozilla Thunderbird 24.1.1 (x86 en-US) (Version: 24.1.1)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4551.1011)
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1011)
Office 15 Click-to-Run Localization Component (Version: 15.0.4551.1011)
OpenOffice 4.0.1 (Version: 4.01.9714)
Opera Stable 18.0.1284.63 (Version: 18.0.1284.63)
PFPortChecker 1.0.39 (Version: 1.0.39)
ResophNotes (Version: 1.5.7)
Skype Click to Call (Version: 6.13.13771)
Skype™ 6.11 (Version: 6.11.102)
Soda PDF 6 (Version: 6.0.73.13545)
Soda PDF 6 View Module (Version: 6.0.4.13528)
StuffIt Expander 2011 (Version: 15.0.7.2518)
Unlocker 1.9.2 (Version: 1.9.2)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3)
WinZip 18.0 (Version: 18.0.10661)
 
==================== Restore Points  =========================
 
 
==================== Hosts content: ==========================
 
2009-07-14 10:04 - 2009-06-11 05:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {07AFE1EA-742E-4E9A-A2B3-4466760E38DB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd)
Task: {21A84DA8-659B-410C-BC4F-7BE95FC23236} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-01] (Google Inc.)
Task: {3F6A04A3-538F-420A-BB2F-67A79C518057} - \Microsoft\Windows Defender\MP Scheduled Scan No Task File
Task: {C6EEC9CE-4DFF-4383-A087-026623E92868} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\integratedoffice.exe [2013-11-01] (Microsoft Corporation)
Task: {D65E6FFB-8068-43AF-B7BB-FF6948CA0045} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-01] (Google Inc.)
Task: {D6B5DCF9-0E0F-43F9-824F-343FCC3DFDA7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {EF86267F-AB7B-480A-B470-5185A9252893} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2013-12-11] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-10-18 18:05 - 2013-10-18 18:05 - 00131920 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\pugixml.dll
2013-10-18 18:05 - 2013-10-18 18:05 - 02038088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\RCF.dll
2013-10-18 18:05 - 2013-10-18 18:05 - 00107392 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\boost_filesystem-vc100-mt-1_53.dll
2013-10-18 18:05 - 2013-10-18 18:05 - 00021880 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\boost_system-vc100-mt-1_53.dll
2013-10-18 18:05 - 2013-10-18 18:05 - 00048000 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\boost_date_time-vc100-mt-1_53.dll
2013-10-18 18:05 - 2013-10-18 18:05 - 00086904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\boost_thread-vc100-mt-1_53.dll
2013-10-18 18:05 - 2013-10-18 18:05 - 00405368 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\boost_locale-vc100-mt-1_53.dll
2013-10-18 18:05 - 2013-10-18 18:05 - 00227168 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\HtmlFramework.dll
2013-10-18 18:05 - 2013-10-18 18:05 - 00232272 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\Logger.dll
2013-10-18 18:05 - 2013-10-18 18:05 - 00055128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\DllStorage.dll
2013-10-18 18:05 - 2013-10-18 18:05 - 00643952 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareTrayDefaultSkin.dll
2013-10-18 18:05 - 2013-10-18 18:05 - 00119640 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\Localization.dll
2013-10-18 18:05 - 2013-10-18 18:05 - 00541008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\SQLite.dll
2013-12-05 22:16 - 2013-12-04 10:47 - 00702416 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-05 22:16 - 2013-12-04 10:47 - 00099792 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.63\libegl.dll
2013-12-05 22:16 - 2013-12-04 10:48 - 04055504 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-05 22:16 - 2013-12-04 10:48 - 00399312 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-05 22:16 - 2013-12-04 10:47 - 01619408 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== Faulty Device Manager Devices =============
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/12/2013 00:09:51 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (12/12/2013 00:09:51 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (12/12/2013 00:09:31 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/12/2013 00:03:10 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (12/12/2013 11:25:49 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (12/12/2013 11:02:07 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (12/12/2013 10:25:49 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (12/12/2013 09:25:51 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (12/12/2013 08:26:01 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/12/2013 08:17:27 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
 
System errors:
=============
Error: (12/12/2013 11:59:40 AM) (Source: Service Control Manager) (User: )
Description: The Proactive Defence service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (12/12/2013 08:26:34 AM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: 
%%1053
 
Error: (12/12/2013 08:26:34 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
 
Error: (12/12/2013 08:25:59 AM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Updating Service service depends on the Secondary Logon service which failed to start because of the following error: 
%%1058
 
Error: (12/12/2013 08:25:59 AM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: 
%%1053
 
Error: (12/12/2013 08:25:59 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
 
Error: (12/11/2013 11:16:57 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: 
%%1053
 
Error: (12/11/2013 11:16:57 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
 
Error: (12/11/2013 11:16:22 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Updating Service service depends on the Secondary Logon service which failed to start because of the following error: 
%%1058
 
Error: (12/11/2013 11:16:22 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: 
%%1053
 
 
Microsoft Office Sessions:
=========================
Error: (12/12/2013 00:09:51 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files\DAP\DAP.exe
 
Error: (12/12/2013 00:09:51 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files\DAP\DAP.exe
 
Error: (12/12/2013 00:09:31 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/12/2013 00:03:10 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files\DAP\DAP.exe
 
Error: (12/12/2013 11:25:49 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files\DAP\DAPIE.DLL
 
Error: (12/12/2013 11:02:07 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files\DAP\DAPIE.DLL
 
Error: (12/12/2013 10:25:49 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files\DAP\DAPIE.DLL
 
Error: (12/12/2013 09:25:51 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files\DAP\DAPIE.DLL
 
Error: (12/12/2013 08:26:01 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/12/2013 08:17:27 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files\DAP\DAPIE.DLL
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 36%
Total physical RAM: 2939.98 MB
Available physical RAM: 1873.36 MB
Total Pagefile: 5878.24 MB
Available Pagefile: 4682.62 MB
Total Virtual: 2047.88 MB
Available Virtual: 1914.15 MB
 
==================== Drives ================================
 
Drive c: © (Fixed) (Total:60 GB) (Free:20.47 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (D) (Fixed) (Total:100.01 GB) (Free:97.02 GB) NTFS
Drive e: (E) (Fixed) (Total:72.87 GB) (Free:68.54 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 233 GB) (Disk ID: 1E5E1E5D)
Partition 1: (Active) - (Size=60 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=173 GB) - (Type=OF Extended)
 
==================== End Of Log ============================
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-12-2013
Ran by Administrator (administrator) on WIN7-20131122RE on 12-12-2013 12:20:19
Running from C:\Users\Administrator\Downloads
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: 0804
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) ===================
 
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\integratedoffice.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareTray.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [] - [x]
HKLM\...\Run: [AdAwareTray] - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareTray.exe [2162008 2013-10-18] ()
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKCU\...\Policies\Explorer: [HideSCAHealth] 1
BootExecute: autocheck autochk * sdnclean.exe
 
==================== Internet (Whitelisted) ====================
 
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: No Name - {B4F3A835-0E21-4959-BA22-42B3008E02FF} -  No File
Handler: cdl - No CLSID Value - 
Handler: file - No CLSID Value - 
Handler: ftp - No CLSID Value - 
Handler: http - No CLSID Value - 
Handler: https - No CLSID Value - 
Handler: javascript - No CLSID Value - 
Handler: local - No CLSID Value - 
Handler: mailto - No CLSID Value - 
Handler: mk - No CLSID Value - 
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
Handler: res - No CLSID Value - 
ShellExecuteHooks:  - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} -  No File [ ]
Tcpip\..\Interfaces\{29AA7481-57B8-4CF4-8647-D011B7CCF41E}: [NameServer]222.246.129.81 59.51.78.211
 
Chrome: 
=======
CHR DefaultSearchKeyword: google.ca
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding}
CHR Extension: (Google Wallet) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR HKLM\...\Chrome\Extension: [kbhplonhjleiopohgmppianogioknked] - C:\Program Files\Common Files\SpeedBit\SBUpdate\NewTabLaunch.crx
 
========================== Services (Whitelisted) =================
 
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareService.exe [497744 2013-10-18] ()
S4 LULU Software CrashHandler; C:\Program Files\Soda PDF 6\crash-handler-ws.exe [833888 2013-11-14] (LULU SOFTWARE LIMITED)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX86\integratedoffice.exe [1320120 2013-11-01] (Microsoft Corporation)
S4 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
S4 Soda PDF 6; C:\Program Files\Soda PDF 6\ws.exe [1512800 2013-11-14] (LULU SOFTWARE LIMITED)
 
==================== Drivers (Whitelisted) ====================
 
S3 ahcix86s; C:\Windows\system32\drivers\ahcix86s.sys [222288 2011-04-08] (Advanced Micro Devices, Inc)
S3 amd_sata; C:\Windows\system32\drivers\amd_sata.sys [66176 2011-01-29] (Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\drivers\amd_xata.sys [32384 2011-01-29] (Advanced Micro Devices)
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [3015168 2012-09-18] (Qualcomm Atheros Communications, Inc.)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [100504 2012-09-24] (Qualcomm Atheros Co., Ltd.)
S3 mvs91xx; C:\Windows\system32\drivers\mvs91xx.sys [274736 2011-03-07] (Marvell Semiconductor, Inc.)
R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [584872 2013-06-26] (Microsoft Corporation)
R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [197800 2013-06-26] (Microsoft Corporation)
R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [24232 2013-06-26] (Microsoft Corporation)
R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [20136 2013-06-26] (Microsoft Corporation)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [340624 2013-07-17] (BitDefender S.R.L.)
U3 Changer; 
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-05] ()
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-12-12 12:20 - 2013-12-12 12:20 - 00005564 _____ C:\Users\Administrator\Downloads\FRST.txt
2013-12-12 12:19 - 2013-12-12 12:19 - 01060135 _____ (Farbar) C:\Users\Administrator\Downloads\FRST.exe
2013-12-12 12:19 - 2013-12-12 12:19 - 00000000 ____D C:\FRST
2013-12-12 12:05 - 2013-11-26 18:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 12:05 - 2013-11-26 17:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 12:05 - 2013-11-26 17:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 12:05 - 2013-11-26 16:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 12:05 - 2013-11-26 16:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 12:05 - 2013-11-26 16:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 12:05 - 2013-11-26 16:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 12:05 - 2013-11-26 16:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 12:05 - 2013-11-26 16:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 12:05 - 2013-11-26 16:29 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 12:05 - 2013-11-26 16:29 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 12:05 - 2013-11-26 16:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 12:05 - 2013-11-26 16:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 12:05 - 2013-11-26 16:13 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 12:05 - 2013-11-26 15:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 12:05 - 2013-11-26 15:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 12:05 - 2013-11-26 14:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 12:05 - 2013-11-26 14:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 12:05 - 2013-11-26 14:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 12:04 - 2013-05-10 12:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-12 12:04 - 2013-05-10 12:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 12:02 - 2013-12-12 12:02 - 00000079 _____ C:\Windows\wininit.ini
2013-12-12 08:36 - 2013-11-24 02:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 08:36 - 2013-10-30 10:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 08:36 - 2013-10-19 09:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 08:36 - 2013-10-12 10:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 08:36 - 2013-10-12 10:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 08:36 - 2013-10-12 09:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-12 08:36 - 2013-10-12 09:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 08:35 - 2013-11-12 10:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-12 08:35 - 2013-10-30 09:27 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 08:35 - 2013-10-04 09:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-12 08:35 - 2013-10-04 09:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 22:52 - 2013-12-11 22:52 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-11 22:52 - 2013-12-11 22:52 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-11 22:52 - 2013-12-11 22:52 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-11 22:52 - 2013-12-11 22:52 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-11 22:52 - 2013-12-11 22:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-11 22:52 - 2013-12-11 22:52 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-11 22:52 - 2013-12-11 22:52 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-11 22:52 - 2013-12-11 22:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-11 22:52 - 2013-12-11 22:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-11 22:52 - 2013-12-11 22:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-11 22:08 - 2013-12-12 12:08 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2013-12-11 22:08 - 2013-12-12 12:02 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-11 21:41 - 2013-12-11 21:41 - 00001962 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2013-12-11 21:41 - 2013-12-11 21:41 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\SUPERAntiSpyware.com
2013-12-11 20:39 - 2013-12-11 20:39 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-12-11 20:38 - 2013-12-12 12:02 - 00000000 ____D C:\Windows\220FB0354744483A9A0B41DF77061583.TMP
2013-12-11 20:38 - 2013-12-11 20:38 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-12-11 20:23 - 2013-12-11 20:24 - 01339719 _____ C:\Users\Administrator\Downloads\rootalyz-0.3.4.47.zip
2013-12-11 20:11 - 2013-12-11 20:11 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Administrator\Downloads\SpyHunter-Installer.exe
2013-12-11 15:05 - 2013-12-11 15:14 - 211811872 ____N (Symantec Corporation) C:\Users\Administrator\Downloads\N360-TW-21.1.0-EN-CA.exe
2013-12-11 12:11 - 2013-12-11 12:11 - 01445888 _____ (Blue Project Software) C:\Users\Administrator\Downloads\systracer_setup_en.exe
2013-12-11 09:41 - 2013-12-11 09:41 - 00001736 _____ C:\Users\Administrator\Documents\cc_20131211_094143.reg
2013-12-11 08:54 - 2013-12-11 08:54 - 00011781 _____ C:\Users\Administrator\Desktop\attach.txt
2013-12-11 08:54 - 2013-12-11 08:53 - 00032671 _____ C:\Users\Administrator\Desktop\dds.txt
2013-12-11 08:51 - 2013-12-11 08:51 - 00688992 ____R (Swearware) C:\Users\Administrator\Downloads\dds.com
2013-12-10 22:12 - 2013-12-10 22:12 - 00000700 _____ C:\Users\Administrator\Desktop\Anki.lnk
2013-12-10 22:12 - 2013-12-10 22:12 - 00000000 ____D C:\Program Files\Anki
2013-12-10 22:08 - 2013-12-10 22:10 - 25855552 _____ C:\Users\Administrator\Downloads\anki-2.0.19.exe
2013-12-10 22:03 - 2013-12-10 22:03 - 00000000 _____ C:\ProgramData\0x0304A000.sfl
2013-12-10 21:55 - 2013-12-10 21:55 - 00005768 _____ C:\Users\Administrator\Documents\cc_20131210_215513.reg
2013-12-10 21:25 - 2013-12-10 21:25 - 00337800 _____ (US Tech Support LLC) C:\Users\Administrator\Downloads\InstallCyberDefenderEDC-025839.exe
2013-12-10 20:58 - 2013-12-11 13:09 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Panda Security
2013-12-10 20:55 - 2013-12-11 13:13 - 00000000 ____D C:\Program Files\Panda Security
2013-12-10 20:51 - 2013-12-10 20:51 - 00845944 _____ C:\Users\Administrator\Downloads\PandaCloudAntivirus.exe
2013-12-10 19:05 - 2013-12-12 12:08 - 00000000 ____D C:\ProgramData\Norton
2013-12-10 19:05 - 2013-12-10 19:15 - 00000000 ____D C:\Users\Administrator\AppData\Local\NPE
2013-12-10 19:05 - 2013-12-10 19:05 - 03053496 ____N (Symantec Corporation) C:\Users\Administrator\Downloads\NPE.exe
2013-12-10 19:01 - 2013-12-10 19:01 - 00003790 _____ C:\Users\Administrator\Documents\cc_20131210_190109.reg
2013-12-10 19:01 - 2013-12-10 19:01 - 00002760 _____ C:\Users\Administrator\Documents\cc_20131210_190131.reg
2013-12-10 17:22 - 2013-12-10 17:22 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\AVAST Software
2013-12-10 17:20 - 2013-12-10 17:20 - 00269216 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-10 17:18 - 2013-12-11 17:30 - 00000000 ____D C:\ProgramData\AVAST Software
2013-12-10 17:12 - 2013-12-10 17:18 - 87529432 _____ (AVAST Software) C:\Users\Administrator\Downloads\avast_free_antivirus_setup.exe
2013-12-10 15:57 - 2013-12-10 15:57 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\LavasoftStatistics
2013-12-10 15:57 - 2013-12-10 15:57 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Lavasoft
2013-12-10 15:14 - 2013-12-10 15:14 - 00001328 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2013-12-10 15:13 - 2013-12-10 15:13 - 00000000 ____D C:\Program Files\Lavasoft
2013-12-10 15:12 - 2013-12-10 15:12 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2013-12-10 15:11 - 2013-12-10 15:11 - 01723528 _____ C:\Users\Administrator\Downloads\Adaware_Installer.exe
2013-12-10 15:11 - 2013-12-10 15:11 - 00000000 ____D C:\ProgramData\Lavasoft
2013-12-10 14:32 - 2013-12-10 22:00 - 00000000 ____D C:\Windows\system32\appmgmt
2013-12-09 13:52 - 2013-12-09 13:53 - 04728832 _____ C:\Users\Administrator\Downloads\Romanticism.ppt
2013-12-09 13:52 - 2013-12-09 13:52 - 02061312 _____ C:\Users\Administrator\Downloads\RomanticPeriod.ppt
2013-12-09 13:52 - 2013-12-09 13:52 - 00130560 _____ C:\Users\Administrator\Downloads\Romaticism.ppt
2013-12-09 13:52 - 2013-12-09 13:52 - 00130560 _____ C:\Users\Administrator\Downloads\Romaticism (1).ppt
2013-12-09 12:38 - 2013-12-09 13:18 - 213860320 _____ (Qihu 360 Software Co., Ltd.) C:\Users\Administrator\Downloads\360is_4.7.0.4700B.exe
2013-12-08 14:09 - 2013-12-08 14:09 - 00046846 _____ C:\Users\Administrator\Documents\cc_20131208_140905.reg
2013-12-08 14:04 - 2013-12-08 14:06 - 00000000 ____D C:\Program Files\Unlocker
2013-12-08 14:04 - 2013-12-08 14:04 - 01078591 _____ C:\Users\Administrator\Downloads\Unlocker1.9.2.exe
2013-12-08 14:04 - 2013-12-08 14:04 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2013-12-08 13:57 - 2013-12-08 13:57 - 00000000 __RSH C:\MSDOS.SYS
2013-12-08 13:57 - 2013-12-08 13:57 - 00000000 __RSH C:\IO.SYS
2013-12-07 19:17 - 2013-12-07 19:27 - 84496144 _____ (alch                                                        ) C:\Users\Administrator\Downloads\clamwin-0.98-setup.exe
2013-12-07 18:53 - 2013-12-07 18:53 - 00002999 _____ C:\Users\Administrator\Desktop\HiJackThis.lnk
2013-12-07 18:53 - 2013-12-07 18:53 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2013-12-07 18:53 - 2013-12-07 18:53 - 00000000 ____D C:\Program Files\Trend Micro
2013-12-07 18:52 - 2013-12-07 18:52 - 01402880 _____ C:\Users\Administrator\Downloads\HijackThis.msi
2013-12-07 18:24 - 2013-12-07 18:24 - 00000622 _____ C:\Users\Administrator\Downloads\TakeOwnership.zip
2013-12-07 18:24 - 2013-12-07 18:24 - 00000000 ____D C:\Users\Administrator\Documents\TakeOwnership
2013-12-07 16:56 - 2013-12-07 16:57 - 02077392 _____ (Microsoft Corporation) C:\Users\Administrator\Downloads\IE11-Windows6.1.exe
2013-12-07 16:20 - 2013-12-07 21:01 - 00000000 ____D C:\Users\Administrator\.OpenRPGMaker
2013-12-07 16:14 - 2013-12-07 16:15 - 20541465 _____ (Open RPG Maker Devs) C:\Users\Administrator\Downloads\OpenRPGMaker-2.0-win32.exe
2013-12-06 17:31 - 2013-12-06 17:31 - 15741757 _____ C:\Users\Administrator\Downloads\onepreview.wmv
2013-12-06 17:29 - 2013-12-06 17:29 - 06930063 _____ C:\Users\Administrator\Downloads\2videoclip.wmv
2013-12-06 16:14 - 2013-12-06 16:15 - 06793138 _____ C:\Users\Administrator\Downloads\simple_port_forwarding_setup.exe
2013-12-06 15:02 - 2013-12-06 15:02 - 00001026 _____ C:\Users\Administrator\Desktop\PFPortChecker.lnk
2013-12-06 15:02 - 2013-12-06 15:02 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portforward.com
2013-12-06 15:02 - 2013-12-06 15:02 - 00000000 ____D C:\Program Files\PFPortChecker
2013-12-06 15:01 - 2013-12-06 15:01 - 00000000 ____D C:\Users\Administrator\AppData\Local\SearchProtect
2013-12-06 14:59 - 2013-12-06 14:59 - 00161184 _____ C:\Users\Administrator\Downloads\PFPortChecker.exe
2013-12-06 14:49 - 2013-12-07 15:36 - 00000000 ____D C:\Users\Administrator\Downloads\Blood on the Tracks
2013-12-06 14:47 - 2013-12-06 14:47 - 00013406 _____ C:\Users\Administrator\Downloads\4D47B53BCCCC65E230E60DD81124F3CF375B9506.torrent
2013-12-06 14:44 - 2013-12-06 14:44 - 00012523 _____ C:\Users\Administrator\Downloads\Blood+-+Bob+Dylan.torrent
2013-12-05 20:46 - 2013-12-05 21:17 - 00000000 ____D C:\Users\Administrator\Downloads\The X-Files Season 1, 2, 3, 4, 5, 6, 7, 8 & 9 + Extras DVDRip HDTV TSV
2013-12-05 20:44 - 2013-12-05 23:20 - 00000000 ____D C:\Users\Administrator\Downloads\X-Files.x264.ac3-Season.2-MCH
2013-12-05 20:43 - 2013-12-07 14:29 - 00000000 ____D C:\Users\Administrator\Downloads\X-Files-Season2-HQ-DVDRIP-624x464
2013-12-05 20:42 - 2013-12-05 20:42 - 00238909 _____ C:\Users\Administrator\Downloads\The_X-Files_Season_1,_2,_3,_4,_5,_6,_7,_8_&_9_+_Extras_DVDRip_HDTV_TSV.torrent
2013-12-05 20:40 - 2013-12-05 20:40 - 00178023 _____ C:\Users\Administrator\Downloads\671A89C36B3092D2E358786EF5A25A99792856EF.torrent
2013-12-04 21:56 - 2013-12-04 21:57 - 00726611 _____ C:\Users\Administrator\Downloads\[kickass.to]the.x.files.season.2.full.dvd.rip.torrent
2013-12-04 21:55 - 2013-12-04 21:55 - 00157583 _____ C:\Users\Administrator\Downloads\[kickass.to]x.files.season.2.torrent
2013-12-04 21:53 - 2013-12-04 21:53 - 00000822 _____ C:\Users\Administrator\Desktop\µTorrent.lnk
2013-12-04 21:53 - 2013-12-04 21:53 - 00000802 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2013-12-04 21:51 - 2013-12-11 13:27 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\uTorrent
2013-12-04 21:51 - 2013-12-04 21:51 - 00036748 _____ C:\Users\Administrator\Downloads\[kickass.to]the.x.files.season.2.x264.dolby.ac3.subs.mch.torrent
2013-12-04 21:50 - 2013-12-04 21:50 - 01142864 _____ (BitTorrent Inc.) C:\Users\Administrator\Downloads\utorrent.exe
2013-12-02 12:49 - 2013-12-02 12:49 - 01452544 _____ C:\Users\Administrator\Downloads\Age of Reason PowerPoint.ppt
2013-12-02 12:12 - 2013-12-02 12:13 - 00239210 _____ C:\Users\Administrator\Downloads\database.txt
2013-12-02 12:12 - 2013-12-02 12:13 - 00239210 _____ C:\Users\Administrator\Desktop\database (1).txt
2013-12-02 00:56 - 2013-12-02 00:56 - 00000000 ____D C:\Program Files\ResophNotes
2013-12-02 00:54 - 2013-12-02 00:54 - 06958054 _____ C:\Users\Administrator\Downloads\ResophNotes157.zip
2013-12-02 00:50 - 2013-12-02 00:55 - 00000000 ____D C:\Users\Administrator\.ResophNotes
2013-12-02 00:49 - 2013-12-02 00:49 - 06791650 _____ C:\Users\Administrator\Downloads\ResophNotes124.zip
2013-12-01 23:52 - 2013-12-01 23:52 - 00000000 _____ C:\Windows\system32\nsh5EE6.tmp
2013-12-01 20:13 - 2013-12-01 20:13 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Malwarebytes
2013-12-01 20:13 - 2013-12-01 20:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-01 20:12 - 2013-12-01 20:13 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Administrator\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-01 19:24 - 2013-12-01 19:24 - 00401424 _____ C:\Users\Administrator\Documents\cc_20131201_192441.reg
2013-12-01 16:56 - 2013-12-01 16:56 - 00000241 _____ C:\Users\Administrator\Desktop\enabie3.reg
2013-12-01 16:45 - 2013-12-01 16:45 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-12-01 16:40 - 2013-12-01 16:42 - 31892616 _____ (Microsoft Corporation) C:\Users\Administrator\Downloads\EIE11_EN-US_WOL_WIN7.EXE
2013-12-01 13:59 - 2013-12-01 13:59 - 00660763 _____ C:\Users\Administrator\Downloads\RestoreBrowserSettings.zip
2013-12-01 13:59 - 2013-12-01 13:59 - 00000000 ____D C:\Users\Administrator\Documents\RestoreBrowserSettings
2013-12-01 12:57 - 2013-12-01 13:24 - 285277696 _____ (Igor Pavlov) C:\Users\Administrator\Downloads\OpenCV-2.4.7.exe
2013-12-01 12:56 - 2013-12-11 22:47 - 00000134 _____ C:\Users\Administrator\Desktop\Internet Explorer Troubleshooting.url
2013-12-01 12:44 - 2013-12-05 22:16 - 00002102 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-01 12:40 - 2013-12-10 21:46 - 00000000 ____D C:\Program Files\Google
2013-12-01 12:40 - 2013-12-10 17:39 - 00000554 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-01 12:40 - 2013-12-10 17:39 - 00000550 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-01 12:17 - 2013-12-01 12:30 - 00000000 ____D C:\Users\Administrator\Desktop\crawler results
2013-12-01 12:16 - 2013-12-10 14:31 - 00000000 ____D C:\Users\Administrator\AppData\Local\Deployment
2013-12-01 12:16 - 2013-12-01 12:16 - 00000000 ____D C:\Users\Administrator\AppData\Local\Apps\2.0
2013-12-01 12:07 - 2013-12-03 18:19 - 00000000 ____D C:\Users\Administrator\Desktop\S Sim
2013-11-30 23:10 - 2013-11-30 23:10 - 00001146 _____ C:\Users\Administrator\Desktop\VirtualDub - Shortcut.lnk
2013-11-30 22:50 - 2013-11-30 22:58 - 00000000 ____D C:\test
2013-11-30 22:12 - 2013-12-01 00:31 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\avidemux
2013-11-30 21:42 - 2013-11-30 21:42 - 00001480 _____ C:\Users\Administrator\Desktop\wmplayer - Shortcut.lnk
2013-11-30 21:31 - 2013-12-10 14:33 - 00000000 ____D C:\Program Files\AviSynth 2.5
2013-11-30 20:24 - 2013-11-30 20:24 - 00000000 ____D C:\Users\Administrator\Documents\AVS4YOU
2013-11-30 20:22 - 2013-11-30 20:22 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2013-11-30 20:22 - 2013-11-30 20:22 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\AVS4YOU
2013-11-30 20:22 - 2013-11-30 20:22 - 00000000 ____D C:\ProgramData\AVS4YOU
2013-11-30 20:21 - 2013-11-30 20:21 - 00001163 _____ C:\Users\Administrator\Desktop\AVS Video Editor.lnk
2013-11-30 20:20 - 2013-11-30 20:22 - 00000000 ____D C:\Program Files\Common Files\AVSMedia
2013-11-30 20:20 - 2013-11-30 20:22 - 00000000 ____D C:\Program Files\AVS4YOU
2013-11-30 20:20 - 2011-06-23 13:26 - 01700352 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2013-11-30 20:20 - 2011-06-23 13:25 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\msxml3a.dll
2013-11-30 10:38 - 2013-11-30 10:38 - 00002146 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2013-11-30 10:38 - 2013-11-30 10:38 - 00002062 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2013-11-30 10:38 - 2013-11-30 10:38 - 00002062 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2013-11-30 10:38 - 2013-11-30 10:38 - 00000000 ___RD C:\Users\Administrator\SkyDrive
2013-11-30 10:38 - 2013-11-30 10:38 - 00000000 ____D C:\Program Files\Microsoft SkyDrive
2013-11-30 10:37 - 2013-11-30 10:37 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive
2013-11-30 01:41 - 2013-12-11 15:35 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-11-30 01:18 - 2013-11-30 01:18 - 00000136 ____H C:\Users\Administrator\Desktop\.~lock.TRACKEDTOWORD4.doc#
2013-11-30 00:44 - 2013-11-30 03:26 - 00141189 _____ C:\Users\Administrator\Desktop\7.012 - Mock Assignments (3)changes tracked odf.odt
2013-11-30 00:39 - 2013-12-09 20:13 - 00000000 ____D C:\Users\Administrator\Desktop\to send
2013-11-29 14:05 - 2013-11-29 14:05 - 00000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help
2013-11-29 14:05 - 2013-11-29 14:05 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-29 07:41 - 2013-11-30 04:36 - 00000000 ____D C:\Users\Administrator\Desktop\assignments
2013-11-29 00:00 - 2013-11-29 00:00 - 00000000 _____ C:\Windows\system32\nsb49B6.tmp
2013-11-28 23:32 - 2013-12-10 14:32 - 00000000 ___HD C:\Program Files\InstallJammer Registry
2013-11-28 22:53 - 2013-11-28 22:53 - 00002281 _____ C:\Users\Public\Desktop\WinZip.lnk
2013-11-28 22:53 - 2013-11-28 22:53 - 00000000 ____D C:\Users\Administrator\AppData\Local\WinZip
2013-11-28 22:53 - 2013-11-28 22:53 - 00000000 ____D C:\ProgramData\WinZip
2013-11-28 22:53 - 2013-11-28 22:53 - 00000000 ____D C:\Program Files\WinZip
2013-11-28 22:53 - 2013-11-28 22:53 - 00000000 ____D C:\Program Files\File Association Helper
2013-11-28 22:45 - 2013-11-28 22:45 - 00002081 _____ C:\Users\Public\Desktop\StuffIt Expander 2011.lnk
2013-11-28 22:45 - 2013-11-28 22:45 - 00000000 ____D C:\Program Files\Smith Micro
2013-11-28 09:37 - 2013-11-28 09:37 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2013-11-28 09:37 - 2013-11-28 09:37 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2013-11-26 15:02 - 2013-12-10 14:37 - 00000000 ____D C:\Users\Administrator\Microsoft Robotics Dev Studio 4
2013-11-26 15:00 - 2013-12-10 14:32 - 00002469 _____ C:\Windows\DIFx.log
2013-11-26 15:00 - 2013-11-26 15:00 - 00000000 ____D C:\Program Files\Microsoft XNA
2013-11-26 14:56 - 2013-11-26 14:56 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\WWApk
2013-11-26 14:55 - 2013-11-26 14:57 - 00000000 ____D C:\Users\Administrator\AppData\Local\Downloaded Installations
2013-11-26 14:50 - 2013-11-30 10:36 - 00000000 ____D C:\Program Files\Microsoft.NET
2013-11-26 14:15 - 2013-11-26 14:16 - 00000000 ____D C:\Program Files\DAP
2013-11-26 14:15 - 2013-11-26 14:15 - 00172032 _____ (Jin Hui    E-mail: jinhui@jcomsoft.com   Web: http://www.jcomsoft.com) C:\Windows\system32\AniGIF.ocx
2013-11-26 14:15 - 2013-11-26 14:15 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\SpeedBit
2013-11-26 14:15 - 2013-11-26 14:15 - 00000000 ____D C:\ProgramData\SpeedBit
2013-11-26 14:06 - 2013-12-01 16:23 - 00000000 ____D C:\Program Files\Common Files\SpeedBit
2013-11-26 14:01 - 2013-11-26 14:01 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Unity
2013-11-26 13:47 - 2013-12-10 14:38 - 00000000 ____D C:\Users\Administrator\AppData\Local\Unity
2013-11-26 12:05 - 2013-09-04 09:15 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-11-26 12:05 - 2013-09-04 09:14 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-11-26 12:05 - 2013-09-04 09:14 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-11-26 12:05 - 2013-09-04 09:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-11-26 12:05 - 2013-09-04 09:14 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-11-26 12:05 - 2013-09-04 09:14 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-11-26 12:05 - 2013-09-04 09:14 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-11-25 14:31 - 2013-11-25 14:31 - 00000000 ____D C:\Users\Administrator\Documents\ezvid
2013-11-25 14:30 - 2013-11-25 14:31 - 00000000 ____D C:\Program Files\ezvid
2013-11-25 14:16 - 2013-11-25 14:16 - 00000136 ____H C:\Users\Administrator\Desktop\.~lock.Puritan Colonial Literature2.ppt#
2013-11-25 14:15 - 2013-11-25 14:15 - 00000136 ____H C:\Users\Administrator\Desktop\.~lock.Puritan Colonial Literature 2.ppt#
2013-11-25 14:04 - 2013-11-25 14:02 - 01245184 _____ C:\Users\Administrator\Desktop\Puritan Colonial Literature.ppt
2013-11-25 14:03 - 2013-11-25 14:01 - 00269312 _____ C:\Users\Administrator\Desktop\Colonial Period.ppt
2013-11-25 10:01 - 2013-11-25 12:38 - 33590784 _____ C:\Users\Administrator\Desktop\American Cuisine (1).ppt
2013-11-24 15:17 - 2013-11-24 15:17 - 00000000 __RHD C:\MSOCache
2013-11-24 15:06 - 2013-11-24 15:06 - 00000000 ____D C:\ProgramData\VirtualizedApplications
2013-11-24 12:40 - 2013-11-24 12:40 - 00000000 ____D C:\Users\Administrator\AppData\Local\SoftGrid Client
2013-11-24 12:38 - 2013-11-30 23:13 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\SoftGrid Client
2013-11-24 12:36 - 2013-11-30 10:36 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2013-11-24 12:36 - 2013-11-30 01:56 - 00000000 ____D C:\Program Files\Microsoft Office
2013-11-24 12:36 - 2013-11-25 08:13 - 00000000 ____D C:\Program Files\Microsoft Application Virtualization Client
2013-11-24 12:36 - 2013-11-24 12:36 - 00000000 ____D C:\Windows\PCHEALTH
2013-11-24 12:32 - 2013-11-24 12:38 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\TP
2013-11-24 12:27 - 2013-11-24 12:27 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\LULU_Software_Limited
2013-11-24 12:23 - 2013-11-24 12:23 - 00000000 ____D C:\Program Files\Soda PDF 6
2013-11-24 12:21 - 2013-11-24 12:21 - 00000000 ____D C:\ProgramData\Soda PDF 6
2013-11-24 03:00 - 2013-11-24 03:00 - 00000000 ____D C:\Windows\CheckSur
2013-11-23 16:12 - 2013-04-17 15:02 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-11-23 16:12 - 2012-02-11 13:37 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2013-11-23 16:12 - 2011-03-11 13:39 - 00148864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2013-11-23 16:12 - 2011-03-11 13:39 - 00143744 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2013-11-23 16:12 - 2011-03-11 13:39 - 00117120 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2013-11-23 16:12 - 2011-03-11 13:38 - 00332160 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2013-11-23 16:12 - 2011-03-11 13:38 - 00080256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2013-11-23 16:12 - 2011-03-11 13:38 - 00022400 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2013-11-23 16:12 - 2011-03-11 13:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2013-11-23 16:12 - 2011-03-11 13:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2013-11-23 16:12 - 2011-03-11 12:01 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2013-11-23 16:12 - 2011-02-25 13:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-11-23 15:04 - 2013-11-23 15:04 - 00000000 ____D C:\Windows\system32\aliedit
2013-11-23 14:13 - 2013-11-23 14:13 - 00179848 ____N C:\Windows\Minidump\112313-51823-01.dmp
2013-11-23 14:13 - 2013-11-23 14:13 - 00000000 ____D C:\Windows\Minidump
2013-11-23 13:29 - 2012-07-26 11:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2013-11-23 13:29 - 2012-07-26 11:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2013-11-23 13:29 - 2012-07-26 11:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2013-11-23 13:29 - 2012-07-26 11:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2013-11-23 13:29 - 2012-07-26 11:20 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2013-11-23 13:29 - 2012-07-26 10:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2013-11-23 13:29 - 2012-07-26 10:32 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2013-11-23 13:29 - 2012-06-02 22:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2013-11-22 20:45 - 2013-11-22 20:45 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\TuneUp Software
2013-11-22 20:34 - 2013-12-11 13:13 - 00000000 ____D C:\ProgramData\MFAData
2013-11-22 20:34 - 2013-11-22 20:34 - 00000000 ____D C:\Users\Administrator\AppData\Local\MFAData
2013-11-22 19:53 - 2013-10-04 09:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-22 19:53 - 2013-10-04 09:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-22 19:53 - 2013-10-04 09:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-22 19:53 - 2013-09-25 10:01 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-22 19:53 - 2013-09-25 10:01 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-22 19:53 - 2013-09-25 09:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-22 19:53 - 2013-09-25 09:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-22 19:53 - 2013-09-25 09:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-22 19:53 - 2013-09-25 09:56 - 01038848 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-22 19:53 - 2013-09-25 09:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-22 19:53 - 2013-09-25 08:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-22 19:53 - 2013-09-25 08:49 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-22 19:53 - 2013-07-04 20:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-22 19:53 - 2012-08-22 04:12 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2013-11-22 19:51 - 2013-05-10 11:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-11-22 19:50 - 2013-08-28 08:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-11-22 19:50 - 2012-10-04 00:42 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2013-11-22 19:50 - 2012-10-04 00:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2013-11-22 19:50 - 2012-10-04 00:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2013-11-22 19:50 - 2012-10-04 00:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2013-11-22 19:50 - 2012-10-04 00:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2013-11-22 19:50 - 2012-10-04 00:40 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2013-11-22 19:50 - 2012-10-03 23:21 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2013-11-22 19:48 - 2012-12-07 20:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2013-11-22 19:48 - 2012-12-07 20:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2013-11-22 19:48 - 2012-12-07 18:46 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2013-11-22 19:48 - 2012-12-07 18:46 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2013-11-22 19:48 - 2012-12-07 18:46 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2013-11-22 19:48 - 2012-12-07 18:46 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2013-11-22 19:48 - 2012-12-07 18:46 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2013-11-22 19:48 - 2012-12-07 18:46 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2013-11-22 19:48 - 2012-12-07 18:46 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2013-11-22 19:48 - 2012-12-07 18:46 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2013-11-22 19:48 - 2012-12-07 18:46 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2013-11-22 19:48 - 2012-12-07 18:46 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2013-11-22 19:48 - 2012-12-07 18:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2013-11-22 19:48 - 2012-12-07 18:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2013-11-22 19:48 - 2012-12-07 18:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2013-11-22 19:48 - 2012-12-07 18:46 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2013-11-22 19:47 - 2013-07-26 09:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-11-22 19:47 - 2013-07-26 09:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-11-22 19:47 - 2013-02-27 13:05 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-11-22 19:47 - 2013-02-27 12:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2013-11-22 19:32 - 2013-11-22 19:38 - 00003758 _____ C:\Windows\IE9_main.log
2013-11-22 19:27 - 2013-11-22 19:44 - 00000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2013-11-22 19:26 - 2013-12-11 23:47 - 00060357 _____ C:\Windows\IE11_main.log
2013-11-22 19:22 - 2013-11-22 19:22 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll_old0
2013-11-22 19:22 - 2013-11-22 19:22 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll_old0
2013-11-22 19:22 - 2013-11-22 19:22 - 01138176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll_old0
2013-11-22 19:22 - 2013-11-22 19:22 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2013-11-22 19:21 - 2013-11-22 19:21 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 01988096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-11-22 19:20 - 2013-11-22 19:20 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-11-22 19:19 - 2013-11-22 19:25 - 00010385 _____ C:\Windows\IE10_main.log
2013-11-22 19:19 - 2013-11-22 19:19 - 00000000 ____D C:\Users\Administrator\AppData\Local\Scrivener
2013-11-22 19:08 - 2013-11-22 19:12 - 55621528 _____ (Literature and Latte) C:\Users\Administrator\Downloads\Scrivener-installer.exe
2013-11-22 18:59 - 2013-11-22 18:59 - 01889747 _____ (HanYu Team                                                  ) C:\Users\Administrator\Downloads\HanYu_0_2_final_x86.exe
2013-11-22 17:33 - 2013-11-22 17:33 - 00000000 ____D C:\ProgramData\APN
2013-11-22 17:09 - 2013-11-22 17:09 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Opera Software
2013-11-22 17:09 - 2013-11-22 17:09 - 00000000 ____D C:\Users\Administrator\AppData\Local\Opera Software
2013-11-22 17:08 - 2013-12-11 09:24 - 00000000 ____D C:\Program Files\Opera
2013-11-22 16:14 - 2013-11-22 16:14 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Thunderbird
2013-11-22 16:14 - 2013-11-22 16:14 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Mozilla
2013-11-22 16:14 - 2013-11-22 16:14 - 00000000 ____D C:\Users\Administrator\AppData\Local\Thunderbird
2013-11-22 16:14 - 2013-11-22 16:14 - 00000000 ____D C:\ProgramData\Mozilla
2013-11-22 16:14 - 2013-11-22 16:14 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2013-11-22 16:14 - 2013-11-22 16:14 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-22 16:07 - 2013-11-22 16:07 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\OpenOffice
2013-11-22 16:06 - 2013-11-22 16:06 - 00000000 ____D C:\Program Files\OpenOffice 4
2013-11-22 15:39 - 2013-12-12 09:25 - 00000000 ____D C:\Users\Administrator\Documents\Anki
2013-11-22 15:36 - 2013-11-22 15:37 - 00000000 ___RD C:\Program Files\Skype
2013-11-22 15:36 - 2013-11-22 15:37 - 00000000 ____D C:\ProgramData\Skype
2013-11-22 15:36 - 2013-11-22 15:36 - 00000000 ____D C:\Program Files\Common Files\Skype
2013-11-22 15:22 - 2013-12-06 14:32 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Skype
2013-11-22 15:15 - 2013-11-22 15:15 - 00000000 ____D C:\Program Files\CCleaner
2013-11-22 15:03 - 2013-11-22 15:09 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\The Journal 5
2013-11-22 15:03 - 2013-11-22 15:03 - 00000000 ____D C:\Users\Administrator\Documents\The Journal Volumes
2013-11-22 15:03 - 2013-11-22 15:03 - 00000000 ____D C:\Users\Administrator\AppData\Local\The Journal 5
2013-11-22 14:55 - 2013-11-25 08:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-11-22 14:55 - 2013-11-22 14:55 - 00000000 ____D C:\Windows\system32\Speech
2013-11-22 14:55 - 2013-11-22 14:55 - 00000000 ____D C:\Windows\Speech
2013-11-22 14:55 - 2013-11-22 14:55 - 00000000 ____D C:\Program Files\DVD Maker
2013-11-22 14:18 - 2013-08-01 19:03 - 00729024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-11-22 14:17 - 2013-07-12 18:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-11-22 14:17 - 2013-07-12 18:07 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2013-11-22 14:17 - 2013-06-26 06:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-11-22 14:17 - 2012-11-29 06:57 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-11-22 14:17 - 2012-11-29 06:57 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2013-11-22 14:17 - 2012-11-29 06:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2013-11-22 14:16 - 2013-07-04 19:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-11-22 14:16 - 2013-07-03 11:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-11-22 14:16 - 2013-07-03 11:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-11-22 14:15 - 2013-06-06 12:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-11-22 14:15 - 2013-06-06 12:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-11-22 14:15 - 2013-06-06 12:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-11-22 14:15 - 2013-06-06 11:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-11-22 14:15 - 2013-06-06 11:01 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-11-22 14:13 - 2013-07-20 18:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-11-22 13:57 - 2012-11-30 07:17 - 00420064 _____ C:\Windows\system32\locale.nls
2013-11-22 13:57 - 2012-01-04 16:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2013-11-22 13:56 - 2013-01-24 12:47 - 00196328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2013-11-22 13:55 - 2013-08-29 09:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-11-22 13:55 - 2013-08-29 09:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-11-22 13:55 - 2013-08-29 09:50 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-11-22 13:55 - 2013-08-29 09:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-11-22 13:55 - 2013-08-29 09:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-11-22 13:55 - 2013-08-05 09:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-11-22 13:55 - 2013-03-19 12:53 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-11-22 13:55 - 2013-03-19 12:48 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-11-22 13:55 - 2013-03-19 11:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2013-11-22 13:55 - 2013-03-19 10:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-11-22 13:55 - 2012-10-10 01:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2013-11-22 13:55 - 2012-10-10 01:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2013-11-22 13:55 - 2011-05-04 12:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2013-11-22 13:55 - 2011-05-04 12:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2013-11-22 13:55 - 2011-05-04 12:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2013-11-22 13:55 - 2011-05-04 12:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2013-11-22 13:55 - 2011-05-04 12:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2013-11-22 13:55 - 2011-05-04 12:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2013-11-22 13:55 - 2011-05-04 12:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2013-11-22 13:55 - 2011-05-04 12:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2013-11-22 13:55 - 2011-05-04 12:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2013-11-22 13:54 - 2013-09-14 08:48 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-22 13:54 - 2013-09-08 10:07 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-11-22 13:54 - 2013-09-08 10:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-11-22 13:54 - 2012-11-22 12:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2013-11-22 13:54 - 2012-08-23 01:16 - 00712048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2013-11-22 13:54 - 2012-07-05 03:45 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2013-11-22 13:54 - 2012-05-01 12:44 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2013-11-22 13:54 - 2011-05-24 18:44 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2013-11-22 13:54 - 2011-02-18 13:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2013-11-22 13:53 - 2013-07-04 19:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-11-22 13:53 - 2013-07-04 19:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-11-22 13:53 - 2013-07-04 17:48 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-11-22 13:53 - 2012-05-05 15:46 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2013-11-22 13:53 - 2012-04-07 19:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2013-11-22 13:53 - 2011-06-16 12:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2013-11-22 13:53 - 2011-04-23 03:14 - 00027008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2013-11-22 13:53 - 2011-04-09 13:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2013-11-22 13:51 - 2011-12-30 13:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2013-11-22 13:20 - 2013-10-06 03:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-22 13:20 - 2013-10-03 09:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-22 13:19 - 2013-10-12 10:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-22 13:19 - 2013-10-12 10:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-22 13:19 - 2013-10-12 10:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-22 13:15 - 2012-06-03 06:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-11-22 13:15 - 2012-06-03 06:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-11-22 13:15 - 2012-06-03 06:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-11-22 13:15 - 2012-06-03 06:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-11-22 13:15 - 2012-06-03 06:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-11-22 13:15 - 2012-06-03 06:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-11-22 13:15 - 2012-06-03 06:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-11-22 13:15 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-11-22 13:15 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-11-22 12:58 - 2013-11-26 14:59 - 00000000 ____D C:\ProgramData\360safe
2013-11-22 12:55 - 2013-11-22 12:55 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\360Login
2013-11-22 12:53 - 2013-12-11 19:41 - 00000000 ____D C:\Users\Administrator
2013-11-22 12:53 - 2013-12-11 13:20 - 00118672 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-22 12:53 - 2013-12-10 21:13 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2013-11-22 12:53 - 2013-11-26 14:59 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\360se
2013-11-22 12:53 - 2013-11-22 16:43 - 00000770 __RSH C:\Users\Administrator\ntuser.pol
2013-11-22 12:53 - 2013-11-22 12:53 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\程序
2013-11-22 12:53 - 2013-11-22 12:53 - 00000000 _SHDL C:\Users\Administrator\「开始」菜单
2013-11-22 12:53 - 2013-11-22 12:53 - 00000000 ____D C:\Users\Public\QiYi
2013-11-22 12:53 - 2013-11-22 12:53 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Qiyi
2013-11-22 12:53 - 2013-11-22 12:53 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\KuGou8
2013-11-22 12:53 - 2013-09-18 03:20 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia
2013-11-22 12:53 - 2013-09-18 03:20 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2013-11-22 12:53 - 2013-09-18 03:19 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2013-11-22 12:53 - 2013-09-18 03:17 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\WinRAR
2013-11-22 12:53 - 2013-09-18 03:09 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Maxthon3
2013-11-22 12:53 - 2013-09-16 22:16 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2013-11-22 12:53 - 2009-07-14 12:42 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-11-22 12:53 - 2009-07-14 12:37 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-11-22 12:51 - 2013-11-22 12:51 - 00270792 __RSH C:\OEMSF
2013-11-22 12:50 - 2013-12-12 12:13 - 01532983 _____ C:\Windows\WindowsUpdate.log
2013-11-22 12:50 - 2013-11-22 12:50 - 00000000 ____D C:\Intel
2013-11-22 12:50 - 2010-09-17 16:28 - 01355776 _____ (Microsoft Corporation) C:\Windows\system32\MSVBVM50.DLL
2013-11-22 12:50 - 2010-06-03 16:27 - 01053696 _____ (Microsoft Corporation) C:\Windows\system32\mfc71u.dll
2013-11-22 12:50 - 2010-06-03 16:27 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\MSVCP71.DLL
2013-11-22 12:50 - 2010-06-03 16:27 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\MSVCR71.DLL
2013-11-22 12:50 - 2010-06-03 16:27 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\atl71.dll
2013-11-22 12:50 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2013-11-22 12:50 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2013-11-22 12:50 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2013-11-22 12:50 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2013-11-22 12:50 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2013-11-22 12:50 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2013-11-22 12:50 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2013-11-22 12:50 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2013-11-22 12:50 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2013-11-22 12:50 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2013-11-22 12:50 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2013-11-22 12:50 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2013-11-22 12:50 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2013-11-22 12:50 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2013-11-22 12:50 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2013-11-22 12:50 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2013-11-22 12:50 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2013-11-22 12:50 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2013-11-22 12:50 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2013-11-22 12:50 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2013-11-22 12:50 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2013-11-22 12:50 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2013-11-22 12:50 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2013-11-22 12:50 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2013-11-22 12:50 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2013-11-22 12:50 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2013-11-22 12:50 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2013-11-22 12:50 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2013-11-22 12:50 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2013-11-22 12:50 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2013-11-22 12:50 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2013-11-22 12:50 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2013-11-22 12:50 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2013-11-22 12:50 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2013-11-22 12:50 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2013-11-22 12:50 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2013-11-22 12:50 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2013-11-22 12:50 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2013-11-22 12:50 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2013-11-22 12:50 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2013-11-22 12:50 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2013-11-22 12:50 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2013-11-22 12:50 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2013-11-22 12:50 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2013-11-22 12:50 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2013-11-22 12:50 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2013-11-22 12:50 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2013-11-22 12:50 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2013-11-22 12:50 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2013-11-22 12:50 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2013-11-22 12:50 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2013-11-22 12:50 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2013-11-22 12:50 - 2008-01-01 20:00 - 01071088 _____ (Microsoft Corporation) C:\Windows\system32\MSCOMCTL.OCX
2013-11-22 12:50 - 2008-01-01 20:00 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\MFC71.DLL
2013-11-22 12:50 - 2008-01-01 20:00 - 00487424 _____ (Microsoft Corporation) C:\Windows\system32\MSVCP70.DLL
2013-11-22 12:50 - 2008-01-01 20:00 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\MSVCR70.DLL
2013-11-22 12:50 - 2008-01-01 20:00 - 00152848 _____ (Microsoft Corporation) C:\Windows\system32\COMDLG32.OCX
2013-11-22 12:50 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2013-11-22 12:50 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2013-11-22 12:50 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2013-11-22 12:50 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2013-11-22 12:50 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2013-11-22 12:50 - 2007-09-20 14:26 - 00608448 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.ocx
2013-11-22 12:50 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2013-11-22 12:50 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2013-11-22 12:50 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2013-11-22 12:50 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2013-11-22 12:50 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2013-11-22 12:50 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2013-11-22 12:50 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2013-11-22 12:50 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2013-11-22 12:50 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2013-11-22 12:50 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2013-11-22 12:50 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2013-11-22 12:50 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2013-11-22 12:50 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2013-11-22 12:50 - 2007-03-12 12:34 - 00798773 _____ (Microsoft Corporation) C:\Windows\system32\MFCO42D.DLL
2013-11-22 12:50 - 2007-03-12 12:34 - 00274485 _____ (Microsoft Corporation) C:\Windows\system32\MFCD42D.DLL
2013-11-22 12:50 - 2007-03-12 12:34 - 00146976 _____ (Microsoft Corporation) C:\Windows\system32\MFCOLEUI.DLL
2013-11-22 12:50 - 2007-03-12 12:34 - 00041013 _____ (Microsoft Corporation) C:\Windows\system32\MFCN42D.DLL
2013-11-22 12:50 - 2007-03-12 12:33 - 00974848 _____ (Microsoft Corporation) C:\Windows\system32\mfc70.dll
2013-11-22 12:50 - 2007-03-12 12:33 - 00964608 _____ (Microsoft Corporation) C:\Windows\system32\mfc70u.dll
2013-11-22 12:50 - 2007-03-12 12:29 - 00929844 _____ (Microsoft Corporation) C:\Windows\system32\MFC42D.DLL
2013-11-22 12:50 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2013-11-22 12:50 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2013-11-22 12:50 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2013-11-22 12:50 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2013-11-22 12:50 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2013-11-22 12:50 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2013-11-22 12:50 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2013-11-22 12:50 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2013-11-22 12:50 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2013-11-22 12:50 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2013-11-22 12:50 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2013-11-22 12:50 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2013-11-22 12:50 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2013-11-22 12:50 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2013-11-22 12:50 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2013-11-22 12:50 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2013-11-22 12:50 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2013-11-22 12:50 - 2005-12-05 18:07 - 00061136 _____ (Microsoft Corporation) C:\Windows\system32\xinput9_1_0.dll
2013-11-22 12:50 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2013-11-22 12:50 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2013-11-22 12:50 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2013-11-22 12:50 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2013-11-22 12:49 - 2013-11-22 12:50 - 00029624 _____ C:\Windows\DPINST.LOG
2013-11-22 12:49 - 2013-11-22 12:49 - 00000000 ____D C:\Program Files\CONEXANT
2013-11-22 12:49 - 2012-09-24 17:25 - 00100504 _____ (Qualcomm Atheros Co., Ltd.) C:\Windows\system32\Drivers\L1C62x86.sys
2013-11-22 12:49 - 2012-09-18 06:29 - 03015168 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athr.sys
2013-11-22 12:49 - 2012-05-30 13:30 - 00471360 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys
2013-11-22 12:49 - 2011-10-24 15:25 - 08198936 _____ (Intel® Corporation) C:\Windows\system32\TVWSetup.exe
2013-11-22 12:49 - 2011-10-24 15:25 - 00268056 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2013-11-22 12:49 - 2011-10-24 15:25 - 00172824 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2013-11-22 12:49 - 2011-10-24 15:25 - 00138008 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2013-11-22 12:49 - 2011-10-24 15:24 - 03157784 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2013-11-22 12:49 - 2011-10-24 15:24 - 00179480 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2013-11-22 12:49 - 2011-10-24 15:24 - 00171288 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2013-11-22 12:49 - 2011-10-13 12:21 - 00051628 _____ C:\Windows\system32\iglhxs32.vp
2013-11-22 12:49 - 2011-10-13 12:09 - 00081920 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2555.dll
2013-11-22 12:49 - 2011-10-13 12:01 - 09037312 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd32.sys
2013-11-22 12:49 - 2011-10-13 12:01 - 04967424 _____ (Intel Corporation) C:\Windows\system32\igdumd32.dll
2013-11-22 12:49 - 2011-10-13 11:59 - 00982240 _____ C:\Windows\system32\igkrng500.bin
2013-11-22 12:49 - 2011-10-13 11:59 - 00439308 _____ C:\Windows\system32\igcompkrng500.bin
2013-11-22 12:49 - 2011-10-13 11:59 - 00092356 _____ C:\Windows\system32\igfcg500m.bin
2013-11-22 12:49 - 2011-10-13 11:58 - 00571904 _____ (Intel Corporation) C:\Windows\system32\igdumdx32.dll
2013-11-22 12:49 - 2011-10-13 11:55 - 04411392 _____ (Intel Corporation) C:\Windows\system32\igd10umd32.dll
2013-11-22 12:49 - 2011-10-13 11:42 - 11405312 _____ (Intel Corporation) C:\Windows\system32\ig4icd32.dll
2013-11-22 12:49 - 2011-10-13 11:35 - 00189552 _____ C:\Windows\system32\Gfxres.th-TH.resources
2013-11-22 12:49 - 2011-10-13 11:35 - 00178407 _____ C:\Windows\system32\Gfxres.el-GR.resources
2013-11-22 12:49 - 2011-10-13 11:35 - 00165395 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2013-11-22 12:49 - 2011-10-13 11:35 - 00139909 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2013-11-22 12:49 - 2011-10-13 11:35 - 00136401 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2013-11-22 12:49 - 2011-10-13 11:35 - 00133746 _____ C:\Windows\system32\Gfxres.he-IL.resources
2013-11-22 12:49 - 2011-10-13 11:35 - 00125558 _____ C:\Windows\system32\Gfxres.it-IT.resources
2013-11-22 12:49 - 2011-10-13 11:35 - 00123230 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2013-11-22 12:49 - 2011-10-13 11:35 - 00122927 _____ C:\Windows\system32\Gfxres.es-ES.resources
2013-11-22 12:49 - 2011-10-13 11:35 - 00122709 _____ C:\Windows\system32\Gfxres.de-DE.resources
2013-11-22 12:49 - 2011-10-13 11:35 - 00121173 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2013-11-22 12:49 - 2011-10-13 11:35 - 00120800 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2013-11-22 12:49 - 2011-10-13 11:35 - 00120366 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2013-11-22 12:49 - 2011-10-13 11:35 - 00119616 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2013-11-22 12:49 - 2011-10-13 11:35 - 00119586 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2013-11-22 12:49 - 2011-10-13 11:35 - 00119360 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2013-11-22 12:49 - 2011-10-13 11:35 - 00119067 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2013-11-22 12:49 - 2011-10-13 11:35 - 00118745 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2013-11-22 12:49 - 2011-10-13 11:35 - 00118697 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2013-11-22 12:49 - 2011-10-13 11:35 - 00118409 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2013-11-22 12:49 - 2011-10-13 11:35 - 00118058 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2013-11-22 12:49 - 2011-10-13 11:35 - 00114852 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2013-11-22 12:49 - 2011-10-13 11:35 - 00114372 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2013-11-22 12:49 - 2011-10-13 11:35 - 00114261 _____ C:\Windows\system32\Gfxres.da-DK.resources
2013-11-22 12:49 - 2011-10-13 11:35 - 00110214 _____ C:\Windows\system32\Gfxres.en-US.resources
2013-11-22 12:49 - 2011-10-13 11:35 - 00104044 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2013-11-22 12:49 - 2011-10-13 11:35 - 00102883 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2013-11-22 12:49 - 2011-10-13 11:35 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2013-11-22 12:49 - 2011-10-13 11:35 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2013-11-22 12:49 - 2011-10-13 11:35 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2013-11-22 12:49 - 2011-10-13 11:35 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2013-11-22 12:49 - 2011-10-13 11:35 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2013-11-22 12:49 - 2011-10-13 11:35 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2013-11-22 12:49 - 2011-10-13 11:35 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2013-11-22 12:49 - 2011-10-13 11:35 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2013-11-22 12:49 - 2011-10-13 11:35 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2013-11-22 12:49 - 2011-10-13 11:35 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2013-11-22 12:49 - 2011-10-13 11:35 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2013-11-22 12:49 - 2011-10-13 11:35 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2013-11-22 12:49 - 2011-10-13 11:35 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2013-11-22 12:49 - 2011-10-13 11:35 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2013-11-22 12:49 - 2011-10-13 11:35 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2013-11-22 12:49 - 2011-10-13 11:35 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2013-11-22 12:49 - 2011-10-13 11:35 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2013-11-22 12:49 - 2011-10-13 11:35 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2013-11-22 12:49 - 2011-10-13 11:35 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2013-11-22 12:49 - 2011-10-13 11:35 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2013-11-22 12:49 - 2011-10-13 11:35 - 00084480 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2013-11-22 12:49 - 2011-10-13 11:35 - 00084480 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2013-11-22 12:49 - 2011-10-13 11:35 - 00082944 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2013-11-22 12:49 - 2011-10-13 11:35 - 00082944 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2013-11-22 12:49 - 2011-10-13 11:35 - 00081920 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2013-11-22 12:49 - 2011-10-13 11:35 - 00081920 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2013-11-22 12:49 - 2011-10-13 11:32 - 00261632 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2013-11-22 12:49 - 2011-10-13 11:32 - 00195584 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2013-11-22 12:49 - 2011-10-13 11:32 - 00130048 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2013-11-22 12:49 - 2011-10-13 11:32 - 00115200 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2013-11-22 12:49 - 2011-10-13 11:32 - 00057856 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2013-11-22 12:49 - 2011-10-13 11:32 - 00023552 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2013-11-22 12:49 - 2011-10-13 11:31 - 00828928 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2013-11-22 12:49 - 2011-10-13 11:31 - 00228864 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2013-11-22 12:49 - 2011-10-13 11:31 - 00120320 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2013-11-22 12:49 - 2011-10-13 11:31 - 00095232 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2013-11-22 12:49 - 2011-10-13 11:31 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2013-11-22 12:49 - 2011-10-13 11:31 - 00004096 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2013-11-22 12:49 - 2011-10-13 11:30 - 01921265 _____ C:\Windows\system32\iglhxa32.cpa
2013-11-22 12:49 - 2011-10-13 11:30 - 00208896 _____ (Intel Corporation) C:\Windows\system32\iglhsip32.dll
2013-11-22 12:49 - 2011-10-13 11:30 - 00147456 _____ (Intel Corporation) C:\Windows\system32\iglhcp32.dll
2013-11-22 12:49 - 2011-10-13 11:30 - 00060254 _____ C:\Windows\system32\iglhxg32.vp
2013-11-22 12:49 - 2011-10-13 11:30 - 00060226 _____ C:\Windows\system32\iglhxc32.vp
2013-11-22 12:49 - 2011-10-13 11:30 - 00060015 _____ C:\Windows\system32\iglhxo32.vp
2013-11-22 12:49 - 2011-10-13 11:30 - 00001090 _____ C:\Windows\system32\iglhxa32.vp
2013-11-22 12:49 - 2010-08-16 11:12 - 00525440 _____ (Conexant Systems Inc.) C:\Windows\system32\Drivers\CHDRT32.sys
2013-11-22 12:49 - 2010-07-20 11:24 - 00309888 _____ (Conexant Systems, Inc.) C:\Windows\system32\UCI32A60.dll
2013-11-22 12:49 - 2010-07-14 09:56 - 01743488 _____ (Conexant Systems Inc.) C:\Windows\system32\CX32PP25.dll
2013-11-22 12:49 - 2010-04-12 11:03 - 00428088 _____ (Conexant Systems, Inc.) C:\Windows\system32\CDolbyExt32.dll
2013-11-22 12:49 - 2009-12-16 10:26 - 00168648 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\EED32A.dll
2013-11-22 12:49 - 2009-12-16 10:26 - 00076488 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\EEL32A.dll
2013-11-22 12:48 - 2013-11-22 12:48 - 00006196 _____ C:\Windows\EasyDrv5_20131122_124848.ed5log
2013-11-22 12:48 - 2013-09-18 03:20 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-11-22 12:48 - 2013-09-18 03:20 - 00000000 ____D C:\Users\Default\AppData\Roaming\Adobe
2013-11-22 12:48 - 2013-09-18 03:20 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-11-22 12:48 - 2013-09-18 03:20 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Adobe
2013-11-22 12:48 - 2013-09-18 03:19 - 00001088 _____ C:\Users\Default\Desktop\Word 2007.lnk
2013-11-22 12:48 - 2013-09-18 03:19 - 00001088 _____ C:\Users\Default User\Desktop\Word 2007.lnk
2013-11-22 12:48 - 2013-09-18 03:19 - 00001076 _____ C:\Users\Default\Desktop\Excel 2007.lnk
2013-11-22 12:48 - 2013-09-18 03:19 - 00001076 _____ C:\Users\Default User\Desktop\Excel 2007.lnk
2013-11-22 12:48 - 2013-09-18 03:19 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2013-11-22 12:48 - 2013-09-18 03:19 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2013-11-22 12:48 - 2013-09-18 03:17 - 00000000 ____D C:\Users\Default\AppData\Roaming\WinRAR
2013-11-22 12:48 - 2013-09-18 03:17 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-11-22 12:48 - 2013-09-18 03:17 - 00000000 ____D C:\Users\Default User\AppData\Roaming\WinRAR
2013-11-22 12:48 - 2013-09-18 03:17 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-11-22 12:48 - 2013-09-18 03:09 - 00000000 ____D C:\Users\Default\AppData\Roaming\Tencent
2013-11-22 12:48 - 2013-09-18 03:09 - 00000000 ____D C:\Users\Default\AppData\Roaming\SogouExplorer
2013-11-22 12:48 - 2013-09-18 03:09 - 00000000 ____D C:\Users\Default\AppData\Roaming\Maxthon3
2013-11-22 12:48 - 2013-09-18 03:09 - 00000000 ____D C:\Users\Default\AppData\Roaming\360se
2013-11-22 12:48 - 2013-09-18 03:09 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2013-11-22 12:48 - 2013-09-18 03:09 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Tencent
2013-11-22 12:48 - 2013-09-18 03:09 - 00000000 ____D C:\Users\Default User\AppData\Roaming\SogouExplorer
2013-11-22 12:48 - 2013-09-18 03:09 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Maxthon3
2013-11-22 12:48 - 2013-09-18 03:09 - 00000000 ____D C:\Users\Default User\AppData\Roaming\360se
2013-11-22 12:48 - 2013-09-18 03:09 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2013-11-22 12:48 - 2013-09-16 22:30 - 00000502 _____ C:\Users\Default\Desktop\宽带连接.lnk
2013-11-22 12:48 - 2013-09-16 22:30 - 00000502 _____ C:\Users\Default User\Desktop\宽带连接.lnk
2013-11-22 12:48 - 2013-09-16 22:27 - 00000718 __RSH C:\Users\Default\ntuser.pol
2013-11-22 12:48 - 2013-09-16 22:26 - 00057560 _____ C:\Users\Default\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-22 12:48 - 2013-09-16 22:26 - 00057560 _____ C:\Users\Default User\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-22 12:48 - 2013-09-16 22:16 - 00001341 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-22 12:48 - 2013-09-16 22:16 - 00001341 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-22 12:48 - 2013-09-16 22:16 - 00000020 ___SH C:\Users\Default\ntuser.ini
2013-11-22 12:48 - 2010-01-06 13:13 - 00506368 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
 
==================== One Month Modified Files and Folders =======
 
2013-12-12 12:20 - 2013-12-12 12:20 - 00005564 _____ C:\Users\Administrator\Downloads\FRST.txt
2013-12-12 12:19 - 2013-12-12 12:19 - 01060135 _____ (Farbar) C:\Users\Administrator\Downloads\FRST.exe
2013-12-12 12:19 - 2013-12-12 12:19 - 00000000 ____D C:\FRST
2013-12-12 12:14 - 2009-07-14 12:34 - 00021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-12 12:14 - 2009-07-14 12:34 - 00021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-12 12:13 - 2013-11-22 12:50 - 01532983 _____ C:\Windows\WindowsUpdate.log
2013-12-12 12:13 - 2011-04-12 15:18 - 00375350 _____ C:\Windows\system32\prfh0804.dat
2013-12-12 12:13 - 2011-04-12 15:18 - 00119126 _____ C:\Windows\system32\prfc0804.dat
2013-12-12 12:13 - 2010-11-21 05:01 - 01273636 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-12 12:09 - 2013-09-18 03:09 - 00000000 ____D C:\Program Files\360
2013-12-12 12:08 - 2013-12-11 22:08 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2013-12-12 12:08 - 2013-12-10 19:05 - 00000000 ____D C:\ProgramData\Norton
2013-12-12 12:08 - 2013-09-16 22:02 - 00605304 _____ C:\Windows\PFRO.log
2013-12-12 12:08 - 2013-09-16 22:02 - 00097493 _____ C:\Windows\setupact.log
2013-12-12 12:08 - 2009-07-14 12:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-12 12:08 - 2009-07-14 12:33 - 00468136 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-12 12:06 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\system32\zh-CN
2013-12-12 12:02 - 2013-12-12 12:02 - 00000079 _____ C:\Windows\wininit.ini
2013-12-12 12:02 - 2013-12-11 22:08 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-12 12:02 - 2013-12-11 20:38 - 00000000 ____D C:\Windows\220FB0354744483A9A0B41DF77061583.TMP
2013-12-12 09:25 - 2013-11-22 15:39 - 00000000 ____D C:\Users\Administrator\Documents\Anki
2013-12-12 01:04 - 2013-09-16 22:13 - 00000000 ____D C:\Windows\rescache
2013-12-11 23:47 - 2013-11-22 19:26 - 00060357 _____ C:\Windows\IE11_main.log
2013-12-11 22:52 - 2013-12-11 22:52 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-11 22:52 - 2013-12-11 22:52 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-11 22:52 - 2013-12-11 22:52 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-11 22:52 - 2013-12-11 22:52 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-11 22:52 - 2013-12-11 22:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-11 22:52 - 2013-12-11 22:52 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-11 22:52 - 2013-12-11 22:52 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-11 22:52 - 2013-12-11 22:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-11 22:52 - 2013-12-11 22:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-11 22:52 - 2013-12-11 22:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-11 22:52 - 2013-12-11 22:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-11 22:47 - 2013-12-01 12:56 - 00000134 _____ C:\Users\Administrator\Desktop\Internet Explorer Troubleshooting.url
2013-12-11 21:41 - 2013-12-11 21:41 - 00001962 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2013-12-11 21:41 - 2013-12-11 21:41 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\SUPERAntiSpyware.com
2013-12-11 20:39 - 2013-12-11 20:39 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-12-11 20:38 - 2013-12-11 20:38 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-12-11 20:24 - 2013-12-11 20:23 - 01339719 _____ C:\Users\Administrator\Downloads\rootalyz-0.3.4.47.zip
2013-12-11 20:11 - 2013-12-11 20:11 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Administrator\Downloads\SpyHunter-Installer.exe
2013-12-11 19:41 - 2013-11-22 12:53 - 00000000 ____D C:\Users\Administrator
2013-12-11 17:45 - 2009-07-14 12:52 - 00000000 ____D C:\Windows\system32\restore
2013-12-11 17:30 - 2013-12-10 17:18 - 00000000 ____D C:\ProgramData\AVAST Software
2013-12-11 16:57 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-12-11 15:35 - 2013-11-30 01:41 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-12-11 15:14 - 2013-12-11 15:05 - 211811872 ____N (Symantec Corporation) C:\Users\Administrator\Downloads\N360-TW-21.1.0-EN-CA.exe
2013-12-11 13:27 - 2013-12-04 21:51 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\uTorrent
2013-12-11 13:20 - 2013-11-22 12:53 - 00118672 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-11 13:13 - 2013-12-10 20:55 - 00000000 ____D C:\Program Files\Panda Security
2013-12-11 13:13 - 2013-11-22 20:34 - 00000000 ____D C:\ProgramData\MFAData
2013-12-11 13:09 - 2013-12-10 20:58 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Panda Security
2013-12-11 12:11 - 2013-12-11 12:11 - 01445888 _____ (Blue Project Software) C:\Users\Administrator\Downloads\systracer_setup_en.exe
2013-12-11 09:41 - 2013-12-11 09:41 - 00001736 _____ C:\Users\Administrator\Documents\cc_20131211_094143.reg
2013-12-11 09:24 - 2013-11-22 17:08 - 00000000 ____D C:\Program Files\Opera
2013-12-11 08:54 - 2013-12-11 08:54 - 00011781 _____ C:\Users\Administrator\Desktop\attach.txt
2013-12-11 08:53 - 2013-12-11 08:54 - 00032671 _____ C:\Users\Administrator\Desktop\dds.txt
2013-12-11 08:51 - 2013-12-11 08:51 - 00688992 ____R (Swearware) C:\Users\Administrator\Downloads\dds.com
2013-12-10 22:12 - 2013-12-10 22:12 - 00000700 _____ C:\Users\Administrator\Desktop\Anki.lnk
2013-12-10 22:12 - 2013-12-10 22:12 - 00000000 ____D C:\Program Files\Anki
2013-12-10 22:10 - 2013-12-10 22:08 - 25855552 _____ C:\Users\Administrator\Downloads\anki-2.0.19.exe
2013-12-10 22:03 - 2013-12-10 22:03 - 00000000 _____ C:\ProgramData\0x0304A000.sfl
2013-12-10 22:00 - 2013-12-10 14:32 - 00000000 ____D C:\Windows\system32\appmgmt
2013-12-10 21:55 - 2013-12-10 21:55 - 00005768 _____ C:\Users\Administrator\Documents\cc_20131210_215513.reg
2013-12-10 21:46 - 2013-12-01 12:40 - 00000000 ____D C:\Program Files\Google
2013-12-10 21:25 - 2013-12-10 21:25 - 00337800 _____ (US Tech Support LLC) C:\Users\Administrator\Downloads\InstallCyberDefenderEDC-025839.exe
2013-12-10 21:13 - 2013-11-22 12:53 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2013-12-10 20:51 - 2013-12-10 20:51 - 00845944 _____ C:\Users\Administrator\Downloads\PandaCloudAntivirus.exe
2013-12-10 19:15 - 2013-12-10 19:05 - 00000000 ____D C:\Users\Administrator\AppData\Local\NPE
2013-12-10 19:05 - 2013-12-10 19:05 - 03053496 ____N (Symantec Corporation) C:\Users\Administrator\Downloads\NPE.exe
2013-12-10 19:01 - 2013-12-10 19:01 - 00003790 _____ C:\Users\Administrator\Documents\cc_20131210_190109.reg
2013-12-10 19:01 - 2013-12-10 19:01 - 00002760 _____ C:\Users\Administrator\Documents\cc_20131210_190131.reg
2013-12-10 17:39 - 2013-12-01 12:40 - 00000554 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-10 17:39 - 2013-12-01 12:40 - 00000550 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-10 17:22 - 2013-12-10 17:22 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\AVAST Software
2013-12-10 17:20 - 2013-12-10 17:20 - 00269216 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-10 17:18 - 2013-12-10 17:12 - 87529432 _____ (AVAST Software) C:\Users\Administrator\Downloads\avast_free_antivirus_setup.exe
2013-12-10 15:57 - 2013-12-10 15:57 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\LavasoftStatistics
2013-12-10 15:57 - 2013-12-10 15:57 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Lavasoft
2013-12-10 15:14 - 2013-12-10 15:14 - 00001328 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2013-12-10 15:13 - 2013-12-10 15:13 - 00000000 ____D C:\Program Files\Lavasoft
2013-12-10 15:12 - 2013-12-10 15:12 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2013-12-10 15:11 - 2013-12-10 15:11 - 01723528 _____ C:\Users\Administrator\Downloads\Adaware_Installer.exe
2013-12-10 15:11 - 2013-12-10 15:11 - 00000000 ____D C:\ProgramData\Lavasoft
2013-12-10 14:38 - 2013-11-26 13:47 - 00000000 ____D C:\Users\Administrator\AppData\Local\Unity
2013-12-10 14:37 - 2013-11-26 15:02 - 00000000 ____D C:\Users\Administrator\Microsoft Robotics Dev Studio 4
2013-12-10 14:33 - 2013-11-30 21:31 - 00000000 ____D C:\Program Files\AviSynth 2.5
2013-12-10 14:32 - 2013-11-28 23:32 - 00000000 ___HD C:\Program Files\InstallJammer Registry
2013-12-10 14:32 - 2013-11-26 15:00 - 00002469 _____ C:\Windows\DIFx.log
2013-12-10 14:31 - 2013-12-01 12:16 - 00000000 ____D C:\Users\Administrator\AppData\Local\Deployment
2013-12-09 20:13 - 2013-11-30 00:39 - 00000000 ____D C:\Users\Administrator\Desktop\to send
2013-12-09 13:53 - 2013-12-09 13:52 - 04728832 _____ C:\Users\Administrator\Downloads\Romanticism.ppt
2013-12-09 13:52 - 2013-12-09 13:52 - 02061312 _____ C:\Users\Administrator\Downloads\RomanticPeriod.ppt
2013-12-09 13:52 - 2013-12-09 13:52 - 00130560 _____ C:\Users\Administrator\Downloads\Romaticism.ppt
2013-12-09 13:52 - 2013-12-09 13:52 - 00130560 _____ C:\Users\Administrator\Downloads\Romaticism (1).ppt
2013-12-09 13:18 - 2013-12-09 12:38 - 213860320 _____ (Qihu 360 Software Co., Ltd.) C:\Users\Administrator\Downloads\360is_4.7.0.4700B.exe
2013-12-09 09:03 - 2011-04-12 15:28 - 00000000 ____D C:\Windows\RemotePackages
2013-12-08 14:09 - 2013-12-08 14:09 - 00046846 _____ C:\Users\Administrator\Documents\cc_20131208_140905.reg
2013-12-08 14:06 - 2013-12-08 14:04 - 00000000 ____D C:\Program Files\Unlocker
2013-12-08 14:04 - 2013-12-08 14:04 - 01078591 _____ C:\Users\Administrator\Downloads\Unlocker1.9.2.exe
2013-12-08 14:04 - 2013-12-08 14:04 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2013-12-08 13:57 - 2013-12-08 13:57 - 00000000 __RSH C:\MSDOS.SYS
2013-12-08 13:57 - 2013-12-08 13:57 - 00000000 __RSH C:\IO.SYS
2013-12-07 21:01 - 2013-12-07 16:20 - 00000000 ____D C:\Users\Administrator\.OpenRPGMaker
2013-12-07 19:27 - 2013-12-07 19:17 - 84496144 _____ (alch                                                        ) C:\Users\Administrator\Downloads\clamwin-0.98-setup.exe
2013-12-07 18:53 - 2013-12-07 18:53 - 00002999 _____ C:\Users\Administrator\Desktop\HiJackThis.lnk
2013-12-07 18:53 - 2013-12-07 18:53 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2013-12-07 18:53 - 2013-12-07 18:53 - 00000000 ____D C:\Program Files\Trend Micro
2013-12-07 18:52 - 2013-12-07 18:52 - 01402880 _____ C:\Users\Administrator\Downloads\HijackThis.msi
2013-12-07 18:24 - 2013-12-07 18:24 - 00000622 _____ C:\Users\Administrator\Downloads\TakeOwnership.zip
2013-12-07 18:24 - 2013-12-07 18:24 - 00000000 ____D C:\Users\Administrator\Documents\TakeOwnership
2013-12-07 16:57 - 2013-12-07 16:56 - 02077392 _____ (Microsoft Corporation) C:\Users\Administrator\Downloads\IE11-Windows6.1.exe
2013-12-07 16:15 - 2013-12-07 16:14 - 20541465 _____ (Open RPG Maker Devs) C:\Users\Administrator\Downloads\OpenRPGMaker-2.0-win32.exe
2013-12-07 15:36 - 2013-12-06 14:49 - 00000000 ____D C:\Users\Administrator\Downloads\Blood on the Tracks
2013-12-07 14:29 - 2013-12-05 20:43 - 00000000 ____D C:\Users\Administrator\Downloads\X-Files-Season2-HQ-DVDRIP-624x464
2013-12-06 17:31 - 2013-12-06 17:31 - 15741757 _____ C:\Users\Administrator\Downloads\onepreview.wmv
2013-12-06 17:29 - 2013-12-06 17:29 - 06930063 _____ C:\Users\Administrator\Downloads\2videoclip.wmv
2013-12-06 16:15 - 2013-12-06 16:14 - 06793138 _____ C:\Users\Administrator\Downloads\simple_port_forwarding_setup.exe
2013-12-06 15:02 - 2013-12-06 15:02 - 00001026 _____ C:\Users\Administrator\Desktop\PFPortChecker.lnk
2013-12-06 15:02 - 2013-12-06 15:02 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portforward.com
2013-12-06 15:02 - 2013-12-06 15:02 - 00000000 ____D C:\Program Files\PFPortChecker
2013-12-06 15:01 - 2013-12-06 15:01 - 00000000 ____D C:\Users\Administrator\AppData\Local\SearchProtect
2013-12-06 14:59 - 2013-12-06 14:59 - 00161184 _____ C:\Users\Administrator\Downloads\PFPortChecker.exe
2013-12-06 14:47 - 2013-12-06 14:47 - 00013406 _____ C:\Users\Administrator\Downloads\4D47B53BCCCC65E230E60DD81124F3CF375B9506.torrent
2013-12-06 14:44 - 2013-12-06 14:44 - 00012523 _____ C:\Users\Administrator\Downloads\Blood+-+Bob+Dylan.torrent
2013-12-06 14:32 - 2013-11-22 15:22 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Skype
2013-12-05 23:20 - 2013-12-05 20:44 - 00000000 ____D C:\Users\Administrator\Downloads\X-Files.x264.ac3-Season.2-MCH
2013-12-05 22:16 - 2013-12-01 12:44 - 00002102 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-05 21:17 - 2013-12-05 20:46 - 00000000 ____D C:\Users\Administrator\Downloads\The X-Files Season 1, 2, 3, 4, 5, 6, 7, 8 & 9 + Extras DVDRip HDTV TSV
2013-12-05 20:42 - 2013-12-05 20:42 - 00238909 _____ C:\Users\Administrator\Downloads\The_X-Files_Season_1,_2,_3,_4,_5,_6,_7,_8_&_9_+_Extras_DVDRip_HDTV_TSV.torrent
2013-12-05 20:40 - 2013-12-05 20:40 - 00178023 _____ C:\Users\Administrator\Downloads\671A89C36B3092D2E358786EF5A25A99792856EF.torrent
2013-12-04 21:57 - 2013-12-04 21:56 - 00726611 _____ C:\Users\Administrator\Downloads\[kickass.to]the.x.files.season.2.full.dvd.rip.torrent
2013-12-04 21:55 - 2013-12-04 21:55 - 00157583 _____ C:\Users\Administrator\Downloads\[kickass.to]x.files.season.2.torrent
2013-12-04 21:53 - 2013-12-04 21:53 - 00000822 _____ C:\Users\Administrator\Desktop\µTorrent.lnk
2013-12-04 21:53 - 2013-12-04 21:53 - 00000802 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2013-12-04 21:51 - 2013-12-04 21:51 - 00036748 _____ C:\Users\Administrator\Downloads\[kickass.to]the.x.files.season.2.x264.dolby.ac3.subs.mch.torrent
2013-12-04 21:50 - 2013-12-04 21:50 - 01142864 _____ (BitTorrent Inc.) C:\Users\Administrator\Downloads\utorrent.exe
2013-12-03 18:19 - 2013-12-01 12:07 - 00000000 ____D C:\Users\Administrator\Desktop\S Sim
2013-12-02 12:49 - 2013-12-02 12:49 - 01452544 _____ C:\Users\Administrator\Downloads\Age of Reason PowerPoint.ppt
2013-12-02 12:13 - 2013-12-02 12:12 - 00239210 _____ C:\Users\Administrator\Downloads\database.txt
2013-12-02 12:13 - 2013-12-02 12:12 - 00239210 _____ C:\Users\Administrator\Desktop\database (1).txt
2013-12-02 10:04 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\Globalization
2013-12-02 00:56 - 2013-12-02 00:56 - 00000000 ____D C:\Program Files\ResophNotes
2013-12-02 00:55 - 2013-12-02 00:50 - 00000000 ____D C:\Users\Administrator\.ResophNotes
2013-12-02 00:54 - 2013-12-02 00:54 - 06958054 _____ C:\Users\Administrator\Downloads\ResophNotes157.zip
2013-12-02 00:49 - 2013-12-02 00:49 - 06791650 _____ C:\Users\Administrator\Downloads\ResophNotes124.zip
2013-12-01 23:52 - 2013-12-01 23:52 - 00000000 _____ C:\Windows\system32\nsh5EE6.tmp
2013-12-01 20:13 - 2013-12-01 20:13 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Malwarebytes
2013-12-01 20:13 - 2013-12-01 20:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-01 20:13 - 2013-12-01 20:12 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Administrator\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-01 19:24 - 2013-12-01 19:24 - 00401424 _____ C:\Users\Administrator\Documents\cc_20131201_192441.reg
2013-12-01 16:56 - 2013-12-01 16:56 - 00000241 _____ C:\Users\Administrator\Desktop\enabie3.reg
2013-12-01 16:45 - 2013-12-01 16:45 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-12-01 16:42 - 2013-12-01 16:40 - 31892616 _____ (Microsoft Corporation) C:\Users\Administrator\Downloads\EIE11_EN-US_WOL_WIN7.EXE
2013-12-01 16:23 - 2013-11-26 14:06 - 00000000 ____D C:\Program Files\Common Files\SpeedBit
2013-12-01 13:59 - 2013-12-01 13:59 - 00660763 _____ C:\Users\Administrator\Downloads\RestoreBrowserSettings.zip
2013-12-01 13:59 - 2013-12-01 13:59 - 00000000 ____D C:\Users\Administrator\Documents\RestoreBrowserSettings
2013-12-01 13:24 - 2013-12-01 12:57 - 285277696 _____ (Igor Pavlov) C:\Users\Administrator\Downloads\OpenCV-2.4.7.exe
2013-12-01 12:30 - 2013-12-01 12:17 - 00000000 ____D C:\Users\Administrator\Desktop\crawler results
2013-12-01 12:16 - 2013-12-01 12:16 - 00000000 ____D C:\Users\Administrator\AppData\Local\Apps\2.0
2013-12-01 00:31 - 2013-11-30 22:12 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\avidemux
2013-11-30 23:16 - 2013-09-16 22:02 - 00013630 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-30 23:13 - 2013-11-24 12:38 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\SoftGrid Client
2013-11-30 23:10 - 2013-11-30 23:10 - 00001146 _____ C:\Users\Administrator\Desktop\VirtualDub - Shortcut.lnk
2013-11-30 22:58 - 2013-11-30 22:50 - 00000000 ____D C:\test
2013-11-30 21:42 - 2013-11-30 21:42 - 00001480 _____ C:\Users\Administrator\Desktop\wmplayer - Shortcut.lnk
2013-11-30 20:24 - 2013-11-30 20:24 - 00000000 ____D C:\Users\Administrator\Documents\AVS4YOU
2013-11-30 20:22 - 2013-11-30 20:22 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2013-11-30 20:22 - 2013-11-30 20:22 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\AVS4YOU
2013-11-30 20:22 - 2013-11-30 20:22 - 00000000 ____D C:\ProgramData\AVS4YOU
2013-11-30 20:22 - 2013-11-30 20:20 - 00000000 ____D C:\Program Files\Common Files\AVSMedia
2013-11-30 20:22 - 2013-11-30 20:20 - 00000000 ____D C:\Program Files\AVS4YOU
2013-11-30 20:21 - 2013-11-30 20:21 - 00001163 _____ C:\Users\Administrator\Desktop\AVS Video Editor.lnk
2013-11-30 10:38 - 2013-11-30 10:38 - 00002146 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2013-11-30 10:38 - 2013-11-30 10:38 - 00002062 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2013-11-30 10:38 - 2013-11-30 10:38 - 00002062 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2013-11-30 10:38 - 2013-11-30 10:38 - 00000000 ___RD C:\Users\Administrator\SkyDrive
2013-11-30 10:38 - 2013-11-30 10:38 - 00000000 ____D C:\Program Files\Microsoft SkyDrive
2013-11-30 10:37 - 2013-11-30 10:37 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive
2013-11-30 10:36 - 2013-11-26 14:50 - 00000000 ____D C:\Program Files\Microsoft.NET
2013-11-30 10:36 - 2013-11-24 12:36 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2013-11-30 10:36 - 2009-07-14 10:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-11-30 04:36 - 2013-11-29 07:41 - 00000000 ____D C:\Users\Administrator\Desktop\assignments
2013-11-30 03:26 - 2013-11-30 00:44 - 00141189 _____ C:\Users\Administrator\Desktop\7.012 - Mock Assignments (3)changes tracked odf.odt
2013-11-30 01:56 - 2013-11-24 12:36 - 00000000 ____D C:\Program Files\Microsoft Office
2013-11-30 01:18 - 2013-11-30 01:18 - 00000136 ____H C:\Users\Administrator\Desktop\.~lock.TRACKEDTOWORD4.doc#
2013-11-29 14:05 - 2013-11-29 14:05 - 00000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help
2013-11-29 14:05 - 2013-11-29 14:05 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-29 00:00 - 2013-11-29 00:00 - 00000000 _____ C:\Windows\system32\nsb49B6.tmp
2013-11-28 22:53 - 2013-11-28 22:53 - 00002281 _____ C:\Users\Public\Desktop\WinZip.lnk
2013-11-28 22:53 - 2013-11-28 22:53 - 00000000 ____D C:\Users\Administrator\AppData\Local\WinZip
2013-11-28 22:53 - 2013-11-28 22:53 - 00000000 ____D C:\ProgramData\WinZip
2013-11-28 22:53 - 2013-11-28 22:53 - 00000000 ____D C:\Program Files\WinZip
2013-11-28 22:53 - 2013-11-28 22:53 - 00000000 ____D C:\Program Files\File Association Helper
2013-11-28 22:45 - 2013-11-28 22:45 - 00002081 _____ C:\Users\Public\Desktop\StuffIt Expander 2011.lnk
2013-11-28 22:45 - 2013-11-28 22:45 - 00000000 ____D C:\Program Files\Smith Micro
2013-11-28 09:37 - 2013-11-28 09:37 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2013-11-28 09:37 - 2013-11-28 09:37 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2013-11-26 18:11 - 2013-12-12 12:05 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 17:23 - 2013-12-12 12:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 17:22 - 2013-12-12 12:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 16:53 - 2013-12-12 12:05 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 16:52 - 2013-12-12 12:05 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 16:38 - 2013-12-12 12:05 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 16:38 - 2013-12-12 12:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 16:36 - 2013-12-12 12:05 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 16:32 - 2013-12-12 12:05 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 16:29 - 2013-12-12 12:05 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 16:29 - 2013-12-12 12:05 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 16:28 - 2013-12-12 12:05 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 16:16 - 2013-12-12 12:05 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 16:13 - 2013-12-12 12:05 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 15:32 - 2013-12-12 12:05 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 15:26 - 2013-12-12 12:05 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 15:00 - 2013-11-26 15:00 - 00000000 ____D C:\Program Files\Microsoft XNA
2013-11-26 14:59 - 2013-11-22 12:58 - 00000000 ____D C:\ProgramData\360safe
2013-11-26 14:59 - 2013-11-22 12:53 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\360se
2013-11-26 14:57 - 2013-11-26 14:55 - 00000000 ____D C:\Users\Administrator\AppData\Local\Downloaded Installations
2013-11-26 14:56 - 2013-11-26 14:56 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\WWApk
2013-11-26 14:34 - 2013-12-12 12:05 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 14:33 - 2013-12-12 12:05 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 14:27 - 2013-12-12 12:05 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 14:16 - 2013-11-26 14:15 - 00000000 ____D C:\Program Files\DAP
2013-11-26 14:15 - 2013-11-26 14:15 - 00172032 _____ (Jin Hui    E-mail: jinhui@jcomsoft.com   Web: http://www.jcomsoft.com) C:\Windows\system32\AniGIF.ocx
2013-11-26 14:15 - 2013-11-26 14:15 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\SpeedBit
2013-11-26 14:15 - 2013-11-26 14:15 - 00000000 ____D C:\ProgramData\SpeedBit
2013-11-26 14:01 - 2013-11-26 14:01 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Unity
2013-11-25 14:31 - 2013-11-25 14:31 - 00000000 ____D C:\Users\Administrator\Documents\ezvid
2013-11-25 14:31 - 2013-11-25 14:30 - 00000000 ____D C:\Program Files\ezvid
2013-11-25 14:16 - 2013-11-25 14:16 - 00000136 ____H C:\Users\Administrator\Desktop\.~lock.Puritan Colonial Literature2.ppt#
2013-11-25 14:15 - 2013-11-25 14:15 - 00000136 ____H C:\Users\Administrator\Desktop\.~lock.Puritan Colonial Literature 2.ppt#
2013-11-25 14:02 - 2013-11-25 14:04 - 01245184 _____ C:\Users\Administrator\Desktop\Puritan Colonial Literature.ppt
2013-11-25 14:01 - 2013-11-25 14:03 - 00269312 _____ C:\Users\Administrator\Desktop\Colonial Period.ppt
2013-11-25 12:38 - 2013-11-25 10:01 - 33590784 _____ C:\Users\Administrator\Desktop\American Cuisine (1).ppt
2013-11-25 08:13 - 2013-11-24 12:36 - 00000000 ____D C:\Program Files\Microsoft Application Virtualization Client
2013-11-25 08:12 - 2013-11-22 14:55 - 00000000 ____D C:\Program Files\Windows Defender
2013-11-24 15:17 - 2013-11-24 15:17 - 00000000 __RHD C:\MSOCache
2013-11-24 15:06 - 2013-11-24 15:06 - 00000000 ____D C:\ProgramData\VirtualizedApplications
2013-11-24 12:40 - 2013-11-24 12:40 - 00000000 ____D C:\Users\Administrator\AppData\Local\SoftGrid Client
2013-11-24 12:38 - 2013-11-24 12:32 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\TP
2013-11-24 12:36 - 2013-11-24 12:36 - 00000000 ____D C:\Windows\PCHEALTH
2013-11-24 12:27 - 2013-11-24 12:27 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\LULU_Software_Limited
2013-11-24 12:23 - 2013-11-24 12:23 - 00000000 ____D C:\Program Files\Soda PDF 6
2013-11-24 12:21 - 2013-11-24 12:21 - 00000000 ____D C:\ProgramData\Soda PDF 6
2013-11-24 03:00 - 2013-11-24 03:00 - 00000000 ____D C:\Windows\CheckSur
2013-11-24 02:26 - 2013-12-12 08:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-11-23 15:04 - 2013-11-23 15:04 - 00000000 ____D C:\Windows\system32\aliedit
2013-11-23 15:04 - 2009-07-14 10:04 - 00000429 _____ C:\Windows\win.ini
2013-11-23 14:14 - 2011-04-12 15:18 - 00000000 ____D C:\Windows\system32\Drivers\zh-CN
2013-11-23 14:13 - 2013-11-23 14:13 - 00179848 ____N C:\Windows\Minidump\112313-51823-01.dmp
2013-11-23 14:13 - 2013-11-23 14:13 - 00000000 ____D C:\Windows\Minidump
2013-11-22 20:45 - 2013-11-22 20:45 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\TuneUp Software
2013-11-22 20:34 - 2013-11-22 20:34 - 00000000 ____D C:\Users\Administrator\AppData\Local\MFAData
2013-11-22 19:44 - 2013-11-22 19:27 - 00000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2013-11-22 19:40 - 2013-09-18 03:17 - 00000000 ____D C:\Program Files\WinRAR
2013-11-22 19:39 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\system32\zh-TW
2013-11-22 19:39 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\system32\zh-HK
2013-11-22 19:39 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\system32\tr-TR
2013-11-22 19:39 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\system32\sv-SE
2013-11-22 19:39 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\system32\ru-RU
2013-11-22 19:39 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\system32\pt-PT
2013-11-22 19:39 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\system32\pt-BR
2013-11-22 19:39 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\system32\pl-PL
2013-11-22 19:39 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\system32\nl-NL
2013-11-22 19:39 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\system32\nb-NO
2013-11-22 19:39 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\system32\ko-KR
2013-11-22 19:39 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\system32\ja-JP
2013-11-22 19:39 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\system32\it-IT
2013-11-22 19:39 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\system32\hu-HU
2013-11-22 19:39 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\system32\fr-FR
2013-11-22 19:39 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\system32\fi-FI
2013-11-22 19:39 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\system32\el-GR
2013-11-22 19:39 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-11-22 19:38 - 2013-11-22 19:32 - 00003758 _____ C:\Windows\IE9_main.log
2013-11-22 19:25 - 2013-11-22 19:19 - 00010385 _____ C:\Windows\IE10_main.log
2013-11-22 19:22 - 2013-11-22 19:22 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll_old0
2013-11-22 19:22 - 2013-11-22 19:22 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll_old0
2013-11-22 19:22 - 2013-11-22 19:22 - 01138176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll_old0
2013-11-22 19:22 - 2013-11-22 19:22 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2013-11-22 19:21 - 2013-11-22 19:21 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 01988096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-11-22 19:21 - 2013-11-22 19:21 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-11-22 19:20 - 2013-11-22 19:20 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-11-22 19:19 - 2013-11-22 19:19 - 00000000 ____D C:\Users\Administrator\AppData\Local\Scrivener
2013-11-22 19:12 - 2013-11-22 19:08 - 55621528 _____ (Literature and Latte) C:\Users\Administrator\Downloads\Scrivener-installer.exe
2013-11-22 18:59 - 2013-11-22 18:59 - 01889747 _____ (HanYu Team                                                  ) C:\Users\Administrator\Downloads\HanYu_0_2_final_x86.exe
2013-11-22 17:33 - 2013-11-22 17:33 - 00000000 ____D C:\ProgramData\APN
2013-11-22 17:09 - 2013-11-22 17:09 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Opera Software
2013-11-22 17:09 - 2013-11-22 17:09 - 00000000 ____D C:\Users\Administrator\AppData\Local\Opera Software
2013-11-22 16:43 - 2013-11-22 12:53 - 00000770 __RSH C:\Users\Administrator\ntuser.pol
2013-11-22 16:14 - 2013-11-22 16:14 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Thunderbird
2013-11-22 16:14 - 2013-11-22 16:14 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Mozilla
2013-11-22 16:14 - 2013-11-22 16:14 - 00000000 ____D C:\Users\Administrator\AppData\Local\Thunderbird
2013-11-22 16:14 - 2013-11-22 16:14 - 00000000 ____D C:\ProgramData\Mozilla
2013-11-22 16:14 - 2013-11-22 16:14 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2013-11-22 16:14 - 2013-11-22 16:14 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-22 16:07 - 2013-11-22 16:07 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\OpenOffice
2013-11-22 16:06 - 2013-11-22 16:06 - 00000000 ____D C:\Program Files\OpenOffice 4
2013-11-22 15:51 - 2013-09-18 03:18 - 00000000 ____D C:\Program Files\Common Files\Tencent
2013-11-22 15:37 - 2013-11-22 15:36 - 00000000 ___RD C:\Program Files\Skype
2013-11-22 15:37 - 2013-11-22 15:36 - 00000000 ____D C:\ProgramData\Skype
2013-11-22 15:36 - 2013-11-22 15:36 - 00000000 ____D C:\Program Files\Common Files\Skype
2013-11-22 15:15 - 2013-11-22 15:15 - 00000000 ____D C:\Program Files\CCleaner
2013-11-22 15:09 - 2013-11-22 15:03 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\The Journal 5
2013-11-22 15:03 - 2013-11-22 15:03 - 00000000 ____D C:\Users\Administrator\Documents\The Journal Volumes
2013-11-22 15:03 - 2013-11-22 15:03 - 00000000 ____D C:\Users\Administrator\AppData\Local\The Journal 5
2013-11-22 14:55 - 2013-11-22 14:55 - 00000000 ____D C:\Windows\system32\Speech
2013-11-22 14:55 - 2013-11-22 14:55 - 00000000 ____D C:\Windows\Speech
2013-11-22 14:55 - 2013-11-22 14:55 - 00000000 ____D C:\Program Files\DVD Maker
2013-11-22 14:55 - 2011-04-12 15:28 - 00000000 ____D C:\Program Files\Windows Journal
2013-11-22 14:55 - 2011-04-12 15:18 - 00000000 ____D C:\Windows\system32\winrm
2013-11-22 14:55 - 2011-04-12 15:18 - 00000000 ____D C:\Windows\system32\WCN
2013-11-22 14:55 - 2011-04-12 15:18 - 00000000 ____D C:\Windows\system32\slmgr
2013-11-22 14:55 - 2011-04-12 15:18 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2013-11-22 14:55 - 2009-07-14 12:52 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-11-22 14:55 - 2009-07-14 12:52 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-11-22 13:50 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\system32\LogFiles
2013-11-22 12:55 - 2013-11-22 12:55 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\360Login
2013-11-22 12:54 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\system
2013-11-22 12:53 - 2013-11-22 12:53 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\程序
2013-11-22 12:53 - 2013-11-22 12:53 - 00000000 _SHDL C:\Users\Administrator\「开始」菜单
2013-11-22 12:53 - 2013-11-22 12:53 - 00000000 ____D C:\Users\Public\QiYi
2013-11-22 12:53 - 2013-11-22 12:53 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Qiyi
2013-11-22 12:53 - 2013-11-22 12:53 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\KuGou8
2013-11-22 12:53 - 2013-09-16 22:01 - 00000000 ____D C:\Windows\Panther
2013-11-22 12:53 - 2009-07-14 10:37 - 00000000 ___RD C:\Users\Public
2013-11-22 12:51 - 2013-11-22 12:51 - 00270792 __RSH C:\OEMSF
2013-11-22 12:50 - 2013-11-22 12:50 - 00000000 ____D C:\Intel
2013-11-22 12:50 - 2013-11-22 12:49 - 00029624 _____ C:\Windows\DPINST.LOG
2013-11-22 12:49 - 2013-11-22 12:49 - 00000000 ____D C:\Program Files\CONEXANT
2013-11-22 12:48 - 2013-11-22 12:48 - 00006196 _____ C:\Windows\EasyDrv5_20131122_124848.ed5log
2013-11-22 12:48 - 2013-09-16 22:02 - 00003652 _____ C:\Windows\TSSysprep.log
2013-11-22 12:48 - 2009-07-14 10:37 - 00000000 __RHD C:\Users\Default
2013-11-22 12:47 - 2013-09-16 22:02 - 00001520 _____ C:\Windows\DtcInstall.log
2013-11-12 10:07 - 2013-12-12 08:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
 
Some content of TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\SHSetup.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-12-10 00:35
 
==================== End Of Log ============================
 
 


#4 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:06:51 PM

Posted 14 December 2013 - 10:35 AM

d999,
 
Sorry for the delay.
 
 
I would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:
Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.

1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on Combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer


 
In your next post, please include the following:

  • Log from Combofix
  • Let me know of any problems you may have had
  • How is the computer doing now?

Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#5 d999

d999
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:51 AM

Posted 15 December 2013 - 08:45 AM

It doesn't matter now, I had a hard drive failure so I had to wipe my whole system anyway. Thanks.



#6 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:06:51 PM

Posted 15 December 2013 - 11:50 AM

Ok, thanks for letting me know.
 
If you have any further computer questions, feel free to post them in the appropriate forum! :thumbup2:


Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#7 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:06:51 PM

Posted 15 December 2013 - 11:50 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users