Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can RegClean Pro/Systweak leave trojan in my computer?


  • This topic is locked This topic is locked
11 replies to this topic

#1 Miuna

Miuna

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:45 PM

Posted 06 March 2014 - 05:27 AM

Hello. I am a new member here.

 

A few hours ago, I went to a trusted website and downloaded a game. However, RegClean Pro and some other programs were installed into my laptop without asking me. 

 

I have used Revo Uninstaller and MalwareBytes and surprisingly they worked for me. (I have googled on it, and many stated that it is difficult to remove or uninstall.) 

 

I have removed the programs that I find suspicious, especially the ones stated that their installed date was today. 

 

Earlier on, I read an article that Systweak/RegClean Pro can leave a trojan or a backdoor trojan on my computer. How do I know that if trojan or other harmful things is hidden somewhere in my computer? 

 

I have ran a full Avast! antivirus scan and nothing is detected. But I want to be sure of it. 

 

Because do online banking quite often, hence I would like to ensure that my computer is safe to do online monetary transactions again. Is there a way to know it? Or does MalwareBytes detect such things too? 

 

I should be considered as a beginner computer user. Hence I do not know how to do logs. (I read some of the posts here and there are logs needed to be posted up to continue) But will try my best to do follow the instructions given. 

 

Also, after using Revo Uninstaller and MalwareBytes, is it confirmed that those programs are completely, and cleanly removed?

 

Thank you for reading this :)


Edited by Miuna, 06 March 2014 - 06:10 AM.


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,225 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:45 AM

Posted 07 March 2014 - 09:31 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
thisisujrt.gif Please download
Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
===

Download the correct version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.

Let me know what problem persists.

#3 Miuna

Miuna
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:45 PM

Posted 07 March 2014 - 11:20 AM

Hi, thank you for the reply.

 

I have downloaded the first one. And it seems that I can't open Google Chrome after cleaning my computer, when AdwCleaner found "MyPCBackup" is still inside my computer when I have already deleted it. Also, I noticed opening Internet Explorer (since google chrome couldn't be opened), my search engine is "conduit" I have tried to remove conduit away as my Search Provider. At the same time, I also found mysearchdial in my Search Provider, when I have already removed it yesterday. I believe these were downloaded together with RegClean Pro yesterday.

 

Unfortunately, after removing, clicking a new tab on my IE still goes to that search engine "conduit" Is there a way to remove these completely?

 

With that being said, I thought that I should post this problem and log of AdwCleaner first before continuing.

 

# AdwCleaner v3.020 - Report created 07/03/2014 at 23:41:27
# Updated 27/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : SIDM - SIDM-PC
# Running from : C:\Users\SIDM\AppData\Local\Temp\dlm5EAF.tmp\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : BackupStack

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Users\SIDM\AppData\Roaming\Systweak
Folder Deleted : C:\Users\SIDM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
File Deleted : C:\windows\System32\roboot64.exe
File Deleted : C:\Users\SIDM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
File Deleted : C:\Users\SIDM\Desktop\MyPC Backup.lnk

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : HKCU\Software\systweak
Key Deleted : HKLM\Software\systweak
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518

Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v33.0.1750.146

[ File : C:\Users\SIDM\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : icon_url

*************************

AdwCleaner[R0].txt - [2782 octets] - [07/03/2014 23:39:13]
AdwCleaner[S0].txt - [2252 octets] - [07/03/2014 23:41:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2312 octets] ##########

 

Each time I click to open google chrome on my Windows7, the icon on my taskbar will show that it is opening for a few secs, then it goes back to normal again. Is there a way to get my google chrome working again?

 

I'm really sorry for my vague English and thank you for reading this.

Please help! :(



#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,225 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:45 AM

Posted 07 March 2014 - 01:48 PM

As previously requested please download and run this tool.

Farbar Recovery Scan Tool (64 bit)

Post the log.
Wait for further instructions.

p.s.
If Chrome is not opening stop the process using the Task Manager. (CTRL+ALT+DEL)

#5 Miuna

Miuna
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:45 PM

Posted 07 March 2014 - 11:23 PM

FRST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-03-2014 01
Ran by SIDM (administrator) on SIDM-PC on 08-03-2014 12:06:21
Running from C:\Users\SIDM\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\windows\system32\atiesrxx.exe
(AMD) C:\windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
() C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Conduit) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
(Conduit) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Conduit) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\windows\splwow64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\windows\splwow64.exe
(Adobe Systems Incorporated) C:\windows\system32\Macromed\Flash\FlashUtil64_12_0_0_70_ActiveX.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe
(Microsoft Corporation) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
() C:\Users\SIDM\Downloads\FRST64.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11786344 2011-03-28] (Realtek Semiconductor)
HKLM\...\Run: [IntelPAN] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel® Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2841896 2011-10-28] (Synaptics Incorporated)
HKLM\...\Run: [OnekeyStudio] - C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [789920 2012-02-15] (Lenovo)
HKLM\...\Run: [Lenovo EE Boot Optimizer] - C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2012-02-15] (Lenovo)
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9753024 2012-02-15] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2012-02-15] (Lenovo(beijing) Limited)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-13] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [UpdateP2GShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-29] (CyberLink Corp.)
HKLM-x32\...\Run: [VeriFaceManager] - C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-02-15] (Lenovo)
HKLM-x32\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-14] (CyberLink Corp.)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-17] (AVAST Software)
HKLM-x32\...\Run: [CanonQuickMenu] - C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] - C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1745385207-262174753-3600999779-1000\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1745385207-262174753-3600999779-1000\...\MountPoints2: {1371df87-97dc-11e3-8e40-806e6f6e6963} - E:\Msetup4.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1355040 2014-03-03] (Conduit)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1050912 2014-03-03] (Conduit)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
SearchScopes: HKCU - URL http://search.conduit.com/Results.aspx?ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP535AE7B8-F5B0-4A9D-B0A4-3B9D6E2D222B&q={searchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Chrome:
=======
CHR Extension: (avast! Online Security) - C:\Users\SIDM\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-17]
CHR Extension: (Google Wallet) - C:\Users\SIDM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-17]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-02-17]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-17] (AVAST Software)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [970016 2011-05-13] (Broadcom Corporation.)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2454816 2014-03-03] (Conduit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [78648 2014-02-17] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [92544 2014-02-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-02-17] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1038072 2014-02-17] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [421704 2014-02-17] (AVAST Software)
R3 aswStm; C:\windows\system32\drivers\aswStm.sys [80184 2014-02-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-02-17] ()
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-05-13] (Broadcom Corporation.)
R3 DelayMan; C:\Windows\System32\DRIVERS\delayman.sys [20064 2012-02-15] (Ensurebit Inc.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8199016 2011-03-23] (Realtek Semiconductor Corp.)
R1 winioex; C:\Windows\System32\drivers\winioex.sys [15456 2012-02-15] (Ensurebit Inc.)
U3 BcmSqlStartupSvc;
U2 CLKMSVC10_3A60B698;
U2 CLKMSVC10_C3B3B687;
U2 DriverService;
U2 iATAgentService;
U2 idealife Update Service;
U3 IGRS;
U2 IviRegMgr;
U2 nvUpdatusService;
U2 Oasis2Service;
U2 PCCarerService;
U2 ReadyComm.DirectRouter;
U2 RichVideo;
U2 RtLedService;
U2 SeaPort;
U2 SoftwareService;
U3 SQLWriter;

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AcpiVpc.sys 5BBFF8B826EC38D32C26334E079C7EFC
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 79059559E89D06E8B80CE2944BE20228
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys 71E3888B6984C7039F90B35B0C6A47A2
C:\Windows\System32\DRIVERS\atikmpag.sys 85CDBB039B7A25F5CA275D34C1761430
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\windows\system32\drivers\aswMonFlt.sys 0ACC3F49015E628590CA4372322EB46B
C:\windows\system32\drivers\aswRdr2.sys 679712B7A353EE665B9301592164A172
C:\Windows\System32\Drivers\aswRvrt.sys C04F7B373881009D7994D9BF55D24AB4
C:\windows\system32\drivers\aswSnx.sys 43599E630DFC30AD4E6A2B4B269EB1C0
C:\windows\system32\drivers\aswSP.sys F22DE5F5BA8ADA0A861441B624B51EB5
C:\windows\system32\drivers\aswStm.sys FD3EA14ADF6216BDF4030DB2EFD43D96
C:\Windows\System32\Drivers\aswVmm.sys 90399625F341AB76BA4B85A5E860EB1F
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\System32\drivers\BPntDrv.sys AAA4F992F879977A000FE8B8C730CD2C
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\DRIVERS\btwampfl.sys F8CFAFBD5BF8B3DDB0D3C2943A5AF8CE
C:\Windows\System32\drivers\btwaudio.sys 44770A3C07EBD5D6D7CD7DBA915B49BC
C:\Windows\System32\drivers\btwavdt.sys 75B59923087AE6EB064D13D8F58A02B6
C:\Windows\System32\DRIVERS\btwdpan.sys E06FE51893B481A200214760C0DE2621
C:\Windows\System32\DRIVERS\btwl2cap.sys B9354F9F111C64F2495B60F1E24CB453
C:\Windows\System32\DRIVERS\btwrchid.sys 9555E15F828760341751E9183BD34E60
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\clwvd.sys 50F92C943F18B070F166D019DFAB3D9A
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\System32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\delayman.sys FFD82C1C4ABB5B0859EB081664DBDA11
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\System32\drivers\fbfmon.sys 0BDD7984DB7AAFF6DFEFD11D82D473DB
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys D469B77687E12FE43E344806740B624D
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\intelaud.sys CADDF0927DAC63EDAE48F5C35A61D87D
C:\Windows\System32\drivers\RTKVHD64.sys 1CE438B31551746AB450D8FFA403BDB5
C:\Windows\System32\DRIVERS\IntcDAud.sys AE594CC17C33AC146739494615E14851
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\igdpmd64.sys 978D876A581D57E0DE6437674EB0014D
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iwdbus.sys 716F66336F10885D935B08174DC54242
C:\Windows\System32\DRIVERS\jmcr.sys E56417C56B6A7316B6F527C890A1860D
C:\Windows\System32\DRIVERS\k57nd60a.sys 455B75C19BF3F1F2EE3AC10E1169826C
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 8F489706472F7E9A06BAAA198703FA64
C:\Windows\System32\Drivers\ksecpkg.sys 868A2CAAB12EFC7A021682BCA0EEC54C
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\LhdX64.sys BE166935083F9C38EDFDC21B9A7A679B
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\windows\system32\drivers\mbam.sys 0BB97D43299910CBFBA59C461B99B910
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys A6518DCC42F7A6E999BB3BEA8FD87567
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MpFilter.sys C6B88D62F20AC646C6BD5C032EC2FAF9
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NETwNs64.sys AC69618DE5BCCE8747C9AB0AAE1003C1
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NisDrvWFP.sys ACE8C64C57E4A711473C8BC10ADF692B
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nusb3hub.sys A7127E86F9FFE2A53E271B56B2C4CEDF
C:\Windows\System32\DRIVERS\nusb3xhc.sys 49BBEC6F48D5F9284B03ABF3A959B19B
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\revoflt.sys 9C3AC71A9934B884FAC567A8807E9C4D
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys BAEFEE35D27A5440D35092CE10267BEC
C:\Windows\System32\DRIVERS\rtsuvc.sys 558B39BE7C496AC49E27DEDCFAB13A54
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\VSTAZL6.SYS 0C4540311E11664B245A263E1154CEF8
C:\Windows\System32\DRIVERS\VSTDPV6.SYS 02071D207A9858FBE3A48CBFD59C4A04
C:\Windows\System32\DRIVERS\VSTCNXT6.SYS 18E40C245DBFAF36FD0134A7EF2DF396
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys 126AE059261C9234CD697F441F2C85CA
C:\Windows\System32\drivers\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\DRIVERS\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\tpm.sys DBCC20C02E8A3E43B03C304A4E40A84F
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\system32\drivers\TsUsbGD.sys 9CC2CCAE8A84820EAECB886D477CBCB8
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\drivers\winioex.sys FEF576B25641012FA927B0A2703C51F9
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wsvd.sys 83575C43B2BFE9AB0661A7F957E843C0
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-03-08 12:06 - 2014-03-08 12:06 - 00034706 _____ () C:\Users\SIDM\Desktop\FRST.txt
2014-03-08 12:04 - 2014-03-08 12:06 - 00000000 ____D () C:\FRST
2014-03-08 12:03 - 2014-03-08 12:04 - 02156544 _____ (Farbar) C:\Users\SIDM\Desktop\FRST64.exe
2014-03-07 23:42 - 2014-03-07 23:42 - 00000334 _____ () C:\windows\PFRO.log
2014-03-07 23:39 - 2014-03-07 23:41 - 00000000 ____D () C:\AdwCleaner
2014-03-07 23:39 - 2014-03-07 23:39 - 00001969 _____ () C:\Users\SIDM\Desktop\Sync Folder.lnk
2014-03-07 23:39 - 2014-03-07 23:39 - 00000000 ____D () C:\Users\SIDM\AppData\Local\SearchProtect
2014-03-07 23:39 - 2014-03-07 23:39 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-03-07 23:33 - 2014-03-07 23:33 - 00930952 _____ (CNET Download.com) C:\Users\SIDM\Downloads\cbsidlm-cbsi183-AdwCleaner-ORG-75851221.exe
2014-03-06 16:58 - 2014-03-08 11:57 - 00000336 _____ () C:\windows\setupact.log
2014-03-06 16:58 - 2014-03-06 16:58 - 00000000 _____ () C:\windows\setuperr.log
2014-03-06 14:21 - 2014-03-06 14:21 - 00000040 _____ () C:\Users\SIDM\AppData\Roaming\mbam.context.scan
2014-03-06 13:57 - 2014-03-06 13:57 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-06 13:57 - 2014-03-06 13:57 - 00000000 ____D () C:\Users\SIDM\AppData\Roaming\Malwarebytes
2014-03-06 13:57 - 2014-03-06 13:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-06 13:57 - 2014-03-06 13:57 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-06 13:57 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-03-06 13:56 - 2014-03-06 13:56 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\SIDM\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-06 13:44 - 2014-03-06 13:50 - 00001077 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-03-06 13:44 - 2014-03-06 13:44 - 00000000 ____D () C:\Users\SIDM\AppData\Local\VS Revo Group
2014-03-06 13:44 - 2014-03-06 13:44 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-03-06 13:44 - 2014-03-06 13:44 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-03-06 13:44 - 2009-12-30 10:21 - 00031800 _____ (VS Revo Group) C:\windows\system32\Drivers\revoflt.sys
2014-03-06 13:42 - 2014-03-06 13:42 - 10619688 _____ (VS Revo Group ) C:\Users\SIDM\Downloads\RevoUninProSetup.exe
2014-03-04 20:22 - 2014-03-04 20:26 - 00054272 _____ () C:\Users\SIDM\Downloads\Information required.xls
2014-03-01 23:03 - 2014-03-02 01:14 - 00000001 _____ () C:\Users\SIDM\random.dat
2014-03-01 23:03 - 2014-03-01 23:03 - 00000043 _____ () C:\Users\SIDM\jagex_cl_runescape_LIVE.dat
2014-03-01 23:03 - 2014-03-01 23:03 - 00000000 ____D () C:\Users\SIDM\jagexcache
2014-03-01 22:53 - 2014-03-01 22:53 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-03-01 22:53 - 2014-03-01 22:53 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-03-01 22:53 - 2014-03-01 22:53 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-03-01 22:53 - 2014-03-01 22:53 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-01 22:53 - 2014-03-01 22:53 - 00000000 ____D () C:\ProgramData\Sun
2014-03-01 22:53 - 2014-03-01 22:53 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-01 22:53 - 2014-03-01 22:53 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-01 22:52 - 2014-03-01 22:52 - 00921000 _____ (Oracle Corporation) C:\Users\SIDM\Downloads\chromeinstall-7u51.exe
2014-03-01 22:49 - 2014-03-01 22:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-02-22 12:40 - 2014-02-06 20:16 - 23170048 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-22 12:40 - 2014-02-06 19:30 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-22 12:40 - 2014-02-06 19:30 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-02-22 12:40 - 2014-02-06 19:12 - 02765824 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-02-22 12:40 - 2014-02-06 19:07 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-02-22 12:40 - 2014-02-06 19:06 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-02-22 12:40 - 2014-02-06 18:57 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-02-22 12:40 - 2014-02-06 18:56 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-02-22 12:40 - 2014-02-06 18:52 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-02-22 12:40 - 2014-02-06 18:49 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-02-22 12:40 - 2014-02-06 18:48 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-02-22 12:40 - 2014-02-06 18:48 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-02-22 12:40 - 2014-02-06 18:38 - 17103872 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-02-22 12:40 - 2014-02-06 18:32 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-22 12:40 - 2014-02-06 18:20 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-02-22 12:40 - 2014-02-06 18:17 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-02-22 12:40 - 2014-02-06 18:11 - 05768704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-22 12:40 - 2014-02-06 18:01 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-02-22 12:40 - 2014-02-06 18:00 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-02-22 12:40 - 2014-02-06 17:57 - 02168320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-02-22 12:40 - 2014-02-06 17:57 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-22 12:40 - 2014-02-06 17:52 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-02-22 12:40 - 2014-02-06 17:52 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-02-22 12:40 - 2014-02-06 17:50 - 02041856 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-02-22 12:40 - 2014-02-06 17:49 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-02-22 12:40 - 2014-02-06 17:47 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-02-22 12:40 - 2014-02-06 17:46 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-02-22 12:40 - 2014-02-06 17:25 - 04244480 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-02-22 12:40 - 2014-02-06 17:25 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-02-22 12:40 - 2014-02-06 17:24 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-22 12:40 - 2014-02-06 17:22 - 13051392 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-22 12:40 - 2014-02-06 17:13 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-02-22 12:40 - 2014-02-06 17:09 - 01964032 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-02-22 12:40 - 2014-02-06 17:03 - 11266048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-02-22 12:40 - 2014-02-06 16:55 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-22 12:40 - 2014-02-06 16:41 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-02-22 12:40 - 2014-02-06 16:40 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-02-22 12:40 - 2014-02-06 16:36 - 01156096 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-02-22 12:40 - 2014-02-06 16:34 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-02-22 12:40 - 2013-12-21 17:53 - 00548864 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-02-22 12:40 - 2013-12-21 16:56 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-02-22 10:48 - 2013-12-25 07:09 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-02-22 10:48 - 2013-12-25 06:48 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-02-22 10:48 - 2013-11-26 16:16 - 03419136 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2014-02-22 10:48 - 2013-11-24 02:26 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2014-02-22 10:48 - 2013-11-24 01:47 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2014-02-22 10:48 - 2013-11-23 06:48 - 03928064 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2014-02-22 10:47 - 2013-04-17 15:02 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-02-22 10:47 - 2013-04-17 14:24 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-02-22 10:47 - 2012-02-11 14:36 - 00559104 _____ (Microsoft Corporation) C:\windows\system32\spoolsv.exe
2014-02-22 10:47 - 2012-02-11 14:36 - 00067072 _____ (Microsoft Corporation) C:\windows\splwow64.exe
2014-02-21 14:43 - 2014-02-21 14:43 - 00000000 ____D () C:\Users\SIDM\AppData\Local\{458E8314-DCE8-4DB9-86F5-699F1E8622CF}
2014-02-21 14:42 - 2014-02-21 14:42 - 00000000 ____D () C:\Users\SIDM\AppData\Local\{E093DC70-FCCD-4EB5-9094-1ED84EFD4CC8}
2014-02-21 14:40 - 2014-02-21 14:40 - 01727308 _____ () C:\Users\SIDM\Downloads\Dropbox.zip
2014-02-20 23:38 - 2013-05-10 13:56 - 14631424 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2014-02-20 23:38 - 2013-05-10 13:56 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2014-02-20 23:38 - 2013-05-10 12:56 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2014-02-20 23:38 - 2013-05-10 12:56 - 11410432 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2014-02-20 23:35 - 2014-02-20 23:36 - 00000000 ____D () C:\windows\system32\MRT
2014-02-20 23:28 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\windows\system32\IEUDINIT.EXE
2014-02-20 23:23 - 2014-02-20 23:23 - 01228800 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-02-20 23:23 - 2014-02-20 23:23 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2014-02-20 23:23 - 2014-02-20 23:23 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2014-02-20 23:23 - 2014-02-20 23:23 - 00610304 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00413696 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2014-02-20 23:23 - 2014-02-20 23:23 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2014-02-20 23:23 - 2014-02-20 23:23 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00263376 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00244736 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00238288 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2014-02-20 23:23 - 2014-02-20 23:23 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2014-02-20 23:23 - 2014-02-20 23:23 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2014-02-20 23:23 - 2014-02-20 23:23 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2014-02-20 23:23 - 2014-02-20 23:23 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2014-02-20 23:23 - 2014-02-20 23:23 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2014-02-20 23:23 - 2014-02-20 23:23 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00083456 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2014-02-20 23:23 - 2014-02-20 23:23 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2014-02-20 23:23 - 2014-02-20 23:23 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2014-02-20 23:23 - 2014-02-20 23:23 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2014-02-20 23:23 - 2014-02-20 23:23 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2014-02-20 23:23 - 2014-02-20 23:23 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2014-02-20 23:23 - 2014-02-20 23:23 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2014-02-20 23:23 - 2014-02-20 23:23 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2014-02-20 23:03 - 2014-02-20 23:03 - 02776576 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 02284544 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 01682432 _____ (Microsoft Corporation) C:\windows\system32\XpsPrint.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 01643520 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 01247744 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 01238528 _____ (Microsoft Corporation) C:\windows\system32\d3d10.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 01175552 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 01158144 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsPrint.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 01080832 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00648192 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00604160 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10level9.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00522752 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00363008 _____ (Microsoft Corporation) C:\windows\system32\dxgi.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00333312 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1core.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\d3d10core.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00293376 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxgi.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00249856 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10_1core.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00245248 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecsExt.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\UIAnimation.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10core.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00207872 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecsExt.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00194560 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00187392 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIAnimation.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00161792 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10_1.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00010752 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00010752 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00009728 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00009728 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00005632 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00005632 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00005632 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00005632 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00002560 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00002560 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-02-20 22:56 - 2014-02-20 22:56 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-02-20 22:56 - 2014-02-20 22:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-02-19 23:23 - 2014-02-19 23:23 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
2014-02-19 23:23 - 2014-02-19 23:23 - 01505280 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
2014-02-19 19:06 - 2014-03-08 12:01 - 01411744 _____ () C:\windows\WindowsUpdate.log
2014-02-19 18:57 - 2014-02-19 18:58 - 00000000 ___HD () C:\ProgramData\CanonIJMIG
2014-02-19 18:56 - 2014-02-19 18:57 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2014-02-19 18:48 - 2014-02-19 18:48 - 00062982 _____ () C:\Users\SIDM\Documents\cc_20140219_184824.reg
2014-02-19 18:47 - 2014-02-19 18:47 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-19 18:47 - 2014-02-19 18:47 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-19 18:46 - 2014-02-19 18:46 - 04721920 _____ (Piriform Ltd) C:\Users\SIDM\Downloads\ccsetup410.exe
2014-02-19 16:06 - 2012-07-26 11:08 - 00744448 _____ (Microsoft Corporation) C:\windows\system32\WUDFx.dll
2014-02-19 16:06 - 2012-07-26 11:08 - 00229888 _____ (Microsoft Corporation) C:\windows\system32\WUDFHost.exe
2014-02-19 16:06 - 2012-07-26 11:08 - 00194048 _____ (Microsoft Corporation) C:\windows\system32\WUDFPlatform.dll
2014-02-19 16:06 - 2012-07-26 11:08 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\WUDFSvc.dll
2014-02-19 16:06 - 2012-07-26 11:08 - 00045056 _____ (Microsoft Corporation) C:\windows\system32\WUDFCoinstaller.dll
2014-02-19 16:06 - 2012-07-26 10:26 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFRd.sys
2014-02-19 16:06 - 2012-07-26 10:26 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFPf.sys
2014-02-19 16:06 - 2012-06-02 22:57 - 00000003 _____ () C:\windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-02-19 15:54 - 2012-03-01 14:46 - 00023408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fs_rec.sys
2014-02-19 15:54 - 2012-03-01 14:28 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\wmi.dll
2014-02-19 15:54 - 2012-03-01 13:29 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmi.dll
2014-02-18 00:32 - 2013-12-04 10:27 - 00488448 _____ (Microsoft Corporation) C:\windows\system32\secproc.dll
2014-02-18 00:32 - 2013-12-04 10:27 - 00485888 _____ (Microsoft Corporation) C:\windows\system32\secproc_isv.dll
2014-02-18 00:32 - 2013-12-04 10:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp_isv.dll
2014-02-18 00:32 - 2013-12-04 10:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp.dll
2014-02-18 00:32 - 2013-12-04 10:26 - 00528384 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2014-02-18 00:32 - 2013-12-04 10:16 - 00658432 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_isv.exe
2014-02-18 00:32 - 2013-12-04 10:16 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\RMActivate.exe
2014-02-18 00:32 - 2013-12-04 10:16 - 00553984 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp.exe
2014-02-18 00:32 - 2013-12-04 10:16 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp_isv.exe
2014-02-18 00:32 - 2013-12-04 10:03 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc.dll
2014-02-18 00:32 - 2013-12-04 10:03 - 00423936 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_isv.dll
2014-02-18 00:32 - 2013-12-04 10:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp_isv.dll
2014-02-18 00:32 - 2013-12-04 10:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp.dll
2014-02-18 00:32 - 2013-12-04 10:02 - 00390144 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2014-02-18 00:32 - 2013-12-04 09:54 - 00594944 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_isv.exe
2014-02-18 00:32 - 2013-12-04 09:54 - 00572416 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate.exe
2014-02-18 00:32 - 2013-12-04 09:54 - 00510976 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp.exe
2014-02-18 00:32 - 2013-12-04 09:54 - 00508928 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-18 00:32 - 2013-11-26 19:40 - 00376768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2014-02-18 00:32 - 2013-09-08 10:30 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-02-18 00:32 - 2013-07-26 10:24 - 14172672 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-02-18 00:32 - 2013-07-26 10:24 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll
2014-02-18 00:32 - 2013-07-26 09:55 - 12872704 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-02-18 00:32 - 2013-07-26 09:55 - 00180224 _____ (Microsoft Corporation) C:\windows\SysWOW64\shdocvw.dll
2014-02-18 00:32 - 2012-10-04 01:44 - 00303104 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2014-02-18 00:32 - 2012-10-04 01:44 - 00246272 _____ (Microsoft Corporation) C:\windows\system32\netcorehc.dll
2014-02-18 00:32 - 2012-10-04 01:44 - 00216576 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll
2014-02-18 00:32 - 2012-10-04 01:44 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\nlaapi.dll
2014-02-18 00:32 - 2012-10-04 01:44 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\netevent.dll
2014-02-18 00:32 - 2012-10-04 01:42 - 00569344 _____ (Microsoft Corporation) C:\windows\system32\iphlpsvc.dll
2014-02-18 00:32 - 2012-10-04 00:42 - 00175104 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcorehc.dll
2014-02-18 00:32 - 2012-10-04 00:42 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll
2014-02-18 00:32 - 2012-10-04 00:42 - 00018944 _____ (Microsoft Corporation) C:\windows\SysWOW64\netevent.dll
2014-02-18 00:32 - 2012-10-04 00:07 - 00045568 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpipreg.sys
2014-02-18 00:32 - 2012-01-13 15:12 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2014-02-18 00:31 - 2013-09-25 10:26 - 00154560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-02-18 00:31 - 2013-09-25 10:26 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2014-02-18 00:31 - 2013-09-25 10:23 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2014-02-18 00:31 - 2013-09-25 10:23 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2014-02-18 00:31 - 2013-09-25 10:23 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2014-02-18 00:31 - 2013-09-25 10:22 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-02-18 00:31 - 2013-09-25 10:21 - 01447936 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-02-18 00:31 - 2013-09-25 10:21 - 00307200 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-02-18 00:31 - 2013-09-25 09:58 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-02-18 00:31 - 2013-09-25 09:57 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-02-18 00:31 - 2013-09-25 09:57 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-02-18 00:31 - 2013-09-25 09:56 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2014-02-18 00:31 - 2013-09-25 09:03 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2014-02-18 00:31 - 2013-07-04 20:18 - 00458712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2014-02-18 00:31 - 2013-02-27 14:02 - 00111448 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2014-02-18 00:31 - 2013-02-27 13:47 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2014-02-18 00:31 - 2012-12-07 21:20 - 00441856 _____ (Microsoft Corporation) C:\windows\system32\Wpc.dll
2014-02-18 00:31 - 2012-12-07 21:15 - 02746368 _____ (Microsoft Corporation) C:\windows\system32\gameux.dll
2014-02-18 00:31 - 2012-12-07 20:26 - 00308736 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wpc.dll
2014-02-18 00:31 - 2012-12-07 20:20 - 02576384 _____ (Microsoft Corporation) C:\windows\SysWOW64\gameux.dll
2014-02-18 00:31 - 2012-12-07 19:20 - 00045568 _____ (Microsoft) C:\windows\system32\oflc-nz.rs
2014-02-18 00:31 - 2012-12-07 19:20 - 00044544 _____ (Microsoft) C:\windows\system32\pegibbfc.rs
2014-02-18 00:31 - 2012-12-07 19:20 - 00043520 _____ (Microsoft) C:\windows\system32\csrr.rs
2014-02-18 00:31 - 2012-12-07 19:20 - 00030720 _____ (Microsoft) C:\windows\system32\usk.rs
2014-02-18 00:31 - 2012-12-07 19:20 - 00023552 _____ (Microsoft) C:\windows\system32\oflc.rs
2014-02-18 00:31 - 2012-12-07 19:20 - 00020480 _____ (Microsoft) C:\windows\system32\pegi-pt.rs
2014-02-18 00:31 - 2012-12-07 19:20 - 00020480 _____ (Microsoft) C:\windows\system32\pegi-fi.rs
2014-02-18 00:31 - 2012-12-07 19:19 - 00055296 _____ (Microsoft) C:\windows\system32\cero.rs
2014-02-18 00:31 - 2012-12-07 19:19 - 00051712 _____ (Microsoft) C:\windows\system32\esrb.rs
2014-02-18 00:31 - 2012-12-07 19:19 - 00046592 _____ (Microsoft) C:\windows\system32\fpb.rs
2014-02-18 00:31 - 2012-12-07 19:19 - 00040960 _____ (Microsoft) C:\windows\system32\cob-au.rs
2014-02-18 00:31 - 2012-12-07 19:19 - 00021504 _____ (Microsoft) C:\windows\system32\grb.rs
2014-02-18 00:31 - 2012-12-07 19:19 - 00020480 _____ (Microsoft) C:\windows\system32\pegi.rs
2014-02-18 00:31 - 2012-12-07 19:19 - 00015360 _____ (Microsoft) C:\windows\system32\djctq.rs
2014-02-18 00:31 - 2012-12-07 18:46 - 00055296 _____ (Microsoft) C:\windows\SysWOW64\cero.rs
2014-02-18 00:31 - 2012-12-07 18:46 - 00051712 _____ (Microsoft) C:\windows\SysWOW64\esrb.rs
2014-02-18 00:31 - 2012-12-07 18:46 - 00046592 _____ (Microsoft) C:\windows\SysWOW64\fpb.rs
2014-02-18 00:31 - 2012-12-07 18:46 - 00045568 _____ (Microsoft) C:\windows\SysWOW64\oflc-nz.rs
2014-02-18 00:31 - 2012-12-07 18:46 - 00044544 _____ (Microsoft) C:\windows\SysWOW64\pegibbfc.rs
2014-02-18 00:31 - 2012-12-07 18:46 - 00043520 _____ (Microsoft) C:\windows\SysWOW64\csrr.rs
2014-02-18 00:31 - 2012-12-07 18:46 - 00040960 _____ (Microsoft) C:\windows\SysWOW64\cob-au.rs
2014-02-18 00:31 - 2012-12-07 18:46 - 00030720 _____ (Microsoft) C:\windows\SysWOW64\usk.rs
2014-02-18 00:31 - 2012-12-07 18:46 - 00023552 _____ (Microsoft) C:\windows\SysWOW64\oflc.rs
2014-02-18 00:31 - 2012-12-07 18:46 - 00021504 _____ (Microsoft) C:\windows\SysWOW64\grb.rs
2014-02-18 00:31 - 2012-12-07 18:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi-pt.rs
2014-02-18 00:31 - 2012-12-07 18:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi-fi.rs
2014-02-18 00:31 - 2012-12-07 18:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi.rs
2014-02-18 00:31 - 2012-12-07 18:46 - 00015360 _____ (Microsoft) C:\windows\SysWOW64\djctq.rs
2014-02-18 00:31 - 2012-11-30 13:45 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2014-02-18 00:31 - 2012-11-30 13:45 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2014-02-18 00:31 - 2012-11-30 13:43 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2014-02-18 00:30 - 2013-10-06 04:25 - 01474048 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2014-02-18 00:30 - 2013-10-06 03:57 - 01168384 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2014-02-18 00:30 - 2013-10-04 10:28 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\SmartcardCredentialProvider.dll
2014-02-18 00:30 - 2013-10-04 10:25 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\credui.dll
2014-02-18 00:30 - 2013-10-04 10:24 - 01930752 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-02-18 00:30 - 2013-10-04 09:58 - 00152576 _____ (Microsoft Corporation) C:\windows\SysWOW64\SmartcardCredentialProvider.dll
2014-02-18 00:30 - 2013-10-04 09:56 - 01796096 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-02-18 00:30 - 2013-10-04 09:56 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\credui.dll
2014-02-18 00:30 - 2013-07-09 13:52 - 00224256 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2014-02-18 00:30 - 2013-07-09 13:46 - 00184320 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2014-02-18 00:30 - 2013-07-09 13:46 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2014-02-18 00:30 - 2013-07-09 12:52 - 00175104 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2014-02-18 00:30 - 2013-07-09 12:46 - 00140288 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2014-02-18 00:30 - 2013-07-09 12:46 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2014-02-18 00:30 - 2013-06-06 13:50 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2014-02-18 00:30 - 2013-06-06 13:49 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2014-02-18 00:30 - 2013-06-06 13:49 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2014-02-18 00:30 - 2013-06-06 13:47 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2014-02-18 00:30 - 2013-06-06 12:57 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2014-02-18 00:30 - 2013-06-06 12:51 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2014-02-18 00:30 - 2013-06-06 12:50 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2014-02-18 00:30 - 2013-06-06 11:30 - 00368128 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2014-02-18 00:30 - 2013-06-06 11:01 - 00295424 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2014-02-18 00:30 - 2013-06-06 11:01 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2014-02-18 00:30 - 2013-02-15 14:08 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2014-02-18 00:30 - 2013-02-15 14:06 - 03717632 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-02-18 00:30 - 2013-02-15 14:02 - 00158720 _____ (Microsoft Corporation) C:\windows\system32\aaclient.dll
2014-02-18 00:30 - 2013-02-15 12:37 - 03217408 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-02-18 00:30 - 2013-02-15 12:34 - 00131584 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2014-02-18 00:30 - 2013-02-15 11:25 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2014-02-18 00:29 - 2013-11-12 10:23 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-02-18 00:29 - 2013-11-12 10:07 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2014-02-18 00:29 - 2013-10-30 10:32 - 00335360 _____ (Microsoft Corporation) C:\windows\system32\msieftp.dll
2014-02-18 00:29 - 2013-10-30 10:19 - 00301568 _____ (Microsoft Corporation) C:\windows\SysWOW64\msieftp.dll
2014-02-18 00:29 - 2013-10-03 10:23 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-02-18 00:29 - 2013-10-03 10:00 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-02-18 00:29 - 2013-07-04 20:50 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2014-02-18 00:29 - 2013-07-04 19:50 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2014-02-18 00:29 - 2012-10-10 02:17 - 00226816 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore6.dll
2014-02-18 00:29 - 2012-10-10 02:17 - 00055296 _____ (Microsoft Corporation) C:\windows\system32\dhcpcsvc6.dll
2014-02-18 00:29 - 2012-10-10 01:40 - 00193536 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcore6.dll
2014-02-18 00:29 - 2012-10-10 01:40 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcsvc6.dll
2014-02-18 00:29 - 2012-09-26 06:47 - 00078336 _____ (Microsoft Corporation) C:\windows\SysWOW64\synceng.dll
2014-02-18 00:29 - 2012-09-26 06:46 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\synceng.dll
2014-02-18 00:28 - 2014-01-01 07:05 - 00420008 _____ () C:\windows\SysWOW64\locale.nls
2014-02-18 00:28 - 2014-01-01 07:04 - 00420008 _____ () C:\windows\system32\locale.nls
2014-02-18 00:28 - 2013-10-19 10:18 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\imagehlp.dll
2014-02-18 00:28 - 2013-10-19 09:36 - 00159232 _____ (Microsoft Corporation) C:\windows\SysWOW64\imagehlp.dll
2014-02-18 00:28 - 2013-04-12 22:45 - 01656680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-02-18 00:28 - 2013-03-19 13:53 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2014-02-18 00:28 - 2013-03-19 13:53 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\wwanprotdim.dll
2014-02-18 00:27 - 2013-12-06 10:30 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-02-18 00:27 - 2013-12-06 10:30 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-02-18 00:27 - 2013-12-06 10:02 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-02-18 00:27 - 2013-12-06 10:02 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-02-18 00:27 - 2013-10-04 10:16 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys
2014-02-18 00:27 - 2013-10-04 09:36 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2014-02-18 00:27 - 2013-09-28 09:09 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2014-02-18 00:27 - 2013-08-05 10:25 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ataport.sys
2014-02-18 00:26 - 2013-11-27 09:41 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2014-02-18 00:26 - 2013-11-27 09:41 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2014-02-18 00:26 - 2013-11-27 09:41 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2014-02-18 00:26 - 2013-11-27 09:41 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2014-02-18 00:26 - 2013-11-27 09:41 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2014-02-18 00:26 - 2013-11-27 09:41 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2014-02-18 00:26 - 2013-11-27 09:41 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2014-02-18 00:26 - 2013-08-02 10:14 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2014-02-18 00:26 - 2013-08-02 10:13 - 01161216 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-02-18 00:26 - 2013-08-02 10:13 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-02-18 00:26 - 2013-08-02 10:12 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2014-02-18 00:26 - 2013-08-02 10:12 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2014-02-18 00:26 - 2013-08-02 10:12 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 10:12 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 10:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 10:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 10:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 10:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 10:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 10:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 10:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 10:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 10:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 10:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 10:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 10:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 10:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 09:50 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-02-18 00:26 - 2013-08-02 09:50 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-02-18 00:26 - 2013-08-02 09:48 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2014-02-18 00:26 - 2013-08-02 09:48 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 09:48 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 09:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 09:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 09:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 09:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 09:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 09:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 09:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 09:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 09:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 09:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 09:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 09:09 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2014-02-18 00:26 - 2013-08-02 08:59 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2014-02-18 00:26 - 2013-08-02 08:43 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 08:43 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 08:43 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-02-18 00:26 - 2013-08-02 08:43 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-02-18 00:26 - 2013-07-25 17:25 - 01888768 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2014-02-18 00:26 - 2013-07-25 16:57 - 01620992 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2014-02-18 00:26 - 2013-07-12 18:41 - 00185344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbvideo.sys
2014-02-18 00:26 - 2013-07-12 18:41 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbcir.sys
2014-02-18 00:26 - 2013-07-09 13:51 - 01217024 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2014-02-18 00:26 - 2013-07-09 12:52 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2014-02-18 00:26 - 2013-06-26 06:55 - 00785624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Wdf01000.sys
2014-02-18 00:26 - 2013-02-12 12:12 - 00019968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usb8023.sys
2014-02-18 00:26 - 2012-11-29 06:56 - 00054376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdfLdr.sys
2014-02-18 00:26 - 2012-11-29 06:56 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\Wdfres.dll
2014-02-18 00:26 - 2012-11-29 06:56 - 00000003 _____ () C:\windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-02-18 00:26 - 2012-11-01 13:43 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2014-02-18 00:26 - 2012-11-01 12:47 - 01389568 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2014-02-18 00:26 - 2012-08-23 02:12 - 00950128 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2014-02-18 00:26 - 2012-07-05 04:26 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\Drivers\RNDISMP.sys
2014-02-18 00:26 - 2012-04-26 13:41 - 00149504 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2014-02-18 00:26 - 2012-04-26 13:41 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\rdpwsx.dll
2014-02-18 00:26 - 2012-04-26 13:34 - 00009216 _____ (Microsoft Corporation) C:\windows\system32\rdrmemptylst.exe
2014-02-18 00:25 - 2013-09-08 10:27 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll
2014-02-18 00:25 - 2013-09-08 10:03 - 00231424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswsock.dll
2014-02-18 00:25 - 2013-07-04 20:57 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2014-02-18 00:25 - 2013-07-04 20:50 - 00102400 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2014-02-18 00:25 - 2013-07-04 19:57 - 00205824 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2014-02-18 00:25 - 2013-07-04 19:51 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2014-02-18 00:25 - 2013-07-04 18:11 - 00140800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2014-02-18 00:25 - 2013-07-03 12:05 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2014-02-18 00:25 - 2013-07-03 12:05 - 00032896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2014-02-18 00:25 - 2013-06-15 12:32 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2014-02-18 00:25 - 2013-06-04 14:00 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-02-18 00:25 - 2013-06-04 12:53 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-02-18 00:25 - 2012-11-22 13:44 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2014-02-18 00:25 - 2012-11-22 12:45 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2014-02-18 00:25 - 2012-11-02 13:59 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\dpnet.dll
2014-02-18 00:25 - 2012-11-02 13:11 - 00376832 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnet.dll
2014-02-18 00:25 - 2012-08-22 05:01 - 00245760 _____ (Microsoft Corporation) C:\windows\system32\OxpsConverter.exe
2014-02-18 00:25 - 2012-05-01 13:40 - 00209920 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2014-02-18 00:23 - 2012-04-28 11:55 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2014-02-18 00:22 - 2013-11-26 18:32 - 03156480 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-02-18 00:20 - 2013-08-29 10:17 - 05549504 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-02-18 00:20 - 2013-08-29 10:16 - 01732032 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2014-02-18 00:20 - 2013-08-29 10:16 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2014-02-18 00:20 - 2013-08-29 10:16 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2014-02-18 00:20 - 2013-08-29 10:13 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2014-02-18 00:20 - 2013-08-29 09:51 - 03969472 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2014-02-18 00:20 - 2013-08-29 09:51 - 03914176 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2014-02-18 00:20 - 2013-08-29 09:50 - 01292192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2014-02-18 00:20 - 2013-08-29 09:50 - 00619520 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2014-02-18 00:20 - 2013-08-29 09:50 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2014-02-18 00:20 - 2013-08-29 09:48 - 00640512 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2014-02-18 00:20 - 2013-08-29 08:49 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2014-02-18 00:20 - 2013-08-29 08:49 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2014-02-18 00:20 - 2013-08-29 08:49 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2014-02-18 00:20 - 2013-08-29 08:49 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2014-02-18 00:20 - 2012-08-11 08:56 - 00715776 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-02-18 00:20 - 2012-04-07 20:31 - 03216384 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-02-18 00:20 - 2012-04-07 19:26 - 02342400 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-02-18 00:20 - 2012-03-17 15:58 - 00075120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\partmgr.sys
2014-02-18 00:18 - 2012-08-11 07:56 - 00542208 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-02-18 00:17 - 2013-04-26 13:51 - 00751104 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2014-02-18 00:17 - 2012-07-07 04:07 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys
2014-02-18 00:16 - 2013-04-26 12:55 - 00492544 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32spl.dll
2014-02-18 00:15 - 2013-07-20 18:33 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-02-18 00:15 - 2013-07-20 18:33 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-02-18 00:15 - 2013-05-13 13:50 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\certenc.dll
2014-02-18 00:15 - 2013-05-13 11:43 - 01192448 _____ (Microsoft Corporation) C:\windows\system32\certutil.exe
2014-02-18 00:15 - 2013-05-13 11:08 - 00903168 _____ (Microsoft Corporation) C:\windows\SysWOW64\certutil.exe
2014-02-18 00:15 - 2013-05-13 11:08 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\certenc.dll
2014-02-18 00:15 - 2013-05-10 13:49 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\cryptdlg.dll
2014-02-18 00:15 - 2013-05-10 11:20 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptdlg.dll
2014-02-18 00:15 - 2013-01-24 14:01 - 00223752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fvevol.sys
2014-02-18 00:15 - 2013-01-03 14:00 - 00288088 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2014-02-18 00:15 - 2012-11-23 11:13 - 00068608 _____ (Microsoft Corporation) C:\windows\system32\taskhost.exe
2014-02-18 00:15 - 2012-07-05 06:16 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\netapi32.dll
2014-02-18 00:15 - 2012-07-05 06:13 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\browser.dll
2014-02-18 00:15 - 2012-07-05 06:13 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\browcli.dll
2014-02-18 00:15 - 2012-07-05 05:16 - 00057344 _____ (Microsoft Corporation) C:\windows\SysWOW64\netapi32.dll
2014-02-18 00:15 - 2012-07-05 05:14 - 00041984 _____ (Microsoft Corporation) C:\windows\SysWOW64\browcli.dll
2014-02-18 00:15 - 2012-05-05 16:36 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2014-02-18 00:15 - 2012-05-05 15:46 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2014-02-18 00:13 - 2013-08-01 20:09 - 00983488 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2014-02-18 00:13 - 2013-04-10 14:01 - 00265064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2014-02-18 00:13 - 2012-06-06 14:02 - 01133568 _____ (Microsoft Corporation) C:\windows\system32\cdosys.dll
2014-02-18 00:13 - 2012-06-06 13:03 - 00805376 _____ (Microsoft Corporation) C:\windows\SysWOW64\cdosys.dll
2014-02-18 00:13 - 2012-05-14 13:26 - 00956928 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2014-02-18 00:13 - 2011-02-03 19:25 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2014-02-18 00:12 - 2013-08-28 09:12 - 00461312 _____ (Microsoft Corporation) C:\windows\system32\scavengeui.dll
2014-02-17 23:50 - 2013-10-12 10:32 - 00150016 _____ (Microsoft Corporation) C:\windows\system32\wshom.ocx
2014-02-17 23:50 - 2013-10-12 10:31 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\scrrun.dll
2014-02-17 23:50 - 2013-10-12 10:04 - 00121856 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshom.ocx
2014-02-17 23:50 - 2013-10-12 10:03 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\scrrun.dll
2014-02-17 23:50 - 2013-10-12 09:33 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\wscript.exe
2014-02-17 23:50 - 2013-10-12 09:33 - 00156160 _____ (Microsoft Corporation) C:\windows\system32\cscript.exe
2014-02-17 23:50 - 2013-10-12 09:15 - 00141824 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscript.exe
2014-02-17 23:50 - 2013-10-12 09:15 - 00126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\cscript.exe
2014-02-17 23:49 - 2013-10-12 10:30 - 00830464 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2014-02-17 23:49 - 2013-10-12 10:29 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2014-02-17 23:49 - 2013-10-12 10:29 - 00324096 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2014-02-17 23:49 - 2013-10-12 10:01 - 00216576 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2014-02-17 23:48 - 2013-10-12 10:03 - 00656896 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2014-02-17 23:36 - 2012-06-03 06:19 - 02428952 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-02-17 23:36 - 2012-06-03 06:19 - 00701976 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-02-17 23:36 - 2012-06-03 06:19 - 00057880 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-02-17 23:36 - 2012-06-03 06:19 - 00044056 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2014-02-17 23:36 - 2012-06-03 06:19 - 00038424 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2014-02-17 23:36 - 2012-06-03 06:15 - 02622464 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-02-17 23:36 - 2012-06-03 06:15 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-02-17 23:36 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-02-17 23:36 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-02-17 23:24 - 2014-02-17 23:24 - 00000000 ____D () C:\ProgramData\Canon IJ Network Tool
2014-02-17 23:24 - 2013-02-04 15:10 - 00321536 _____ (CANON INC.) C:\windows\SysWOW64\CNC_BRL.dll
2014-02-17 23:24 - 2012-11-08 13:11 - 00096000 _____ () C:\windows\SysWOW64\CNC1772D.TBL
2014-02-17 23:24 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\windows\SysWOW64\CNHMCA.dll
2014-02-17 23:22 - 2014-02-17 23:22 - 00002021 _____ () C:\Users\Public\Desktop\Canon Quick Menu.lnk
2014-02-17 23:18 - 2014-02-17 23:18 - 00000000 ____D () C:\Program Files\Canon
2014-02-17 22:40 - 2014-02-17 22:40 - 00847856 _____ (Google Inc.) C:\Users\SIDM\Downloads\ChromeSetup (1).exe
2014-02-17 22:36 - 2014-02-17 22:36 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-02-17 22:36 - 2014-02-17 22:36 - 00000000 ____D () C:\Users\SIDM\AppData\Roaming\AVAST Software
2014-02-17 22:35 - 2014-03-02 22:03 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-02-17 22:35 - 2014-02-17 22:35 - 00847856 _____ (Google Inc.) C:\Users\SIDM\Downloads\ChromeSetup.exe
2014-02-17 22:35 - 2014-02-17 22:35 - 00080184 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2014-02-17 22:35 - 2014-02-17 22:35 - 00000000 ____D () C:\ProgramData\Google
2014-02-17 22:35 - 2014-02-17 22:34 - 01038072 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2014-02-17 22:35 - 2014-02-17 22:34 - 00421704 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2014-02-17 22:35 - 2014-02-17 22:34 - 00334136 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-02-17 22:35 - 2014-02-17 22:34 - 00207904 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-02-17 22:35 - 2014-02-17 22:34 - 00092544 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-02-17 22:35 - 2014-02-17 22:34 - 00078648 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-02-17 22:35 - 2014-02-17 22:34 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-02-17 22:34 - 2014-02-17 22:34 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-02-17 22:34 - 2014-02-17 22:34 - 00000000 ____D () C:\Program Files\AVAST Software
2014-02-17 22:33 - 2014-02-17 22:33 - 90578216 _____ (AVAST Software) C:\Users\SIDM\Downloads\avast_free_antivirus_setup.exe
2014-02-17 22:33 - 2014-02-17 22:33 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-02-17 22:28 - 2014-02-25 18:01 - 00000000 ____D () C:\Users\SIDM\AppData\Roaming\Canon
2014-02-17 22:28 - 2014-02-17 22:28 - 00000000 ___HD () C:\ProgramData\CanonIJQuickMenu
2014-02-17 22:19 - 2014-02-17 22:19 - 00000000 ____D () C:\windows\system32\STRING
2014-02-17 22:19 - 2013-01-24 15:24 - 00359936 _____ (CANON INC.) C:\windows\system32\CNMN6PPM.DLL
2014-02-17 22:19 - 2013-01-24 15:24 - 00039424 _____ (CANON INC.) C:\windows\system32\CNMN6UI.DLL
2014-02-17 22:19 - 2013-01-24 15:23 - 00366592 _____ (CANON INC.) C:\windows\SysWOW64\CNMNPPM.DLL
2014-02-17 22:18 - 2014-02-17 23:22 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2014-02-17 22:14 - 2014-02-17 23:17 - 00002358 _____ () C:\Users\Public\Desktop\Canon MG7100 series On-screen Manual.lnk
2014-02-17 22:13 - 2014-02-17 22:13 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-02-17 22:12 - 2014-02-17 22:13 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-02-17 22:12 - 2013-03-24 05:00 - 00391168 _____ (CANON INC.) C:\windows\system32\CNMLMBR.DLL
2014-02-17 22:09 - 2014-02-17 23:24 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-02-17 22:09 - 2014-02-17 22:09 - 00000000 ___HD () C:\ProgramData\CanonIJETV

==================== One Month Modified Files and Folders =======

2014-03-08 12:06 - 2014-03-08 12:06 - 00034706 _____ () C:\Users\SIDM\Desktop\FRST.txt
2014-03-08 12:06 - 2014-03-08 12:04 - 00000000 ____D () C:\FRST
2014-03-08 12:05 - 2009-07-14 12:45 - 00021280 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-08 12:05 - 2009-07-14 12:45 - 00021280 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-08 12:04 - 2014-03-08 12:03 - 02156544 _____ (Farbar) C:\Users\SIDM\Desktop\FRST64.exe
2014-03-08 12:01 - 2014-02-19 19:06 - 01411744 _____ () C:\windows\WindowsUpdate.log
2014-03-08 12:01 - 2012-04-04 18:36 - 00109387 _____ () C:\FaceProv.log
2014-03-08 11:58 - 2012-02-15 05:47 - 00158945 _____ () C:\windows\system32\fastboot.set
2014-03-08 11:58 - 2012-02-15 05:39 - 00000000 ____D () C:\ProgramData\VeriFace
2014-03-08 11:57 - 2014-03-06 16:58 - 00000336 _____ () C:\windows\setupact.log
2014-03-08 11:57 - 2012-02-15 05:46 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-08 11:57 - 2009-07-14 13:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-03-08 00:41 - 2012-02-15 05:46 - 00000912 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-08 00:38 - 2012-04-09 20:00 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-03-07 23:42 - 2014-03-07 23:42 - 00000334 _____ () C:\windows\PFRO.log
2014-03-07 23:41 - 2014-03-07 23:39 - 00000000 ____D () C:\AdwCleaner
2014-03-07 23:41 - 2012-04-04 18:37 - 00000000 ___RD () C:\Users\SIDM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-07 23:39 - 2014-03-07 23:39 - 00001969 _____ () C:\Users\SIDM\Desktop\Sync Folder.lnk
2014-03-07 23:39 - 2014-03-07 23:39 - 00000000 ____D () C:\Users\SIDM\AppData\Local\SearchProtect
2014-03-07 23:39 - 2014-03-07 23:39 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-03-07 23:33 - 2014-03-07 23:33 - 00930952 _____ (CNET Download.com) C:\Users\SIDM\Downloads\cbsidlm-cbsi183-AdwCleaner-ORG-75851221.exe
2014-03-06 16:58 - 2014-03-06 16:58 - 00000000 _____ () C:\windows\setuperr.log
2014-03-06 14:23 - 2011-02-22 19:19 - 00000000 ____D () C:\windows\Panther
2014-03-06 14:21 - 2014-03-06 14:21 - 00000040 _____ () C:\Users\SIDM\AppData\Roaming\mbam.context.scan
2014-03-06 13:57 - 2014-03-06 13:57 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-06 13:57 - 2014-03-06 13:57 - 00000000 ____D () C:\Users\SIDM\AppData\Roaming\Malwarebytes
2014-03-06 13:57 - 2014-03-06 13:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-06 13:57 - 2014-03-06 13:57 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-06 13:56 - 2014-03-06 13:56 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\SIDM\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-06 13:50 - 2014-03-06 13:44 - 00001077 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-03-06 13:44 - 2014-03-06 13:44 - 00000000 ____D () C:\Users\SIDM\AppData\Local\VS Revo Group
2014-03-06 13:44 - 2014-03-06 13:44 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-03-06 13:44 - 2014-03-06 13:44 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-03-06 13:42 - 2014-03-06 13:42 - 10619688 _____ (VS Revo Group ) C:\Users\SIDM\Downloads\RevoUninProSetup.exe
2014-03-04 20:43 - 2012-02-15 05:46 - 00002183 _____ () C:\Users\Public\Desktop\Internet Browser.lnk
2014-03-04 20:26 - 2014-03-04 20:22 - 00054272 _____ () C:\Users\SIDM\Downloads\Information required.xls
2014-03-02 22:03 - 2014-02-17 22:35 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-03-02 12:13 - 2009-07-14 13:13 - 00782470 _____ () C:\windows\system32\PerfStringBackup.INI
2014-03-02 01:14 - 2014-03-01 23:03 - 00000001 _____ () C:\Users\SIDM\random.dat
2014-03-01 23:03 - 2014-03-01 23:03 - 00000043 _____ () C:\Users\SIDM\jagex_cl_runescape_LIVE.dat
2014-03-01 23:03 - 2014-03-01 23:03 - 00000000 ____D () C:\Users\SIDM\jagexcache
2014-03-01 23:03 - 2012-04-04 18:36 - 00000000 ____D () C:\Users\SIDM
2014-03-01 22:53 - 2014-03-01 22:53 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-03-01 22:53 - 2014-03-01 22:53 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-03-01 22:53 - 2014-03-01 22:53 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-03-01 22:53 - 2014-03-01 22:53 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-01 22:53 - 2014-03-01 22:53 - 00000000 ____D () C:\ProgramData\Sun
2014-03-01 22:53 - 2014-03-01 22:53 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-01 22:53 - 2014-03-01 22:53 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-01 22:52 - 2014-03-01 22:52 - 00921000 _____ (Oracle Corporation) C:\Users\SIDM\Downloads\chromeinstall-7u51.exe
2014-03-01 22:50 - 2012-04-09 16:30 - 00001945 _____ () C:\windows\epplauncher.mif
2014-03-01 22:50 - 2012-04-09 16:29 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-03-01 22:49 - 2014-03-01 22:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-03-01 22:30 - 2012-04-09 20:10 - 00000000 ____D () C:\Users\SIDM\AppData\Local\Adobe
2014-03-01 22:30 - 2012-04-09 20:00 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-03-01 22:30 - 2012-04-09 20:00 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-01 22:30 - 2012-04-09 20:00 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-03-01 15:54 - 2012-02-15 05:22 - 00778456 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-02-25 18:01 - 2014-02-17 22:28 - 00000000 ____D () C:\Users\SIDM\AppData\Roaming\Canon
2014-02-24 01:18 - 2012-04-09 13:26 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-24 01:18 - 2009-07-14 10:34 - 00000478 _____ () C:\windows\win.ini
2014-02-23 12:59 - 2009-07-14 11:20 - 00000000 ____D () C:\windows\rescache
2014-02-23 12:58 - 2011-09-29 11:37 - 00000000 ____D () C:\Program Files\Windows Journal
2014-02-23 12:58 - 2009-07-14 13:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-02-23 12:58 - 2009-07-14 13:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-02-23 12:58 - 2009-07-14 11:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-02-23 12:57 - 2010-11-21 15:06 - 00000000 ____D () C:\windows\SysWOW64\winrm
2014-02-23 12:57 - 2010-11-21 15:06 - 00000000 ____D () C:\windows\SysWOW64\WCN
2014-02-23 12:57 - 2010-11-21 15:06 - 00000000 ____D () C:\windows\SysWOW64\slmgr
2014-02-23 12:57 - 2010-11-21 15:06 - 00000000 ____D () C:\windows\SysWOW64\Printing_Admin_Scripts
2014-02-23 12:57 - 2010-11-21 15:06 - 00000000 ____D () C:\windows\system32\winrm
2014-02-23 12:57 - 2010-11-21 15:06 - 00000000 ____D () C:\windows\system32\slmgr
2014-02-23 12:57 - 2009-07-14 13:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-02-23 12:57 - 2009-07-14 13:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-02-23 12:57 - 2009-07-14 13:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-02-23 12:57 - 2009-07-14 13:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-02-23 12:57 - 2009-07-14 11:20 - 00000000 ____D () C:\windows\SysWOW64\zh-HK
2014-02-23 12:57 - 2009-07-14 11:20 - 00000000 ____D () C:\windows\SysWOW64\MUI
2014-02-23 12:57 - 2009-07-14 11:20 - 00000000 ____D () C:\windows\SysWOW64\migwiz
2014-02-23 12:57 - 2009-07-14 11:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2014-02-23 12:57 - 2009-07-14 11:20 - 00000000 ____D () C:\windows\SysWOW64\com
2014-02-23 12:57 - 2009-07-14 11:20 - 00000000 ____D () C:\windows\system32\sysprep
2014-02-23 12:57 - 2009-07-14 11:20 - 00000000 ____D () C:\windows\system32\oobe
2014-02-23 12:57 - 2009-07-14 11:20 - 00000000 ____D () C:\windows\system32\migwiz
2014-02-23 12:57 - 2009-07-14 11:20 - 00000000 ____D () C:\windows\servicing
2014-02-23 12:57 - 2009-07-14 11:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-02-23 12:57 - 2009-07-14 11:20 - 00000000 ____D () C:\windows\IME
2014-02-23 12:56 - 2010-11-21 15:06 - 00000000 ____D () C:\windows\system32\WCN
2014-02-23 12:56 - 2010-11-21 15:06 - 00000000 ____D () C:\windows\system32\Printing_Admin_Scripts
2014-02-23 12:56 - 2009-07-14 11:20 - 00000000 ____D () C:\windows\system32\zh-HK
2014-02-23 12:56 - 2009-07-14 11:20 - 00000000 ____D () C:\windows\system32\MUI
2014-02-23 12:56 - 2009-07-14 11:20 - 00000000 ____D () C:\windows\system32\Dism
2014-02-23 12:56 - 2009-07-14 11:20 - 00000000 ____D () C:\windows\system32\com
2014-02-21 14:43 - 2014-02-21 14:43 - 00000000 ____D () C:\Users\SIDM\AppData\Local\{458E8314-DCE8-4DB9-86F5-699F1E8622CF}
2014-02-21 14:42 - 2014-02-21 14:42 - 00000000 ____D () C:\Users\SIDM\AppData\Local\{E093DC70-FCCD-4EB5-9094-1ED84EFD4CC8}
2014-02-21 14:40 - 2014-02-21 14:40 - 01727308 _____ () C:\Users\SIDM\Downloads\Dropbox.zip
2014-02-21 11:54 - 2012-04-04 18:37 - 00001413 _____ () C:\Users\SIDM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-21 11:52 - 2009-07-14 12:45 - 00428512 _____ () C:\windows\system32\FNTCACHE.DAT
2014-02-21 11:48 - 2009-07-14 11:20 - 00000000 ____D () C:\windows\SysWOW64\tr-TR
2014-02-21 11:48 - 2009-07-14 11:20 - 00000000 ____D () C:\windows\system32\tr-TR
2014-02-20 23:36 - 2014-02-20 23:35 - 00000000 ____D () C:\windows\system32\MRT
2014-02-20 23:23 - 2014-02-20 23:23 - 01228800 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-02-20 23:23 - 2014-02-20 23:23 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2014-02-20 23:23 - 2014-02-20 23:23 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2014-02-20 23:23 - 2014-02-20 23:23 - 00610304 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00413696 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2014-02-20 23:23 - 2014-02-20 23:23 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2014-02-20 23:23 - 2014-02-20 23:23 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00263376 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00244736 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00238288 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2014-02-20 23:23 - 2014-02-20 23:23 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2014-02-20 23:23 - 2014-02-20 23:23 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2014-02-20 23:23 - 2014-02-20 23:23 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2014-02-20 23:23 - 2014-02-20 23:23 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2014-02-20 23:23 - 2014-02-20 23:23 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2014-02-20 23:23 - 2014-02-20 23:23 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00083456 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2014-02-20 23:23 - 2014-02-20 23:23 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2014-02-20 23:23 - 2014-02-20 23:23 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2014-02-20 23:23 - 2014-02-20 23:23 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2014-02-20 23:23 - 2014-02-20 23:23 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2014-02-20 23:23 - 2014-02-20 23:23 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2014-02-20 23:23 - 2014-02-20 23:23 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2014-02-20 23:23 - 2014-02-20 23:23 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2014-02-20 23:23 - 2014-02-20 23:23 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2014-02-20 23:03 - 2014-02-20 23:03 - 02776576 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 02284544 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 01682432 _____ (Microsoft Corporation) C:\windows\system32\XpsPrint.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 01643520 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 01247744 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 01238528 _____ (Microsoft Corporation) C:\windows\system32\d3d10.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 01175552 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 01158144 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsPrint.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 01080832 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00648192 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00604160 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10level9.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00522752 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00363008 _____ (Microsoft Corporation) C:\windows\system32\dxgi.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00333312 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1core.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\d3d10core.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00293376 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxgi.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00249856 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10_1core.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00245248 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecsExt.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\UIAnimation.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10core.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00207872 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecsExt.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00194560 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00187392 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIAnimation.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00161792 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10_1.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00010752 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00010752 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00009728 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00009728 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00005632 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00005632 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00005632 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00005632 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00002560 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-02-20 23:03 - 2014-02-20 23:03 - 00002560 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-02-20 22:56 - 2014-02-20 22:56 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-02-20 22:56 - 2014-02-20 22:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-02-19 23:23 - 2014-02-19 23:23 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
2014-02-19 23:23 - 2014-02-19 23:23 - 01505280 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
2014-02-19 19:04 - 2012-02-15 05:33 - 00000000 ____D () C:\ProgramData\McAfee
2014-02-19 19:04 - 2012-02-15 05:33 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-02-19 18:58 - 2014-02-19 18:57 - 00000000 ___HD () C:\ProgramData\CanonIJMIG
2014-02-19 18:57 - 2014-02-19 18:56 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2014-02-19 18:48 - 2014-02-19 18:48 - 00062982 _____ () C:\Users\SIDM\Documents\cc_20140219_184824.reg
2014-02-19 18:47 - 2014-02-19 18:47 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-19 18:47 - 2014-02-19 18:47 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-19 18:46 - 2014-02-19 18:46 - 04721920 _____ (Piriform Ltd) C:\Users\SIDM\Downloads\ccsetup410.exe
2014-02-19 16:52 - 2012-04-04 18:37 - 00112104 _____ () C:\Users\SIDM\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-19 16:52 - 2012-04-04 18:37 - 00000000 ___RD () C:\Users\SIDM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-17 23:24 - 2014-02-17 23:24 - 00000000 ____D () C:\ProgramData\Canon IJ Network Tool
2014-02-17 23:24 - 2014-02-17 22:09 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-02-17 23:24 - 2009-07-14 11:20 - 00000000 __RSD () C:\windows\Media
2014-02-17 23:22 - 2014-02-17 23:22 - 00002021 _____ () C:\Users\Public\Desktop\Canon Quick Menu.lnk
2014-02-17 23:22 - 2014-02-17 22:18 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2014-02-17 23:18 - 2014-02-17 23:18 - 00000000 ____D () C:\Program Files\Canon
2014-02-17 23:17 - 2014-02-17 22:14 - 00002358 _____ () C:\Users\Public\Desktop\Canon MG7100 series On-screen Manual.lnk
2014-02-17 22:40 - 2014-02-17 22:40 - 00847856 _____ (Google Inc.) C:\Users\SIDM\Downloads\ChromeSetup (1).exe
2014-02-17 22:36 - 2014-02-17 22:36 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-02-17 22:36 - 2014-02-17 22:36 - 00000000 ____D () C:\Users\SIDM\AppData\Roaming\AVAST Software
2014-02-17 22:36 - 2012-02-15 05:46 - 00003908 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-17 22:36 - 2012-02-15 05:46 - 00003656 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-17 22:35 - 2014-02-17 22:35 - 00847856 _____ (Google Inc.) C:\Users\SIDM\Downloads\ChromeSetup.exe
2014-02-17 22:35 - 2014-02-17 22:35 - 00080184 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2014-02-17 22:35 - 2014-02-17 22:35 - 00000000 ____D () C:\ProgramData\Google
2014-02-17 22:35 - 2012-04-09 19:57 - 00000000 ____D () C:\Users\SIDM\AppData\Local\Google
2014-02-17 22:35 - 2012-02-15 05:46 - 00000000 ____D () C:\Program Files\Google
2014-02-17 22:35 - 2012-02-15 05:46 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-17 22:34 - 2014-02-17 22:35 - 01038072 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2014-02-17 22:34 - 2014-02-17 22:35 - 00421704 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2014-02-17 22:34 - 2014-02-17 22:35 - 00334136 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-02-17 22:34 - 2014-02-17 22:35 - 00207904 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-02-17 22:34 - 2014-02-17 22:35 - 00092544 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-02-17 22:34 - 2014-02-17 22:35 - 00078648 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-02-17 22:34 - 2014-02-17 22:35 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-02-17 22:34 - 2014-02-17 22:34 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-02-17 22:34 - 2014-02-17 22:34 - 00000000 ____D () C:\Program Files\AVAST Software
2014-02-17 22:33 - 2014-02-17 22:33 - 90578216 _____ (AVAST Software) C:\Users\SIDM\Downloads\avast_free_antivirus_setup.exe
2014-02-17 22:33 - 2014-02-17 22:33 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-02-17 22:28 - 2014-02-17 22:28 - 00000000 ___HD () C:\ProgramData\CanonIJQuickMenu
2014-02-17 22:22 - 2009-07-14 11:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-17 22:19 - 2014-02-17 22:19 - 00000000 ____D () C:\windows\system32\STRING
2014-02-17 22:13 - 2014-02-17 22:13 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-02-17 22:13 - 2014-02-17 22:12 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-02-17 22:09 - 2014-02-17 22:09 - 00000000 ___HD () C:\ProgramData\CanonIJETV
2014-02-06 20:16 - 2014-02-22 12:40 - 23170048 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-06 19:30 - 2014-02-22 12:40 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-06 19:30 - 2014-02-22 12:40 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-02-06 19:12 - 2014-02-22 12:40 - 02765824 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-02-06 19:07 - 2014-02-22 12:40 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-02-06 19:06 - 2014-02-22 12:40 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-02-06 18:57 - 2014-02-22 12:40 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-02-06 18:56 - 2014-02-22 12:40 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-02-06 18:52 - 2014-02-22 12:40 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-02-06 18:49 - 2014-02-22 12:40 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-02-06 18:48 - 2014-02-22 12:40 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-02-06 18:48 - 2014-02-22 12:40 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-02-06 18:38 - 2014-02-22 12:40 - 17103872 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-02-06 18:32 - 2014-02-22 12:40 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-06 18:20 - 2014-02-22 12:40 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-02-06 18:17 - 2014-02-22 12:40 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-02-06 18:11 - 2014-02-22 12:40 - 05768704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-06 18:01 - 2014-02-22 12:40 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-02-06 18:00 - 2014-02-22 12:40 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-02-06 17:57 - 2014-02-22 12:40 - 02168320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-02-06 17:57 - 2014-02-22 12:40 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-06 17:52 - 2014-02-22 12:40 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-02-06 17:52 - 2014-02-22 12:40 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-02-06 17:50 - 2014-02-22 12:40 - 02041856 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-02-06 17:49 - 2014-02-22 12:40 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-02-06 17:47 - 2014-02-22 12:40 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-02-06 17:46 - 2014-02-22 12:40 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-02-06 17:25 - 2014-02-22 12:40 - 04244480 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-02-06 17:25 - 2014-02-22 12:40 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-02-06 17:24 - 2014-02-22 12:40 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-06 17:22 - 2014-02-22 12:40 - 13051392 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-06 17:13 - 2014-02-22 12:40 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-02-06 17:09 - 2014-02-22 12:40 - 01964032 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-02-06 17:03 - 2014-02-22 12:40 - 11266048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-02-06 16:55 - 2014-02-22 12:40 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-06 16:41 - 2014-02-22 12:40 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-02-06 16:40 - 2014-02-22 12:40 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-02-06 16:36 - 2014-02-22 12:40 - 01156096 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-02-06 16:34 - 2014-02-22 12:40 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll

Files to move or delete:
====================
C:\Users\SIDM\jagex_cl_runescape_LIVE.dat
C:\Users\SIDM\random.dat

Some content of TEMP:
====================
C:\Users\SIDM\AppData\Local\Temp\30527uninstall.exe
C:\Users\SIDM\AppData\Local\Temp\BackupSetup.exe
C:\Users\SIDM\AppData\Local\Temp\ICReinstall_AS_MAPLE_downloader.exe
C:\Users\SIDM\AppData\Local\Temp\nsn473E.exe
C:\Users\SIDM\AppData\Local\Temp\nsn6E90.exe
C:\Users\SIDM\AppData\Local\Temp\nsx429B.exe
C:\Users\SIDM\AppData\Local\Temp\nsx6A3B.exe
C:\Users\SIDM\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== BCD ================================

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume1
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {current}
resumeobject            {eec0dc5a-5706-11e1-aaa7-dc0ea17fb4ef}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \windows\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {eec0dc5c-5706-11e1-aaa7-dc0ea17fb4ef}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \windows
resumeobject            {eec0dc5a-5706-11e1-aaa7-dc0ea17fb4ef}
nx                      OptIn

Windows Boot Loader
-------------------
identifier              {eec0dc5c-5706-11e1-aaa7-dc0ea17fb4ef}

Resume from Hibernate
---------------------
identifier              {eec0dc5a-5706-11e1-aaa7-dc0ea17fb4ef}
device                  partition=C:
path                    \windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  unknown
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 Yes

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {eec0dc5d-5706-11e1-aaa7-dc0ea17fb4ef}
description             Ramdisk Options
ramdisksdidevice        unknown
ramdisksdipath          \Recovery\eec0dc5c-5706-11e1-aaa7-dc0ea17fb4ef\boot.sdi

 

LastRegBack: 2014-02-28 15:53

==================== End Of Log ============================

 

Addition:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-03-2014 01
Ran by SIDM at 2014-03-08 12:06:52
Running from C:\Users\SIDM\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.4.634 - Adobe Systems, Inc.)
AMD APP SDK Runtime (Version: 2.5.775.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{5696EABF-6BB7-DA78-DEBB-C6AF64858FE1}) (Version: 3.0.847.0 - Advanced Micro Devices, Inc.)
AMD Media Foundation Decoders (Version: 1.0.61020.0404 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Uninstaller (HKLM\...\ATI Uninstaller) (Version: 8.901.1-111020a-127344C-Lenovo - Advanced Micro Devices, Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2013 - Avast Software)
Broadcom Gigabit NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.3.3 - Broadcom Corporation)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.2300 - Broadcom Corporation)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon MG7100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG7100_series) (Version: 1.00 - Canon Inc.)
Canon MG7100 series On-screen Manual (HKLM-x32\...\Canon MG7100 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
Catalyst Control Center (x32 Version: 2011.1020.414.5678 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.1020.414.5678 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.1020.414.5678 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.1020.414.5678 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2011.1020.414.5678 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2011.1020.0413.5678 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.1020.0413.5678 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2011.1020.0413.5678 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2011.1020.0413.5678 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2011.1020.0413.5678 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2011.1020.0413.5678 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2011.1020.0413.5678 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2011.1020.0413.5678 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2011.1020.0413.5678 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2011.1020.0413.5678 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2011.1020.0413.5678 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2011.1020.0413.5678 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2011.1020.0413.5678 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2011.1020.0413.5678 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2011.1020.0413.5678 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2011.1020.0413.5678 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2011.1020.0413.5678 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2011.1020.0413.5678 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2011.1020.0413.5678 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2011.1020.0413.5678 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2011.1020.0413.5678 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2011.1020.0413.5678 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2011.1020.414.5678 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{81FB7C60-565A-4869-9D90-3BE1D270E8B7}) (Version:  - Microsoft)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo)
Energy Management (x32 Version: 6.0.2.0 - Lenovo) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Intel PROSet Wireless (Version:  - ) Hidden
Intel PROSet Wireless (x32 Version:  - ) Hidden
Intel® Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3086 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Intel® WiDi (HKLM-x32\...\{7257132D-7F65-41E6-A90F-43BF6099461A}) (Version: 2.1.42.0 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.55.0 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}) (Version: 6.4.0.2300 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.1.7600.0098 - Realtek Semiconductor Corp.)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.7 - Lenovo)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo R.I.C. (Robust Intelligent Companion) (HKLM\...\Lenovo R.I.C. (Robust Intelligent Companion)) (Version: 1.0.10.1220 - Lenovo)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3728 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 3.1.3728 - CyberLink Corp.) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Onekey Theater (HKLM-x32\...\InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.8 - Lenovo)
Onekey Theater (x32 Version: 2.0.2.8 - Lenovo) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7303 - CyberLink Corp.)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6339 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.30.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.11.11.7 - Conduit) <==== ATTENTION
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SRS Control Panel (HKLM\...\{F3C66EC8-2F33-452D-9CFF-E8C886B3ECC4}) (Version: 1.11.0200 - SRS Labs, Inc.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.31.1 - Synaptics Incorporated)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{E21274CE-CA0C-49FA-93F4-DC292A052264}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{B5C70C99-B109-42FD-B219-FF12CA543F19}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DA2F7ECE-6629-4A80-9CDE-EC95261B75E2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
UserGuide (x32 Version: 1.0.0.6 - Lenovo) Hidden
VeriFace (HKLM-x32\...\VeriFace) (Version: 4.0.1.0126 - Lenovo)
Windows Driver Package - Lenovo (ACPIVPC) System  (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 照片库 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 软件包 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文) (HKLM-x32\...\{F992409C-9D10-4AE2-BAEB-B5409AD3785E}) (Version: 15.4.5722.2 - Microsoft Corporation)
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Restore Points  =========================

==================== Hosts content: ==========================

2009-07-14 10:34 - 2009-06-11 05:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {46211B0E-7CD8-4B4A-A690-595E31A11D94} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-17] (AVAST Software)
Task: {586B89AA-707B-4EFA-A6F1-787FB7F51EFE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-15] (Google Inc.)
Task: {5ABDB0D7-1714-47A8-864C-65E7602EB51E} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29] (CyberLink)
Task: {5D17BB48-6727-4ED4-BCD1-A067976021DE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C3F2DE12-0D90-4276-9C19-9FC0C40105C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-15] (Google Inc.)
Task: {CCD58A03-9C5C-413B-92A3-7E0DB20439C8} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-01] (Adobe Systems Incorporated)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-05-02 21:41 - 2011-05-02 21:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-02-17 01:56 - 2011-02-17 01:56 - 00202144 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect64.dll
2011-02-17 02:01 - 2011-02-17 02:01 - 00156576 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2012-02-15 05:39 - 2012-02-15 05:39 - 01508192 _____ () C:\windows\system32\IcnOvrly.dll
2012-02-15 04:57 - 2011-09-26 00:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-05-02 21:41 - 2011-05-02 21:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2008-12-20 11:20 - 2012-02-15 05:49 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2008-12-20 11:20 - 2012-02-15 05:49 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2012-02-15 05:39 - 2012-02-15 05:39 - 00100256 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
2011-10-20 12:12 - 2011-10-20 12:12 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-03-07 20:35 - 2014-03-07 17:38 - 02186752 _____ () C:\Program Files\AVAST Software\Avast\defs\14030700\algo.dll
2014-03-08 11:58 - 2014-03-08 02:45 - 02186752 _____ () C:\Program Files\AVAST Software\Avast\defs\14030701\algo.dll
2011-02-17 01:51 - 2011-02-17 01:51 - 00161696 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll
2011-02-17 01:53 - 2011-02-17 01:53 - 00133024 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll
2012-02-15 05:39 - 2012-02-15 05:39 - 00013664 _____ () C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll
2014-02-17 22:34 - 2014-02-17 22:34 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-21 12:01 - 2014-02-21 12:01 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3e27ac2000641918e7215d97c63e957d\IsdiInterop.ni.dll
2012-02-15 04:51 - 2011-01-13 01:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (03/08/2014 11:58:12 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/07/2014 11:43:29 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/07/2014 04:02:24 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Description = Scheduled Checkpoint; Error = 0x80070422).

Error: (03/07/2014 00:58:45 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\windows\system32\svchost.exe -k netsvcs; Description = Windows Update; Error = 0x80070422).

Error: (03/07/2014 00:30:53 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/06/2014 10:37:35 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/06/2014 05:01:23 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe" ; Description = Revo Uninstaller Pro's restore point - Continue MAPLE Installation; Error = 0x80070422).

Error: (03/06/2014 04:59:05 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/06/2014 04:59:05 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/06/2014 04:59:05 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

System errors:
=============
Error: (03/06/2014 04:59:34 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1053

Error: (03/06/2014 04:59:34 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

Error: (03/06/2014 04:59:34 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1053

Error: (03/06/2014 04:59:34 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

Error: (03/06/2014 04:59:34 PM) (Source: DCOM) (User: )
Description: 1053WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (03/06/2014 04:59:05 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (03/06/2014 04:59:05 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (03/06/2014 02:32:00 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1053

Error: (03/06/2014 02:32:00 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

Error: (03/06/2014 02:32:00 PM) (Source: DCOM) (User: )
Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Microsoft Office Sessions:
=========================
Error: (03/08/2014 11:58:12 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/07/2014 11:43:29 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/07/2014 04:02:24 PM) (Source: System Restore)(User: )
Description: C:\windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationScheduled Checkpoint0x80070422

Error: (03/07/2014 00:58:45 PM) (Source: System Restore)(User: )
Description: C:\windows\system32\svchost.exe -k netsvcsWindows Update0x80070422

Error: (03/07/2014 00:30:53 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/06/2014 10:37:35 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/06/2014 05:01:23 PM) (Source: System Restore)(User: )
Description: C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe" Revo Uninstaller Pro's restore point - Continue MAPLE Installation0x80070422

Error: (03/06/2014 04:59:05 PM) (Source: Windows Search Service)(User: )
Description:
Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/06/2014 04:59:05 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/06/2014 04:59:05 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

==================== Memory info ===========================

Percentage of memory in use: 34%
Total physical RAM: 8135.86 MB
Available physical RAM: 5367.82 MB
Total Pagefile: 16269.9 MB
Available Pagefile: 12910.99 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:279.99 GB) (Free:235.23 GB) NTFS
Drive d: () (Fixed) (Total:388.45 GB) (Free:295.92 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 761737DD)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=280 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=388 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=30 GB) - (Type=12)

==================== End Of Log ============================

 

Am I suppose to click the fix button on Farbar Recovery Scan Tool also?

I am able to use Google chrome now. I realised that my homepage is changed to Trovi after attempting to delete conduit yesterday. How do I remove it? Neither changing of the homepage nor deleting as my search engine works. 

 

Also, while attempting to remove Trovi, I thought of using AdwCleaner again. But AdwCleaner found MyPCBackUp still inside my computer after cleaning yesterday. 


Edited by Miuna, 08 March 2014 - 03:28 AM.


#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,225 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:45 AM

Posted 08 March 2014 - 09:42 AM

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1355040 2014-03-03] (Conduit)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1050912 2014-03-03] (Conduit)
SearchScopes: HKCU - URL http://search.conduit.com/Results.aspx?ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP535AE7B8-F5B0-4A9D-B0A4-3B9D6E2D222B&q={searchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2454816 2014-03-03] (Conduit)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.11.11.7 - Conduit) <==== ATTENTION
C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
C:\Users\SIDM\AppData\Local\Temp\30527uninstall.exe
C:\Users\SIDM\AppData\Local\Temp\BackupSetup.exe
C:\Users\SIDM\AppData\Local\Temp\nsn473E.exe
C:\Users\SIDM\AppData\Local\Temp\nsn6E90.exe
C:\Users\SIDM\AppData\Local\Temp\nsx429B.exe
C:\Users\SIDM\AppData\Local\Temp\nsx6A3B.exe

end

Save the files as fixlist.txt in to the same folder as FRST
Run FRST and click Fix only once and wait
The tool will create a log (Fixlog.txt) please post it to your reply.

===

If chrome still open some conduit or Trovi reset the Chrome Settings.
Under the On Startup > click Set Pages Remove the links you do not wish to start.

Restart the computer normally.

Let me know what problem persists.

#7 Miuna

Miuna
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:45 PM

Posted 08 March 2014 - 10:46 AM

Fixlog

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-03-2014 01
Ran by SIDM at 2014-03-08 23:08:41 Run:1
Running from C:\Users\SIDM\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1355040 2014-03-03] (Conduit)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1050912 2014-03-03] (Conduit)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2454816 2014-03-03] (Conduit)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.11.11.7 - Conduit) <==== ATTENTION
C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
C:\Users\SIDM\AppData\Local\Temp\30527uninstall.exe
C:\Users\SIDM\AppData\Local\Temp\BackupSetup.exe
C:\Users\SIDM\AppData\Local\Temp\nsn473E.exe
C:\Users\SIDM\AppData\Local\Temp\nsn6E90.exe
C:\Users\SIDM\AppData\Local\Temp\nsx429B.exe
C:\Users\SIDM\AppData\Local\Temp\nsx6A3B.exe
 
end
*****************
 
"C:\\PROGRA~2\\SearchProtect\\SearchProtect\\bin\\SPVC64Loader.dll" => Value Data removed successfully.
"C:\\PROGRA~2\\SearchProtect\\SearchProtect\\bin\\SPVC32Loader.dll" => Value Data removed successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\URL => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\SuggestionsURL_JSON => Value deleted successfully.
CltMngSvc => Service not found.
"C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe" => File/Directory not found.
"C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe" => File/Directory not found.
"C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe" => File/Directory not found.
C:\Users\SIDM\AppData\Local\Temp\30527uninstall.exe => Moved successfully.
C:\Users\SIDM\AppData\Local\Temp\BackupSetup.exe => Moved successfully.
C:\Users\SIDM\AppData\Local\Temp\nsn473E.exe => Moved successfully.
C:\Users\SIDM\AppData\Local\Temp\nsn6E90.exe => Moved successfully.
C:\Users\SIDM\AppData\Local\Temp\nsx429B.exe => Moved successfully.
C:\Users\SIDM\AppData\Local\Temp\nsx6A3B.exe => Moved successfully.
 
==== End of Fixlog ====


#8 nasdaq

nasdaq

  • Malware Response Team
  • 39,225 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:45 AM

Posted 08 March 2014 - 01:41 PM

Let me know of any remaining issues.

One more check.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.
===

#9 Miuna

Miuna
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:45 PM

Posted 09 March 2014 - 10:49 AM

 Results of screen317's Security Check version 0.99.80  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Microsoft Security Essentials   
avast! Antivirus                
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java 7 Update 51  
 Adobe Flash Player 12.0.0.70  
 Adobe Reader 10.1.9 Adobe Reader out of Date!  
 Google Chrome 33.0.1750.117  
 Google Chrome 33.0.1750.146  
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes' Anti-Malware mbamscheduler.exe   
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 1% 
````````````````````End of Log`````````````````````` 
 
Does this means that those files are completely gone? Will they come back?


#10 nasdaq

nasdaq

  • Malware Response Team
  • 39,225 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:45 AM

Posted 09 March 2014 - 01:34 PM

Does this means that those files are completely gone? Will they come back?

The file are gone forever.
===

Get the latest version of the Adobe Reader.
http://get.adobe.com/reader/
Before your download I suggest you unckeck the box on the top right "Yes, install McAfee Security Scan Plus - optional" this is not required if you are not a McAfee subscriber. While the installation is in progress you can also deny the installation of any other programs that may be suggested.

When installed remove your old version of the Reader using the Add/Remove Programs applet if present.
<<<>>>

If all is well:

Please consider using these ideas to help secure your computer. While there is no way to guarantee safety when you use a computer, these steps will make it much less likely that you will need to endure another infection. While we really like to help people, we would rather help you protect yourself so that you won't need that help in the future.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.

Having an effective antivirus is a must for everyone.
In addition to many excellent commercial products there are plenty of good free antivirus programs available. I can recommend:

If you are satisfied with your current protection programs you can ignore the instructions on Antivirus or Firewall listed below.In addition to an antivirus I recommend using a firewall. A software firewall is a software program that helps screen out hackers, viruses, and worms that try to reach your computer over the Internet. I can recommend one of the following free products:Please note: Many installer offer third-party downloads that are installed automatically when you do not uncheck certain checkboxes. While most of the time not being malicious you usually do not want these on your computer. Be careful during the installation process and you will avoid seeing tons of new unwanted toolbars in your favorite web browser.

Please consider installing and running some of the following programs; they are either free or have free versions of commercial programs:

Malwarebytes Anti-Malware (MBAM)
The free version of MBAM can be used to scan the system for traces of malware. Scanning your system regularly will make it harder for malware to reside on your system.
A tutorial on using MBAM can be found here.
Please Note: Only the paid for version has real time capabilities.

SpywareBlaster
A tutorial on using SpywareBlaster to prevent malware from ever installing on your computer may be found here.

Please keep these programs up-to-date and run them whenever you suspect a problem to prevent malware problems. A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall and scanning anti-spyware program at a time. Passive protectors, like SpywareBlaster can be run with any of them.

Note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:A similar category of programs is now called "scareware." Scareware programs are active infections that will pop-up on your computer and tell you that you are infected. If you look closely, it will usually have a name that looks like it might be legitimate, but it is NOT one of the programs you installed. It tells you to click and install it right away. If you click on any part of it, including the 'X' to close it, you may actually help it infect your computer further. Keeping protection updated and running resident protection can help prevent these infections. If it happens anyway, get offline as quickly as you can. Pull the internet connection cable or shut down the computer if you have to. Contact someone to help by using another computer if possible. These programs are also sometimes called 'rogues', but they are different than the older version of rogues mentioned above.

Please keep your programs up to date. This applies to Java, Adobe Flashplayer, Adobe Reader and your Internet Browsers in particular. Vulnerabilities in these programs are often exploited in order to install malware on your PC. Visiting a prepared web page suffices to infect your system.

In general Firefox, Opera and Google Chrome are considered to be more secure than Internet Explorer. In addition there are many useful add-ons that can protect you from possible risks:
  • WOT will warn you when you try to visit sites with poor reputation. The reputation is based on user ratings and is usually very accurate.
  • Script Blocker can help blocking many attempts to infect your system via malicious websites by only allowing scripts at sites you trust.
  • NoScript is a popular Firefox addon,
  • ScriptNo a popular Google Chrome addon.
For much more useful information, please also read Tony Klein's excellent article: How did I get infected in the first place

Hopefully these steps will help to keep you error free. If you run into more difficulty, we will certainly do what we can to help.
===

#11 Miuna

Miuna
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:45 PM

Posted 10 March 2014 - 10:04 AM

Really thank you for your advice and thank you for your time. :)

I will download the programs you recommend one by one soon. 



#12 nasdaq

nasdaq

  • Malware Response Team
  • 39,225 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:45 AM

Posted 11 March 2014 - 07:45 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users