Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer Slowness - Issues


  • This topic is locked This topic is locked
8 replies to this topic

#1 Agent Shark

Agent Shark

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:37 AM

Posted 11 June 2014 - 05:10 PM

Hello everyone,

Nasdaq said he'd help me with my other computer and I appreciate his help. Here are the logs!

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-06-2014 01
Ran by David (administrator) on MAIN-PC on 11-06-2014 16:20:00
Running from C:\Users\David\Desktop
Platform: Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Toshiba Corporation) C:\Program Files\Toshiba\Teco\TecoService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\System Setting\TSleepSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Spotify Ltd) C:\Users\David\AppData\Roaming\Spotify\spotify.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Spotify Ltd) C:\Users\David\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Flux Software LLC) C:\Users\David\AppData\Local\FluxSoftware\Flux\flux.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(BitTorrent Inc.) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe
() C:\Users\David\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\David\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\David\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(ooVoo LLC) C:\Program Files (x86)\ooVoo\ooVoo.exe
(Google Inc.) C:\Users\David\AppData\Local\Google\Update\1.3.24.7\GoogleCrashHandler.exe
() C:\Users\David\AppData\Roaming\Dashlane\Dashlane.exe
(Google Inc.) C:\Users\David\AppData\Local\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(Curse, Inc) C:\Users\David\AppData\Roaming\Curse Client\Bin\Curse.exe
() C:\Users\David\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Users\David\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Dropbox, Inc.) C:\Users\David\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\LocationNotifications.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\TiWorker.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-08-19] (SRS Labs, Inc.)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1548952 2012-08-04] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-17] (TOSHIBA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-06-07] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2688920 2014-05-26] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NCUpdateHelper] => C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [832272 2014-05-21] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [111696 2013-08-27] (VMware, Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-903154375-3973902662-3159236840-1001\...\Run: [Spotify] => C:\Users\David\AppData\Roaming\Spotify\Spotify.exe [6170168 2014-05-15] (Spotify Ltd)
HKU\S-1-5-21-903154375-3973902662-3159236840-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [2990304 2013-10-30] (Nota Inc.)
HKU\S-1-5-21-903154375-3973902662-3159236840-1001\...\Run: [Spotify Web Helper] => C:\Users\David\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-15] (Spotify Ltd)
HKU\S-1-5-21-903154375-3973902662-3159236840-1001\...\Run: [f.lux] => C:\Users\David\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-903154375-3973902662-3159236840-1001\...\Run: [AIM for Windows] => C:\Users\David\AppData\Local\AOL\AIM\aim.exe [1074216 2013-09-09] (AOL Inc.)
HKU\S-1-5-21-903154375-3973902662-3159236840-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1754816 2014-05-29] (Valve Corporation)
HKU\S-1-5-21-903154375-3973902662-3159236840-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-903154375-3973902662-3159236840-1001\...\Run: [uTorrent] => C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe [1671504 2014-05-31] (BitTorrent Inc.)
HKU\S-1-5-21-903154375-3973902662-3159236840-1001\...\Run: [ooVoo.exe] => C:\Program Files (x86)\ooVoo\oovoo.exe [36247104 2014-03-25] (ooVoo LLC)
HKU\S-1-5-21-903154375-3973902662-3159236840-1001\...\Run: [Google Update] => C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-06-06] (Google Inc.)
HKU\S-1-5-21-903154375-3973902662-3159236840-1001\...\Run: [Dashlane] => C:\Users\David\AppData\Roaming\Dashlane\Dashlane.exe [219832 2014-05-27] ()
HKU\S-1-5-21-903154375-3973902662-3159236840-1001\...\MountPoints2: {b5c3e6f3-6bf0-11e3-be89-c0d962b7424d} - "E:\LaunchU3.exe"
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk
ShortcutTarget: Curse.lnk -> C:\Users\David\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\David\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com
SearchScopes: HKLM - DefaultScope {2F2085F5-B82D-43EB-AAAF-848B59B5B8FF} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
SearchScopes: HKLM - {2F2085F5-B82D-43EB-AAAF-848B59B5B8FF} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
SearchScopes: HKLM-x32 - {2F2085F5-B82D-43EB-AAAF-848B59B5B8FF} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
SearchScopes: HKCU - {089D1265-8F77-4FD3-972E-3347CC667C22} URL = http://search.yahoo.com/search?p={searchTerms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20131251,20028,0,77,0
SearchScopes: HKCU - {2F2085F5-B82D-43EB-AAAF-848B59B5B8FF} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\David\AppData\Roaming\Dashlane\ie\KWIEBar.dll (Dashlane)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\lp8zlv05.default
FF SearchEngineOrder.1: Yahoo
FF SearchEngineOrder.user_pref("browser.search.order.2", "");: user_pref("browser.search.order.2", "");
FF Homepage: about:home
FF Keyword.URL: hxxp://search.yahoo.com/search?p={searchTerms}&ei=UTF-8&fr=w3i&type=W3i_DS,157,0_0,Search,20131251,20030,0,77,0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\David\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\David\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\lp8zlv05.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-08]
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-10]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-10]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-05] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-06-05] (AVAST Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-05-21] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-05-21] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-05-21] (BlueStack Systems, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-05-28] ()
S3 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14401104 2013-08-27] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-05] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-03-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-05] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [447888 2014-06-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-05] (AVAST Software)
S3 aswTap; C:\Windows\system32\DRIVERS\aswTap.sys [44640 2013-11-10] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-05] ()
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-05-21] (BlueStack Systems)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-10] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-11] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [24208 2012-07-11] (Realtek Microelectronics)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-21] (Realtek Semiconductor Corporation                           )
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-25] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-20] (Synaptics Incorporated)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [33168 2013-11-01] (Windows ® Win 7 DDK provider)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-08-15] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)
S3 cpuz136; \??\C:\Users\David\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-11 16:20 - 2014-06-11 16:20 - 00024106 _____ () C:\Users\David\Desktop\FRST.txt
2014-06-11 16:19 - 2014-06-11 16:20 - 00000000 ____D () C:\FRST
2014-06-11 16:18 - 2014-06-11 16:18 - 02081792 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2014-06-11 16:06 - 2014-06-11 16:07 - 00000000 ____D () C:\AdwCleaner
2014-06-11 16:06 - 2014-06-11 16:06 - 01333465 _____ () C:\Users\David\Desktop\adwcleaner_3.212.exe
2014-06-11 00:20 - 2014-05-30 05:45 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-11 00:20 - 2014-05-30 05:18 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-11 00:20 - 2014-05-30 05:06 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-11 00:20 - 2014-05-30 04:38 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-11 00:20 - 2014-05-30 04:29 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-11 00:20 - 2014-05-30 04:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-06-11 00:20 - 2014-05-30 04:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-11 00:20 - 2014-05-30 04:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-11 00:20 - 2014-05-30 04:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-11 00:20 - 2014-05-30 03:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-11 00:20 - 2014-05-30 03:49 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-11 00:20 - 2014-05-30 03:40 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-11 00:20 - 2014-05-30 03:30 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-11 00:20 - 2014-05-30 03:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-11 00:19 - 2014-05-30 06:21 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-11 00:19 - 2014-05-30 05:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-11 00:19 - 2014-05-30 05:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-11 00:19 - 2014-05-30 05:08 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-11 00:19 - 2014-05-30 04:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-11 00:19 - 2014-05-30 04:44 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-11 00:19 - 2014-05-30 04:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-11 00:19 - 2014-05-30 04:35 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-11 00:19 - 2014-05-30 04:23 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-11 00:19 - 2014-05-30 03:56 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-11 00:19 - 2014-05-30 03:56 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-11 00:19 - 2014-05-30 03:43 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-11 00:19 - 2014-05-30 03:21 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-11 00:19 - 2014-05-30 03:13 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-11 00:19 - 2014-05-30 03:13 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-11 00:19 - 2014-05-19 02:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-11 00:19 - 2014-05-19 02:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-11 00:19 - 2014-05-19 01:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-06-11 00:19 - 2014-05-08 19:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-11 00:19 - 2014-05-05 00:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-11 00:19 - 2014-04-30 00:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-11 00:19 - 2014-04-30 00:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-11 00:19 - 2014-04-29 23:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-06-11 00:19 - 2014-04-18 05:32 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-06-11 00:19 - 2014-04-18 04:58 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-06-11 00:19 - 2014-04-18 04:21 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-06-11 00:19 - 2014-04-18 04:09 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-06-11 00:19 - 2014-04-18 03:51 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-06-11 00:19 - 2014-04-18 03:49 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-06-11 00:19 - 2014-04-11 02:13 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-06-11 00:19 - 2014-04-09 00:35 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-06-11 00:19 - 2014-04-06 12:31 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-06-11 00:19 - 2014-04-06 12:20 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-06-11 00:19 - 2014-04-06 12:20 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-06-11 00:19 - 2014-04-06 12:20 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-06-11 00:19 - 2014-04-06 12:20 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-06-11 00:19 - 2014-04-06 11:22 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-06-11 00:19 - 2014-04-06 11:16 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-06-11 00:19 - 2014-04-06 11:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-06-11 00:19 - 2014-04-06 10:10 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-06-11 00:19 - 2014-04-06 07:55 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-11 00:19 - 2014-04-06 07:54 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-06-11 00:19 - 2014-04-06 06:52 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-06-11 00:19 - 2014-04-06 06:51 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-06-11 00:19 - 2014-04-06 06:37 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-06-11 00:19 - 2014-04-06 06:36 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-06-11 00:19 - 2014-04-03 04:12 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-06-11 00:19 - 2014-04-03 03:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-11 00:19 - 2014-04-03 03:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-11 00:19 - 2014-04-02 23:53 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-06-11 00:19 - 2014-04-02 22:53 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-06-11 00:19 - 2014-04-02 22:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-06-11 00:19 - 2014-03-31 01:42 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-06-11 00:19 - 2014-03-30 18:54 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-06-11 00:19 - 2014-03-19 20:44 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-06-11 00:19 - 2014-03-19 19:33 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-06-11 00:19 - 2014-03-19 00:18 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-06-11 00:19 - 2014-03-18 01:00 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-06-11 00:19 - 2014-03-18 00:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-06-11 00:19 - 2014-03-16 22:47 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-06-11 00:18 - 2014-04-30 07:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-11 00:18 - 2014-04-29 23:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-11 00:18 - 2014-04-18 10:57 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-06-11 00:18 - 2014-04-18 10:44 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-06-11 00:18 - 2014-04-18 09:29 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-06-11 00:18 - 2014-04-18 05:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-06-11 00:18 - 2014-04-18 04:32 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-06-11 00:18 - 2014-04-14 05:20 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-06-11 00:18 - 2014-04-14 04:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-06-11 00:18 - 2014-04-11 00:51 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-06-11 00:18 - 2014-04-11 00:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-06-11 00:18 - 2014-04-10 23:30 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-06-11 00:18 - 2014-04-09 07:53 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-06-11 00:18 - 2014-04-09 02:39 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-06-11 00:18 - 2014-04-09 01:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-06-11 00:18 - 2014-04-08 23:33 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-06-11 00:18 - 2014-04-07 22:01 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-06-11 00:18 - 2014-04-06 12:34 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-06-11 00:18 - 2014-04-06 12:34 - 00275800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-06-11 00:18 - 2014-04-06 12:32 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-06-11 00:18 - 2014-04-06 12:30 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-06-11 00:18 - 2014-04-06 12:24 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-06-11 00:18 - 2014-04-06 12:20 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-06-11 00:18 - 2014-04-06 12:20 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-06-11 00:18 - 2014-04-06 12:20 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-06-11 00:18 - 2014-04-06 12:20 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-06-11 00:18 - 2014-04-06 12:20 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-06-11 00:18 - 2014-04-06 12:20 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-06-11 00:18 - 2014-04-06 12:20 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-06-11 00:18 - 2014-04-06 12:20 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-06-11 00:18 - 2014-04-06 12:20 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-06-11 00:18 - 2014-04-06 11:23 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-06-11 00:18 - 2014-04-06 11:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-06-11 00:18 - 2014-04-06 11:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-06-11 00:18 - 2014-04-06 11:16 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-06-11 00:18 - 2014-04-06 11:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-06-11 00:18 - 2014-04-06 11:16 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-06-11 00:18 - 2014-04-06 11:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-06-11 00:18 - 2014-04-06 11:16 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-06-11 00:18 - 2014-04-06 11:16 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-06-11 00:18 - 2014-04-06 08:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-06-11 00:18 - 2014-04-06 08:51 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-06-11 00:18 - 2014-04-06 08:33 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-06-11 00:18 - 2014-04-06 08:24 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-06-11 00:18 - 2014-04-06 08:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-06-11 00:18 - 2014-04-06 07:26 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-06-11 00:18 - 2014-04-06 07:20 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-06-11 00:18 - 2014-04-06 07:01 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-06-11 00:18 - 2014-04-06 06:05 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-06-11 00:18 - 2014-04-06 05:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-06-11 00:18 - 2014-04-03 04:12 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-06-11 00:18 - 2014-04-03 04:12 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-06-11 00:18 - 2014-04-03 00:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-06-11 00:18 - 2014-04-03 00:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-06-11 00:18 - 2014-04-02 22:53 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-06-11 00:18 - 2014-04-02 22:23 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-06-11 00:18 - 2014-04-02 22:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-06-11 00:18 - 2014-04-02 22:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-06-11 00:18 - 2014-04-02 22:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-06-11 00:18 - 2014-04-01 02:23 - 00384856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-06-11 00:18 - 2014-03-30 20:41 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-06-11 00:18 - 2014-03-30 20:01 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-06-11 00:18 - 2014-03-30 19:43 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-06-11 00:18 - 2014-03-30 18:49 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-06-11 00:18 - 2014-03-30 18:35 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-06-11 00:18 - 2014-03-30 18:11 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-06-11 00:18 - 2014-03-30 17:47 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-06-11 00:18 - 2014-03-28 11:58 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-06-11 00:18 - 2014-03-27 02:16 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-06-11 00:18 - 2014-03-27 01:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-06-11 00:18 - 2014-03-27 00:59 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-06-11 00:18 - 2014-03-27 00:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-06-11 00:18 - 2014-03-27 00:19 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-06-11 00:18 - 2014-03-26 23:46 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-06-11 00:18 - 2014-03-26 23:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-06-11 00:18 - 2014-03-26 23:10 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-06-11 00:18 - 2014-03-24 18:58 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-06-11 00:18 - 2014-03-19 23:48 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-06-11 00:18 - 2014-03-19 04:15 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-06-11 00:18 - 2014-03-19 04:07 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-06-11 00:18 - 2014-03-19 03:24 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-06-11 00:18 - 2014-03-19 03:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-06-11 00:18 - 2014-03-19 02:36 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-06-11 00:18 - 2014-03-19 01:56 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-06-11 00:18 - 2014-03-19 01:45 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-06-11 00:18 - 2014-03-19 01:19 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-06-11 00:18 - 2014-03-19 01:07 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-06-11 00:18 - 2014-03-19 01:02 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-06-11 00:18 - 2014-03-19 01:00 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-06-11 00:18 - 2014-03-19 00:51 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-06-11 00:18 - 2014-03-19 00:31 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-06-11 00:18 - 2014-03-18 04:19 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-06-11 00:18 - 2014-03-17 01:09 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-11 00:18 - 2014-03-17 00:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-06-11 00:18 - 2014-03-16 23:01 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-06-11 00:18 - 2014-03-16 22:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-06-11 00:18 - 2014-03-14 02:26 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-06-11 00:18 - 2014-03-14 02:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-06-11 00:18 - 2014-03-06 08:42 - 00310616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-06-11 00:17 - 2014-06-11 00:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-11 00:17 - 2014-06-11 00:17 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-11 00:17 - 2014-06-11 00:17 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-11 00:17 - 2014-06-11 00:17 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-11 00:17 - 2014-06-11 00:17 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-11 00:17 - 2014-06-11 00:17 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-11 00:17 - 2014-06-11 00:17 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-11 00:17 - 2014-06-11 00:17 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-11 00:17 - 2014-06-11 00:17 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-11 00:17 - 2014-06-11 00:17 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-11 00:17 - 2014-06-11 00:17 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-11 00:17 - 2014-06-11 00:17 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-11 00:17 - 2014-05-01 09:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-11 00:17 - 2014-05-01 03:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-11 00:17 - 2014-05-01 03:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-11 00:17 - 2014-05-01 02:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-06-11 00:17 - 2014-05-01 01:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-06-11 00:16 - 2014-05-01 09:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-11 00:14 - 2014-06-11 00:14 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-09 22:12 - 2014-06-09 22:12 - 00000000 ____D () C:\Users\David\AppData\Local\SniperV2
2014-06-09 13:29 - 2014-06-09 13:29 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2014-06-09 13:29 - 2014-06-09 13:29 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2014-06-08 22:29 - 2014-06-08 22:30 - 00000000 ____D () C:\Users\David\Desktop\Download - Permatex - Leads Generating WordPress Landing Page
2014-06-08 22:28 - 2014-06-08 22:28 - 01558081 _____ () C:\Users\David\Desktop\Download - Permatex - Leads Generating WordPress Landing Page.rar
2014-06-08 20:35 - 2014-06-08 20:35 - 00001245 _____ () C:\Users\Public\Desktop\XSplit Gamecaster.lnk
2014-06-08 20:35 - 2014-06-08 20:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2014-06-08 13:56 - 2014-06-08 13:56 - 10696960 _____ (Emsisoft GmbH ) C:\Users\David\Downloads\OnlineArmorSetup.exe
2014-06-07 22:31 - 2014-06-07 22:31 - 00001728 _____ () C:\Users\David\Downloads\CalculationsV1.java
2014-06-07 17:54 - 2014-06-07 19:26 - 00000000 ____D () C:\Users\David\Desktop\AP Computer Science
2014-06-06 19:26 - 2014-06-06 19:26 - 00000000 ____D () C:\Program Files (x86)\Dashlane
2014-06-06 19:25 - 2014-06-06 19:25 - 00002072 _____ () C:\Users\David\Desktop\Dashlane.lnk
2014-06-06 19:25 - 2014-06-06 19:25 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane
2014-06-06 19:23 - 2014-06-06 19:26 - 00000000 ____D () C:\Users\David\AppData\Roaming\Dashlane
2014-06-06 19:22 - 2014-06-06 19:23 - 00924000 _____ (Dashlane inc.) C:\Users\David\Downloads\Dashlane_Launcher-1401376146.exe
2014-06-06 14:51 - 2014-06-06 14:51 - 00001253 _____ () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\APCS Course Files.lnk
2014-06-06 09:47 - 2014-06-11 16:13 - 00002495 _____ () C:\Users\David\Desktop\Google Chrome Canary.lnk
2014-06-06 09:47 - 2014-06-06 09:47 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary
2014-06-06 09:46 - 2014-06-11 15:51 - 00000924 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-903154375-3973902662-3159236840-1001UA.job
2014-06-06 09:46 - 2014-06-09 09:51 - 00000872 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-903154375-3973902662-3159236840-1001Core.job
2014-06-06 09:46 - 2014-06-06 09:46 - 00918672 _____ (Google Inc.) C:\Users\David\Downloads\ChromeSetup.exe
2014-06-06 09:46 - 2014-06-06 09:46 - 00003870 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-903154375-3973902662-3159236840-1001UA
2014-06-06 09:46 - 2014-06-06 09:46 - 00003490 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-903154375-3973902662-3159236840-1001Core
2014-06-05 17:49 - 2014-06-05 17:50 - 00447888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2014-06-05 17:49 - 2014-06-05 17:49 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-06-05 17:49 - 2014-06-05 17:49 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-06-05 00:05 - 2014-06-05 00:05 - 00001880 _____ () C:\Users\Public\Desktop\ooVoo.lnk
2014-06-05 00:05 - 2014-06-05 00:05 - 00000000 ____D () C:\Users\David\AppData\Roaming\ooVoo Details
2014-06-05 00:05 - 2014-06-05 00:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ooVoo
2014-06-05 00:05 - 2014-06-05 00:05 - 00000000 ____D () C:\Program Files (x86)\ooVoo
2014-06-05 00:04 - 2014-06-05 00:04 - 02387520 _____ (ooVoo LLC) C:\Users\David\Downloads\ooVooSetup.exe
2014-06-04 16:50 - 2014-06-04 16:59 - 00000000 ____D () C:\Users\David\Downloads\ios_8_beta__iphone_5s_model_a1453_a1533__12a4265u
2014-06-04 16:50 - 2014-06-04 16:50 - 00037875 _____ () C:\Users\David\Downloads\ios_8_beta__iphone_5s_model_a1453_a1533__12a4265u.torrent
2014-06-03 12:53 - 2014-06-03 12:53 - 00669984 _____ () C:\WINDOWS\Minidump\060314-21781-01.dmp
2014-05-31 20:57 - 2014-05-31 20:57 - 00000000 ____D () C:\Users\David\Documents\Virtual Machines
2014-05-31 20:56 - 2014-06-01 11:23 - 00000000 ____D () C:\Users\David\AppData\Roaming\VMware
2014-05-31 20:56 - 2014-06-01 11:23 - 00000000 ____D () C:\Users\David\AppData\Local\VMware
2014-05-31 20:29 - 2013-08-27 12:42 - 00358480 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnetdhcp.exe
2014-05-31 20:29 - 2013-08-27 12:42 - 00064080 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmx86.sys
2014-05-31 20:29 - 2013-08-15 18:25 - 00073296 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vsock.sys
2014-05-31 20:29 - 2013-08-15 18:25 - 00067664 _____ (VMware, Inc.) C:\WINDOWS\system32\vsocklib.dll
2014-05-31 20:29 - 2013-08-15 18:25 - 00063568 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vsocklib.dll
2014-05-31 20:28 - 2014-05-31 20:28 - 00002154 _____ () C:\Users\Public\Desktop\VMware Workstation.lnk
2014-05-31 20:28 - 2014-05-31 20:28 - 00001024 _____ () C:\WINDOWS\SysWOW64\%TMP%
2014-05-31 20:28 - 2014-05-31 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2014-05-31 20:28 - 2013-08-27 12:42 - 00930384 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetlib64.dll
2014-05-31 20:28 - 2013-08-27 12:42 - 00437328 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnat.exe
2014-05-31 20:28 - 2013-08-27 12:42 - 00030800 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmnetuserif.sys
2014-05-31 20:28 - 2013-08-26 23:33 - 00053816 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\hcmon.sys
2014-05-31 20:27 - 2014-05-31 20:27 - 00000000 ____D () C:\Program Files\Common Files\VMware
2014-05-31 20:25 - 2014-06-11 16:10 - 00000000 ____D () C:\ProgramData\VMware
2014-05-31 20:25 - 2014-05-31 20:25 - 00000000 ____D () C:\Users\Public\Documents\Shared Virtual Machines
2014-05-31 20:25 - 2014-05-31 20:25 - 00000000 ____D () C:\Program Files (x86)\VMware
2014-05-31 20:13 - 2014-05-31 20:13 - 00000908 _____ () C:\Users\David\Desktop\µTorrent.lnk
2014-05-31 20:13 - 2014-05-31 20:13 - 00000888 _____ () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-05-31 20:12 - 2014-05-31 20:12 - 01671504 _____ (BitTorrent Inc.) C:\Users\David\Downloads\uTorrent.exe
2014-05-31 18:15 - 2014-05-31 19:05 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-05-31 18:15 - 2014-05-31 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2014-05-31 18:15 - 2014-05-31 18:15 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-05-31 18:14 - 2014-05-31 18:21 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-05-31 18:14 - 2014-05-31 18:14 - 00000000 ____D () C:\Users\David\AppData\Local\Bluestacks
2014-05-31 18:13 - 2014-05-31 18:13 - 12814576 _____ (BlueStack Systems Inc.) C:\Users\David\Downloads\BlueStacks-SplitInstaller_native_b.exe
2014-05-29 22:27 - 2014-05-29 22:28 - 00000000 ____D () C:\Users\David\AppData\Local\PAYDAY 2
2014-05-29 22:16 - 2014-05-29 22:16 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-05-29 22:16 - 2014-05-29 22:16 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-05-28 21:57 - 2014-05-28 21:57 - 00000000 ____D () C:\Users\David\Documents\Battlefield 3
2014-05-28 21:56 - 2014-05-28 21:56 - 02247960 _____ () C:\Users\David\Downloads\battlelog-web-plugins_2.4.0_141.exe
2014-05-28 21:56 - 2014-05-28 21:56 - 00000000 ____D () C:\Users\David\AppData\Local\ESN
2014-05-28 21:56 - 2014-05-28 21:56 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-05-28 21:05 - 2014-05-28 21:05 - 00001197 _____ () C:\Users\Public\Desktop\Battlefield 3.lnk
2014-05-28 21:05 - 2014-05-28 21:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2014-05-28 20:19 - 2014-05-28 20:19 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-28 20:19 - 2014-05-28 20:19 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-28 20:04 - 2014-05-28 20:04 - 00001302 _____ () C:\Users\Public\Desktop\Plants vs. Zombies.lnk
2014-05-28 17:35 - 2014-05-28 17:35 - 00001340 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2014-05-28 17:35 - 2014-05-28 17:35 - 00001328 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2014-05-26 20:33 - 2014-05-28 16:47 - 00480768 _____ () C:\Users\David\Desktop\Infamous Chat.exe
2014-05-26 18:26 - 2014-05-31 20:05 - 00000000 ____D () C:\Users\David\AppData\Roaming\X-Chat 2
2014-05-26 18:26 - 2014-05-26 18:26 - 00999091 _____ () C:\Users\David\Downloads\xchat-2.8.9.exe
2014-05-26 18:26 - 2014-05-26 18:26 - 00001852 _____ () C:\Users\Public\Desktop\XChat.lnk
2014-05-26 18:26 - 2014-05-26 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XChat
2014-05-26 18:26 - 2014-05-26 18:26 - 00000000 ____D () C:\Program Files (x86)\xchat
2014-05-26 10:03 - 2014-05-26 10:03 - 00000000 ____D () C:\Users\David\AppData\Local\Ubisoft
2014-05-25 16:56 - 2014-05-25 17:16 - 00000000 ____D () C:\Users\David\Documents\DayZ
2014-05-25 16:56 - 2014-05-25 16:58 - 00000000 ____D () C:\Users\David\AppData\Local\DayZ
2014-05-25 16:18 - 2014-05-25 16:18 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-05-25 16:18 - 2014-05-25 16:18 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-05-25 13:01 - 2014-05-31 20:58 - 00000000 ____D () C:\Users\David\AppData\Local\join.me
2014-05-25 13:01 - 2014-05-25 13:01 - 00001119 _____ () C:\Users\David\Desktop\join.me.lnk
2014-05-25 13:01 - 2014-05-25 13:01 - 00001119 _____ () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\join.me.lnk
2014-05-25 12:45 - 2014-05-26 18:25 - 00000000 ____D () C:\Users\David\AppData\Roaming\HexChat
2014-05-25 12:43 - 2014-05-25 12:44 - 06229339 _____ (HexChat ) C:\Users\David\Downloads\HexChat 2.9.6.1 x86.exe
2014-05-22 20:30 - 2014-05-22 20:30 - 00463952 _____ () C:\Users\David\Downloads\speech100.zip
2014-05-22 20:28 - 2014-05-22 20:28 - 05509039 _____ ( ) C:\Users\David\Downloads\BluelineFull.exe
2014-05-22 20:28 - 2014-05-22 20:28 - 00001021 _____ () C:\Users\Public\Desktop\Blueline.lnk
2014-05-22 20:28 - 2014-05-22 20:28 - 00000000 ____D () C:\Program Files (x86)\AzTools
2014-05-22 18:00 - 2014-05-22 18:01 - 00000000 ____D () C:\Users\David\Invision Board
2014-05-22 16:52 - 2014-05-22 16:52 - 00001868 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-05-22 16:52 - 2014-05-22 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-05-22 16:52 - 2014-05-22 16:52 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-05-20 20:06 - 2014-05-20 20:06 - 00001806 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-20 20:06 - 2014-05-20 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-20 20:04 - 2014-05-20 20:06 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-20 20:04 - 2014-05-20 20:06 - 00000000 ____D () C:\Program Files\iTunes
2014-05-20 20:04 - 2014-05-20 20:05 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-05-20 20:04 - 2014-05-20 20:04 - 00000000 ____D () C:\Program Files\iPod
2014-05-14 22:29 - 2014-06-08 10:18 - 00000106 _____ () C:\Users\David\Desktop\Brotherhood List.txt
2014-05-13 20:50 - 2014-04-08 18:46 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-05-13 20:50 - 2014-04-08 18:46 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-05-13 20:50 - 2014-04-08 14:54 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-05-13 20:50 - 2014-04-08 14:54 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-05-13 20:50 - 2014-03-23 22:30 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-05-13 20:50 - 2014-03-23 22:30 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-05-13 20:50 - 2014-03-23 22:27 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-05-13 20:50 - 2014-03-13 03:42 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-05-13 20:50 - 2014-03-13 02:51 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-05-13 20:48 - 2014-04-11 06:03 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-05-13 20:48 - 2014-04-11 06:03 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-05-13 20:48 - 2014-04-11 04:25 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-05-13 20:48 - 2014-04-11 02:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-05-13 20:48 - 2014-04-11 01:53 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-05-13 20:48 - 2014-04-11 01:22 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-05-13 20:48 - 2014-04-10 23:54 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-05-13 20:48 - 2014-04-10 23:06 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-05-13 20:48 - 2014-04-10 23:05 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-13 20:48 - 2014-04-10 23:05 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-05-13 20:48 - 2014-04-10 23:02 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-13 20:48 - 2014-04-10 23:02 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-05-13 20:48 - 2014-04-10 23:01 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-05-13 20:48 - 2014-04-10 23:00 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-05-13 20:48 - 2014-04-10 22:59 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-05-13 20:48 - 2014-04-10 22:57 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-05-13 20:48 - 2014-04-10 22:56 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-05-13 20:48 - 2014-04-10 22:55 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-05-13 20:48 - 2014-04-10 22:53 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-05-13 20:48 - 2014-04-10 22:52 - 03464192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-05-13 20:48 - 2014-04-10 22:46 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-05-13 20:48 - 2014-04-10 22:36 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-05-13 20:48 - 2014-04-10 22:34 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-05-13 20:48 - 2014-04-10 22:29 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-05-13 20:48 - 2014-04-10 22:25 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll

==================== One Month Modified Files and Folders =======

2014-06-11 16:21 - 2013-11-11 22:33 - 00000000 ____D () C:\Users\David\AppData\Roaming\Skype
2014-06-11 16:20 - 2014-06-11 16:20 - 00024106 _____ () C:\Users\David\Desktop\FRST.txt
2014-06-11 16:20 - 2014-06-11 16:19 - 00000000 ____D () C:\FRST
2014-06-11 16:20 - 2013-11-10 16:58 - 00000000 ____D () C:\Users\David\AppData\Local\Temp
2014-06-11 16:19 - 2013-11-10 06:09 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-903154375-3973902662-3159236840-1001
2014-06-11 16:18 - 2014-06-11 16:18 - 02081792 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2014-06-11 16:16 - 2014-01-07 21:48 - 00000000 ____D () C:\Users\David\AppData\Roaming\uTorrent
2014-06-11 16:16 - 2013-11-10 21:09 - 00000000 ____D () C:\Users\David\AppData\Roaming\Spotify
2014-06-11 16:16 - 2013-11-10 17:11 - 01842578 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-11 16:15 - 2013-12-21 02:22 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-06-11 16:13 - 2014-06-06 09:47 - 00002495 _____ () C:\Users\David\Desktop\Google Chrome Canary.lnk
2014-06-11 16:13 - 2014-02-02 13:30 - 00000000 ____D () C:\Users\David\AppData\Roaming\Dropbox
2014-06-11 16:13 - 2013-11-16 15:06 - 00000000 ____D () C:\Users\David\AppData\Local\Adobe
2014-06-11 16:12 - 2014-02-02 13:34 - 00000000 ___RD () C:\Users\David\Dropbox
2014-06-11 16:12 - 2014-02-02 13:32 - 00000000 ____D () C:\Users\David\AppData\Roaming\DropboxMaster
2014-06-11 16:12 - 2013-12-01 23:11 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E31DFA6C-695D-4C11-9A66-21F85E5E6E06}
2014-06-11 16:12 - 2013-11-10 16:10 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-06-11 16:11 - 2014-01-04 21:16 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-11 16:11 - 2013-11-10 18:13 - 00000000 __RDO () C:\Users\David\SkyDrive
2014-06-11 16:10 - 2014-05-31 20:25 - 00000000 ____D () C:\ProgramData\VMware
2014-06-11 16:10 - 2014-03-29 12:27 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-06-11 16:09 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-06-11 16:08 - 2013-09-29 23:55 - 00046626 _____ () C:\WINDOWS\PFRO.log
2014-06-11 16:08 - 2013-08-22 09:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-06-11 16:07 - 2014-06-11 16:06 - 00000000 ____D () C:\AdwCleaner
2014-06-11 16:06 - 2014-06-11 16:06 - 01333465 _____ () C:\Users\David\Desktop\adwcleaner_3.212.exe
2014-06-11 16:00 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-06-11 15:51 - 2014-06-06 09:46 - 00000924 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-903154375-3973902662-3159236840-1001UA.job
2014-06-11 14:55 - 2012-07-26 03:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-06-11 13:39 - 2013-11-17 02:49 - 00000000 ____D () C:\Users\David\AppData\Local\PMB Files
2014-06-11 13:04 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-06-11 12:23 - 2013-09-30 00:04 - 00869620 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-11 12:19 - 2013-11-10 06:04 - 00000000 ___RD () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-11 12:19 - 2013-11-10 06:04 - 00000000 ___RD () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-06-11 12:16 - 2013-08-22 10:44 - 05222440 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-11 12:12 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-06-11 12:12 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-06-11 12:12 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-06-11 08:45 - 2013-11-14 23:01 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-06-11 08:45 - 2013-11-14 22:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-11 00:17 - 2014-06-11 00:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-11 00:17 - 2014-06-11 00:17 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-11 00:17 - 2014-06-11 00:17 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-11 00:17 - 2014-06-11 00:17 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-11 00:17 - 2014-06-11 00:17 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-11 00:17 - 2014-06-11 00:17 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-11 00:17 - 2014-06-11 00:17 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-11 00:17 - 2014-06-11 00:17 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-11 00:17 - 2014-06-11 00:17 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-11 00:17 - 2014-06-11 00:17 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-11 00:17 - 2014-06-11 00:17 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-11 00:17 - 2014-06-11 00:17 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-11 00:14 - 2014-06-11 00:14 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-11 00:08 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-06-10 14:49 - 2013-11-17 02:49 - 00000000 ____D () C:\ProgramData\PMB Files
2014-06-10 01:29 - 2012-09-03 22:06 - 00173829 _____ () C:\WINDOWS\DirectX.log
2014-06-09 22:12 - 2014-06-09 22:12 - 00000000 ____D () C:\Users\David\AppData\Local\SniperV2
2014-06-09 20:11 - 2012-09-03 21:42 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-06-09 19:29 - 2012-07-26 04:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-06-09 13:29 - 2014-06-09 13:29 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2014-06-09 13:29 - 2014-06-09 13:29 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2014-06-09 13:29 - 2013-08-22 10:46 - 00299797 _____ () C:\WINDOWS\setupact.log
2014-06-09 13:29 - 2013-02-18 06:11 - 00002990 _____ () C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2014-06-09 09:51 - 2014-06-06 09:46 - 00000872 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-903154375-3973902662-3159236840-1001Core.job
2014-06-08 22:30 - 2014-06-08 22:29 - 00000000 ____D () C:\Users\David\Desktop\Download - Permatex - Leads Generating WordPress Landing Page
2014-06-08 22:28 - 2014-06-08 22:28 - 01558081 _____ () C:\Users\David\Desktop\Download - Permatex - Leads Generating WordPress Landing Page.rar
2014-06-08 20:35 - 2014-06-08 20:35 - 00001245 _____ () C:\Users\Public\Desktop\XSplit Gamecaster.lnk
2014-06-08 20:35 - 2014-06-08 20:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2014-06-08 20:35 - 2014-04-08 17:26 - 00000000 __SHD () C:\AI_RecycleBin
2014-06-08 20:35 - 2013-11-17 02:50 - 00000000 __SHD () C:\WINDOWS\SysWOW64\AI_RecycleBin
2014-06-08 20:32 - 2014-03-20 15:07 - 00000000 ____D () C:\ProgramData\SplitMediaLabs
2014-06-08 14:05 - 2014-03-02 21:09 - 00000000 ____D () C:\Users\David\School Work
2014-06-08 13:56 - 2014-06-08 13:56 - 10696960 _____ (Emsisoft GmbH ) C:\Users\David\Downloads\OnlineArmorSetup.exe
2014-06-08 12:08 - 2013-12-14 23:53 - 00000000 ____D () C:\Users\David\Documents\porn
2014-06-08 11:58 - 2013-12-22 23:08 - 00159744 ___SH () C:\Users\David\Downloads\Thumbs.db
2014-06-08 10:18 - 2014-05-14 22:29 - 00000106 _____ () C:\Users\David\Desktop\Brotherhood List.txt
2014-06-07 22:31 - 2014-06-07 22:31 - 00001728 _____ () C:\Users\David\Downloads\CalculationsV1.java
2014-06-07 19:26 - 2014-06-07 17:54 - 00000000 ____D () C:\Users\David\Desktop\AP Computer Science
2014-06-06 19:26 - 2014-06-06 19:26 - 00000000 ____D () C:\Program Files (x86)\Dashlane
2014-06-06 19:26 - 2014-06-06 19:23 - 00000000 ____D () C:\Users\David\AppData\Roaming\Dashlane
2014-06-06 19:25 - 2014-06-06 19:25 - 00002072 _____ () C:\Users\David\Desktop\Dashlane.lnk
2014-06-06 19:25 - 2014-06-06 19:25 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane
2014-06-06 19:23 - 2014-06-06 19:22 - 00924000 _____ (Dashlane inc.) C:\Users\David\Downloads\Dashlane_Launcher-1401376146.exe
2014-06-06 14:51 - 2014-06-06 14:51 - 00001253 _____ () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\APCS Course Files.lnk
2014-06-06 09:47 - 2014-06-06 09:47 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary
2014-06-06 09:47 - 2013-11-10 06:15 - 00000000 ____D () C:\Users\David\AppData\Local\Google
2014-06-06 09:46 - 2014-06-06 09:46 - 00918672 _____ (Google Inc.) C:\Users\David\Downloads\ChromeSetup.exe
2014-06-06 09:46 - 2014-06-06 09:46 - 00003870 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-903154375-3973902662-3159236840-1001UA
2014-06-06 09:46 - 2014-06-06 09:46 - 00003490 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-903154375-3973902662-3159236840-1001Core
2014-06-06 09:45 - 2013-11-10 06:16 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-05 18:11 - 2013-11-10 21:09 - 00000000 ____D () C:\Users\David\AppData\Local\Spotify
2014-06-05 17:51 - 2013-11-16 14:42 - 00001999 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-06-05 17:50 - 2014-06-05 17:49 - 00447888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2014-06-05 17:50 - 2014-01-19 21:17 - 00085328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2014-06-05 17:50 - 2013-11-10 16:10 - 01039096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-06-05 17:50 - 2013-11-10 16:10 - 00423240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-06-05 17:49 - 2014-06-05 17:49 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-06-05 17:49 - 2014-06-05 17:49 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-06-05 17:49 - 2013-11-10 16:10 - 00334648 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-06-05 17:49 - 2013-11-10 16:10 - 00208416 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-06-05 17:49 - 2013-11-10 16:10 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-06-05 17:49 - 2013-11-10 16:10 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-06-05 17:49 - 2013-11-10 16:10 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-06-05 00:05 - 2014-06-05 00:05 - 00001880 _____ () C:\Users\Public\Desktop\ooVoo.lnk
2014-06-05 00:05 - 2014-06-05 00:05 - 00000000 ____D () C:\Users\David\AppData\Roaming\ooVoo Details
2014-06-05 00:05 - 2014-06-05 00:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ooVoo
2014-06-05 00:05 - 2014-06-05 00:05 - 00000000 ____D () C:\Program Files (x86)\ooVoo
2014-06-05 00:04 - 2014-06-05 00:04 - 02387520 _____ (ooVoo LLC) C:\Users\David\Downloads\ooVooSetup.exe
2014-06-04 16:59 - 2014-06-04 16:50 - 00000000 ____D () C:\Users\David\Downloads\ios_8_beta__iphone_5s_model_a1453_a1533__12a4265u
2014-06-04 16:50 - 2014-06-04 16:50 - 00037875 _____ () C:\Users\David\Downloads\ios_8_beta__iphone_5s_model_a1453_a1533__12a4265u.torrent
2014-06-04 15:47 - 2013-11-10 16:57 - 00000000 ____D () C:\Users\David
2014-06-03 13:04 - 2012-09-03 21:43 - 00000000 ____D () C:\ProgramData\Origin
2014-06-03 12:53 - 2014-06-03 12:53 - 00669984 _____ () C:\WINDOWS\Minidump\060314-21781-01.dmp
2014-06-03 12:53 - 2013-11-12 19:31 - 00000000 ____D () C:\WINDOWS\Minidump
2014-06-03 12:53 - 2013-11-12 19:30 - 715288240 _____ () C:\WINDOWS\MEMORY.DMP
2014-06-02 22:09 - 2014-01-05 01:32 - 00000000 ____D () C:\Users\David\Documents\SimCity
2014-06-01 19:39 - 2013-11-28 10:32 - 00000000 ____D () C:\Users\David\AppData\Roaming\.minecraft
2014-06-01 11:23 - 2014-05-31 20:56 - 00000000 ____D () C:\Users\David\AppData\Roaming\VMware
2014-06-01 11:23 - 2014-05-31 20:56 - 00000000 ____D () C:\Users\David\AppData\Local\VMware
2014-06-01 03:08 - 2013-11-10 06:02 - 00000000 ____D () C:\Users\David\AppData\Local\Packages
2014-05-31 20:58 - 2014-05-25 13:01 - 00000000 ____D () C:\Users\David\AppData\Local\join.me
2014-05-31 20:57 - 2014-05-31 20:57 - 00000000 ____D () C:\Users\David\Documents\Virtual Machines
2014-05-31 20:28 - 2014-05-31 20:28 - 00002154 _____ () C:\Users\Public\Desktop\VMware Workstation.lnk
2014-05-31 20:28 - 2014-05-31 20:28 - 00001024 _____ () C:\WINDOWS\SysWOW64\%TMP%
2014-05-31 20:28 - 2014-05-31 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2014-05-31 20:28 - 2013-11-11 18:20 - 00883630 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-05-31 20:27 - 2014-05-31 20:27 - 00000000 ____D () C:\Program Files\Common Files\VMware
2014-05-31 20:25 - 2014-05-31 20:25 - 00000000 ____D () C:\Users\Public\Documents\Shared Virtual Machines
2014-05-31 20:25 - 2014-05-31 20:25 - 00000000 ____D () C:\Program Files (x86)\VMware
2014-05-31 20:13 - 2014-05-31 20:13 - 00000908 _____ () C:\Users\David\Desktop\µTorrent.lnk
2014-05-31 20:13 - 2014-05-31 20:13 - 00000888 _____ () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-05-31 20:12 - 2014-05-31 20:12 - 01671504 _____ (BitTorrent Inc.) C:\Users\David\Downloads\uTorrent.exe
2014-05-31 20:05 - 2014-05-26 18:26 - 00000000 ____D () C:\Users\David\AppData\Roaming\X-Chat 2
2014-05-31 19:05 - 2014-05-31 18:15 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-05-31 18:28 - 2013-11-10 06:03 - 00000000 ____D () C:\Users\David\AppData\Local\VirtualStore
2014-05-31 18:21 - 2014-05-31 18:14 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-05-31 18:15 - 2014-05-31 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2014-05-31 18:15 - 2014-05-31 18:15 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-05-31 18:15 - 2013-08-22 11:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-05-31 18:14 - 2014-05-31 18:14 - 00000000 ____D () C:\Users\David\AppData\Local\Bluestacks
2014-05-31 18:13 - 2014-05-31 18:13 - 12814576 _____ (BlueStack Systems Inc.) C:\Users\David\Downloads\BlueStacks-SplitInstaller_native_b.exe
2014-05-31 01:13 - 2013-08-22 11:38 - 00703992 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-05-31 01:13 - 2013-08-22 11:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-30 23:55 - 2014-03-29 12:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-30 23:55 - 2014-03-29 12:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-30 23:55 - 2013-11-10 16:14 - 00001125 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-30 06:21 - 2014-06-11 00:19 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-30 05:45 - 2014-06-11 00:20 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-05-30 05:28 - 2014-06-11 00:19 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-05-30 05:20 - 2014-06-11 00:19 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-05-30 05:18 - 2014-06-11 00:20 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-05-30 05:08 - 2014-06-11 00:19 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-05-30 05:06 - 2014-06-11 00:20 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-05-30 04:46 - 2014-06-11 00:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-05-30 04:44 - 2014-06-11 00:19 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-05-30 04:43 - 2014-06-11 00:19 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-05-30 04:38 - 2014-06-11 00:20 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-05-30 04:35 - 2014-06-11 00:19 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-05-30 04:29 - 2014-06-11 00:20 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-05-30 04:27 - 2014-06-11 00:20 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-05-30 04:23 - 2014-06-11 00:19 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-05-30 04:16 - 2014-06-11 00:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-05-30 04:04 - 2014-06-11 00:20 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-05-30 04:02 - 2014-06-11 00:20 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-05-30 03:56 - 2014-06-11 00:19 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-05-30 03:56 - 2014-06-11 00:19 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-05-30 03:54 - 2014-06-11 00:20 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-05-30 03:49 - 2014-06-11 00:20 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-05-30 03:43 - 2014-06-11 00:19 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-05-30 03:40 - 2014-06-11 00:20 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-05-30 03:30 - 2014-06-11 00:20 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-05-30 03:21 - 2014-06-11 00:19 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-05-30 03:15 - 2014-06-11 00:20 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-05-30 03:13 - 2014-06-11 00:19 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-05-30 03:13 - 2014-06-11 00:19 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-05-29 22:28 - 2014-05-29 22:27 - 00000000 ____D () C:\Users\David\AppData\Local\PAYDAY 2
2014-05-29 22:16 - 2014-05-29 22:16 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-05-29 22:16 - 2014-05-29 22:16 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-05-28 22:02 - 2014-03-01 15:00 - 00290184 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2014-05-28 22:02 - 2014-03-01 14:47 - 00290184 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-05-28 22:02 - 2014-03-01 14:46 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-05-28 21:57 - 2014-05-28 21:57 - 00000000 ____D () C:\Users\David\Documents\Battlefield 3
2014-05-28 21:57 - 2014-03-01 15:00 - 00000000 ____D () C:\Users\David\AppData\Local\PunkBuster
2014-05-28 21:57 - 2014-03-01 14:47 - 00280904 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-05-28 21:56 - 2014-05-28 21:56 - 02247960 _____ () C:\Users\David\Downloads\battlelog-web-plugins_2.4.0_141.exe
2014-05-28 21:56 - 2014-05-28 21:56 - 00000000 ____D () C:\Users\David\AppData\Local\ESN
2014-05-28 21:56 - 2014-05-28 21:56 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-05-28 21:05 - 2014-05-28 21:05 - 00001197 _____ () C:\Users\Public\Desktop\Battlefield 3.lnk
2014-05-28 21:05 - 2014-05-28 21:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2014-05-28 20:19 - 2014-05-28 20:19 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-28 20:19 - 2014-05-28 20:19 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-28 20:04 - 2014-05-28 20:04 - 00001302 _____ () C:\Users\Public\Desktop\Plants vs. Zombies.lnk
2014-05-28 19:59 - 2014-01-11 13:01 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-05-28 18:02 - 2014-02-02 13:34 - 00001078 _____ () C:\Users\David\Desktop\Dropbox.lnk
2014-05-28 18:02 - 2014-02-02 13:31 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-28 17:53 - 2013-12-15 15:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-28 17:52 - 2014-04-27 11:24 - 00000000 ____D () C:\Users\David\AppData\Roaming\FileZilla
2014-05-28 17:35 - 2014-05-28 17:35 - 00001340 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2014-05-28 17:35 - 2014-05-28 17:35 - 00001328 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2014-05-28 17:33 - 2012-09-03 21:41 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-05-28 16:47 - 2014-05-26 20:33 - 00480768 _____ () C:\Users\David\Desktop\Infamous Chat.exe
2014-05-26 18:26 - 2014-05-26 18:26 - 00999091 _____ () C:\Users\David\Downloads\xchat-2.8.9.exe
2014-05-26 18:26 - 2014-05-26 18:26 - 00001852 _____ () C:\Users\Public\Desktop\XChat.lnk
2014-05-26 18:26 - 2014-05-26 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XChat
2014-05-26 18:26 - 2014-05-26 18:26 - 00000000 ____D () C:\Program Files (x86)\xchat
2014-05-26 18:25 - 2014-05-25 12:45 - 00000000 ____D () C:\Users\David\AppData\Roaming\HexChat
2014-05-26 10:03 - 2014-05-26 10:03 - 00000000 ____D () C:\Users\David\AppData\Local\Ubisoft
2014-05-25 17:16 - 2014-05-25 16:56 - 00000000 ____D () C:\Users\David\Documents\DayZ
2014-05-25 16:58 - 2014-05-25 16:56 - 00000000 ____D () C:\Users\David\AppData\Local\DayZ
2014-05-25 16:18 - 2014-05-25 16:18 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-05-25 16:18 - 2014-05-25 16:18 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-05-25 13:01 - 2014-05-25 13:01 - 00001119 _____ () C:\Users\David\Desktop\join.me.lnk
2014-05-25 13:01 - 2014-05-25 13:01 - 00001119 _____ () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\join.me.lnk
2014-05-25 12:44 - 2014-05-25 12:43 - 06229339 _____ (HexChat ) C:\Users\David\Downloads\HexChat 2.9.6.1 x86.exe
2014-05-23 16:15 - 2014-04-14 18:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-22 20:30 - 2014-05-22 20:30 - 00463952 _____ () C:\Users\David\Downloads\speech100.zip
2014-05-22 20:28 - 2014-05-22 20:28 - 05509039 _____ ( ) C:\Users\David\Downloads\BluelineFull.exe
2014-05-22 20:28 - 2014-05-22 20:28 - 00001021 _____ () C:\Users\Public\Desktop\Blueline.lnk
2014-05-22 20:28 - 2014-05-22 20:28 - 00000000 ____D () C:\Program Files (x86)\AzTools
2014-05-22 19:49 - 2013-12-24 15:23 - 00000000 ____D () C:\Users\David\Make-Me-Famous
2014-05-22 18:31 - 2014-03-23 17:46 - 00000000 ____D () C:\ProgramData\HappyCloud
2014-05-22 18:13 - 2013-11-10 06:04 - 00000000 ____D () C:\Users\David\AppData\Roaming\Adobe
2014-05-22 18:13 - 2012-09-03 21:41 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-22 18:08 - 2014-01-03 05:01 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-22 18:07 - 2014-01-04 21:39 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-22 18:01 - 2014-05-22 18:00 - 00000000 ____D () C:\Users\David\Invision Board
2014-05-22 16:57 - 2013-11-23 01:23 - 00000000 ____D () C:\Users\David\AppData\Local\Apple Computer
2014-05-22 16:52 - 2014-05-22 16:52 - 00001868 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-05-22 16:52 - 2014-05-22 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-05-22 16:52 - 2014-05-22 16:52 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-05-21 22:34 - 2013-11-12 02:16 - 01617920 ___SH () C:\Users\David\Desktop\Thumbs.db
2014-05-20 20:06 - 2014-05-20 20:06 - 00001806 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-20 20:06 - 2014-05-20 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-20 20:06 - 2014-05-20 20:04 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-20 20:06 - 2014-05-20 20:04 - 00000000 ____D () C:\Program Files\iTunes
2014-05-20 20:05 - 2014-05-20 20:04 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-05-20 20:04 - 2014-05-20 20:04 - 00000000 ____D () C:\Program Files\iPod
2014-05-19 02:31 - 2014-06-11 00:19 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-05-19 02:21 - 2014-06-11 00:19 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-05-19 01:23 - 2014-06-11 00:19 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-05-16 20:34 - 2014-04-03 20:35 - 00000000 ____D () C:\Users\David\AppData\Roaming\TS3Client
2014-05-15 18:12 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-05-14 23:50 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-14 23:50 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-14 23:50 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-05-14 23:50 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-05-14 23:50 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-14 23:50 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-13 21:31 - 2012-09-03 21:42 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-13 21:15 - 2013-11-10 15:33 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-05-13 21:13 - 2013-11-10 15:33 - 93223848 ____N (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-05-13 21:09 - 2013-08-22 09:25 - 00000167 _____ () C:\WINDOWS\win.ini
2014-05-13 16:15 - 2013-12-21 02:22 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-05-12 07:26 - 2014-03-29 12:27 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-03-29 12:27 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2013-11-10 16:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

Files to move or delete:
====================
C:\Users\David\AppData\Roaming\syncplay.ini
C:\Users\David\jagex_cl_runescape_LIVE.dat
C:\Users\David\random.dat


Some content of TEMP:
====================
C:\Users\David\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\David\AppData\Local\Temp\CreativeCloudSet-Up.exe
C:\Users\David\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpq1bqud.dll
C:\Users\David\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\David\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\David\AppData\Local\Temp\hcuninstaller_20140522_183153_7600.exe
C:\Users\David\AppData\Local\Temp\Install.EXE
C:\Users\David\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\David\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\David\AppData\Local\Temp\mcse32_00.dll
C:\Users\David\AppData\Local\Temp\mcse64_00.dll
C:\Users\David\AppData\Local\Temp\ose00000.exe
C:\Users\David\AppData\Local\Temp\Quarantine.exe
C:\Users\David\AppData\Local\Temp\SRLDetectionLibrary6596600526434840635.dll
C:\Users\David\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\David\AppData\Local\Temp\VSUSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-10 19:00

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-06-2014 01
Ran by David at 2014-06-11 16:21:22
Running from C:\Users\David\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.31515 - BitTorrent Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.1.369 - Adobe Systems Incorporated)
Adobe Dreamweaver CC (HKLM-x32\...\{00E094E1-A852-11E2-803D-ACEA632352B4}) (Version: 13 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Premiere Pro CC (HKLM-x32\...\{505FF1AC-E7F5-4462-BBA7-08900E7E9EEF}) (Version: 7.2.2 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 7.0 - PainteR)
AIM for Windows (HKCU\...\AIM) (Version:  - AOL Inc.)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.6 - Atheros Communications Inc.)
avast! Internet Security (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.0 - BlueJ Team)
Blueline 1.1.1 (HKLM-x32\...\Blueline_is1) (Version:  - )
BlueStacks Notification Center (HKLM-x32\...\{0BED0B96-70B8-4893-884B-DC485DC8C1B7}) (Version: 0.8.10.3096 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dashlane (HKCU\...\Dashlane) (Version: 2.4.1.63897 - Dashlane SAS)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{2BC398D2-11C8-43B1-AB84-675D33EB28C2}) (Version:  - Microsoft)
Democracy 3 (HKLM-x32\...\GOGPACKDEMOCRACY3_is1) (Version: 2.0.0.3 - GOG.com)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
f.lux (HKCU\...\Flux) (Version:  - )
FileZilla Client 3.8.0 (HKLM-x32\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
Google Chrome Canary (HKCU\...\Google Chrome SxS) (Version: 37.0.2043.0 - Google Inc.)
Gyazo 2.0.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Happy Cloud Client (HKCU\...\HappyCloud) (Version: 4.54 - Happy Cloud, Inc.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{1CF5754A-545B-4360-BFDE-2847BC728DFC}) (Version: 11.2.0.115 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 45 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
JCreator LE 5.00 (HKLM-x32\...\JCreator LE_is1) (Version:  - Xinox Software)
join.me (HKCU\...\JoinMe) (Version: 1.14.0.141 - LogMeIn, Inc.)
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Access MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Word MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Online Sheet Music Viewer 8.3.4.0 (HKLM-x32\...\Online Sheet Music Viewer_is1) (Version: 8.3.4.0 - Online Sheet Music, Inc.)
ooVoo (HKLM-x32\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.6.4001 - ooVoo LLC.)
Origin (HKLM-x32\...\Origin) (Version: 9.1.10.2728 - Electronic Arts, Inc.)
ORION: Dino Horde (HKLM-x32\...\Steam App 104900) (Version:  - Spiral Game Studios)
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Pinnacle Studio 15 (HKLM-x32\...\{1362E602-9625-42D3-B57F-CDA9D26F9DA8}) (Version: 15.0.0.7593 - Pinnacle Systems)
Pinnacle Video Driver (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
Plants vs. Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Premium Sound HD (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.5000 - SRS Labs, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Bluetooth Filter Driver Package (HKLM-x32\...\InstallShield_{0CC0980D-811D-43B8-A455-8D150EB5BC0D}) (Version: 12.24.2012.0802 - REALTEK Semiconductor Corp)
Realtek Bluetooth Filter Driver Package (x32 Version: 12.24.2012.0802 - REALTEK Semiconductor Corp) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\InstallShield_{95F38874-065A-40AB-AFC1-B764B192FFE7}) (Version: 2.00.0002 - REALTEK Semiconductor Corp.)
REALTEK Wireless LAN Driver (x32 Version: 2.00.0002 - REALTEK Semiconductor Corp.) Hidden
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 2.0.0.0 - Electronic Arts)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.2 - Synaptics Incorporated)
Syncplay (HKLM-x32\...\Syncplay) (Version: 1.2.7 - Syncplay)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Tom Clancy's Ghost Recon Phantoms - NA (HKLM-x32\...\Steam App 243870) (Version:  - Ubisoft Singapore)
tools-freebsd (x32 Version: 9.6.0.1295980 - VMware, Inc.) Hidden
tools-linux (x32 Version: 9.6.0.1295980 - VMware, Inc.) Hidden
tools-netware (x32 Version: 9.6.0.1295980 - VMware, Inc.) Hidden
tools-solaris (x32 Version: 9.6.0.1295980 - VMware, Inc.) Hidden
tools-windows (x32 Version: 9.6.0.1295980 - VMware, Inc.) Hidden
tools-winPre2k (x32 Version: 9.6.0.1295980 - VMware, Inc.) Hidden
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.4 - TOSHIBA)
Toshiba Book Place (HKLM-x32\...\{76078303-BAA2-4FBF-BA13-D1065195E696}) (Version: 3.3.9679 - K-NFB Reading Technology, Inc.)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.02.01.6407 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0002.6401 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\{B1786E63-2127-42C9-95A3-146E5F727BF1}) (Version: v1.0.0.8 - TOSHIBA Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.09.6400 - Toshiba Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.8 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.8.0 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0032 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.27.102  - Toshiba Corporation)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUS_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0409-0000-0000000FF1CE}_Office15.PROPLUS_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{AC57CF13-C24E-4C00-969F-5394DAE589C5}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{A4EACEBA-1944-45DB-B547-8967AA7926B9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUS_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{B7EA8070-C37F-4617-82F4-52CF3304595A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{9BC5FF1D-9626-44D7-BC7F-EB44BD8BDB9F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2878313) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{1FB43AFB-8112-41B9-B9A6-A43474F46123}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{D27F6360-AE1E-4C8C-8ECD-C0375E20B923}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUS_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{06EF2BF7-7351-4D70-A0D5-588FCCF9808D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7C5CEE0F-6823-4BB7-A28F-76FEC14EB6AC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUS_{3365FE58-896F-45DE-8051-E48F6D8069FD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUS_{A2D4D766-14AE-46CA-BD99-801FB1523626}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{17F87C6D-FB2C-40BA-9228-5C49C9A27972}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUS_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0090-0409-0000-0000000FF1CE}_Office15.PROPLUS_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-00BA-0409-0000-0000000FF1CE}_Office15.PROPLUS_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-00A1-0409-0000-0000000FF1CE}_Office15.PROPLUS_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0409-0000-0000000FF1CE}_Office15.PROPLUS_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0409-0000-0000000FF1CE}_Office15.PROPLUS_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM-x32\...\{90150000-0019-0409-0000-0000000FF1CE}_Office15.PROPLUS_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2837632) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6D8F4981-88A1-4386-8B3C-A51021FD8395}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{A7CD05CC-CA85-428C-91FD-74A908D126E1}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2880455) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{BCF1F149-B9D9-49D9-B829-FCDA37F7FF0C}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2880455) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0409-0000-0000000FF1CE}_Office15.PROPLUS_{BCF1F149-B9D9-49D9-B829-FCDA37F7FF0C}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2880455) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{BCF1F149-B9D9-49D9-B829-FCDA37F7FF0C}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2880455) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{BCF1F149-B9D9-49D9-B829-FCDA37F7FF0C}) (Version:  - Microsoft)
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 10.0.0 - VMware, Inc)
VMware Workstation (Version: 10.0.0 - VMware, Inc.) Hidden
Windows Driver Package - Realtek Semiconductor Corp. RtkBtFilter Bluetooth  (07/11/2012 2.3.13.3) (HKLM\...\57F58DC141BEB353704E041792E5B00606694FEA) (Version: 07/11/2012 2.3.13.3 - Realtek Semiconductor Corp.)
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB  (06/11/2009 1.0.0.0) (HKLM\...\EC3E466026556D3EB760B01C4772277614354E11) (Version: 06/11/2009 1.0.0.0 - Texas Instruments Inc.)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB  (09/02/2009 1.0.0.1) (HKLM\...\7511B29C86C398B4D11A0B0E4176CAD68D1B7057) (Version: 09/02/2009 1.0.0.1 - Texas Instruments Inc.)
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
XChat 2 (remove only) (HKLM-x32\...\xchat) (Version:  - )
XSplit Gamecaster (HKLM-x32\...\{019CB408-D689-43B9-B424-3322D43E4719}) (Version: 1.7.1405.2118 - SplitmediaLabs)

==================== Restore Points  =========================

28-05-2014 21:34:43 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
05-06-2014 18:12:47 Scheduled Checkpoint
06-06-2014 21:57:23 Removed BlueStacks Notification Center
08-06-2014 13:57:15 Removed BlueStacks Notification Center
10-06-2014 05:26:49 Installed DirectX

==================== Hosts content: ==========================

2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {06FFD84C-D72E-4853-B073-1268E92A1734} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {0879C761-D446-4CF1-A6DF-F0055C054ACA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0C5034D5-6E86-458A-8AD2-FAD7D526ADC9} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23407A99-7C5D-4CF3-A51D-6F3E4184CFE0} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {2A097F14-7EA0-4F68-A4A8-399B9EE27A0F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-903154375-3973902662-3159236840-1001UA => C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-06] (Google Inc.)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3E688E21-22EA-4BBD-80B3-904F62AE6247} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-05-13] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4E312760-5CDC-4FC6-BC81-F307987D665C} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {694F6F33-959C-48DC-B2AC-9EB6941F9280} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-MrRelapse@live.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {721F3C9E-1845-4105-8149-2602C14C6A69} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-06-05] (AVAST Software)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {838630E9-46F8-4A14-8FFA-6D981366D749} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {92C73330-EBB1-4296-9904-8B79BDEC1C7A} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.5.0.38\SymErr.exe
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A281DD7D-93CA-4065-A8A2-95883F0F4FEE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-903154375-3973902662-3159236840-1001Core => C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-06] (Google Inc.)
Task: {BCA8C196-0AC3-497E-9DBD-707C0E8B28E1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {BD836F9F-DDDB-4EE7-BC6D-923912D57EBF} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.5.0.38\SymErr.exe
Task: {C9733B91-5CD2-4BAD-A595-3E477E3FCF7D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CB912859-F774-4D52-8071-5DC2E6F3C03D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D8114A30-EDDC-4605-BAE2-465360E1AE78} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EA62B82D-DC4B-4E9F-BBEE-97EB69A6126B} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {EB834616-2842-4797-AA18-05478CF3B805} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {FD7A178E-1B4D-459D-92F1-0A1AAF5981CA} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-20] (Synaptics Incorporated)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-903154375-3973902662-3159236840-1001Core.job => C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-903154375-3973902662-3159236840-1001UA.job => C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-05-23 02:10 - 2014-05-23 02:10 - 00671904 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2014-05-14 08:15 - 2014-05-14 08:15 - 08890536 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2010-01-02 10:42 - 2010-01-02 10:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-03-01 14:46 - 2014-05-28 22:02 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2012-07-18 22:38 - 2012-07-18 22:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2013-09-21 07:22 - 2013-09-21 07:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-11-10 21:09 - 2014-05-15 15:30 - 00598072 _____ () C:\Users\David\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-06-06 19:25 - 2014-05-27 10:40 - 00219832 _____ () C:\Users\David\AppData\Roaming\Dashlane\Dashlane.exe
2014-05-23 02:10 - 2014-05-23 02:10 - 05341856 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-06-11 05:55 - 2014-06-11 05:55 - 02775040 _____ () C:\Program Files\AVAST Software\Avast\defs\14061100\algo.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-14 08:15 - 2014-05-14 08:15 - 08890536 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-08-27 12:42 - 2013-08-27 12:42 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2013-11-10 21:09 - 2014-05-15 15:30 - 36966968 _____ () C:\Users\David\AppData\Roaming\Spotify\Data\libcef.dll
2014-05-25 14:57 - 2014-04-29 20:08 - 01135104 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-05-25 14:57 - 2014-04-29 20:08 - 00404992 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-01-08 17:17 - 2014-04-29 20:08 - 00340992 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-04-25 19:48 - 2014-04-29 20:08 - 00471552 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2013-11-06 14:48 - 2014-05-16 21:36 - 00756224 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-25 14:57 - 2014-05-29 13:37 - 02139840 _____ () C:\Program Files (x86)\Steam\video.dll
2014-05-25 14:57 - 2014-04-28 20:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2013-12-11 12:40 - 2014-05-29 13:36 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-11-06 14:48 - 2014-05-01 19:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-06-14 16:49 - 2013-06-14 19:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2013-06-14 16:49 - 2013-06-14 19:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2013-06-14 16:49 - 2013-06-14 19:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2014-06-06 19:24 - 2014-05-27 10:38 - 00255160 _____ () C:\Users\David\AppData\Roaming\Dashlane\2.4.1.63897\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebugDll_win32.2.4.1.63897.dll
2014-06-06 19:24 - 2014-05-27 10:38 - 00363704 _____ () C:\Users\David\AppData\Roaming\Dashlane\2.4.1.63897\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebug.2.4.1.63897.dll
2014-06-06 19:25 - 2014-05-27 10:38 - 00423608 _____ () C:\Users\David\AppData\Roaming\Dashlane\2.4.1.63897\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWUtils.2.4.1.63897.dll
2014-06-06 19:24 - 2014-05-27 10:38 - 28239544 _____ () C:\Users\David\AppData\Roaming\Dashlane\2.4.1.63897\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWExternLib.2.4.1.63897.dll
2014-06-06 19:25 - 2014-05-27 10:38 - 00263352 _____ () C:\Users\David\AppData\Roaming\Dashlane\2.4.1.63897\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib_win.2.4.1.63897.dll
2014-06-06 19:24 - 2014-05-27 10:38 - 04805304 _____ () C:\Users\David\AppData\Roaming\Dashlane\2.4.1.63897\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWData.2.4.1.63897.dll
2014-06-06 19:24 - 2014-05-27 10:37 - 04319416 _____ () C:\Users\David\AppData\Roaming\Dashlane\2.4.1.63897\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWApplication.2.4.1.63897.dll
2013-12-13 08:12 - 2013-12-13 08:12 - 00307712 _____ () C:\Users\David\AppData\Roaming\Curse Client\Bin\opus.dll
2014-03-10 13:55 - 2014-05-22 12:55 - 00437248 _____ () C:\Users\David\AppData\Roaming\Curse Client\Bin\WebRTC_CSharpWrapper.dll
2013-11-10 16:10 - 2013-11-10 16:10 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-11-10 21:09 - 2014-05-15 15:30 - 00886840 _____ () C:\Users\David\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-11-10 21:09 - 2014-05-15 15:30 - 00108600 _____ () C:\Users\David\AppData\Roaming\Spotify\Data\libegl.dll
2014-05-26 05:52 - 2014-05-26 05:52 - 32733088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2014-03-28 05:35 - 2014-03-28 05:35 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-06-11 16:12 - 2014-06-11 16:12 - 00043008 _____ () c:\users\david\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpq1bqud.dll
2013-08-23 15:01 - 2013-08-23 15:01 - 25100288 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\libcef.dll
2013-02-18 06:06 - 2012-06-25 14:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-05-12 22:22 - 2014-05-12 22:22 - 02217128 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\plugins\ExchangePlugin\ExManCoreLib\ExManZxpSign.dll
2014-05-26 05:52 - 2014-05-26 05:52 - 00742816 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libglesv2.dll
2014-05-26 05:52 - 2014-05-26 05:52 - 00136608 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libegl.dll
2014-04-14 18:00 - 2014-05-23 16:15 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\David\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/11/2014 04:16:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wwahost.exe version 6.3.9600.17031 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 844

Start Time: 01cf85b1492bd4a6

Termination Time: 4294967295

Application Path: C:\WINDOWS\syswow64\wwahost.exe

Report Id: 40ac06a4-f1a5-11e3-beb3-008cfa3e9f01

Faulting package full name: Microsoft.SkypeApp_2.8.0.1001_x86__kzf8qxf38zg5c

Faulting package-relative application ID: App

Error: (06/11/2014 04:16:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20498 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: e60

Start Time: 01cf85b1223ff7fd

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: 3d060062-f1a5-11e3-beb3-008cfa3e9f01

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (06/11/2014 04:12:47 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4

Error: (06/11/2014 04:12:45 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (06/11/2014 04:12:44 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:

Error: (06/11/2014 04:12:44 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4

Error: (06/11/2014 04:12:42 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4

Error: (06/11/2014 04:12:42 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4

Error: (06/11/2014 04:12:42 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (06/11/2014 04:12:31 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)


System errors:
=============
Error: (06/11/2014 04:20:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The avast! HardwareID service failed to start due to the following error:
%%127

Error: (06/11/2014 04:11:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The avast! HardwareID service failed to start due to the following error:
%%127

Error: (06/11/2014 04:11:12 PM) (Source: DCOM) (EventID: 10016) (User: MAIN-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Main-PCDavidS-1-5-21-903154375-3973902662-3159236840-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/11/2014 04:11:12 PM) (Source: DCOM) (EventID: 10016) (User: MAIN-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Main-PCDavidS-1-5-21-903154375-3973902662-3159236840-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/11/2014 04:09:58 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The BlueStacks Android Service service terminated with the following error:
%%1064

Error: (06/11/2014 04:09:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The avast! HardwareID service failed to start due to the following error:
%%127

Error: (06/11/2014 04:07:47 PM) (Source: DCOM) (EventID: 10010) (User: MAIN-PC)
Description: Microsoft.WindowsLive.Mail.AppXchpnq3xrg3grbgjnhp88jn3v9r1xskxr.mca

Error: (06/11/2014 00:17:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The avast! HardwareID service failed to start due to the following error:
%%127

Error: (06/11/2014 00:17:22 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The BlueStacks Android Service service terminated with the following error:
%%1064

Error: (06/11/2014 00:17:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The avast! HardwareID service failed to start due to the following error:
%%127


Microsoft Office Sessions:
=========================
Error: (06/11/2014 04:16:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.1703184401cf85b1492bd4a64294967295C:\WINDOWS\syswow64\wwahost.exe40ac06a4-f1a5-11e3-beb3-008cfa3e9f01Microsoft.SkypeApp_2.8.0.1001_x86__kzf8qxf38zg5cApp

Error: (06/11/2014 04:16:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20498e6001cf85b1223ff7fd4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe3d060062-f1a5-11e3-beb3-008cfa3e9f01microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (06/11/2014 04:12:47 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4

Error: (06/11/2014 04:12:45 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (06/11/2014 04:12:44 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:

Error: (06/11/2014 04:12:44 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4

Error: (06/11/2014 04:12:42 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4

Error: (06/11/2014 04:12:42 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4

Error: (06/11/2014 04:12:42 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (06/11/2014 04:12:31 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)


CodeIntegrity Errors:
===================================
  Date: 2014-06-07 20:06:08.546
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Percentage of memory in use: 39%
Total physical RAM: 8076.22 MB
Available physical RAM: 4919.45 MB
Total Pagefile: 16268.22 MB
Available Pagefile: 12314.06 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (TI10653400C) (Fixed) (Total:688.46 GB) (Free:428.5 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.


==================== End Of Log ============================

# AdwCleaner v3.212 - Report created 11/06/2014 at 16:07:44
# Updated 05/06/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : David - MAIN-PC
# Running from : C:\Users\David\Desktop\adwcleaner_3.212.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\David\AppData\Local\Surf_Canyon
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\lp8zlv05.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{442718d9-475e-452a-b3e1-fb1ee16b8e9f}]
Key Deleted : HKCU\Software\Google\Chrome\Extensions\mkjojgglmmcghgaiknnpgjgldgaocjfd
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{42D79B50-CC4A-4A8E-860F-BE674AF053A2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42D79B50-CC4A-4A8E-860F-BE674AF053A2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{42D79B50-CC4A-4A8E-860F-BE674AF053A2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Surf Canyon
Key Deleted : HKCU\Software\AppDataLow\Software\Surf Canyon
Key Deleted : HKLM\Software\Surf Canyon

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Secondary Start Pages]

-\\ Mozilla Firefox v29.0.1 (en-US)

[ File : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\lp8zlv05.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [2648 octets] - [11/06/2014 16:06:23]
AdwCleaner[S0].txt - [2308 octets] - [11/06/2014 16:07:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2368 octets] ##########

Regards,

Agent Shark



BC AdBot (Login to Remove)

 


m

#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:37 PM

Posted 12 June 2014 - 07:38 AM


Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.

start

(BitTorrent Inc.) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe
HKU\S-1-5-21-903154375-3973902662-3159236840-1001\...\Run: [uTorrent] => C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe [1671504 2014-05-31] (BitTorrent Inc.)
SearchScopes: HKCU - {2F2085F5-B82D-43EB-AAAF-848B59B5B8FF} URL =
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
S3 cpuz136; \??\C:\Users\David\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
C:\Users\David\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\David\AppData\Local\Temp\CreativeCloudSet-Up.exe
C:\Users\David\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpq1bqud.dll
C:\Users\David\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\David\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\David\AppData\Local\Temp\hcuninstaller_20140522_183153_7600.exe
C:\Users\David\AppData\Local\Temp\Install.EXE
C:\Users\David\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\David\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\David\AppData\Local\Temp\mcse32_00.dll
C:\Users\David\AppData\Local\Temp\mcse64_00.dll
C:\Users\David\AppData\Local\Temp\ose00000.exe
C:\Users\David\AppData\Local\Temp\Quarantine.exe
C:\Users\David\AppData\Local\Temp\SRLDetectionLibrary6596600526434840635.dll
C:\Users\David\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\David\AppData\Local\Temp\VSUSetup.exe

end

Save the files as fixlist.txt in to the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.

===

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.
===


Let me know what problem persists.

#3 Agent Shark

Agent Shark
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:37 AM

Posted 12 June 2014 - 11:57 AM

Hey Nasdaq,

 

I finished the FRT scan you requested and am rebooting my machine. It had some updates to do and it's been well over 30 minutes now and it says:

 

"Keep your PC on until this is done. Installing update 1 of 3..."

 

Should it take this long?



#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:37 PM

Posted 12 June 2014 - 12:41 PM

It should not take more than 1 or 2 hours.

Keep it as long as you can.
If you stop it the updates will not get installed.

If you must then stop the process and restart the computer.

#5 Agent Shark

Agent Shark
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:37 AM

Posted 12 June 2014 - 05:34 PM

So,

 

Upon running SecurityCheck, it won't load. Like it'll run but go to this screen:

2ee5a936daa8ae521c7113f96fe9bdb0.png

 

Its been like that for about 10 minutes and I've tried twice. Here is the other log regardless:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-06-2014 01
Ran by David at 2014-06-12 11:50:33 Run:1
Running from C:\Users\David\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start

(BitTorrent Inc.) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe
HKU\S-1-5-21-903154375-3973902662-3159236840-1001\...\Run: [uTorrent] => C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe [1671504 2014-05-31] (BitTorrent Inc.)
SearchScopes: HKCU - {2F2085F5-B82D-43EB-AAAF-848B59B5B8FF} URL =
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
S3 cpuz136; \??\C:\Users\David\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
C:\Users\David\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\David\AppData\Local\Temp\CreativeCloudSet-Up.exe
C:\Users\David\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpq1bqud.dll
C:\Users\David\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\David\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\David\AppData\Local\Temp\hcuninstaller_20140522_183153_7600.exe
C:\Users\David\AppData\Local\Temp\Install.EXE
C:\Users\David\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\David\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\David\AppData\Local\Temp\mcse32_00.dll
C:\Users\David\AppData\Local\Temp\mcse64_00.dll
C:\Users\David\AppData\Local\Temp\ose00000.exe
C:\Users\David\AppData\Local\Temp\Quarantine.exe
C:\Users\David\AppData\Local\Temp\SRLDetectionLibrary6596600526434840635.dll
C:\Users\David\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\David\AppData\Local\Temp\VSUSetup.exe

end
*****************

[6272] C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe => Process closed successfully.
HKU\S-1-5-21-903154375-3973902662-3159236840-1001\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value deleted successfully.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2F2085F5-B82D-43EB-AAAF-848B59B5B8FF}' => Key deleted successfully.
'HKCR\CLSID\{2F2085F5-B82D-43EB-AAAF-848B59B5B8FF}'=> Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value deleted successfully.
'HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}'=> Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
'HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}'=> Key not found.
cpuz136 => Service deleted successfully.
VBoxNetFlt => Service deleted successfully.
C:\Users\David\AppData\Local\Temp\Creative Cloud Helper.exe => Moved successfully.
C:\Users\David\AppData\Local\Temp\CreativeCloudSet-Up.exe => Moved successfully.
C:\Users\David\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpq1bqud.dll => Moved successfully.
C:\Users\David\AppData\Local\Temp\fp_pl_pfs_installer-1.exe => Moved successfully.
C:\Users\David\AppData\Local\Temp\fp_pl_pfs_installer.exe => Moved successfully.
C:\Users\David\AppData\Local\Temp\hcuninstaller_20140522_183153_7600.exe => Moved successfully.
C:\Users\David\AppData\Local\Temp\Install.EXE => Moved successfully.
C:\Users\David\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe => Moved successfully.
C:\Users\David\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe => Moved successfully.
C:\Users\David\AppData\Local\Temp\mcse32_00.dll => Moved successfully.
C:\Users\David\AppData\Local\Temp\mcse64_00.dll => Moved successfully.
C:\Users\David\AppData\Local\Temp\ose00000.exe => Moved successfully.
C:\Users\David\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\David\AppData\Local\Temp\SRLDetectionLibrary6596600526434840635.dll => Moved successfully.
C:\Users\David\AppData\Local\Temp\swt-win32-3349.dll => Moved successfully.
C:\Users\David\AppData\Local\Temp\VSUSetup.exe => Moved successfully.

==== End of Fixlog ====



#6 Agent Shark

Agent Shark
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:37 AM

Posted 12 June 2014 - 06:14 PM

Update: Here is the SecurityCheck Log

 

Results of screen317's Security Check version 0.99.84  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Windows Defender   
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 55  
 Java SE Development Kit 7 Update 45
 Java version out of Date!
 Adobe Flash Player     13.0.0.214  
 Adobe Reader 10.1.10 Adobe Reader out of Date!  
 Mozilla Firefox (29.0.1)
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast afwServ.exe  
 AVAST Software Avast avastui.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
 



#7 nasdaq

nasdaq

  • Malware Response Team
  • 38,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:37 PM

Posted 13 June 2014 - 07:13 AM

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.
Latest version is Java JRE 7u60.

You can manually check your present version and update as recommended.
https://www.java.com/en/download/installed.jsp

Be careful not to install malware posing as Java update!
Important read this blog.
http://blog.trendmicro.com/trendlabs-security-intelligence/malware-poses-as-an-update-for-java-0-day-fix/

Quoted from the page.
"In light of the recent events surrounding Java, users must seriously consider their use of Java. Do they really need it? If yes, make sure that users follow the steps we recommended and get the security update directly from the official oracle website." at:
http://www.oracle.com/technetwork/java/javase/downloads/index.html

How to disable Java in your browsers
http://www.infoworld.com/t/web-browsers/how-disable-java-in-your-browsers-210882


If present remove the old version(s) of Java using the Add/Remove Programs applet.

Java 7 Update 55
Java SE Development Kit 7 Update 45


===

If all is well:

Please consider using these ideas to help secure your computer. While there is no way to guarantee safety when you use a computer, these steps will make it much less likely that you will need to endure another infection. While we really like to help people, we would rather help you protect yourself so that you won't need that help in the future.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.

Having an effective antivirus is a must for everyone.
In addition to many excellent commercial products there are plenty of good free antivirus programs available. I can recommend:

If you are satisfied with your current protection programs you can ignore the instructions on Antivirus or Firewall listed below.In addition to an antivirus I recommend using a firewall. A software firewall is a software program that helps screen out hackers, viruses, and worms that try to reach your computer over the Internet. I can recommend one of the following free products:Please note: Many installer offer third-party downloads that are installed automatically when you do not uncheck certain checkboxes. While most of the time not being malicious you usually do not want these on your computer. Be careful during the installation process and you will avoid seeing tons of new unwanted toolbars in your favorite web browser.

Please consider installing and running some of the following programs; they are either free or have free versions of commercial programs:

Malwarebytes Anti-Malware (MBAM)
The free version of MBAM can be used to scan the system for traces of malware. Scanning your system regularly will make it harder for malware to reside on your system.
A tutorial on using MBAM can be found here.
Please Note: Only the paid for version has real time capabilities.

SpywareBlaster
A tutorial on using SpywareBlaster to prevent malware from ever installing on your computer may be found here.

Please keep these programs up-to-date and run them whenever you suspect a problem to prevent malware problems. A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall and scanning anti-spyware program at a time. Passive protectors, like SpywareBlaster can be run with any of them.

Note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:A similar category of programs is now called "scareware." Scareware programs are active infections that will pop-up on your computer and tell you that you are infected. If you look closely, it will usually have a name that looks like it might be legitimate, but it is NOT one of the programs you installed. It tells you to click and install it right away. If you click on any part of it, including the 'X' to close it, you may actually help it infect your computer further. Keeping protection updated and running resident protection can help prevent these infections. If it happens anyway, get offline as quickly as you can. Pull the internet connection cable or shut down the computer if you have to. Contact someone to help by using another computer if possible. These programs are also sometimes called 'rogues', but they are different than the older version of rogues mentioned above.

Please keep your programs up to date. This applies to Java, Adobe Flashplayer, Adobe Reader and your Internet Browsers in particular. Vulnerabilities in these programs are often exploited in order to install malware on your PC. Visiting a prepared web page suffices to infect your system.

In general Firefox, Opera and Google Chrome are considered to be more secure than Internet Explorer. In addition there are many useful add-ons that can protect you from possible risks:
  • WOT will warn you when you try to visit sites with poor reputation. The reputation is based on user ratings and is usually very accurate.
  • Script Blocker can help blocking many attempts to infect your system via malicious websites by only allowing scripts at sites you trust.
  • NoScript is a popular Firefox addon,
  • ScriptNo a popular Google Chrome addon.
For much more useful information, please also read Tony Klein's excellent article: How did I get infected in the first place

Hopefully these steps will help to keep you error free. If you run into more difficulty, we will certainly do what we can to help.
===

#8 Agent Shark

Agent Shark
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:37 AM

Posted 13 June 2014 - 11:44 PM

Thank you so much for the help! You can close this.



#9 nasdaq

nasdaq

  • Malware Response Team
  • 38,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:37 PM

Posted 14 June 2014 - 09:19 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users