Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need help, had keylogger, and viruses. Someone may be spying on me.


  • This topic is locked This topic is locked
17 replies to this topic

#1 Perfection7

Perfection7

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 09 August 2014 - 04:44 PM

I ran a check through avast and malawarebyte the other day and it found PUP.  virus/keylogger.. I found other viruses as well.  I stay in safe sites on my pc, and have not downloaded anything suspicious that I know about.  Anyways, recently I found that my downstairs neighbor had been spying on me from downstairs with audio recorders and cameras.  I would like to think there is no connection, but I can't be sure.  I've used the more basic programs, but don't know how to go in deep and check.  Please help.

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.17028  BrowserJavaVersion: 10.65.2
Run by Azric at 18:18:42 on 2014-08-09
Microsoft Windows 8  6.2.9200.0.1252.1.1033.18.8139.5830 [GMT -4:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\dwm.exe
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\windows\system32\dashost.exe
C:\Program Files\Hola\app\hola_updater.exe
C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
C:\windows\SysWOW64\NLSSRV32.EXE
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
C:\Program Files\Macrium\Reflect\ReflectService.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe
F:\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\windows\system32\taskhostex.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\windows\Explorer.EXE
F:\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
C:\Windows\RTFTrack.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
F:\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\nacl64.exe
C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\nacl64.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\System32\svchost.exe -k swprv
C:\windows\system32\taskeng.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
BHO: RapidFinda: {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} - 
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
mRun: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
mRun: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
mRun: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
mRun: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [SDTray] "F:\Spybot - Search & Destroy 2\SDTray.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\REALPL~1.LNK - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {4FF78044-96B4-4312-A5B7-FDA3CB328095} - 
DPF: {BAD4FE2C-503B-45CC-88CD-4B0574057D11} - hxxp://clients.futuremark.com/calico/systeminfodeploy/Futuremark_SystemInfo_4_19_133.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{098264C7-2C97-4D8F-AF95-93D25130E711} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{5F3A7900-02BC-4BC3-A61B-4FE5FC89D878} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{5F3A7900-02BC-4BC3-A61B-4FE5FC89D878}\1445450225963686162746 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{5F3A7900-02BC-4BC3-A61B-4FE5FC89D878}\14454525963686162746 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{5F3A7900-02BC-4BC3-A61B-4FE5FC89D878}\541403 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{5F3A7900-02BC-4BC3-A61B-4FE5FC89D878}\95F657E67644F676D27657563747 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{5F3A7900-02BC-4BC3-A61B-4FE5FC89D878}\C696E6B6379737 : DHCPNameServer = 192.168.1.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll
x64-BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll
x64-Run: [SynLenovoGestureMgr] "C:\Program Files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe" /m
x64-Run: [OnekeyStudio] C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
x64-Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
x64-Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
x64-Run: [RtsFT] RTFTrack.exe
x64-Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
x64-Run: [ShadowPlay] C:\windows\System32\rundll32.exe C:\windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [RtHDVBg_LENOVO_DOLBYDRAGON] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
x64-Run: [hola] C:\Program Files\Hola\app\hola.exe --tray --autorun
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-mPolicies-Explorer: NoDrives = dword:0
x64-mPolicies-System: PromptOnSecureDesktop = dword:0
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Azric\AppData\Roaming\Mozilla\Firefox\Profiles\4jgathde.default-1401329207871\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Nitro\Pro 8\npdf.dll
FF - plugin: C:\Program Files (x86)\Nitro\Pro 8\npnitroie.dll
FF - plugin: C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\windows\System32\Adobe\Director\np32dsw_1211151.dll
FF - plugin: C:\windows\System32\Adobe\Director\np32dsw_1212152.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\windows\System32\Drivers\aswRvrt.sys [2013-5-21 65776]
R0 aswVmm;avast! VM Monitor;C:\windows\System32\Drivers\aswVmm.sys [2013-5-21 224896]
R0 iaStorA;iaStorA;C:\windows\System32\Drivers\iaStorA.sys [2013-4-4 647736]
R0 LHDmgr;LHDmgr;C:\windows\System32\Drivers\LhdX64.sys [2013-4-4 39008]
R1 aswSnx;aswSnx;C:\windows\System32\Drivers\aswSnx.sys [2013-5-21 1041168]
R1 aswSP;aswSP;C:\windows\System32\Drivers\aswsp.sys [2013-5-21 427360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\System32\Drivers\dtsoftbus01.sys [2014-5-11 283064]
R1 RzFilter;RzFilter;C:\windows\System32\Drivers\RzFilter.sys [2014-6-20 74432]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2014-2-5 772064]
R2 aswHwid;avast! HardwareID;C:\windows\System32\Drivers\aswHwid.sys [2014-8-1 29208]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\Drivers\aswMonFlt.sys [2013-5-21 79184]
R2 aswStm;aswStm;C:\windows\System32\Drivers\aswStm.sys [2014-8-1 92008]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-8-1 50344]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-8-26 1137016]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-8-26 1157496]
R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-9-12 135984]
R2 hola_updater;Hola Internet Acceleration Updater;C:\Program Files\Hola\app\hola_updater.exe [2014-6-12 5797912]
R2 HTCMonitorService;HTCMonitorService;C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2014-4-2 87368]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-4-4 14904]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-8-27 747520]
R2 Intel® Wireless Bluetooth® 4.0 Radio Management;Intel® Wireless Bluetooth® 4.0 Radio Management;C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [2013-9-18 157128]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-4-4 169432]
R2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8;C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [2012-12-14 230408]
R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\NLSSRV32.EXE [2012-12-14 70152]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-4-11 1617696]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-11-28 21007192]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-10-17 166912]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-4-6 39568]
R2 RealPlayer Cloud Service;RealPlayer Cloud Service;C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [2014-5-9 1141848]
R2 RealPlayerUpdateSvc;RealPlayer Update Service;C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-4-7 23552]
R2 ReflectService.exe;Macrium Reflect Image Mounting Service;C:\Program Files\Macrium\Reflect\ReflectService.exe [2013-6-28 409720]
R2 RzOvlMon;Razer Overlay Subsystem Emergency Service;C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe [2014-4-18 32960]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;F:\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-8-9 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;F:\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-8-9 2088408]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-5-27 413128]
R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2014-1-8 3674864]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\System32\Drivers\AcpiVpc.sys [2012-5-15 33560]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\windows\System32\Drivers\AmpPal.sys [2013-7-29 165344]
R3 BthA2DP;Bluetooth Stereo;C:\windows\System32\Drivers\BthA2DP.sys [2014-1-3 117632]
R3 BthHFAud;Bluetooth Hands-Free;C:\windows\System32\Drivers\BthHfAud.sys [2013-5-21 30720]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\windows\System32\Drivers\BthLEEnum.sys [2012-7-25 202752]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\System32\Drivers\btmaux.sys [2013-7-22 140600]
R3 btmhsf;btmhsf;C:\windows\System32\Drivers\btmhsf.sys [2013-10-15 1390904]
R3 ibtfltcoex;ibtfltcoex;C:\windows\System32\Drivers\iBtFltCoex.sys [2013-10-15 69088]
R3 JMCR;JMCR;C:\windows\System32\Drivers\jmcr.sys [2013-5-21 175928]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\windows\System32\Drivers\L1C63x64.sys [2014-5-15 129224]
R3 NETwNe64;@oem6.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;C:\windows\System32\Drivers\NETwew00.sys [2014-2-25 3349984]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-5-15 18776]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\windows\System32\Drivers\nvvad64v.sys [2014-5-15 40392]
R3 RzDxgk;RzDxgk;C:\windows\System32\Drivers\RzDxgk.sys [2014-6-20 129472]
R3 ScpVBus;Scp Virtual Bus Driver;C:\windows\System32\Drivers\ScpVBus.sys [2014-6-14 39168]
R3 SmbDrvI;SmbDrvI;C:\windows\System32\Drivers\Smb_driver_Intel.sys [2013-1-21 31032]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
S2 hola_svc;Hola Internet Acceleration Service;C:\Program Files\Hola\app\hola_svc.exe [2014-6-12 5797912]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\windows\System32\Drivers\AmpPal.sys [2013-7-29 165344]
S3 BRDriver64;BRDriver64;C:\ProgramData\BitRaider\BRDriver64.sys [2014-1-10 75048]
S3 BRSptSvc;BitRaider Mini-Support Service;C:\ProgramData\BitRaider\BRSptSvc.exe [2014-1-10 477960]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2012-10-11 29696]
S3 HTCAND64;HTC Device Driver;C:\windows\System32\Drivers\ANDROIDUSB.sys [2009-11-2 33736]
S3 htcnprot;HTC NDIS Protocol Driver;C:\windows\System32\Drivers\htcnprot.sys [2012-12-7 36928]
S3 HtcVCom32;HTC Diagnostic Port;C:\windows\System32\Drivers\HtcVComV64.sys [2013-10-5 121800]
S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-8-27 828376]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\windows\System32\Drivers\MijXfilt.sys [2013-5-8 115272]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2014-1-8 284912]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\windows\System32\Drivers\netaapl64.sys [2012-9-10 22528]
S3 rtsuvc;Lenovo EasyCamera;C:\windows\System32\Drivers\rtsuvc.sys [2013-4-4 8235792]
S3 rzudd;Razer Mouse Driver;C:\windows\System32\Drivers\rzudd.sys [2014-5-19 155816]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 WSDScan;WSD Scan Support;C:\windows\System32\Drivers\WSDScan.sys [2013-4-4 23552]
S3 wsvd;wsvd;C:\windows\System32\Drivers\wsvd.sys [2013-4-4 102376]
S3 xb1usb;Microsoft Xbox One Controller Driver;C:\windows\System32\Drivers\xb1usb.sys [2014-5-27 34016]
S3 xusb22;Xbox 360 Wireless Receiver Driver Service 22;C:\windows\System32\Drivers\xusb22.sys [2012-7-25 89088]
.
=============== Created Last 30 ================
.
2014-08-09 21:59:32 -------- d-sh--w- C:\$RECYCLE.BIN
2014-08-09 21:31:53 98816 ----a-w- C:\windows\sed.exe
2014-08-09 21:31:53 256000 ----a-w- C:\windows\PEV.exe
2014-08-09 21:31:53 208896 ----a-w- C:\windows\MBR.exe
2014-08-09 21:31:23 -------- d-----w- C:\ComboFix_14_4_30_1
2014-08-09 21:13:36 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-08-09 21:12:04 21040 ----a-w- C:\windows\System32\sdnclean64.exe
2014-08-09 21:12:03 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2014-08-04 15:41:37 -------- d-----w- C:\ProgramData\Licenses
2014-08-04 15:41:35 129872 ----a-w- C:\windows\SysWow64\MSSTDFMT.DLL
2014-08-01 19:34:58 92008 ----a-w- C:\windows\System32\drivers\aswStm.sys
2014-08-01 19:34:58 29208 ----a-w- C:\windows\System32\drivers\aswHwid.sys
2014-08-01 19:34:53 43152 ----a-w- C:\windows\avastSS.scr
2014-08-01 07:07:43 98216 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-15 14:22:58 729161 ----a-w- C:\windows\SysWow64\fpimage.dll
2014-07-15 14:22:58 1410704 ----a-w- C:\windows\SysWow64\FPSPR70.ocx
2014-07-15 14:22:58 -------- d-----w- C:\Program Files (x86)\Respondus LockDown Browser
2014-07-15 11:54:26 -------- d-----w- C:\Users\Azric\AppData\Local\HorizonWimba
2014-07-11 15:10:10 -------- d-----w- C:\Users\Azric\AppData\Roaming\PowerUp Software
2014-07-11 05:06:07 -------- d-----w- C:\windows\SysWow64\RTCOM
2014-07-11 05:06:07 -------- d-----w- C:\Program Files\Realtek
.
==================== Find3M  ====================
.
2014-08-09 20:50:18 119296 ----a-w- C:\windows\SysWow64\zlib.dll
2014-08-09 02:46:01 122584 ----a-w- C:\windows\System32\drivers\MBAMSwissArmy.sys
2014-08-01 19:34:53 93568 ----a-w- C:\windows\System32\drivers\aswRdr2.sys
2014-08-01 19:34:53 79184 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys
2014-08-01 19:34:53 65776 ----a-w- C:\windows\System32\drivers\aswRvrt.sys
2014-08-01 19:34:53 224896 ----a-w- C:\windows\System32\drivers\aswVmm.sys
2014-08-01 19:34:53 1041168 ----a-w- C:\windows\System32\drivers\aswSnx.sys
2014-06-26 20:53:24 703968 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2014-06-26 20:53:24 105440 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-19 02:12:11 2239488 ----a-w- C:\windows\System32\wininet.dll
2014-06-19 02:12:02 915968 ----a-w- C:\windows\System32\uxtheme.dll
2014-06-19 02:12:02 53760 ----a-w- C:\windows\System32\UXInit.dll
2014-06-19 02:10:33 3959296 ----a-w- C:\windows\System32\jscript9.dll
2014-06-19 02:10:28 67072 ----a-w- C:\windows\System32\iesetup.dll
2014-06-19 02:10:28 136704 ----a-w- C:\windows\System32\iesysprep.dll
2014-06-19 02:09:55 1508864 ----a-w- C:\windows\System32\inetcpl.cpl
2014-06-19 00:53:52 1766400 ----a-w- C:\windows\SysWow64\wininet.dll
2014-06-19 00:53:42 44032 ----a-w- C:\windows\SysWow64\UXInit.dll
2014-06-19 00:52:46 2863616 ----a-w- C:\windows\SysWow64\jscript9.dll
2014-06-19 00:52:42 61440 ----a-w- C:\windows\SysWow64\iesetup.dll
2014-06-19 00:52:42 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll
2014-06-19 00:52:19 1440768 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2014-06-19 00:33:44 2706432 ----a-w- C:\windows\System32\mshtml.tlb
2014-06-19 00:30:35 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb
2014-06-18 22:05:00 534528 ----a-w- C:\windows\SysWow64\uxtheme.dll
2014-06-17 23:27:37 1440256 ----a-w- C:\windows\SysWow64\osk.exe
2014-06-17 23:24:48 1557504 ----a-w- C:\windows\System32\osk.exe
2014-06-12 12:15:33 88984 ----a-w- C:\windows\System32\drivers\hola_mon_drv.sys
2014-06-11 04:18:14 4038144 ----a-w- C:\windows\System32\win32k.sys
2014-06-06 14:06:38 596480 ----a-w- C:\windows\System32\qedit.dll
2014-06-06 10:17:56 497152 ----a-w- C:\windows\SysWow64\qedit.dll
2014-06-02 22:33:45 265216 ----a-w- C:\windows\System32\InkEd.dll
2014-05-29 23:31:26 452608 ----a-w- C:\windows\SysWow64\SHCore.dll
2014-05-29 23:03:04 588288 ----a-w- C:\windows\System32\SHCore.dll
2014-05-29 23:02:28 439808 ----a-w- C:\windows\System32\lsm.dll
2014-05-29 23:02:27 1281536 ----a-w- C:\windows\System32\lsasrv.dll
2014-05-29 22:24:46 576512 ----a-w- C:\windows\System32\drivers\afd.sys
2014-05-29 11:32:14 80384 ----a-w- C:\windows\System32\RazerCoinstaller.dll
2014-05-27 05:13:18 34016 ----a-w- C:\windows\System32\drivers\xb1usb.sys
2014-05-24 02:33:58 864256 ----a-w- C:\windows\SysWow64\rzdevicedll.dll
2014-05-24 02:33:56 325120 ----a-w- C:\windows\SysWow64\rzaudiodll.dll
2014-05-20 01:25:42 6769096 ----a-w- C:\windows\System32\nvcpl.dll
2014-05-20 01:25:42 3514144 ----a-w- C:\windows\System32\nvsvc64.dll
2014-05-20 01:25:39 927520 ----a-w- C:\windows\System32\nvvsvc.exe
2014-05-20 01:25:38 62808 ----a-w- C:\windows\System32\nvshext.dll
2014-05-20 01:25:38 610592 ----a-w- C:\windows\SysWow64\oemdspif.dll
2014-05-20 01:25:38 387528 ----a-w- C:\windows\System32\nvmctray.dll
2014-05-20 01:25:38 2560968 ----a-w- C:\windows\System32\nvsvcr.dll
2014-05-19 23:10:44 601432 ----a-w- C:\windows\SysWow64\nvStreaming.exe
2014-05-19 06:47:28 155816 ----a-w- C:\windows\System32\drivers\rzudd.sys
2014-05-19 06:26:50 89088 ----a-w- C:\windows\SysWow64\rzdevinfo.dll
2014-05-19 06:26:50 155136 ----a-w- C:\windows\SysWow64\rztouchdll.dll
2014-05-19 06:26:46 117248 ----a-w- C:\windows\SysWow64\rzdisplaydll.dll
2014-05-14 23:49:42 3774821 ----a-w- C:\windows\System32\nvcoproc.bin
2014-05-12 11:26:14 64216 ----a-w- C:\windows\System32\drivers\mwac.sys
2014-05-12 11:26:00 91352 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys
2014-05-12 11:25:56 25816 ----a-w- C:\windows\System32\drivers\mbam.sys
.
============= FINISH: 18:19:09.84 ===============
 

Attached Files


Edited by Perfection7, 09 August 2014 - 05:33 PM.


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,578 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:42 PM

Posted 14 August 2014 - 09:21 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.
To attach a file select the "More Reply Option" and follow the instructions.

Wait for further instructions.

#3 Perfection7

Perfection7
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 19 August 2014 - 04:54 PM

I recently did a recovery so I could install windows 8.1 properly, but I'm thinking viruses might have transferred..I still got the PUP stuff, and my antivirus detects a bunch of error and files that it can't read.  Also, I see a bunch of vpn things in my firewall which were never there... F5VPN, JuniperNetworks,and some more..Anyways, here is the adwcleaner log

 

# AdwCleaner v3.307 - Report created 19/08/2014 at 16:40:31
# Updated 17/08/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : hihi - IDEA-PC
# Running from : C:\Users\hihi\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17239
 
 
-\\ Google Chrome v36.0.1985.143
 
[ File : C:\Users\hihi\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [889 octets] - [19/08/2014 16:08:40]
AdwCleaner[R1].txt - [889 octets] - [19/08/2014 16:19:10]
AdwCleaner[R2].txt - [1091 octets] - [19/08/2014 16:38:54]
AdwCleaner[S0].txt - [951 octets] - [19/08/2014 16:13:47]
AdwCleaner[S1].txt - [1017 octets] - [19/08/2014 16:40:31]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1077 octets] ##########
 
 
 
 
Here is the Farbar log
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01
Ran by hihi (administrator) on IDEA-PC on 19-08-2014 16:50:36
Running from C:\Users\hihi\Downloads
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6345872 2012-12-06] (Realtek semiconductor)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13260944 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1253520 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [SynLenovoGestureMgr] => C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [665400 2012-11-29] (Synaptics)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-08-10] (Lenovo)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2013-04-04] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2013-04-04] (Lenovo(beijing) Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3008824 2012-11-29] (Synaptics Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-18] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKU\S-1-5-21-3980083592-4244329588-2731681126-1002\...\Run: [Tango] => C:\Program Files (x86)\Tango\Tango.exe [13489992 2011-11-04] (Tango Inc.)
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: SugarSyncBackedUp -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncPending -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncRoot -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncShared -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
SearchScopes: HKLM - {93DD791E-287A-4FAF-B325-CAFCC794BB11} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKLM-x32 - {93DD791E-287A-4FAF-B325-CAFCC794BB11} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095} 
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 200.12.232.4 200.12.229.1
 
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @exent.com/npExentControl,version=7.1.0.1 -> C:\Program Files (x86)\FreeRide Games\npExentControl.dll (Exent Technologies Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-18]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
 
Chrome: 
=======
CHR HomePage: 
CHR Extension: (Google Docs) - C:\Users\hihi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-18]
CHR Extension: (Google Drive) - C:\Users\hihi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-18]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\hihi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-18]
CHR Extension: (YouTube) - C:\Users\hihi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-18]
CHR Extension: (Google Search) - C:\Users\hihi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-18]
CHR Extension: (AdBlock) - C:\Users\hihi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-18]
CHR Extension: (avast! Online Security) - C:\Users\hihi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-18]
CHR Extension: (Google Wallet) - C:\Users\hihi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-18]
CHR Extension: (Gmail) - C:\Users\hihi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-18]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-18] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356912 2014-07-19] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-17] ()
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-12-13] (Nitro PDF Software)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-08-19] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-08-19] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-17] (Intel® Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-18] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-18] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-18] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-18] ()
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1337216 2012-10-01] (Motorola Solutions, Inc.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3349984 2014-02-25] (Intel Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8235792 2012-12-06] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31032 2012-11-29] (Synaptics Incorporated)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-08-19] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-08-19] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
R2 X5XSEx_Pr148; C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys [56136 2012-08-02] (Exent Technologies Ltd.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-19 16:50 - 2014-08-19 16:50 - 00017816 _____ () C:\Users\hihi\Downloads\FRST.txt
2014-08-19 16:49 - 2014-08-19 16:50 - 00000000 ____D () C:\FRST
2014-08-19 16:48 - 2014-08-19 16:49 - 02101760 _____ (Farbar) C:\Users\hihi\Downloads\FRST64.exe
2014-08-19 16:44 - 2014-08-19 16:44 - 00001157 _____ () C:\Users\hihi\Desktop\AdwCleaner[S1].txt
2014-08-19 16:41 - 2014-08-19 16:41 - 00000314 _____ () C:\WINDOWS\PFRO.log
2014-08-19 16:21 - 2014-08-19 16:21 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-08-19 16:21 - 2014-08-19 16:21 - 00000845 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-19 16:21 - 2014-08-19 16:21 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-19 16:20 - 2014-08-19 16:20 - 04813544 _____ (Piriform Ltd) C:\Users\hihi\Downloads\ccsetup416.exe
2014-08-19 16:13 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-08-19 16:12 - 2014-08-19 16:12 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-08-19 16:12 - 2014-07-02 11:44 - 00609240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2014-08-19 16:11 - 2014-07-02 04:14 - 03826628 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-08-19 16:09 - 2014-07-02 15:29 - 00197408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2014-08-19 16:09 - 2014-07-02 15:29 - 00031520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2014-08-19 16:09 - 2014-07-02 14:48 - 31512520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-08-19 16:09 - 2014-07-02 14:48 - 24196896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-08-19 16:09 - 2014-07-02 14:48 - 22994208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-08-19 16:09 - 2014-07-02 14:48 - 17555104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-08-19 16:09 - 2014-07-02 14:48 - 15294296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-08-19 16:09 - 2014-07-02 14:48 - 13922752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-08-19 16:09 - 2014-07-02 14:48 - 13835208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-08-19 16:09 - 2014-07-02 14:48 - 12866008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-08-19 16:09 - 2014-07-02 14:48 - 11283344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-08-19 16:09 - 2014-07-02 14:48 - 11222048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-08-19 16:09 - 2014-07-02 14:48 - 04247000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-08-19 16:09 - 2014-07-02 14:48 - 03989960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-08-19 16:09 - 2014-07-02 14:48 - 01890080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434052.dll
2014-08-19 16:09 - 2014-07-02 14:48 - 01539928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434052.dll
2014-08-19 16:09 - 2014-07-02 14:48 - 00944928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-08-19 16:09 - 2014-07-02 14:48 - 00907096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-08-19 16:09 - 2014-07-02 14:48 - 00903624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-08-19 16:09 - 2014-07-02 14:48 - 00869152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-08-19 16:09 - 2014-07-02 14:48 - 00502232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-08-19 16:09 - 2014-07-02 14:48 - 00418760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-08-19 16:09 - 2014-07-02 14:48 - 00391640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-08-19 16:09 - 2014-07-02 14:48 - 00348120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-08-19 16:08 - 2014-08-19 16:40 - 00000000 ____D () C:\AdwCleaner
2014-08-19 16:08 - 2014-08-19 16:08 - 01361671 _____ () C:\Users\hihi\Downloads\AdwCleaner.exe
2014-08-19 15:12 - 1999-12-31 18:00 - 00175928 _____ (JMicron Technology Corporation) C:\WINDOWS\system32\Drivers\jmcr.sys
2014-08-19 13:04 - 2014-08-19 13:04 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2014-08-19 13:03 - 2014-08-19 13:03 - 00000000 ____D () C:\Program Files\Common Files\Intel
2014-08-19 13:03 - 2014-08-19 13:03 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-08-19 13:00 - 2014-08-19 16:12 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-08-19 12:18 - 2014-08-19 16:42 - 00016152 _____ () C:\WINDOWS\system32\Drivers\SWDUMon.sys
2014-08-19 12:18 - 2014-08-19 16:42 - 00000424 _____ () C:\WINDOWS\Tasks\SlimDrivers Startup.job
2014-08-19 12:18 - 2014-08-19 12:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-08-19 12:18 - 2014-08-19 12:18 - 00002828 _____ () C:\WINDOWS\System32\Tasks\SlimDrivers Startup
2014-08-19 12:18 - 2014-08-19 12:18 - 00002483 _____ () C:\Users\Public\Desktop\SlimDrivers.lnk
2014-08-19 12:18 - 2014-08-19 12:18 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-08-19 12:18 - 2014-08-19 12:18 - 00000000 ____D () C:\Users\hihi\AppData\Local\SlimWare Utilities Inc
2014-08-19 12:17 - 2014-08-19 12:17 - 00858432 _____ (SlimWare Utilities, Inc.) C:\Users\hihi\Downloads\slimdrivers-setup.exe
2014-08-19 12:11 - 2014-08-19 12:11 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-08-19 12:09 - 2014-08-19 12:09 - 00000000 __SHD () C:\Users\hihi\AppData\Local\EmieUserList
2014-08-19 12:09 - 2014-08-19 12:09 - 00000000 __SHD () C:\Users\hihi\AppData\Local\EmieSiteList
2014-08-19 12:05 - 2014-08-19 12:38 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-19 12:05 - 2014-08-19 12:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-19 12:05 - 2014-08-19 12:05 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-19 12:05 - 2014-08-19 12:05 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-19 12:05 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-08-19 12:05 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-08-19 12:05 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-08-19 12:01 - 2014-08-19 12:01 - 00000000 ____D () C:\ProgramData\Licenses
2014-08-19 12:00 - 2014-08-19 12:03 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-08-19 12:00 - 2014-08-19 12:00 - 00001106 _____ () C:\Users\Public\Desktop\SpywareBlaster.lnk
2014-08-19 12:00 - 2014-08-19 12:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2014-08-19 12:00 - 2011-11-04 05:13 - 01070352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCTL.OCX
2014-08-19 12:00 - 2009-03-24 12:52 - 00129872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSSTDFMT.DLL
2014-08-19 11:57 - 2014-08-19 12:00 - 04095448 _____ (BrightFort LLC ) C:\Users\hihi\Downloads\spywareblastersetup50.exe
2014-08-19 11:56 - 2014-08-19 12:04 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\hihi\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-19 10:50 - 2014-08-19 10:51 - 00000034 _____ () C:\Users\hihi\Desktop\New Text Document.txt
2014-08-19 10:08 - 2014-08-19 10:08 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-19 09:29 - 2014-08-19 12:18 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-19 09:28 - 2014-08-19 09:28 - 01415344 _____ (Microsoft Corporation) C:\Users\hihi\Downloads\Setup.X64.en-us_O365ProPlusRetail_81406c2e-184b-4168-8e60-a33d959f2921_TX_PR_.exe
2014-08-19 09:12 - 2014-08-19 09:12 - 00001457 _____ () C:\Users\hihi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-19 09:12 - 2014-08-19 09:12 - 00000020 ___SH () C:\Users\hihi\ntuser.ini
2014-08-19 03:19 - 2014-08-19 16:23 - 00000000 ___DC () C:\WINDOWS\Panther
2014-08-19 03:19 - 2014-08-19 03:19 - 00000000 __SHD () C:\Recovery
2014-08-19 03:18 - 2014-08-19 03:18 - 00000000 ____D () C:\Windows.old
2014-08-19 03:17 - 2014-08-19 03:17 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-08-19 03:17 - 2014-08-19 03:17 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-19 03:17 - 2014-08-19 03:17 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-19 03:17 - 2014-08-19 03:17 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-19 03:17 - 2014-08-19 03:17 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-19 03:17 - 2014-08-19 03:17 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-08-19 03:17 - 2014-08-19 03:17 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-08-19 03:17 - 2014-08-19 03:17 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-08-19 03:17 - 2014-08-19 03:17 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-08-19 03:16 - 2014-08-19 03:16 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-19 03:16 - 2014-08-19 03:16 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-08-19 03:16 - 2014-08-19 03:16 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-19 03:16 - 2014-08-19 03:16 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-19 03:16 - 2014-08-19 03:16 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-19 03:16 - 2014-08-19 03:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-19 03:16 - 2014-08-19 03:16 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-19 03:16 - 2014-08-19 03:16 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-19 03:16 - 2014-08-19 03:16 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-19 03:16 - 2014-08-19 03:16 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-19 03:16 - 2014-08-19 03:16 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-19 03:15 - 2014-08-19 03:15 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-19 03:15 - 2014-08-19 03:15 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-19 03:14 - 2014-08-19 03:14 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 02373784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-08-19 03:14 - 2014-08-19 03:14 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 02088160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-08-19 03:14 - 2014-08-19 03:14 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 02013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-08-19 03:14 - 2014-08-19 03:14 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 01112536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-08-19 03:14 - 2014-08-19 03:14 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00836096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-08-19 03:14 - 2014-08-19 03:14 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00488280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-08-19 03:14 - 2014-08-19 03:14 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00387210 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-08-19 03:14 - 2014-08-19 03:14 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-08-19 03:14 - 2014-08-19 03:14 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-08-19 03:14 - 2014-08-19 03:14 - 00360512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-08-19 03:14 - 2014-08-19 03:14 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-08-19 03:14 - 2014-08-19 03:14 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-08-19 03:14 - 2014-08-19 03:14 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-08-19 03:14 - 2014-08-19 03:14 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-08-19 03:14 - 2014-08-19 03:14 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-08-19 03:14 - 2014-08-19 03:14 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-08-19 03:14 - 2014-08-19 03:14 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-08-19 03:14 - 2014-08-19 03:14 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-08-19 03:14 - 2014-08-19 03:14 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-08-19 03:14 - 2014-08-19 03:14 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-08-19 03:14 - 2014-08-19 03:14 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2014-08-19 03:14 - 2014-08-19 03:14 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-08-19 03:14 - 2014-08-19 03:14 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-08-19 03:14 - 2014-08-19 03:14 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-08-19 03:14 - 2014-08-19 03:14 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-08-19 03:13 - 2014-08-19 03:13 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-08-19 03:13 - 2014-08-19 03:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-08-19 03:13 - 2014-08-19 03:13 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-08-19 03:13 - 2014-08-19 03:13 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-08-19 03:13 - 2014-08-19 03:13 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-08-19 03:13 - 2014-08-19 03:13 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-08-19 03:13 - 2014-08-19 03:13 - 00419672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-08-19 03:13 - 2014-08-19 03:13 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-08-19 03:13 - 2014-08-19 03:13 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-08-19 03:13 - 2014-08-19 03:13 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-08-19 03:13 - 2014-08-19 03:13 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-08-19 03:13 - 2014-08-19 03:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-08-19 03:13 - 2014-08-19 03:13 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-08-19 03:13 - 2014-08-19 03:13 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-08-19 03:13 - 2014-08-19 03:13 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-08-19 03:13 - 2014-08-19 03:13 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-08-19 03:13 - 2014-08-19 03:13 - 00089944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-08-19 03:13 - 2014-08-19 03:13 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-08-19 03:13 - 2014-08-19 03:13 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-08-19 03:12 - 2014-08-19 03:12 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-08-19 03:12 - 2014-08-19 03:12 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-19 03:12 - 2014-08-19 03:12 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-08-19 03:12 - 2014-08-19 03:12 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-08-19 03:12 - 2014-08-19 03:12 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-08-19 03:12 - 2014-08-19 03:12 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-08-19 03:12 - 2014-08-19 03:12 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-08-19 03:12 - 2014-08-19 03:12 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-08-19 03:12 - 2014-08-19 03:12 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-08-19 03:12 - 2014-08-19 03:12 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-08-19 03:12 - 2014-08-19 03:12 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-19 03:11 - 2014-08-19 03:11 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-08-19 03:11 - 2014-08-19 03:11 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-19 03:11 - 2014-08-19 03:11 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-08-19 03:10 - 2014-08-19 03:10 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-08-19 03:10 - 2014-08-19 03:10 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-08-19 03:10 - 2014-08-19 03:10 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-08-19 03:10 - 2014-08-19 03:10 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-08-19 03:10 - 2014-08-19 03:10 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-08-19 03:10 - 2014-08-19 03:10 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-08-19 03:10 - 2014-08-19 03:10 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-08-19 03:10 - 2014-08-19 03:10 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-08-19 03:10 - 2014-08-19 03:10 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-08-19 03:06 - 2014-08-19 03:06 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-19 03:06 - 2014-08-19 03:06 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-08-19 03:06 - 2014-08-19 03:06 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-08-19 03:06 - 2014-08-19 03:06 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-08-19 03:06 - 2014-08-19 03:06 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-08-19 03:06 - 2014-08-19 03:06 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-08-19 03:06 - 2014-08-19 03:06 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-08-19 03:06 - 2014-08-19 03:06 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-08-19 03:06 - 2014-08-19 03:06 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-08-19 03:06 - 2014-08-19 03:06 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-08-19 03:06 - 2014-08-19 03:06 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-08-19 03:06 - 2014-08-19 03:06 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-08-19 03:06 - 2014-08-19 03:06 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-08-19 03:06 - 2014-08-19 03:06 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-08-19 03:06 - 2014-08-19 03:06 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-08-19 03:06 - 2014-08-19 03:06 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-08-19 03:05 - 2014-08-19 03:05 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-19 03:05 - 2014-08-19 03:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-08-19 03:05 - 2014-08-19 03:05 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-08-19 03:05 - 2014-08-19 03:05 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-08-19 03:05 - 2014-08-19 03:05 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-08-19 03:05 - 2014-08-19 03:05 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-08-19 03:05 - 2014-08-19 03:05 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00384856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-08-19 03:05 - 2014-08-19 03:05 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-08-19 03:05 - 2014-08-19 03:05 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00310616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00275800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-08-19 03:05 - 2014-08-19 03:05 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-08-19 03:05 - 2014-08-19 03:05 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-08-19 03:05 - 2014-08-19 03:05 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00180056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-08-19 03:05 - 2014-08-19 03:05 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-08-19 03:03 - 2014-08-19 03:03 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-08-19 03:01 - 2014-08-19 03:01 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-08-19 03:01 - 2014-08-19 03:01 - 00000000 ____D () C:\Program Files\MSBuild
2014-08-19 03:01 - 2014-08-19 03:01 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-08-19 03:01 - 2014-08-19 03:01 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-08-19 03:01 - 2013-08-02 22:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-08-19 03:01 - 2013-08-02 22:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-08-19 03:01 - 2013-08-02 22:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-08-19 03:01 - 2013-08-02 22:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-08-19 01:39 - 2014-08-19 01:39 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-08-19 01:39 - 2014-08-19 01:39 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-08-19 01:32 - 2014-08-19 01:32 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-08-19 01:32 - 2014-08-19 01:32 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-08-19 01:32 - 2014-08-19 01:32 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Intel
2014-08-19 01:32 - 2014-08-19 01:32 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-08-19 01:32 - 2014-08-19 01:32 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Intel
2014-08-19 01:30 - 2014-08-19 01:30 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-08-19 01:29 - 2014-08-19 09:12 - 00000000 ____D () C:\Users\hihi
2014-08-19 01:29 - 2014-08-19 01:39 - 00028578 _____ () C:\WINDOWS\diagwrn.xml
2014-08-19 01:29 - 2014-08-19 01:39 - 00028578 _____ () C:\WINDOWS\diagerr.xml
2014-08-19 01:29 - 2014-08-19 01:30 - 00000000 ___RD () C:\Users\hihi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-08-19 01:29 - 2014-08-19 01:30 - 00000000 ___RD () C:\Users\hihi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-08-19 01:29 - 2014-03-18 04:13 - 00000369 _____ () C:\Users\hihi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-08-19 01:29 - 2014-03-18 04:13 - 00000369 _____ () C:\Users\hihi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-08-19 01:29 - 2013-08-22 09:36 - 00000000 ___RD () C:\Users\hihi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-19 01:29 - 2013-08-22 09:36 - 00000000 ____D () C:\Users\hihi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-08-19 01:23 - 2014-08-19 01:23 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
2014-08-19 01:22 - 2014-08-19 16:41 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-19 01:22 - 2014-08-19 16:14 - 00115157 ____N () C:\WINDOWS\WindowsUpdate.log
2014-08-19 01:22 - 2014-08-19 01:22 - 00000264 _____ () C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
2014-08-19 01:22 - 2014-08-19 01:22 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-08-19 01:22 - 2014-08-19 01:22 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-08-19 01:22 - 2014-08-19 01:22 - 00000000 ____D () C:\Program Files\Realtek
2014-08-19 01:22 - 2014-07-02 12:55 - 06783776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-08-19 01:22 - 2014-07-02 12:55 - 03522392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-08-19 01:22 - 2014-07-02 12:55 - 02559960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-08-19 01:22 - 2014-07-02 12:55 - 00935368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-08-19 01:22 - 2014-07-02 12:55 - 00618440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2014-08-19 01:22 - 2014-07-02 12:55 - 00386520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-08-19 01:22 - 2014-07-02 12:55 - 00062808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-08-19 01:21 - 2014-08-19 16:12 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-08-19 01:21 - 2014-08-19 16:10 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-08-19 01:21 - 2014-08-19 01:21 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2014-08-19 01:21 - 2014-08-19 01:21 - 00000000 ____D () C:\Program Files\Synaptics
2014-08-18 18:05 - 2014-08-18 18:06 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-18 18:05 - 2014-08-01 00:41 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-18 17:59 - 2014-08-18 17:59 - 00000000 ____D () C:\Users\hihi\AppData\Roaming\AVAST Software
2014-08-18 17:43 - 2014-08-18 17:43 - 00000000 ____D () C:\Users\hihi\AppData\Roaming\Apple Computer
2014-08-18 17:40 - 2014-08-19 01:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-18 17:40 - 2014-08-18 17:40 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-18 17:40 - 2014-08-18 17:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-18 17:26 - 2014-08-18 17:30 - 13087456 _____ (Microsoft Corporation) C:\Users\hihi\Downloads\Silverlight_x64.exe
2014-08-18 17:20 - 2014-08-19 01:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-08-18 17:20 - 2014-08-18 17:59 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-08-18 17:20 - 2014-08-18 17:20 - 01041168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-08-18 17:20 - 2014-08-18 17:20 - 00427360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-08-18 17:20 - 2014-08-18 17:20 - 00307344 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-08-18 17:20 - 2014-08-18 17:20 - 00224896 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-08-18 17:20 - 2014-08-18 17:20 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-08-18 17:20 - 2014-08-18 17:20 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-08-18 17:20 - 2014-08-18 17:20 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-08-18 17:20 - 2014-08-18 17:20 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-08-18 17:20 - 2014-08-18 17:20 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-08-18 17:20 - 2014-08-18 17:20 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-08-18 17:20 - 2014-08-18 17:20 - 00001977 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-18 17:18 - 2014-08-19 01:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-08-18 17:18 - 2014-08-18 17:18 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-08-18 17:18 - 2014-08-18 17:18 - 00001856 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-08-18 17:18 - 2014-08-18 17:18 - 00000000 ____D () C:\Users\hihi\AppData\Local\Apple
2014-08-18 17:18 - 2014-08-18 17:18 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-08-18 17:18 - 2014-08-18 17:18 - 00000000 ____D () C:\ProgramData\Apple
2014-08-18 17:18 - 2014-08-18 17:18 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-08-18 17:18 - 2014-08-18 17:18 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-08-18 17:08 - 2014-08-18 17:08 - 00000000 ____D () C:\Program Files\AVAST Software
2014-08-18 17:06 - 2014-08-18 17:16 - 41945432 _____ (Apple Inc.) C:\Users\hihi\Downloads\QuickTimeInstaller.exe
2014-08-18 17:06 - 2014-08-18 17:08 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-18 17:05 - 2014-08-18 17:05 - 04862664 _____ (AVAST Software) C:\Users\hihi\Downloads\avast_free_antivirus_setup_online.exe
2014-08-18 16:58 - 2014-08-18 16:58 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-08-18 16:58 - 2014-08-18 16:58 - 00002030 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-08-18 16:58 - 2014-08-18 16:58 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-08-18 16:57 - 2014-08-18 17:43 - 00000000 ____D () C:\ProgramData\Adobe
2014-08-18 12:58 - 2014-08-19 13:06 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-18 12:58 - 2014-08-19 13:06 - 00000000 ____D () C:\Intel
2014-08-18 12:42 - 2014-08-19 01:32 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-08-18 10:00 - 2014-08-19 01:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tango
2014-08-18 10:00 - 2014-08-18 10:00 - 11779040 _____ () C:\Users\hihi\Downloads\SetupTango (1).exe
2014-08-18 10:00 - 2014-08-18 10:00 - 00001826 _____ () C:\Users\Public\Desktop\Tango.lnk
2014-08-18 10:00 - 2014-08-18 10:00 - 00000000 ____D () C:\Users\hihi\AppData\Local\tango
2014-08-18 10:00 - 2014-08-18 10:00 - 00000000 ____D () C:\Program Files (x86)\Tango
2014-08-18 09:59 - 2014-08-18 09:59 - 11779040 _____ () C:\Users\hihi\Downloads\SetupTango.exe
2014-08-18 09:49 - 2013-05-03 22:51 - 00014848 _____ (Microsoft) C:\WINDOWS\system32\rars.rs
2014-08-18 09:49 - 2013-05-03 22:10 - 00014848 _____ (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2014-08-18 09:40 - 2014-08-19 16:44 - 00002214 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-18 09:40 - 2014-08-19 01:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-18 09:39 - 2014-08-19 16:44 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-18 09:39 - 2014-08-19 16:43 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-18 09:39 - 2014-08-18 09:40 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-18 09:39 - 2014-08-18 09:39 - 00003882 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-18 09:39 - 2014-08-18 09:39 - 00003646 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-18 09:38 - 2014-08-18 09:40 - 00000000 ____D () C:\Users\hihi\AppData\Local\Google
2014-08-18 09:38 - 2014-08-18 09:38 - 00000000 ____D () C:\Users\hihi\AppData\Local\Apps\2.0
2014-08-16 22:58 - 2014-08-16 22:58 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-08-16 22:04 - 2014-08-16 22:04 - 00000000 ____D () C:\Users\hihi\AppData\Roaming\Nitro
2014-08-16 17:16 - 2014-08-16 17:16 - 00000000 ____D () C:\Users\hihi\AppData\Roaming\Macromedia
2014-08-16 16:57 - 2014-08-19 16:47 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3980083592-4244329588-2731681126-1002
2014-08-16 16:53 - 2014-08-16 16:53 - 00000000 ____D () C:\Users\hihi\AppData\Roaming\Intel Corporation
2014-08-16 16:52 - 2014-08-19 09:13 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-08-16 16:52 - 2014-08-16 16:52 - 00000000 ____D () C:\Users\hihi\AppData\Roaming\Adobe
2014-08-16 16:52 - 2014-08-16 16:52 - 00000000 ____D () C:\ProgramData\Energy Management
2014-08-16 16:52 - 2014-08-16 16:52 - 00000000 ____D () C:\ProgramData\eBay
2014-08-16 16:51 - 2014-08-19 09:14 - 00000000 ____D () C:\Users\hihi\AppData\Local\Packages
2014-08-16 16:51 - 2014-08-19 01:30 - 00000000 ____D () C:\Users\hihi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-08-16 16:51 - 2014-08-16 22:04 - 00000000 ____D () C:\Users\hihi\AppData\Local\VirtualStore
2014-08-16 16:51 - 2014-08-16 16:51 - 00000000 ____D () C:\Users\hihi\AppData\Roaming\Intel
2014-08-16 16:51 - 2013-04-04 04:08 - 00001133 _____ () C:\Users\hihi\Desktop\Cyberlink Power2Go.lnk
2014-08-16 16:51 - 2010-12-18 23:31 - 00000189 _____ () C:\Users\hihi\Desktop\Lenovo Telephony Start Now.url
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-19 16:50 - 2014-08-19 16:50 - 00017816 _____ () C:\Users\hihi\Downloads\FRST.txt
2014-08-19 16:50 - 2014-08-19 16:49 - 00000000 ____D () C:\FRST
2014-08-19 16:49 - 2014-08-19 16:48 - 02101760 _____ (Farbar) C:\Users\hihi\Downloads\FRST64.exe
2014-08-19 16:47 - 2014-08-16 16:57 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3980083592-4244329588-2731681126-1002
2014-08-19 16:46 - 2014-03-18 04:03 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-19 16:44 - 2014-08-19 16:44 - 00001157 _____ () C:\Users\hihi\Desktop\AdwCleaner[S1].txt
2014-08-19 16:44 - 2014-08-18 09:40 - 00002214 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-19 16:44 - 2014-08-18 09:39 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-19 16:43 - 2014-08-18 09:39 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-19 16:42 - 2014-08-19 12:18 - 00016152 _____ () C:\WINDOWS\system32\Drivers\SWDUMon.sys
2014-08-19 16:42 - 2014-08-19 12:18 - 00000424 _____ () C:\WINDOWS\Tasks\SlimDrivers Startup.job
2014-08-19 16:41 - 2014-08-19 16:41 - 00000314 _____ () C:\WINDOWS\PFRO.log
2014-08-19 16:41 - 2014-08-19 01:22 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-19 16:41 - 2013-08-22 08:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-19 16:40 - 2014-08-19 16:08 - 00000000 ____D () C:\AdwCleaner
2014-08-19 16:35 - 2013-08-22 07:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-19 16:23 - 2014-08-19 03:19 - 00000000 ___DC () C:\WINDOWS\Panther
2014-08-19 16:21 - 2014-08-19 16:21 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-08-19 16:21 - 2014-08-19 16:21 - 00000845 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-19 16:21 - 2014-08-19 16:21 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-19 16:20 - 2014-08-19 16:20 - 04813544 _____ (Piriform Ltd) C:\Users\hihi\Downloads\ccsetup416.exe
2014-08-19 16:15 - 2013-08-22 08:44 - 00474072 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-19 16:14 - 2014-08-19 01:22 - 00115157 ____N () C:\WINDOWS\WindowsUpdate.log
2014-08-19 16:12 - 2014-08-19 16:12 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-08-19 16:12 - 2014-08-19 13:00 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-08-19 16:12 - 2014-08-19 01:21 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-08-19 16:12 - 2013-04-04 03:38 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-19 16:10 - 2014-08-19 01:21 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-08-19 16:08 - 2014-08-19 16:08 - 01361671 _____ () C:\Users\hihi\Downloads\AdwCleaner.exe
2014-08-19 16:00 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-19 13:06 - 2014-08-18 12:58 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 13:06 - 2014-08-18 12:58 - 00000000 ____D () C:\Intel
2014-08-19 13:05 - 2013-04-04 03:37 - 00000000 ____D () C:\ProgramData\Intel
2014-08-19 13:05 - 2013-04-04 03:37 - 00000000 ____D () C:\Program Files\Intel
2014-08-19 13:04 - 2014-08-19 13:04 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2014-08-19 13:04 - 2012-07-25 23:37 - 00000000 ____D () C:\Users\Default.migrated
2014-08-19 13:03 - 2014-08-19 13:03 - 00000000 ____D () C:\Program Files\Common Files\Intel
2014-08-19 13:03 - 2014-08-19 13:03 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-08-19 13:03 - 2013-04-04 03:33 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-08-19 12:38 - 2014-08-19 12:05 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-19 12:32 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-08-19 12:19 - 2014-08-19 12:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-08-19 12:18 - 2014-08-19 12:18 - 00002828 _____ () C:\WINDOWS\System32\Tasks\SlimDrivers Startup
2014-08-19 12:18 - 2014-08-19 12:18 - 00002483 _____ () C:\Users\Public\Desktop\SlimDrivers.lnk
2014-08-19 12:18 - 2014-08-19 12:18 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-08-19 12:18 - 2014-08-19 12:18 - 00000000 ____D () C:\Users\hihi\AppData\Local\SlimWare Utilities Inc
2014-08-19 12:18 - 2014-08-19 09:29 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-19 12:17 - 2014-08-19 12:17 - 00858432 _____ (SlimWare Utilities, Inc.) C:\Users\hihi\Downloads\slimdrivers-setup.exe
2014-08-19 12:11 - 2014-08-19 12:11 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-08-19 12:11 - 2013-08-22 09:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-08-19 12:09 - 2014-08-19 12:09 - 00000000 __SHD () C:\Users\hihi\AppData\Local\EmieUserList
2014-08-19 12:09 - 2014-08-19 12:09 - 00000000 __SHD () C:\Users\hihi\AppData\Local\EmieSiteList
2014-08-19 12:05 - 2014-08-19 12:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-19 12:05 - 2014-08-19 12:05 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-19 12:05 - 2014-08-19 12:05 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-19 12:04 - 2014-08-19 11:56 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\hihi\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-19 12:03 - 2014-08-19 12:00 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-08-19 12:03 - 2013-04-04 04:05 - 00000000 ____D () C:\ProgramData\Temp
2014-08-19 12:01 - 2014-08-19 12:01 - 00000000 ____D () C:\ProgramData\Licenses
2014-08-19 12:00 - 2014-08-19 12:00 - 00001106 _____ () C:\Users\Public\Desktop\SpywareBlaster.lnk
2014-08-19 12:00 - 2014-08-19 12:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2014-08-19 12:00 - 2014-08-19 11:57 - 04095448 _____ (BrightFort LLC ) C:\Users\hihi\Downloads\spywareblastersetup50.exe
2014-08-19 10:51 - 2014-08-19 10:50 - 00000034 _____ () C:\Users\hihi\Desktop\New Text Document.txt
2014-08-19 10:08 - 2014-08-19 10:08 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-19 09:28 - 2014-08-19 09:28 - 01415344 _____ (Microsoft Corporation) C:\Users\hihi\Downloads\Setup.X64.en-us_O365ProPlusRetail_81406c2e-184b-4168-8e60-a33d959f2921_TX_PR_.exe
2014-08-19 09:19 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-19 09:14 - 2014-08-16 16:51 - 00000000 ____D () C:\Users\hihi\AppData\Local\Packages
2014-08-19 09:14 - 2014-03-18 05:47 - 00000000 ___HD () C:\$Windows.~BT
2014-08-19 09:13 - 2014-08-16 16:52 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-08-19 09:12 - 2014-08-19 09:12 - 00001457 _____ () C:\Users\hihi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-19 09:12 - 2014-08-19 09:12 - 00000020 ___SH () C:\Users\hihi\ntuser.ini
2014-08-19 09:12 - 2014-08-19 01:29 - 00000000 ____D () C:\Users\hihi
2014-08-19 03:19 - 2014-08-19 03:19 - 00000000 __SHD () C:\Recovery
2014-08-19 03:18 - 2014-08-19 03:18 - 00000000 ____D () C:\Windows.old
2014-08-19 03:18 - 2013-08-22 09:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-08-19 03:17 - 2014-08-19 03:17 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-08-19 03:17 - 2014-08-19 03:17 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-19 03:17 - 2014-08-19 03:17 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-19 03:17 - 2014-08-19 03:17 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-19 03:17 - 2014-08-19 03:17 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-19 03:17 - 2014-08-19 03:17 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-08-19 03:17 - 2014-08-19 03:17 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-08-19 03:17 - 2014-08-19 03:17 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-08-19 03:17 - 2014-08-19 03:17 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-08-19 03:16 - 2014-08-19 03:16 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-19 03:16 - 2014-08-19 03:16 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-08-19 03:16 - 2014-08-19 03:16 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-19 03:16 - 2014-08-19 03:16 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-19 03:16 - 2014-08-19 03:16 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-19 03:16 - 2014-08-19 03:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-19 03:16 - 2014-08-19 03:16 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-19 03:16 - 2014-08-19 03:16 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-19 03:16 - 2014-08-19 03:16 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-19 03:16 - 2014-08-19 03:16 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-19 03:16 - 2014-08-19 03:16 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-19 03:15 - 2014-08-19 03:15 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-19 03:15 - 2014-08-19 03:15 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-19 03:14 - 2014-08-19 03:14 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 02373784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-08-19 03:14 - 2014-08-19 03:14 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 02088160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-08-19 03:14 - 2014-08-19 03:14 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 02013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-08-19 03:14 - 2014-08-19 03:14 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 01112536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-08-19 03:14 - 2014-08-19 03:14 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00836096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-08-19 03:14 - 2014-08-19 03:14 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00488280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-08-19 03:14 - 2014-08-19 03:14 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00387210 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-08-19 03:14 - 2014-08-19 03:14 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-08-19 03:14 - 2014-08-19 03:14 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-08-19 03:14 - 2014-08-19 03:14 - 00360512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-08-19 03:14 - 2014-08-19 03:14 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-08-19 03:14 - 2014-08-19 03:14 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-08-19 03:14 - 2014-08-19 03:14 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-08-19 03:14 - 2014-08-19 03:14 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-08-19 03:14 - 2014-08-19 03:14 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-08-19 03:14 - 2014-08-19 03:14 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-08-19 03:14 - 2014-08-19 03:14 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-08-19 03:14 - 2014-08-19 03:14 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-08-19 03:14 - 2014-08-19 03:14 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-08-19 03:14 - 2014-08-19 03:14 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-08-19 03:14 - 2014-08-19 03:14 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2014-08-19 03:14 - 2014-08-19 03:14 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-08-19 03:14 - 2014-08-19 03:14 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-08-19 03:14 - 2014-08-19 03:14 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-08-19 03:14 - 2014-08-19 03:14 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-08-19 03:14 - 2014-08-19 03:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-08-19 03:14 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-08-19 03:13 - 2014-08-19 03:13 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-08-19 03:13 - 2014-08-19 03:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-08-19 03:13 - 2014-08-19 03:13 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-08-19 03:13 - 2014-08-19 03:13 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-08-19 03:13 - 2014-08-19 03:13 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-08-19 03:13 - 2014-08-19 03:13 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-08-19 03:13 - 2014-08-19 03:13 - 00419672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-08-19 03:13 - 2014-08-19 03:13 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-08-19 03:13 - 2014-08-19 03:13 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-08-19 03:13 - 2014-08-19 03:13 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-08-19 03:13 - 2014-08-19 03:13 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-08-19 03:13 - 2014-08-19 03:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-08-19 03:13 - 2014-08-19 03:13 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-08-19 03:13 - 2014-08-19 03:13 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-08-19 03:13 - 2014-08-19 03:13 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-08-19 03:13 - 2014-08-19 03:13 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-08-19 03:13 - 2014-08-19 03:13 - 00089944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-08-19 03:13 - 2014-08-19 03:13 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-08-19 03:13 - 2014-08-19 03:13 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-08-19 03:12 - 2014-08-19 03:12 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-08-19 03:12 - 2014-08-19 03:12 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-19 03:12 - 2014-08-19 03:12 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-08-19 03:12 - 2014-08-19 03:12 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-08-19 03:12 - 2014-08-19 03:12 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-08-19 03:12 - 2014-08-19 03:12 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-08-19 03:12 - 2014-08-19 03:12 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-08-19 03:12 - 2014-08-19 03:12 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-08-19 03:12 - 2014-08-19 03:12 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-08-19 03:12 - 2014-08-19 03:12 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-08-19 03:12 - 2014-08-19 03:12 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-08-19 03:12 - 2014-03-18 03:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-19 03:12 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-08-19 03:11 - 2014-08-19 03:11 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-19 03:11 - 2014-08-19 03:11 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-08-19 03:11 - 2014-08-19 03:11 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-19 03:11 - 2014-08-19 03:11 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-19 03:11 - 2014-08-19 03:11 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-08-19 03:11 - 2013-08-22 09:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-19 03:11 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-08-19 03:10 - 2014-08-19 03:10 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-08-19 03:10 - 2014-08-19 03:10 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-08-19 03:10 - 2014-08-19 03:10 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-08-19 03:10 - 2014-08-19 03:10 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-08-19 03:10 - 2014-08-19 03:10 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-08-19 03:10 - 2014-08-19 03:10 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-08-19 03:10 - 2014-08-19 03:10 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-08-19 03:10 - 2014-08-19 03:10 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-08-19 03:10 - 2014-08-19 03:10 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-08-19 03:10 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-08-19 03:06 - 2014-08-19 03:06 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-19 03:06 - 2014-08-19 03:06 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-08-19 03:06 - 2014-08-19 03:06 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-08-19 03:06 - 2014-08-19 03:06 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-08-19 03:06 - 2014-08-19 03:06 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-08-19 03:06 - 2014-08-19 03:06 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-08-19 03:06 - 2014-08-19 03:06 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-08-19 03:06 - 2014-08-19 03:06 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-08-19 03:06 - 2014-08-19 03:06 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-08-19 03:06 - 2014-08-19 03:06 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-08-19 03:06 - 2014-08-19 03:06 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-08-19 03:06 - 2014-08-19 03:06 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-08-19 03:06 - 2014-08-19 03:06 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-08-19 03:06 - 2014-08-19 03:06 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-08-19 03:06 - 2014-08-19 03:06 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-08-19 03:06 - 2014-08-19 03:06 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-08-19 03:06 - 2013-08-22 09:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-08-19 03:06 - 2013-08-22 09:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-08-19 03:05 - 2014-08-19 03:05 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-08-19 03:05 - 2014-08-19 03:05 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-19 03:05 - 2014-08-19 03:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-08-19 03:05 - 2014-08-19 03:05 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-08-19 03:05 - 2014-08-19 03:05 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-08-19 03:05 - 2014-08-19 03:05 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-08-19 03:05 - 2014-08-19 03:05 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-08-19 03:05 - 2014-08-19 03:05 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00384856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-08-19 03:05 - 2014-08-19 03:05 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-08-19 03:05 - 2014-08-19 03:05 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00310616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00275800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-08-19 03:05 - 2014-08-19 03:05 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-08-19 03:05 - 2014-08-19 03:05 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-08-19 03:05 - 2014-08-19 03:05 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00180056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-08-19 03:05 - 2014-08-19 03:05 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-08-19 03:05 - 2014-08-19 03:05 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-08-19 03:05 - 2014-08-19 03:05 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-08-19 03:05 - 2013-08-22 09:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-08-19 03:05 - 2013-08-22 09:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-08-19 03:05 - 2013-08-22 09:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-08-19 03:05 - 2013-08-22 09:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-08-19 03:05 - 2013-08-22 09:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-08-19 03:03 - 2014-08-19 03:03 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-08-19 03:01 - 2014-08-19 03:01 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-08-19 03:01 - 2014-08-19 03:01 - 00000000 ____D () C:\Program Files\MSBuild
2014-08-19 03:01 - 2014-08-19 03:01 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-08-19 03:01 - 2014-08-19 03:01 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-08-19 01:41 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-19 01:40 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-08-19 01:39 - 2014-08-19 01:39 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-08-19 01:39 - 2014-08-19 01:39 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-08-19 01:39 - 2014-08-19 01:29 - 00028578 _____ () C:\WINDOWS\diagwrn.xml
2014-08-19 01:39 - 2014-08-19 01:29 - 00028578 _____ () C:\WINDOWS\diagerr.xml
2014-08-19 01:39 - 2013-04-04 03:46 - 00880342 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-08-19 01:37 - 2013-08-22 09:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-08-19 01:37 - 2013-08-22 09:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-08-19 01:33 - 2014-08-18 17:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-19 01:33 - 2014-08-18 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-08-19 01:33 - 2014-08-18 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-08-19 01:33 - 2014-08-18 10:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tango
2014-08-19 01:33 - 2014-08-18 09:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-19 01:33 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-08-19 01:33 - 2013-08-22 07:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-08-19 01:33 - 2013-04-04 04:16 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneKey Recovery
2014-08-19 01:33 - 2013-04-04 04:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel AppUp(SM) center
2014-08-19 01:33 - 2013-04-04 04:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Photos
2014-08-19 01:33 - 2013-04-04 04:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-08-19 01:33 - 2013-04-04 03:44 - 00000000 ____D () C:\WINDOWS\SysWOW64\Atheros_L1e
2014-08-19 01:33 - 2013-04-04 03:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-08-19 01:32 - 2014-08-19 01:32 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-08-19 01:32 - 2014-08-19 01:32 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-08-19 01:32 - 2014-08-19 01:32 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Intel
2014-08-19 01:32 - 2014-08-19 01:32 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-08-19 01:32 - 2014-08-19 01:32 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Intel
2014-08-19 01:32 - 2014-08-18 12:42 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-08-19 01:32 - 2014-03-18 03:32 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-08-19 01:32 - 2014-03-18 03:32 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-08-19 01:32 - 2014-03-18 03:32 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-08-19 01:32 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-08-19 01:32 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-08-19 01:32 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-08-19 01:32 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-08-19 01:32 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-08-19 01:32 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-08-19 01:32 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-08-19 01:32 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-08-19 01:32 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-08-19 01:32 - 2013-04-04 03:44 - 00000000 ____D () C:\WINDOWS\SysWOW64\SDA
2014-08-19 01:31 - 2013-08-22 09:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-08-19 01:31 - 2013-08-22 09:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-08-19 01:31 - 2013-08-22 09:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-08-19 01:31 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\Help
2014-08-19 01:31 - 2012-10-09 17:10 - 00000000 ____D () C:\ProgramData\PRICache
2014-08-19 01:30 - 2014-08-19 01:30 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-08-19 01:30 - 2014-08-19 01:29 - 00000000 ___RD () C:\Users\hihi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-08-19 01:30 - 2014-08-19 01:29 - 00000000 ___RD () C:\Users\hihi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-08-19 01:30 - 2014-08-16 16:51 - 00000000 ____D () C:\Users\hihi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-08-19 01:30 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-08-19 01:23 - 2014-08-19 01:23 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
2014-08-19 01:22 - 2014-08-19 01:22 - 00000264 _____ () C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
2014-08-19 01:22 - 2014-08-19 01:22 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-08-19 01:22 - 2014-08-19 01:22 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-08-19 01:22 - 2014-08-19 01:22 - 00000000 ____D () C:\Program Files\Realtek
2014-08-19 01:21 - 2014-08-19 01:21 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2014-08-19 01:21 - 2014-08-19 01:21 - 00000000 ____D () C:\Program Files\Synaptics
2014-08-19 01:20 - 2013-08-22 07:36 - 00000000 __RHD () C:\Users\Default
2014-08-18 22:55 - 2012-07-26 02:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-08-18 18:10 - 2012-07-26 01:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-18 18:06 - 2014-08-18 18:05 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-18 17:59 - 2014-08-18 17:59 - 00000000 ____D () C:\Users\hihi\AppData\Roaming\AVAST Software
2014-08-18 17:59 - 2014-08-18 17:20 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-08-18 17:46 - 2012-07-26 02:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-08-18 17:43 - 2014-08-18 17:43 - 00000000 ____D () C:\Users\hihi\AppData\Roaming\Apple Computer
2014-08-18 17:43 - 2014-08-18 16:57 - 00000000 ____D () C:\ProgramData\Adobe
2014-08-18 17:40 - 2014-08-18 17:40 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-18 17:40 - 2014-08-18 17:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-18 17:30 - 2014-08-18 17:26 - 13087456 _____ (Microsoft Corporation) C:\Users\hihi\Downloads\Silverlight_x64.exe
2014-08-18 17:20 - 2014-08-18 17:20 - 01041168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-08-18 17:20 - 2014-08-18 17:20 - 00427360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-08-18 17:20 - 2014-08-18 17:20 - 00307344 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-08-18 17:20 - 2014-08-18 17:20 - 00224896 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-08-18 17:20 - 2014-08-18 17:20 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-08-18 17:20 - 2014-08-18 17:20 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-08-18 17:20 - 2014-08-18 17:20 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-08-18 17:20 - 2014-08-18 17:20 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-08-18 17:20 - 2014-08-18 17:20 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-08-18 17:20 - 2014-08-18 17:20 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-08-18 17:20 - 2014-08-18 17:20 - 00001977 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-18 17:18 - 2014-08-18 17:18 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-08-18 17:18 - 2014-08-18 17:18 - 00001856 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-08-18 17:18 - 2014-08-18 17:18 - 00000000 ____D () C:\Users\hihi\AppData\Local\Apple
2014-08-18 17:18 - 2014-08-18 17:18 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-08-18 17:18 - 2014-08-18 17:18 - 00000000 ____D () C:\ProgramData\Apple
2014-08-18 17:18 - 2014-08-18 17:18 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-08-18 17:18 - 2014-08-18 17:18 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-08-18 17:16 - 2014-08-18 17:06 - 41945432 _____ (Apple Inc.) C:\Users\hihi\Downloads\QuickTimeInstaller.exe
2014-08-18 17:08 - 2014-08-18 17:08 - 00000000 ____D () C:\Program Files\AVAST Software
2014-08-18 17:08 - 2014-08-18 17:06 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-18 17:05 - 2014-08-18 17:05 - 04862664 _____ (AVAST Software) C:\Users\hihi\Downloads\avast_free_antivirus_setup_online.exe
2014-08-18 16:58 - 2014-08-18 16:58 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-08-18 16:58 - 2014-08-18 16:58 - 00002030 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-08-18 16:58 - 2014-08-18 16:58 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-08-18 10:00 - 2014-08-18 10:00 - 11779040 _____ () C:\Users\hihi\Downloads\SetupTango (1).exe
2014-08-18 10:00 - 2014-08-18 10:00 - 00001826 _____ () C:\Users\Public\Desktop\Tango.lnk
2014-08-18 10:00 - 2014-08-18 10:00 - 00000000 ____D () C:\Users\hihi\AppData\Local\tango
2014-08-18 10:00 - 2014-08-18 10:00 - 00000000 ____D () C:\Program Files (x86)\Tango
2014-08-18 09:59 - 2014-08-18 09:59 - 11779040 _____ () C:\Users\hihi\Downloads\SetupTango.exe
2014-08-18 09:40 - 2014-08-18 09:39 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-18 09:40 - 2014-08-18 09:38 - 00000000 ____D () C:\Users\hihi\AppData\Local\Google
2014-08-18 09:39 - 2014-08-18 09:39 - 00003882 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-18 09:39 - 2014-08-18 09:39 - 00003646 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-18 09:38 - 2014-08-18 09:38 - 00000000 ____D () C:\Users\hihi\AppData\Local\Apps\2.0
2014-08-16 22:58 - 2014-08-16 22:58 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-08-16 22:04 - 2014-08-16 22:04 - 00000000 ____D () C:\Users\hihi\AppData\Roaming\Nitro
2014-08-16 22:04 - 2014-08-16 16:51 - 00000000 ____D () C:\Users\hihi\AppData\Local\VirtualStore
2014-08-16 17:16 - 2014-08-16 17:16 - 00000000 ____D () C:\Users\hihi\AppData\Roaming\Macromedia
2014-08-16 16:53 - 2014-08-16 16:53 - 00000000 ____D () C:\Users\hihi\AppData\Roaming\Intel Corporation
2014-08-16 16:52 - 2014-08-16 16:52 - 00000000 ____D () C:\Users\hihi\AppData\Roaming\Adobe
2014-08-16 16:52 - 2014-08-16 16:52 - 00000000 ____D () C:\ProgramData\Energy Management
2014-08-16 16:52 - 2014-08-16 16:52 - 00000000 ____D () C:\ProgramData\eBay
2014-08-16 16:51 - 2014-08-16 16:51 - 00000000 ____D () C:\Users\hihi\AppData\Roaming\Intel
2014-08-01 00:41 - 2014-08-18 18:05 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
 
Some content of TEMP:
====================
C:\Users\hihi\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-19 01:20
 
==================== End Of Log ============================

 

Attached Files



#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,578 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:42 PM

Posted 20 August 2014 - 09:08 AM

 
 
]Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start
 
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
 
End
 
Save the files as fixlist.txt into the same folder as FRST
 
Run FRST and click Fix only once and wait.
 
Restart the computer normally to reset the registry.
 
The tool will create a log (Fixlog.txt) please post it to your reply.
===
 
Download Security Check by screen317 from here.
  •  
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.
 
If the site is busy or not available use this mirror site:
===
 
How is the computer running now?
 


#5 Perfection7

Perfection7
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 20 August 2014 - 11:14 AM

I went back to windows 7, but still problems.. Running very sluggish, and spypot and avast keep detectin stuff like tracking cookies from statcounter, and other places.. If you think going back to 8.1 is better let me know... I can.  I removed it due to paranoia.. I had a bunch of VPN service with full access accordingto the firwall.. F5VPN, Juniper VPN, and checklist or something VPN.   Here are the files..

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-08-2014 01
Ran by hello at 2014-08-20 10:12:29 Run:1
Running from C:\Users\hello\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
 
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
 
End
*****************

"HKLM\SOFTWARE\Policies\Google" => Key not found.
C:\ProgramData\Temp => ":5C321E34" ADS removed successfully.

==== End of Fixlog ====

 

 

 Results of screen317's Security Check version 0.99.87  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 SpywareBlaster 5.0    
 Spybot - Search & Destroy
 Adobe Flash Player 14.0.0.179  
 Mozilla Firefox (31.0)
````````Process Check: objlist.exe by Laurent````````  
 Spybot Teatimer.exe is disabled!
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast avastui.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 5%
````````````````````End of Log``````````````````````
 



#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,578 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:42 PM

Posted 21 August 2014 - 07:11 AM

 
Do not go back to Windows 8 until this is solved.
 
Makes sure that Tea-Timer form Spybot and destroy is disabled.
 
Try these fixes.
 
How to Reset a Router Back to the Factory Default Settings
 
Then, please reconfigure it back to your preferred setting.. Below is the list of default username and password, should you don't know it ;)
 
===
 
Reset for Linksys, Netgear, D-Link and Belkin Routers
 
How to Secure Your Wireless Router
===
 
Condinue is still having problem.
 
Click the StartBtn.gif button. In the Search box, type Command Prompt, and then, in the list of results, double-click Command Prompt.
 
at the cursor type:
ipconfig /flushdns <-- (A space between g and / is needed)
 
ipconfig //release
 
repeat with
ipconfig /renew
 
Then hit Enter, type Exit, hit  the Enter key.
 
You may need to run CMD - Command Prompt on Vista - Windows 7/8 with Elevated Privilege
<<<>>>
 
If that fails to remove the Redirects try this.
...
 
Reset all you Browsers.
 
Reset Chrome...
Click on "Customize and control Google Chrome":
 
p22003758.gif
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset browser settings" button.
 
Restart Chrome.
====
 
Firefox:
Reset Default Browsing settings:
===
 
Internet Explorer:
Menu > Tools > Internet Options > General Tab.
Click the Reset button on the bottom of the pane.
Click the Apply button.
Close IE.
 
===
 
How is it now?
 


#7 Perfection7

Perfection7
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 21 August 2014 - 08:09 AM

okay, I am not home yet, but I will do it when get there.  Would you say my router was bypassed or something?



#8 Perfection7

Perfection7
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 21 August 2014 - 10:06 AM

I thought I should post this scan log to help out.. It's from spybot full scan..no matter how many times I delete these entries they keep appearing.. I don't see the .statcounter one now..Not sure how it was there in the first place.  I will attatch it as a file

Attached Files



#9 nasdaq

nasdaq

  • Malware Response Team
  • 39,578 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:42 PM

Posted 21 August 2014 - 10:13 AM

Remove Spybot and Destroy using the Add/Remove Programs.

 

Restart the computer normally.

 

When all is well you can re-install the application.



#10 Perfection7

Perfection7
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 21 August 2014 - 11:01 AM

Ok, I should add that I am out of town.  I prob won't ever use the router I had again because my brother took it with him to his new place.  Should I follow your instructions for the other router I am at? 


Edited by Perfection7, 21 August 2014 - 11:02 AM.


#11 nasdaq

nasdaq

  • Malware Response Team
  • 39,578 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:42 PM

Posted 21 August 2014 - 12:26 PM

I prob won't ever use the router I had again because my brother took it with him to his new place.  Should I follow your instructions for the other router I am at?

 

Only if the problem computer is connected to it. 


Edited by nasdaq, 22 August 2014 - 06:49 AM.


#12 Perfection7

Perfection7
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 21 August 2014 - 03:05 PM

ok it is, so I will do that later today when I am at my home.  Just to ask..Do you see anything suspicious so far?


Edited by Perfection7, 21 August 2014 - 03:06 PM.


#13 nasdaq

nasdaq

  • Malware Response Team
  • 39,578 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:42 PM

Posted 22 August 2014 - 06:51 AM

Just to ask..Do you see anything suspicious so far?

 

No. Otherwise I would of asked.



#14 Perfection7

Perfection7
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 22 August 2014 - 10:09 AM

Okay, I havent done the test yet sorry.. I had to spend the night at my cousins due to work.  Do you think it would be good if I post logs of my windows 7?  or did you get it all already.  Because the first log in post 1 was windows 8.  Sorry to ask.



#15 Perfection7

Perfection7
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 22 August 2014 - 12:31 PM

Okay, I did what you said, and it's about the same.  Don't think anything was wrong on the router side.  Not sure why it's sluggish.. I have the newest drivers.. Going to install 8.1.. Anything you will need me to run on that?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users