Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Gameharbor.org Pop-up everytime I log into my Windows 8 account


  • Please log in to reply
9 replies to this topic

#1 peterip16

peterip16

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:39 PM

Posted 13 September 2014 - 02:27 PM

Hi! Sorry this is my first time here. My computer problem is everytime I log in into my Windows 8 User Account, Google Chrome(My default browser) will pop up and goes from a site(too fast, couldn't catch) and redirect to gamebarbor.org I suspect this is due to a malware or virus and therefore I need help fixing it. I apologize if I violated any rules since this is my first time here.


Edited by hamluis, 13 September 2014 - 02:29 PM.
Moved from MRL to Am I Infected, no logs - Hamluis.


BC AdBot (Login to Remove)

 


#2 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:39 AM

Posted 13 September 2014 - 02:49 PM

Hello, 

 

Please work through the following, and let me know how you get on.

 

STEP 1
BY4dvz9.png.pagespeed.ce.cpqHQmQDB6.png AdwCleaner

  • Please download AdwCleaner and save the file to your Desktop.
  • Right-Click AdwCleaner.exe and select xAVOiBNU.jpg.pagespeed.ic.H5HC6LkiJX.jpg Run as administrator to run the programme.
  • Follow the prompts. 
  • Click Scan
  • Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate. 
  • Ensure anything you know to be legitimate does not have a checkmark, and click Clean
  • Follow the prompts and allow your computer to reboot
  • After rebooting, a log (AdwCleaner[S0].txt) will open. Copy the contents of the log and paste in your next reply.

-- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt.
 

STEP 2
xE3feWj5.png.pagespeed.ic.JE3sJIzHrn.png Junkware Removal Tool (JRT)

  • Please download Junkware Removal Tool and save the file to your Desktop.
  • Note: If you unchecked any items in AdwCleaner, please backup the associated folders/files before running JRT.
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Right-Click JRT.exe and select xAVOiBNU.jpg.pagespeed.ic.H5HC6LkiJX.jpg Run as administrator to run the programme.
  • Follow the prompts and allow the scan to run uninterrupted. 
  • Upon completion, a log (JRT.txt) will open on your desktop.
  • Re-enable your anti-virus software.
  • Copy the contents of JRT.txt and paste in your next reply.
     

STEP 3
xMgeHyNE.png.pagespeed.ic.49_rDPUa_4.png Internet Flush

  • Press the Windows Key xpdKOQKY.png.pagespeed.ic.tmAgS1-k6q.png + r on your keyboard at the same time. Type Notepad and click OK.
  • Copy the entire contents of the codebox below and paste into the Notepad document.
    ​@echo off
    echo Flushing Internet. Please wait... >"%userprofile%\desktop\flushresults.txt"
    ipconfig /release >>"%userprofile%\desktop\flushresults.txt" 2>&1
    ipconfig /renew >>"%userprofile%\desktop\flushresults.txt" 2>&1
    ipconfig /flushdns >>"%userprofile%\desktop\flushresults.txt" 2>&1
    netsh winsock reset all >>"%userprofile%\desktop\flushresults.txt" 2>&1
    netsh int ipv4 reset >>"%userprofile%\desktop\flushresults.txt" 2>&1
    netsh int ipv6 reset >>"%userprofile%\desktop\flushresults.txt" 2>&1
    echo Finished. Your computer will reboot. >>"%userprofile%\desktop\flushresults.txt" 2>&1
    shutdown -r -t 1
    del %0
  • Click Format. Ensure Wordwrap is unchecked
  • Click FileSave As and name the file flush.bat
  • Select All Files as the Save as type.
  • Save the file to your Desktop
  • Locate flush.bat xlmRDSkT.png.pagespeed.ic.UByFR5z3ld.jpg (W8/7/Vista) on your DesktopRight-click the icon and click xAVOiBNU.jpg.pagespeed.ic.H5HC6LkiJX.jpg Run as administrator.
  • Your computer will reboot. If not, please manually reboot. 
  • After the reboot, a log (results.txt) will be on your DesktopCopy the contents of the log and paste in your next reply. 
     

======================================================

STEP 4
xpfNZP4A.png.pagespeed.ic.bp5cRl1pJg.jpg Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • AdwCleaner[S0].txt
  • JRT.txt
  • flushresults.txt

Posted Image

#3 peterip16

peterip16
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:39 PM

Posted 13 September 2014 - 03:49 PM

Here's Content in ADwCleaner[S0].txt:

 

# AdwCleaner v3.310 - Report created 13/09/2014 at 13:30:45
# Updated 12/09/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Pak Ho - PETER
# Running from : C:\Users\Pak Ho\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
[x] Not Deleted : ExpatShieldService
[x] Not Deleted : ExpatSrv
[x] Not Deleted : ExpatTrayService
[x] Not Deleted : ExpatWd
 
***** [ Files / Folders ] *****
 
[x] Not Deleted : C:\Expat Shield
[x] Not Deleted : C:\ProgramData\Pokki
[x] Not Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Expat Shield
[x] Not Deleted : C:\Program Files (x86)\Expat Shield
[x] Not Deleted : C:\Users\Pak Ho\AppData\Local\Pokki
[x] Not Deleted : C:\Users\Public\Pokki
Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com
File Deleted : C:\Users\Pak Ho\AppData\Roaming\Mozilla\Firefox\Profiles\8ue5nh3q.default\searchplugins\trovi-search.xml
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
[x] Not Deleted : HKCU\Software\Classes\pokki
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
[x] Not Deleted : HKLM\SOFTWARE\Classes\ExpatIE.ExpatIEApp
[x] Not Deleted : HKLM\SOFTWARE\Classes\ExpatIE.ExpatIEApp.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F5A29F21-B121-48A0-A317-737AF8BB106A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}
[x] Not Deleted : HKCU\Software\Pokki
[x] Not Deleted : HKLM\SOFTWARE\ExpatShield
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ExpatShield
[x] Not Deleted : [x64] HKCU\Software\Pokki
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17239
 
 
-\\ Mozilla Firefox v32.0 (x86 en-US)
 
[ File : C:\Users\Pak Ho\AppData\Roaming\Mozilla\Firefox\Profiles\8ue5nh3q.default\prefs.js ]
 
 
-\\ Google Chrome v37.0.2062.120
 
[ File : C:\Users\Pak Ho\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R1].txt - [2993 octets] - [13/09/2014 13:28:53]
AdwCleaner[S0].txt - [2885 octets] - [13/09/2014 13:30:45]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2945 octets] ##########

No JRT.txt was found on Desktop


flushresults.txt:

 

Flushing Internet. Please wait... 
 
Windows IP Configuration
 
No operation can be performed on Evolve Gaming Connection while it has its media disconnected.
No operation can be performed on Bluetooth Network Connection while it has its media disconnected.
No operation can be performed on Local Area Connection while it has its media disconnected.
No operation can be performed on Tunngle while it has its media disconnected.
No operation can be performed on Local Area Connection* 3 while it has its media disconnected.
No operation can be performed on Ethernet while it has its media disconnected.
 
Ethernet adapter Evolve Gaming Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Ethernet adapter Bluetooth Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Ethernet adapter Tunngle:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Wireless LAN adapter Local Area Connection* 3:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Wireless LAN adapter Wi-Fi:
 
   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::69c3:8155:1a01:79e7%4
   Default Gateway . . . . . . . . . : 
 
Ethernet adapter Ethernet:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Ethernet adapter VirtualBox Host-Only Network:
 
   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::f0f5:8401:b4fd:9575%11
   IPv4 Address. . . . . . . . . . . : 192.168.56.1
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 
 
Ethernet adapter VMware Network Adapter VMnet1:
 
   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::3d06:da2d:9f69:4231%41
   IPv4 Address. . . . . . . . . . . : 192.168.140.1
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 
 
Ethernet adapter VMware Network Adapter VMnet8:
 
   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::404e:3249:5300:3178%42
   IPv4 Address. . . . . . . . . . . : 192.168.80.1
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 
 
Ethernet adapter Hamachi:
 
   Connection-specific DNS Suffix  . : 
   IPv6 Address. . . . . . . . . . . : 2620:9b::193a:ce89
   Link-local IPv6 Address . . . . . : fe80::285a:e96c:cc52:af8f%80
   IPv4 Address. . . . . . . . . . . : 25.58.206.137
   Subnet Mask . . . . . . . . . . . : 255.0.0.0
   Default Gateway . . . . . . . . . : 2620:9b::1900:1
 
Tunnel adapter isatap.{3594F84D-9BEF-45F3-B40D-BEF7FB4EFC40}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.{8BFCCA67-A263-453D-BAD3-440BF8C83348}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.{954FD302-8C45-4400-B6D4-BEEC724D6076}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.{12BF46EA-DBA9-4943-A1A7-4BB41BF39160}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Windows IP Configuration
 
No operation can be performed on Evolve Gaming Connection while it has its media disconnected.
No operation can be performed on Bluetooth Network Connection while it has its media disconnected.
No operation can be performed on Local Area Connection while it has its media disconnected.
No operation can be performed on Tunngle while it has its media disconnected.
No operation can be performed on Local Area Connection* 3 while it has its media disconnected.
No operation can be performed on Ethernet while it has its media disconnected.
 
Ethernet adapter Evolve Gaming Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Ethernet adapter Bluetooth Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Ethernet adapter Tunngle:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Wireless LAN adapter Local Area Connection* 3:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Wireless LAN adapter Wi-Fi:
 
   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::69c3:8155:1a01:79e7%4
   IPv4 Address. . . . . . . . . . . : 192.168.0.102
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.0.1
 
Ethernet adapter Ethernet:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Ethernet adapter VirtualBox Host-Only Network:
 
   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::f0f5:8401:b4fd:9575%11
   IPv4 Address. . . . . . . . . . . : 192.168.56.1
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 
 
Ethernet adapter VMware Network Adapter VMnet1:
 
   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::3d06:da2d:9f69:4231%41
   IPv4 Address. . . . . . . . . . . : 192.168.140.1
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 
 
Ethernet adapter VMware Network Adapter VMnet8:
 
   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::404e:3249:5300:3178%42
   IPv4 Address. . . . . . . . . . . : 192.168.80.1
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 
 
Ethernet adapter Hamachi:
 
   Connection-specific DNS Suffix  . : 
   IPv6 Address. . . . . . . . . . . : 2620:9b::193a:ce89
   Link-local IPv6 Address . . . . . : fe80::285a:e96c:cc52:af8f%80
   IPv4 Address. . . . . . . . . . . : 25.58.206.137
   Subnet Mask . . . . . . . . . . . : 255.0.0.0
   Default Gateway . . . . . . . . . : 2620:9b::1900:1
 
Tunnel adapter isatap.{3594F84D-9BEF-45F3-B40D-BEF7FB4EFC40}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.{8BFCCA67-A263-453D-BAD3-440BF8C83348}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.{954FD302-8C45-4400-B6D4-BEEC724D6076}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.{A78366FD-2EA5-4AA3-B40D-91B784DF8A39}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.{12BF46EA-DBA9-4943-A1A7-4BB41BF39160}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 
Resetting Global, OK!
Resetting Interface, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Route, OK!
Resetting , failed.
Access is denied.
 
Resetting , OK!
Restart the computer to complete this action.
 
Resetting Interface, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Route, OK!
Resetting , failed.
Access is denied.
 
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.
 
Finished. Your computer will reboot. 


#4 peterip16

peterip16
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:39 PM

Posted 13 September 2014 - 04:24 PM

And like I was saying, no JRT.txt even after I ran JRT. The problem with the pop-up gameharbor.org continues to happen.


Edited by peterip16, 13 September 2014 - 04:27 PM.


#5 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:39 AM

Posted 13 September 2014 - 06:44 PM

Hello, 
 
Did you purposely uncheck those items in AdwCleaner?
 
Please do the following. 
 
U5NwUGc.png.pagespeed.ce.fQOA5bLO8d.png Manually Removing Chrome Extension

  • Open Chrome.
  • Type chrome://extensions into the URL bar. 
  • Click the xcCN6rtf.png.pagespeed.ic.mc__q7bGu9.png button next to any extensions you do not recognise, or do not use. 
  • Close Chrome, and reboot. Does the issue still occur? 

Posted Image

#6 peterip16

peterip16
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:39 PM

Posted 14 September 2014 - 01:41 AM

Yes I did purposely uncheck items related to Expat Shield and Pokki. Expat Shield allows me to access site that are block by my university internet and Pokki is the company that made an app similar to the old Start Menu for Windows 8.1, since I dislike how 8.1 works.

 

I open Chrome and press the trash icon on all extension there are, closed Google Chrome and restart my laptop. But the problem still occurs.

 

I also ran FRST64 earlier and produce FRST.txt and Addition.txt Hope it helps 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Pak Ho (administrator) on PETER on 13-09-2014 15:47:21
Running from C:\Users\Pak Ho\Desktop
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\DragonAssistant3\DragonAssistantMaintenance.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe
(AnchorFree Inc.) C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe
() C:\Program Files (x86)\Expat Shield\bin\hsswd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\CHT\ChtIME.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(Google) C:\Users\Pak Ho\AppData\Roaming\Google\Google Talk\googletalk.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
() C:\Program Files (x86)\Expat Shield\bin\openvpntray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(BitTorrent Inc.) C:\Users\Pak Ho\AppData\Roaming\BitTorrent\BitTorrent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Pokki) C:\Users\Pak Ho\AppData\Local\Pokki\Engine\HostAppService.exe
(Pokki) C:\Users\Pak Ho\AppData\Local\Pokki\Engine\HostAppService.exe
(Pokki) C:\Users\Pak Ho\AppData\Local\Pokki\Engine\StartMenuIndexer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7569624 2014-04-03] (Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2817776 2014-04-10] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-02-13] (Hewlett-Packard Company)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [475448 2014-03-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694040 2014-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3802448 2014-09-04] (LogMeIn Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-08-19] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2379252050-2679611180-1516862501-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-2379252050-2679611180-1516862501-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2379252050-2679611180-1516862501-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2379252050-2679611180-1516862501-1002\...\Run: [googletalk] => C:\Users\Pak Ho\AppData\Roaming\Google\Google Talk\googletalk.exe [3739648 2007-01-01] (Google)
HKU\S-1-5-21-2379252050-2679611180-1516862501-1002\...\Run: [CMD] => cmd.exe /c start http://extendedunlimited.org && exit <===== ATTENTION
HKU\S-1-5-21-2379252050-2679611180-1516862501-1002\...\MountPoints2: {be562e61-278e-11e4-8264-6cc21770c60e} - "E:\INSTALL.EXE" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\Users\Pak Ho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google Talk.lnk
ShortcutTarget: Google Talk.lnk -> C:\Users\Pak Ho\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
Startup: C:\Users\Pak Ho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3050A J611 series.lnk
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 3050A J611 series.lnk -> C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Pak Ho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Skype.lnk
ShortcutTarget: Skype.lnk -> C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe ()
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT14/1
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT14/1
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://js.redirect.hp.com/jumpstation?bd=all&c=143&locale=ww_ww&pf=cnnb&s=ieHPtab&tp=iehome
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://js.redirect.hp.com/jumpstation?bd=all&c=143&locale=ww_ww&pf=cnnb&s=ieHPtab&tp=iehome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT14/1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT14/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT14/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT14/1
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ATLAS Toolbar -> {3C6301ED-0F78-4AF2-8150-D9C052361A8E} -> C:\Program Files (x86)\ATLAS V14\ATLIECP.DLL (FUJITSU LIMITED)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - ATLAS Toolbar - {3C6301ED-0F78-4AF2-8150-D9C052361A8E} - C:\Program Files (x86)\ATLAS V14\ATLIECP.DLL (FUJITSU LIMITED)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF ProfilePath: C:\Users\Pak Ho\AppData\Roaming\Mozilla\Firefox\Profiles\8ue5nh3q.default
FF SelectedSearchEngine: Google
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://hk.yahoo.com/
CHR StartupUrls: Default -> "hxxp://hk.yahoo.com/"
CHR DefaultSearchKeyword: Default -> 87BFF40C47660C76C9E7F398952298D86682696FEC195BD2AB3BC9BE2C33CADF
CHR DefaultSearchProvider: Default -> 71FCA4F28808D8CFE2F346B3F0837238B5FEEEDA43DE33601C1E1C00596B708F
CHR DefaultSearchURL: Default -> FDBF5B92EDF546E7565D7AFB552C5FFD043FC1968DAAB684A678F16C522D862A
CHR Profile: C:\Users\Pak Ho\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Pak Ho\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-04]
CHR Extension: (Google Docs) - C:\Users\Pak Ho\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-04]
CHR Extension: (Google Drive) - C:\Users\Pak Ho\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-04]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Pak Ho\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-04]
CHR Extension: (YouTube) - C:\Users\Pak Ho\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-04]
CHR Extension: (Adblock Plus) - C:\Users\Pak Ho\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-09-04]
CHR Extension: (Google Search) - C:\Users\Pak Ho\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-04]
CHR Extension: (Google Sheets) - C:\Users\Pak Ho\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-04]
CHR Extension: (Google Wallet) - C:\Users\Pak Ho\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-04]
CHR Extension: (Gmail) - C:\Users\Pak Ho\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-04]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 DAMSvc; C:\Program Files (x86)\Nuance\DragonAssistant3\DragonAssistantMaintenance.exe [4279056 2014-01-27] (Nuance Communications, Inc.)
S3 EvoSvc; C:\Program Files\Echobit\Evolve\EvoSvc.exe [1579936 2014-09-05] (Echobit LLC)
R2 ExpatShieldService; C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe [331608 2012-01-17] ()
S3 ExpatTrayService; C:\Program Files (x86)\Expat Shield\bin\ExpatTrayService.EXE [77520 2012-01-17] ()
R2 ExpatWd; C:\Program Files (x86)\Expat Shield\bin\hsswd.exe [329544 2012-01-04] ()
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-27] (WildTangent)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-13] (Hewlett-Packard Company) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [469304 2014-03-26] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-08] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-22] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-13] (Microsoft Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-08-08] (LogMeIn, Inc.)
S3 MyWiFiDHCPDNS; c:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-17] ()
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-06-17] (Microsoft Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-15] (DEVGURU Co., LTD.)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-04-10] (Synaptics Incorporated)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-04-02] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
R2 ZeroConfigService; c:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-17] (Intel® Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-08-19] (Disc Soft Ltd)
R3 EvolveVirtualAdapter; C:\Windows\system32\DRIVERS\evolve.sys [21656 2014-09-05] (Echobit, LLC)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-09-04] (LogMeIn Inc.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [186824 2014-05-13] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-13] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-13] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-13] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3443680 2014-05-04] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
S3 ptun0901; C:\Windows\system32\DRIVERS\ptun0901.sys [27136 2014-04-24] (The OpenVPN Project)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466136 2014-01-14] (Realsil Semiconductor Corporation)
R3 SensorsHIDClassDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-30] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-30] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2014-04-10] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-04-10] (Synaptics Incorporated)
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R3 VirtualButtons; C:\Windows\System32\drivers\VirtualButtons.sys [32024 2013-10-04] (Intel Corporation)
R3 vmkbd2; C:\Windows\system32\drivers\VMkbd.sys [33496 2014-06-12] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-13 15:47 - 2014-09-13 15:47 - 00028506 _____ () C:\Users\Pak Ho\Desktop\FRST.txt
2014-09-13 15:47 - 2014-09-13 15:47 - 00000000 ____D () C:\FRST
2014-09-13 15:46 - 2014-09-13 15:46 - 02105856 _____ (Farbar) C:\Users\Pak Ho\Desktop\FRST64.exe
2014-09-13 15:36 - 2014-09-13 15:45 - 00000150 _____ () C:\Users\Pak Ho\Desktop\fixlist.txt
2014-09-13 13:44 - 2014-09-13 13:44 - 00008208 _____ () C:\Users\Pak Ho\Desktop\flushresults.txt
2014-09-13 13:38 - 2014-09-13 13:38 - 00000000 ____D () C:\Windows\ERUNT
2014-09-13 13:36 - 2014-09-13 13:36 - 01016261 _____ (Thisisu) C:\Users\Pak Ho\Desktop\JRT.exe
2014-09-13 13:35 - 2014-09-13 13:35 - 00003037 _____ () C:\Users\Pak Ho\Desktop\AdwCleaner[S0].txt
2014-09-13 13:28 - 2014-09-13 13:30 - 00000000 ____D () C:\AdwCleaner
2014-09-13 13:28 - 2014-09-13 13:28 - 01373475 _____ () C:\Users\Pak Ho\Desktop\AdwCleaner.exe
2014-09-13 10:52 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-12 23:19 - 2014-08-26 17:32 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-09-12 23:19 - 2014-08-26 17:32 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-09-12 23:19 - 2014-08-26 17:31 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-09-12 17:08 - 2014-09-12 17:08 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-09-12 17:07 - 2014-09-12 17:07 - 00000000 ____D () C:\ProgramData\Samsung
2014-09-11 11:28 - 2014-09-11 11:28 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-09-09 01:05 - 2014-09-09 01:20 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\HP
2014-09-09 01:05 - 2014-09-09 01:05 - 00003622 _____ () C:\Windows\System32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series
2014-09-09 01:05 - 2014-09-09 01:05 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-09-09 01:05 - 2014-09-09 01:05 - 00000000 ____D () C:\Program Files\HP
2014-09-09 01:05 - 2012-10-17 04:31 - 00741480 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPMa011.dll
2014-09-08 21:27 - 2014-09-08 21:27 - 00000000 ____D () C:\Users\Pak Ho\Downloads\Probability and Statistics for Engineering and the Sciences by Jay L. Devore
2014-09-07 22:39 - 2014-09-07 22:39 - 02044712 _____ () C:\Users\Pak Ho\Downloads\Probability and Statistics for Engineering and the Sciences by Jay L. Devore.rar
2014-09-07 15:25 - 2014-09-07 15:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolphin
2014-09-07 15:25 - 2014-09-07 15:26 - 00000000 ____D () C:\Program Files\Dolphin
2014-09-07 15:25 - 2014-09-07 15:25 - 00000815 _____ () C:\Users\Public\Desktop\Dolphin.lnk
2014-09-06 13:56 - 2014-09-06 13:56 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\MMFApplications
2014-09-06 13:55 - 2014-09-06 13:55 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Five Nights at Freddy's
2014-09-06 13:55 - 2014-09-06 13:55 - 00000000 ____D () C:\Program Files (x86)\Five Nights at Freddy's
2014-09-06 13:09 - 2014-09-06 13:09 - 00000000 ____D () C:\Users\Pak Ho\Documents\Electronic Arts
2014-09-06 13:07 - 2014-09-03 18:24 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2014-09-06 13:03 - 2014-09-06 13:03 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-09-06 13:00 - 2014-09-06 13:05 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Origin
2014-09-06 13:00 - 2014-09-06 13:03 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\Origin
2014-09-06 12:51 - 2014-09-12 18:28 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-06 12:51 - 2014-09-06 12:56 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-09-06 12:49 - 2014-09-12 18:58 - 00000000 ____D () C:\ProgramData\Origin
2014-09-06 12:47 - 2014-09-06 12:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The SIMS 4 Deluxe Edition
2014-09-06 12:42 - 2014-09-06 12:47 - 00000000 ____D () C:\Program Files (x86)\The SIMS 4 Deluxe Edition
2014-09-05 18:50 - 2014-09-05 18:50 - 00021656 _____ (Echobit, LLC) C:\Windows\system32\Drivers\evolve.sys
2014-09-05 18:50 - 2014-09-05 18:50 - 00002046 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evolve.lnk
2014-09-05 18:50 - 2014-09-05 18:50 - 00002034 _____ () C:\Users\Public\Desktop\Evolve.lnk
2014-09-05 18:49 - 2014-09-05 18:49 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\Echobit
2014-09-05 18:49 - 2014-09-05 18:49 - 00000000 ____D () C:\ProgramData\Echobit
2014-09-05 18:49 - 2014-09-05 18:49 - 00000000 ____D () C:\Program Files\Echobit
2014-09-05 01:49 - 2014-09-13 15:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-04 23:40 - 2014-09-05 00:07 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2379252050-2679611180-1516862501-1009
2014-09-04 23:25 - 2014-09-04 23:25 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-04 23:25 - 2014-09-04 23:25 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-04 23:04 - 2014-09-04 23:04 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Talk
2014-09-04 22:51 - 2014-09-13 14:26 - 00002210 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-04 22:51 - 2014-09-04 22:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-04 22:50 - 2014-09-13 14:55 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-04 22:50 - 2014-09-13 14:26 - 00000906 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-04 22:50 - 2014-09-04 22:50 - 00003882 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-04 22:50 - 2014-09-04 22:50 - 00003646 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-04 17:19 - 2014-09-04 17:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-09-04 17:19 - 2014-09-04 17:19 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-09-04 16:55 - 2014-09-04 16:55 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\Deployment
2014-09-04 16:55 - 2014-09-04 16:55 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\Apps\2.0
2014-09-04 13:04 - 2014-09-04 13:04 - 00001048 _____ () C:\Users\Public\Desktop\R x64 3.1.1.lnk
2014-09-04 13:04 - 2014-09-04 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R
2014-09-04 13:03 - 2014-09-04 13:03 - 00000000 ____D () C:\Program Files\R
2014-09-04 11:44 - 2014-09-04 11:44 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2014-09-03 12:06 - 2014-09-11 11:26 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\WildTangent
2014-09-02 21:47 - 2014-09-02 21:47 - 05078869 _____ () C:\Users\Pak Ho\Downloads\ccuswdlc.rar
2014-09-01 22:41 - 2014-09-12 14:27 - 00216394 _____ () C:\Windows\system32\prfh0404.dat
2014-09-01 22:41 - 2014-09-12 14:27 - 00070310 _____ () C:\Windows\system32\prfc0404.dat
2014-09-01 22:41 - 2014-09-01 22:39 - 00119664 _____ () C:\Windows\system32\prfi0404.dat
2014-09-01 22:41 - 2014-09-01 22:39 - 00033362 _____ () C:\Windows\system32\prfd0404.dat
2014-09-01 22:39 - 2014-09-02 20:31 - 00000000 ____D () C:\Windows\system32\Drivers\zh-HK
2014-09-01 22:39 - 2014-09-02 20:28 - 00000000 ____D () C:\Windows\zh-HK
2014-09-01 22:39 - 2014-09-01 22:39 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-09-01 22:39 - 2014-09-01 22:39 - 00000000 ____D () C:\Windows\SysWOW64\Drivers\zh-HK
2014-09-01 16:25 - 2014-09-01 16:25 - 00102400 _____ () C:\Users\Pak Ho\Downloads\NPJB00512_Mobile_Suit_Gundam_Extreme_Vs_Full_Boost_DLC_FIX_20140806.pkg
2014-09-01 14:47 - 2014-09-12 18:25 - 00657069 _____ () C:\Users\Pak Ho\Downloads\CS-146-Lecture-1-Gomez.pptx
2014-09-01 12:42 - 2014-09-01 12:42 - 00001340 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2014-08-31 17:33 - 2014-08-31 17:34 - 00001243 _____ () C:\Users\Pak Ho\Desktop\Adobe Photoshop CS6.lnk
2014-08-31 17:31 - 2014-08-31 17:31 - 00003498 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-PETER-Pak Ho
2014-08-31 17:25 - 2014-08-31 17:25 - 00001098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2014-08-31 17:25 - 2014-08-31 17:25 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-08-31 17:23 - 2014-09-01 11:41 - 00000000 ____D () C:\Program Files\Adobe
2014-08-31 17:23 - 2014-08-31 17:23 - 00001060 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2014-08-31 17:21 - 2014-08-31 17:21 - 00001550 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2014-08-31 17:21 - 2014-08-31 17:21 - 00001380 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2014-08-31 17:19 - 2014-09-01 11:44 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-08-31 16:27 - 2014-08-31 16:27 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-08-31 15:05 - 2014-08-31 15:05 - 00000040 ____H () C:\35D04766C98F
2014-08-31 14:52 - 2014-08-31 14:52 - 00001650 _____ () C:\Users\Pak Ho\Desktop\Microsoft Power Point 2013.lnk
2014-08-31 14:52 - 2014-08-31 14:52 - 00001639 _____ () C:\Users\Pak Ho\Desktop\Microsoft Word 2013.lnk
2014-08-31 14:52 - 2014-08-31 14:52 - 00001619 _____ () C:\Users\Pak Ho\Desktop\Microsoft Excel 2013.lnk
2014-08-31 14:48 - 2014-08-31 15:02 - 00000000 ____D () C:\Windows\AutoKMS
2014-08-31 14:45 - 2014-09-02 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-08-31 14:45 - 2014-08-31 14:45 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-08-31 14:44 - 2014-08-31 14:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-08-31 14:43 - 2014-08-31 14:44 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-08-31 14:43 - 2014-08-31 14:43 - 00000000 ____D () C:\Windows\PCHEALTH
2014-08-31 14:40 - 2014-08-31 14:43 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-31 14:40 - 2014-08-31 14:40 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-08-31 14:40 - 2014-08-31 14:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-08-31 14:39 - 2014-08-31 14:39 - 00000000 __RHD () C:\MSOCache
2014-08-31 01:24 - 2014-08-31 01:24 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-08-31 01:24 - 2014-08-31 01:24 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-08-31 00:58 - 2014-08-31 11:09 - 00004960 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for PETER-Pak Ho Peter
2014-08-31 00:46 - 2014-09-13 14:27 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-08-30 21:51 - 2014-08-30 21:51 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{7CB00D4D-97B4-4709-9C0E-9F625969784D}
2014-08-30 21:45 - 2014-08-30 22:13 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2379252050-2679611180-1516862501-1007
2014-08-30 14:43 - 2014-09-02 20:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-30 14:43 - 2014-08-30 14:43 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\Microsoft Help
2014-08-30 12:51 - 2014-09-13 13:12 - 00000348 _____ () C:\Windows\Tasks\HPCeeScheduleForPak Ho.job
2014-08-30 12:51 - 2014-09-07 13:12 - 00003164 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForPak Ho
2014-08-30 11:47 - 2014-08-30 11:47 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2014-08-29 23:40 - 2014-08-29 23:40 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-08-29 23:38 - 2014-09-03 14:47 - 00000000 ___DO () C:\Users\Pak Ho\OneDrive
2014-08-28 15:58 - 2014-08-28 15:58 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\OpenOffice
2014-08-28 15:57 - 2014-08-28 15:58 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
2014-08-28 15:57 - 2014-08-28 15:57 - 00001128 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-08-28 15:57 - 2014-08-28 15:57 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-08-27 18:49 - 2014-08-22 17:42 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 18:49 - 2014-08-06 19:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 18:49 - 2014-08-01 20:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 15:28 - 2014-08-27 15:40 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2379252050-2679611180-1516862501-1006
2014-08-27 15:03 - 2014-08-27 15:03 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\Evernote
2014-08-27 12:03 - 2014-09-12 18:32 - 00000000 ____D () C:\Users\Pak Ho\Documents\NetBeansProjects
2014-08-26 23:22 - 2014-08-26 23:22 - 00000000 ____D () C:\Program Files\Common Files\Intel
2014-08-26 23:22 - 2014-08-26 23:22 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-08-26 22:00 - 2014-08-26 22:00 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-08-26 21:13 - 2014-09-07 13:12 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-08-26 21:12 - 2014-09-07 13:11 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-08-24 22:00 - 2014-08-24 22:00 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\OBS
2014-08-24 21:57 - 2014-08-24 21:57 - 00003122 _____ () C:\Windows\System32\Tasks\{15D33FEC-4D12-49BA-B384-68517978D9D9}
2014-08-24 21:42 - 2014-09-07 11:40 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\HexChat
2014-08-24 00:31 - 2014-09-07 15:20 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\vlc
2014-08-22 14:14 - 2014-08-22 14:14 - 00004096 _____ () C:\Windows\d3dx.dat
2014-08-21 18:35 - 2014-08-21 18:35 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-08-21 18:33 - 2014-08-21 18:33 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-08-21 14:26 - 2014-08-21 14:26 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Fujitsu
2014-08-21 14:26 - 2014-08-21 14:26 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\Fujitsu
2014-08-21 12:54 - 2014-08-21 12:54 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\hpqlog
2014-08-20 21:18 - 2014-08-20 21:18 - 00007601 _____ () C:\Users\Pak Ho\AppData\Local\Resmon.ResmonCfg
2014-08-20 19:44 - 2014-08-20 19:44 - 00000000 ____D () C:\Users\Pak Ho\Documents\Virtual Machines
2014-08-20 19:18 - 2014-06-12 18:23 - 00064728 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys
2014-08-20 19:18 - 2013-10-08 18:21 - 00073296 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vsock.sys
2014-08-20 19:18 - 2013-10-08 18:21 - 00067664 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll
2014-08-20 19:18 - 2013-10-08 18:21 - 00063568 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll
2014-08-20 19:17 - 2014-06-12 18:21 - 00033496 _____ (VMware, Inc.) C:\Windows\system32\Drivers\VMkbd.sys
2014-08-20 19:16 - 2014-06-12 18:23 - 00359128 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2014-08-20 19:16 - 2014-06-12 18:22 - 00931032 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll
2014-08-20 19:16 - 2014-06-12 18:22 - 00437976 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2014-08-20 19:16 - 2014-06-12 18:22 - 00031448 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys
2014-08-20 19:15 - 2014-08-20 19:15 - 00002143 _____ () C:\Users\Public\Desktop\VMware Player.lnk
2014-08-20 19:15 - 2014-08-20 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2014-08-20 19:15 - 2014-08-20 19:15 - 00000000 ____D () C:\Program Files\Common Files\VMware
2014-08-20 19:15 - 2014-02-27 18:40 - 00054464 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
2014-08-20 18:51 - 2014-08-20 18:51 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-20 18:47 - 2014-08-20 20:49 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\VMware
2014-08-20 18:47 - 2014-08-20 20:47 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\VMware
2014-08-20 18:45 - 2014-09-13 13:45 - 00000000 ____D () C:\ProgramData\VMware
2014-08-20 18:45 - 2014-08-20 18:49 - 00000000 ____D () C:\Program Files (x86)\VMware
2014-08-20 17:54 - 2014-08-20 17:59 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-20 17:54 - 2014-07-31 23:41 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-20 17:53 - 2014-04-13 20:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-08-20 17:38 - 2014-08-20 17:41 - 00000000 ____D () C:\Program Files (x86)\OpenVPN
2014-08-20 17:38 - 2014-08-20 17:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2014-08-20 16:10 - 2014-08-20 16:10 - 00000000 _____ () C:\Windows\SysWOW64\cd.dat
2014-08-20 16:08 - 2014-08-20 16:10 - 00000000 ____D () C:\Program Files (x86)\Expat Shield
2014-08-20 16:08 - 2014-08-20 16:10 - 00000000 ____D () C:\Expat Shield
2014-08-20 16:08 - 2014-08-20 16:08 - 00001159 _____ () C:\Users\Public\Desktop\Expat Shield Launch.lnk
2014-08-20 16:08 - 2014-08-20 16:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Expat Shield
2014-08-20 16:05 - 2014-08-20 16:05 - 00000000 ____D () C:\Windows\pss
2014-08-20 15:47 - 2014-08-20 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-20 15:47 - 2014-08-20 15:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-20 12:58 - 2014-05-13 00:01 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2014-08-20 12:58 - 2014-05-12 22:07 - 02844160 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-08-20 12:58 - 2014-05-12 21:41 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-08-20 12:58 - 2014-05-12 21:26 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-08-20 12:58 - 2014-05-12 20:59 - 01035264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-08-20 12:58 - 2014-05-12 20:31 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-08-20 12:58 - 2014-05-03 04:29 - 01726224 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-08-20 12:58 - 2014-05-03 02:20 - 01473080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-08-20 12:58 - 2014-05-02 22:36 - 00997888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-08-20 12:58 - 2014-05-02 22:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\ncobjapi.dll
2014-08-20 12:58 - 2014-05-02 22:08 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2014-08-20 12:58 - 2014-05-02 22:07 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2014-08-20 12:58 - 2014-05-02 21:46 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncobjapi.dll
2014-08-20 12:58 - 2014-05-02 21:37 - 00235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2014-08-20 12:58 - 2014-05-02 21:37 - 00207360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2014-08-20 12:58 - 2014-05-02 16:26 - 00050745 _____ () C:\Windows\system32\srms.dat
2014-08-20 12:58 - 2014-04-30 22:44 - 01025536 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-08-20 12:58 - 2014-04-29 23:43 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2014-08-20 12:58 - 2014-04-29 23:41 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-08-20 12:58 - 2014-04-29 23:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2014-08-20 12:58 - 2014-04-29 23:41 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2014-08-20 12:58 - 2014-04-29 22:45 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-08-20 12:58 - 2014-04-29 21:48 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-08-20 12:58 - 2014-04-29 21:24 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-08-20 12:58 - 2014-04-29 21:23 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2014-08-20 12:58 - 2014-04-29 21:23 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-08-20 12:58 - 2014-04-29 21:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2014-08-20 12:58 - 2014-04-29 21:14 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-08-20 12:58 - 2014-04-29 20:59 - 01063424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-08-20 12:58 - 2014-04-29 20:46 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2014-08-20 12:58 - 2014-04-29 20:46 - 00229888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-08-20 12:58 - 2014-04-29 20:46 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-08-20 12:58 - 2014-04-29 20:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2014-08-20 12:58 - 2014-04-29 20:42 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2014-08-20 12:58 - 2014-04-28 15:40 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2014-08-20 12:58 - 2014-04-26 15:03 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-08-20 12:58 - 2014-04-26 13:14 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-08-20 12:58 - 2014-04-26 09:39 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2014-08-20 12:58 - 2014-04-14 02:37 - 02125344 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-08-20 12:58 - 2014-04-14 01:08 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-08-20 12:58 - 2014-04-13 22:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2014-08-20 12:58 - 2014-04-08 23:11 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-08-20 12:58 - 2014-04-08 22:20 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-08-20 12:56 - 2014-08-06 15:38 - 00697856 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-20 12:56 - 2014-08-01 22:44 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-20 12:56 - 2014-06-28 00:07 - 00385536 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-08-20 12:56 - 2014-04-18 01:09 - 08652800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-08-20 12:56 - 2014-04-06 09:31 - 21268952 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-20 12:56 - 2014-03-19 17:44 - 06645248 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-08-20 12:56 - 2014-03-17 22:00 - 07173120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2014-08-20 12:56 - 2014-03-17 21:52 - 05104640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2014-08-20 12:55 - 2014-04-18 07:57 - 00032600 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2014-08-20 12:55 - 2014-04-18 07:44 - 01466856 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-08-20 12:55 - 2014-04-18 06:29 - 01200288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-08-20 12:55 - 2014-04-18 02:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\energyprov.dll
2014-08-20 12:55 - 2014-04-18 01:32 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-08-20 12:55 - 2014-04-18 01:21 - 01126912 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-08-20 12:55 - 2014-04-18 00:51 - 00836608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-08-20 12:55 - 2014-04-18 00:49 - 05833216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-08-20 12:55 - 2014-04-14 02:20 - 00324888 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2014-08-20 12:55 - 2014-04-14 01:01 - 00285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2014-08-20 12:55 - 2014-04-10 23:13 - 01200128 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-08-20 12:55 - 2014-04-10 21:51 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-08-20 12:55 - 2014-04-10 21:23 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-08-20 12:55 - 2014-04-10 20:30 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-08-20 12:55 - 2014-04-09 04:53 - 00337240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-08-20 12:55 - 2014-04-08 23:39 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-08-20 12:55 - 2014-04-08 22:44 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2014-08-20 12:55 - 2014-04-08 20:33 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-08-20 12:55 - 2014-04-07 19:01 - 00589656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-08-20 12:55 - 2014-04-06 09:34 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-08-20 12:55 - 2014-04-06 09:34 - 00275800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-08-20 12:55 - 2014-04-06 09:32 - 00125496 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-08-20 12:55 - 2014-04-06 09:30 - 00201920 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2014-08-20 12:55 - 2014-04-06 09:24 - 00360792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-08-20 12:55 - 2014-04-06 09:20 - 01403856 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-08-20 12:55 - 2014-04-06 09:20 - 01379064 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-08-20 12:55 - 2014-04-06 09:20 - 00881616 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-08-20 12:55 - 2014-04-06 09:20 - 00765408 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-08-20 12:55 - 2014-04-06 09:20 - 00609448 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-08-20 12:55 - 2014-04-06 09:20 - 00491744 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2014-08-20 12:55 - 2014-04-06 09:20 - 00467496 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-08-20 12:55 - 2014-04-06 09:20 - 00463256 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-08-20 12:55 - 2014-04-06 09:20 - 00364640 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-08-20 12:55 - 2014-04-06 09:20 - 00244880 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-08-20 12:55 - 2014-04-06 09:20 - 00028408 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-08-20 12:55 - 2014-04-06 08:23 - 00098584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-08-20 12:55 - 2014-04-06 08:22 - 18755672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-20 12:55 - 2014-04-06 08:22 - 00178184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2014-08-20 12:55 - 2014-04-06 08:16 - 01209616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-08-20 12:55 - 2014-04-06 08:16 - 00707048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-08-20 12:55 - 2014-04-06 08:16 - 00669856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-08-20 12:55 - 2014-04-06 08:16 - 00518544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-08-20 12:55 - 2014-04-06 08:16 - 00406504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-08-20 12:55 - 2014-04-06 08:16 - 00387896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-08-20 12:55 - 2014-04-06 08:16 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-08-20 12:55 - 2014-04-06 08:16 - 00305768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-08-20 12:55 - 2014-04-06 05:58 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-08-20 12:55 - 2014-04-06 05:51 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-08-20 12:55 - 2014-04-06 05:33 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2014-08-20 12:55 - 2014-04-06 05:24 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-08-20 12:55 - 2014-04-06 05:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-08-20 12:55 - 2014-04-06 04:26 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2014-08-20 12:55 - 2014-04-06 04:20 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-08-20 12:55 - 2014-04-06 04:01 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-08-20 12:55 - 2014-04-06 03:52 - 00955904 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-08-20 12:55 - 2014-04-06 03:51 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-08-20 12:55 - 2014-04-06 03:37 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-08-20 12:55 - 2014-04-06 03:36 - 00888320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-08-20 12:55 - 2014-04-06 03:05 - 01222656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2014-08-20 12:55 - 2014-04-06 02:59 - 00982016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-08-20 12:55 - 2014-04-03 01:12 - 00307304 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-08-20 12:55 - 2014-04-03 01:12 - 00130144 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2014-08-20 12:55 - 2014-04-02 21:03 - 00230808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-08-20 12:55 - 2014-04-02 21:03 - 00111528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2014-08-20 12:55 - 2014-04-02 19:53 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-08-20 12:55 - 2014-04-02 19:51 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-08-20 12:55 - 2014-04-02 19:23 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2014-08-20 12:55 - 2014-04-02 19:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2014-08-20 12:55 - 2014-03-31 23:23 - 00384856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-08-20 12:55 - 2014-03-30 22:42 - 07425368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-08-20 12:55 - 2014-03-30 17:01 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-08-20 12:55 - 2014-03-30 16:43 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-08-20 12:55 - 2014-03-30 15:54 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-08-20 12:55 - 2014-03-30 15:49 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-08-20 12:55 - 2014-03-30 15:35 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-08-20 12:55 - 2014-03-28 08:58 - 00407016 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2014-08-20 12:55 - 2014-03-26 23:16 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-08-20 12:55 - 2014-03-26 22:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2014-08-20 12:55 - 2014-03-26 21:59 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-08-20 12:55 - 2014-03-26 21:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2014-08-20 12:55 - 2014-03-26 21:19 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-08-20 12:55 - 2014-03-26 20:46 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-08-20 12:55 - 2014-03-26 20:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-08-20 12:55 - 2014-03-26 20:10 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-08-20 12:55 - 2014-03-19 20:48 - 00263424 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-08-20 12:55 - 2014-03-19 16:33 - 05774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-08-20 12:55 - 2014-03-19 01:15 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2014-08-20 12:55 - 2014-03-19 01:07 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-08-20 12:55 - 2014-03-19 00:24 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-08-20 12:55 - 2014-03-19 00:17 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2014-08-20 12:55 - 2014-03-18 23:36 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-08-20 12:55 - 2014-03-18 22:56 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-08-20 12:55 - 2014-03-18 22:45 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-08-20 12:55 - 2014-03-18 22:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-08-20 12:55 - 2014-03-18 22:07 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-08-20 12:55 - 2014-03-18 22:02 - 01527296 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-08-20 12:55 - 2014-03-18 22:00 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-08-20 12:55 - 2014-03-18 21:51 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-08-20 12:55 - 2014-03-18 21:31 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-08-20 12:55 - 2014-03-18 21:18 - 02688000 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-08-20 12:55 - 2014-03-18 01:19 - 00077312 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-08-20 12:55 - 2014-03-16 22:09 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-08-20 12:55 - 2014-03-16 21:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-08-20 12:55 - 2014-03-16 20:01 - 00486912 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-08-20 12:55 - 2014-03-16 19:45 - 00370176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-08-20 12:55 - 2014-03-13 23:26 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2014-08-20 12:55 - 2014-03-13 23:10 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2014-08-20 12:55 - 2014-03-06 05:42 - 00310616 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-08-20 12:55 - 2014-01-27 11:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-08-20 12:48 - 2014-01-19 00:38 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-20 12:46 - 2014-07-09 21:52 - 13292544 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-08-20 12:46 - 2014-07-09 21:47 - 11794944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-08-20 12:46 - 2014-07-09 21:33 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-08-20 12:46 - 2014-07-09 21:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\lockscreencn.dll
2014-08-20 12:46 - 2014-07-09 20:38 - 02642944 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-20 12:46 - 2014-07-09 20:36 - 02318336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-20 12:44 - 2014-07-09 21:16 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-08-20 12:44 - 2014-07-09 21:03 - 04756992 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-08-20 12:44 - 2014-07-09 20:33 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-08-20 12:33 - 2014-04-08 15:46 - 00086688 _____ (Microsoft Corporation) C:\Windows\system32\mrt_map.dll
2014-08-20 12:33 - 2014-04-08 15:46 - 00028320 _____ (Microsoft Corporation) C:\Windows\system32\mrt100.dll
2014-08-20 12:33 - 2014-04-08 11:54 - 00080032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt_map.dll
2014-08-20 12:33 - 2014-04-08 11:54 - 00026784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt100.dll
2014-08-20 12:19 - 2014-08-01 20:11 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-08-20 12:19 - 2014-06-16 15:26 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-08-20 12:19 - 2014-06-16 15:24 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-08-20 12:19 - 2014-05-29 20:03 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-08-20 12:13 - 2014-05-09 20:46 - 02151424 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-08-20 12:13 - 2014-05-09 20:22 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-08-20 12:12 - 2014-07-25 07:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-20 12:12 - 2014-07-25 06:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-20 12:12 - 2014-07-25 05:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-20 12:12 - 2014-07-25 04:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-20 12:12 - 2014-03-23 19:30 - 00257880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-08-20 12:12 - 2014-03-23 19:30 - 00123224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-08-20 12:12 - 2014-03-23 19:27 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-08-20 12:12 - 2014-03-13 00:42 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-08-20 12:12 - 2014-03-12 23:51 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-08-20 12:11 - 2014-07-25 06:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-20 12:11 - 2014-07-25 06:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-20 12:11 - 2014-07-25 06:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-20 12:11 - 2014-07-25 05:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-20 12:11 - 2014-07-25 05:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-20 12:11 - 2014-07-25 05:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-20 12:11 - 2014-07-25 05:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-20 12:11 - 2014-07-25 05:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-20 12:11 - 2014-07-25 05:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-20 12:11 - 2014-07-25 05:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-20 12:11 - 2014-07-25 05:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-20 12:11 - 2014-07-25 05:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-20 12:11 - 2014-07-25 05:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-20 12:11 - 2014-07-25 04:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-20 12:11 - 2014-07-25 04:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-20 12:11 - 2014-07-25 04:43 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-20 12:11 - 2014-07-25 04:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-20 12:11 - 2014-07-25 04:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-20 12:11 - 2014-07-25 04:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-20 12:11 - 2014-07-25 04:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-20 12:11 - 2014-07-25 04:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-20 12:11 - 2014-07-25 04:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-20 12:11 - 2014-07-25 04:09 - 00291840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-20 12:11 - 2014-07-25 04:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-20 12:11 - 2014-07-25 04:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-20 12:11 - 2014-07-25 03:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-20 12:11 - 2014-07-25 03:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-20 12:11 - 2014-07-25 03:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-20 12:11 - 2014-07-25 03:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-20 12:11 - 2014-07-25 03:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-20 12:11 - 2014-07-25 03:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-20 12:08 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-20 12:08 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-20 12:07 - 2014-05-04 21:02 - 03360256 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-08-20 12:04 - 2014-08-20 12:04 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-20 12:04 - 2014-08-19 23:30 - 00001093 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-20 12:04 - 2014-08-19 23:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-20 11:57 - 2014-05-30 23:27 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-08-20 11:48 - 2014-08-22 14:14 - 00000000 ____D () C:\Program Files (x86)\Marble Blast Gold
2014-08-20 11:48 - 2014-08-20 11:48 - 00001068 _____ () C:\Users\Pak Ho\Desktop\Marble Blast Gold.lnk
2014-08-20 11:48 - 2014-08-20 11:48 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marble Blast Gold
2014-08-20 11:48 - 2014-08-20 11:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Marble Blast Gold
2014-08-20 11:46 - 2014-05-18 23:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2014-08-20 11:46 - 2014-05-18 23:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-08-20 11:46 - 2014-05-18 22:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-08-20 11:46 - 2014-04-29 21:43 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-08-20 11:46 - 2014-04-29 21:26 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-08-20 11:46 - 2014-04-29 20:47 - 01509888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-08-20 11:39 - 2014-06-04 02:27 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-20 11:39 - 2014-06-03 22:31 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-20 11:39 - 2014-06-03 22:22 - 02790912 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-20 11:39 - 2014-06-03 21:43 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-20 11:39 - 2014-06-03 21:38 - 03304448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-20 11:34 - 2014-06-19 18:48 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-20 11:34 - 2014-06-19 16:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-20 11:34 - 2014-06-12 18:15 - 00517528 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-08-20 11:34 - 2014-06-12 18:14 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-20 11:34 - 2014-06-12 17:10 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-08-20 11:34 - 2014-06-06 04:34 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-08-20 11:34 - 2014-05-08 16:06 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-08-20 11:30 - 2014-04-11 01:25 - 00419928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2014-08-20 11:30 - 2014-04-10 23:04 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-20 11:30 - 2014-04-10 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-08-20 11:30 - 2014-04-10 22:22 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-20 11:30 - 2014-04-10 20:54 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2014-08-20 11:30 - 2014-04-10 20:06 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-20 11:30 - 2014-04-10 20:05 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-20 11:30 - 2014-04-10 20:02 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-20 11:30 - 2014-04-10 20:01 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-20 11:30 - 2014-04-10 19:57 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-08-20 11:30 - 2014-04-10 19:56 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-08-20 11:30 - 2014-04-10 19:46 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-20 11:29 - 2014-07-15 11:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-08-20 11:29 - 2014-07-15 01:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-08-20 11:29 - 2014-07-15 01:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-08-20 11:29 - 2014-07-15 01:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-08-20 11:29 - 2014-05-01 06:31 - 00055328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2014-08-20 11:28 - 2014-05-29 05:02 - 00565576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-08-20 11:28 - 2014-05-29 00:55 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-08-20 11:28 - 2014-05-28 23:40 - 00735232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-08-20 11:28 - 2014-05-28 23:37 - 00436224 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-08-20 11:28 - 2014-05-28 22:34 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-08-20 11:28 - 2014-05-28 22:27 - 01417216 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-08-20 11:21 - 2014-06-05 07:13 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-08-20 11:21 - 2014-06-05 06:14 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-08-20 11:21 - 2014-06-01 19:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-08-20 11:21 - 2014-05-31 03:07 - 00467800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-08-20 11:21 - 2014-05-31 03:07 - 00440664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-08-20 11:21 - 2014-05-31 03:07 - 00419672 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-08-20 11:21 - 2014-05-31 03:07 - 00089944 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-08-20 11:21 - 2014-05-31 03:07 - 00027480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-08-20 11:21 - 2014-05-30 23:30 - 00037376 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-08-20 11:21 - 2014-05-30 23:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-08-20 11:21 - 2014-05-30 23:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-08-20 11:21 - 2014-05-30 21:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-08-20 11:21 - 2014-05-30 21:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-08-20 11:21 - 2014-05-30 21:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-08-20 11:21 - 2014-05-27 08:53 - 02518360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-08-20 11:21 - 2014-05-27 02:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll
2014-08-20 11:21 - 2014-05-27 02:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll
2014-08-20 11:21 - 2014-05-16 21:59 - 16871936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-08-20 11:21 - 2014-05-16 21:13 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-08-20 11:21 - 2014-03-30 22:35 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-08-20 11:20 - 2014-07-11 21:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-08-20 11:20 - 2014-06-06 06:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-08-20 11:20 - 2014-06-06 05:18 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-08-20 11:19 - 2014-04-30 22:24 - 02834944 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2014-08-20 11:02 - 2014-08-20 11:03 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\TS3Client
2014-08-20 11:01 - 2014-08-20 11:01 - 00000000 ____D () C:\Users\Pak Ho\Documents\Tunngle
2014-08-20 10:44 - 2014-09-13 14:27 - 00000000 ____D () C:\Users\Pak Ho\Documents\Youcam
2014-08-20 06:23 - 2014-08-20 16:01 - 00000000 ____D () C:\Program Files (x86)\OpenVPN Technologies
2014-08-20 06:02 - 2014-08-20 06:02 - 567912224 _____ () C:\Windows\MEMORY.DMP
2014-08-20 06:02 - 2014-08-20 06:02 - 00282600 _____ () C:\Windows\Minidump\082014-52328-01.dmp
2014-08-20 06:02 - 2014-08-20 06:02 - 00000000 ____D () C:\Windows\Minidump
2014-08-20 00:30 - 2014-05-31 03:07 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-20 00:30 - 2014-05-31 03:06 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2014-08-20 00:30 - 2014-05-30 20:12 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-08-20 00:30 - 2014-05-30 20:06 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-20 00:30 - 2014-05-30 20:03 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-20 00:30 - 2014-05-30 20:01 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-08-20 00:30 - 2014-05-30 19:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-20 00:30 - 2014-05-30 19:54 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-20 00:30 - 2014-05-30 19:48 - 03463680 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-20 00:30 - 2014-05-30 19:37 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2014-08-20 00:30 - 2014-05-30 19:36 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-08-20 00:30 - 2014-05-30 19:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-08-20 00:30 - 2014-05-30 19:32 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-08-20 00:23 - 2014-08-20 00:23 - 00000000 ____D () C:\Users\Pak Ho\Documents\Diablo III
2014-08-20 00:21 - 2014-08-30 22:00 - 00000000 ____D () C:\Users\Pak Ho\Documents\College
2014-08-20 00:21 - 2014-08-20 00:22 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\NetBeans
2014-08-20 00:21 - 2014-08-20 00:21 - 00000000 ____D () C:\Users\Pak Ho\Documents\Bank of America
2014-08-20 00:21 - 2014-08-20 00:21 - 00000000 ____D () C:\Users\Pak Ho\Documents\AudioSurf
2014-08-20 00:21 - 2014-08-20 00:21 - 00000000 ____D () C:\Users\Pak Ho\Documents\Adobe
2014-08-20 00:21 - 2014-08-20 00:21 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\NetBeans
2014-08-20 00:09 - 2014-08-20 00:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HexChat
2014-08-20 00:09 - 2014-08-20 00:09 - 00000000 ____D () C:\Program Files\HexChat
2014-08-20 00:06 - 2014-08-26 17:31 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-20 00:06 - 2014-08-20 00:05 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-20 00:06 - 2014-08-20 00:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-20 00:06 - 2014-08-20 00:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-20 00:05 - 2014-08-26 17:30 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-19 23:59 - 2014-09-12 00:28 - 00000000 ____D () C:\ProgramData\Tunngle
2014-08-19 23:59 - 2014-08-20 11:04 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Tunngle
2014-08-19 23:59 - 2014-08-20 00:01 - 00000000 ____D () C:\Program Files (x86)\Tunngle
2014-08-19 23:59 - 2014-08-19 23:59 - 00001014 _____ () C:\Users\Public\Desktop\Tunngle beta.lnk
2014-08-19 23:59 - 2014-08-19 23:59 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2014-08-19 23:59 - 2014-08-19 23:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2014-08-19 23:59 - 2009-09-16 07:02 - 00031232 _____ (Tunngle.net) C:\Windows\system32\Drivers\tap0901t.sys
2014-08-19 23:54 - 2014-09-13 00:42 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\LogMeIn Hamachi
2014-08-19 23:54 - 2014-09-06 15:43 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-08-19 23:54 - 2014-08-19 23:54 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\LogMeIn
2014-08-19 23:51 - 2014-09-04 17:19 - 00000945 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-08-19 23:47 - 2014-08-19 23:47 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-08-19 23:47 - 2014-08-19 23:47 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\TeamSpeak 3 Client
2014-08-19 23:46 - 2014-08-19 23:46 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-08-19 23:46 - 2014-08-19 23:46 - 00000000 ____D () C:\Program Files\OBS
2014-08-19 23:45 - 2014-08-19 23:46 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-08-19 23:45 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-08-19 23:45 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-08-19 23:45 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-08-19 23:45 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-08-19 23:45 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-08-19 23:45 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-08-19 23:45 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-08-19 23:45 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-08-19 23:45 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-08-19 23:45 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-08-19 23:45 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-08-19 23:45 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-08-19 23:45 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-08-19 23:45 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-08-19 23:45 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-08-19 23:45 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-08-19 23:45 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-08-19 23:45 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-08-19 23:45 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-08-19 23:45 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-08-19 23:44 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-08-19 23:44 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-08-19 23:44 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-08-19 23:44 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-08-19 23:44 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-08-19 23:44 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-08-19 23:44 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-08-19 23:44 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-08-19 23:44 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-08-19 23:44 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-08-19 23:44 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-08-19 23:44 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-08-19 23:44 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-08-19 23:44 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-08-19 23:44 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-08-19 23:44 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-08-19 23:44 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-08-19 23:44 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-08-19 23:44 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-08-19 23:44 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-08-19 23:44 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-08-19 23:44 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-08-19 23:44 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-08-19 23:44 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-08-19 23:44 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-08-19 23:44 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-08-19 23:44 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-08-19 23:44 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-08-19 23:44 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-08-19 23:44 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2014-08-19 23:44 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-08-19 23:44 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2014-08-19 23:44 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-08-19 23:44 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-08-19 23:44 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-08-19 23:44 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-08-19 23:44 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-08-19 23:44 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-08-19 23:44 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-08-19 23:44 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-08-19 23:44 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-08-19 23:44 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-08-19 23:44 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-08-19 23:44 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-08-19 23:44 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-08-19 23:44 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-08-19 23:44 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-08-19 23:44 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-08-19 23:44 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-08-19 23:44 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-08-19 23:44 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-08-19 23:44 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-08-19 23:44 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-08-19 23:44 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-08-19 23:44 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-08-19 23:44 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-08-19 23:44 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-08-19 23:44 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-08-19 23:44 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-08-19 23:44 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-08-19 23:44 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-08-19 23:44 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-08-19 23:44 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-08-19 23:44 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-08-19 23:44 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-08-19 23:44 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-08-19 23:44 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-08-19 23:44 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-08-19 23:44 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-08-19 23:44 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-08-19 23:44 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-08-19 23:44 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-08-19 23:44 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-08-19 23:44 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-08-19 23:44 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-08-19 23:44 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-08-19 23:44 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-08-19 23:44 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-08-19 23:44 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-08-19 23:44 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-08-19 23:44 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-08-19 23:44 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-08-19 23:44 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-08-19 23:44 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-08-19 23:44 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-08-19 23:44 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-08-19 23:44 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-08-19 23:44 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-08-19 23:44 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-08-19 23:44 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-08-19 23:44 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-08-19 23:44 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-08-19 23:44 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-08-19 23:44 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-08-19 23:44 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-08-19 23:44 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-08-19 23:44 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-08-19 23:44 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-08-19 23:43 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-08-19 23:43 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-08-19 23:43 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-08-19 23:43 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-08-19 23:43 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-08-19 23:43 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-08-19 23:43 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-08-19 23:43 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-08-19 23:43 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-08-19 23:43 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-08-19 23:43 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-08-19 23:43 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-08-19 23:43 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-08-19 23:43 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-08-19 23:43 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-08-19 23:43 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2014-08-19 23:43 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-08-19 23:43 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-08-19 23:43 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-08-19 23:43 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-08-19 23:43 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-08-19 23:43 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-08-19 23:43 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-08-19 23:43 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-08-19 23:43 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-08-19 23:43 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-08-19 23:43 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-08-19 23:43 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-08-19 23:43 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-08-19 23:43 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-08-19 23:43 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-08-19 23:43 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-08-19 23:43 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-08-19 23:43 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-08-19 23:43 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-08-19 23:43 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-08-19 23:43 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-08-19 23:43 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-08-19 23:43 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-08-19 23:43 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-08-19 23:43 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-08-19 23:43 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-08-19 23:43 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-08-19 23:43 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-08-19 23:43 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-08-19 23:43 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-08-19 23:43 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-08-19 23:43 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-08-19 23:43 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-08-19 23:43 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-08-19 23:43 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-08-19 23:43 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-08-19 23:43 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-08-19 23:43 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-08-19 23:43 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-08-19 23:43 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-08-19 23:42 - 2014-09-07 15:26 - 00010815 _____ () C:\Windows\DirectX.log
2014-08-19 23:42 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-08-19 23:42 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-08-19 23:42 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-08-19 23:42 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-08-19 23:42 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-08-19 23:42 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-08-19 23:42 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-08-19 23:42 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-08-19 23:41 - 2014-09-13 14:27 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\Adobe
2014-08-19 23:27 - 2014-08-19 23:45 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-08-19 23:27 - 2014-08-19 23:38 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-08-19 23:24 - 2014-08-19 23:24 - 00001973 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-08-19 23:23 - 2014-08-24 21:56 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\DAEMON Tools Lite
2014-08-19 23:23 - 2014-08-19 23:23 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-08-19 23:23 - 2014-08-19 23:23 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-08-19 23:22 - 2014-08-24 21:56 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-08-19 23:12 - 2014-08-19 23:15 - 00000000 ____D () C:\Program Files\glassfish-4.0
2014-08-19 23:06 - 2014-08-19 23:06 - 00002044 _____ () C:\Users\Public\Desktop\NetBeans IDE 8.0.lnk
2014-08-19 23:06 - 2014-08-19 23:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
2014-08-19 23:02 - 2014-08-20 00:22 - 00000000 ____D () C:\Program Files\NetBeans 8.0
2014-08-19 22:56 - 2014-08-19 23:21 - 00000000 ____D () C:\Users\Pak Ho\.nbi
2014-08-19 22:53 - 2014-08-19 22:54 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\HP
2014-08-19 22:53 - 2014-08-19 22:53 - 00000000 ____D () C:\ProgramData\WEBREG
2014-08-19 22:39 - 2014-09-09 23:21 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\HpUpdate
2014-08-19 22:38 - 2014-08-19 22:38 - 00001120 _____ () C:\Users\Public\Desktop\HP Photo Creations.lnk
2014-08-19 22:38 - 2014-08-19 22:38 - 00000000 ____D () C:\ProgramData\HP Photo Creations
2014-08-19 22:38 - 2014-08-19 22:38 - 00000000 ____D () C:\Program Files (x86)\HP Photo Creations
2014-08-19 22:37 - 2014-08-19 22:37 - 00001348 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2014-08-19 22:37 - 2014-08-19 22:37 - 00001342 _____ () C:\Users\Public\Desktop\HP Solution Center.lnk
2014-08-19 22:37 - 2014-08-19 22:37 - 00000000 ____D () C:\ProgramData\HP Product Assistant
2014-08-19 22:31 - 2014-09-09 01:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-08-19 22:25 - 2014-08-19 22:53 - 00223226 _____ () C:\Windows\hpoins43.dat
2014-08-19 22:25 - 2012-10-14 22:34 - 00000485 ____N () C:\Windows\hpomdl43.dat
2014-08-19 22:23 - 2014-08-26 17:32 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-19 22:23 - 2014-08-19 22:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-19 22:22 - 2014-09-12 23:19 - 00000000 ____D () C:\Program Files\Java
2014-08-19 22:22 - 2014-08-26 17:32 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-08-19 22:22 - 2014-08-19 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-08-19 22:18 - 2014-09-12 18:29 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\CrashDumps
2014-08-19 22:18 - 2014-08-19 22:18 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\Macromedia
2014-08-19 22:09 - 2009-04-16 14:08 - 00136704 _____ (Hewlett-Packard Company) C:\Windows\system32\hpf3l70v.dll
2014-08-19 22:07 - 2014-09-09 01:05 - 00000000 ____D () C:\Program Files (x86)\HP
2014-08-19 22:04 - 2014-09-09 01:05 - 00000000 ____D () C:\ProgramData\HP
2014-08-19 22:04 - 2014-08-19 22:53 - 00002367 _____ () C:\ProgramData\hpzinstall.log
2014-08-19 22:03 - 2012-09-14 15:00 - 01421312 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpost_p02c.dll
2014-08-19 22:03 - 2012-09-14 15:00 - 00880640 _____ (Hewlett-Packard) C:\Windows\system32\hposwia_p02c.dll
2014-08-19 22:03 - 2012-09-14 15:00 - 00515072 _____ (Hewlett-Packard Co.) C:\Windows\system32\hposc_p02a.dll
2014-08-19 22:03 - 2012-09-14 14:59 - 00642360 _____ (Hewlett-Packard) C:\Windows\system32\hpzids40.dll
2014-08-19 22:03 - 2012-09-14 14:59 - 00551424 _____ (Hewlett-Packard) C:\Windows\system32\hppldcoi.dll
2014-08-19 21:59 - 2014-08-19 21:59 - 00000299 _____ () C:\Users\Pak Ho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
2014-08-19 21:33 - 2014-08-19 21:33 - 00000000 ____D () C:\Users\Pak Ho\Downloads\Translation Aggregator 0.4.9.r171
2014-08-19 21:30 - 2014-08-19 21:30 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\WinRAR
2014-08-19 21:22 - 2014-09-13 15:34 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Skype
2014-08-19 21:22 - 2014-08-19 21:22 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\Skype
2014-08-19 21:15 - 2014-08-19 21:15 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale
2014-08-19 15:25 - 2014-08-19 15:25 - 00000000 ____D () C:\Users\Pak Ho\Documents\PETER
2014-08-19 04:11 - 2014-09-12 16:27 - 00000000 ____D () C:\Users\Pak Ho\Documents\Download of PS3
2014-08-19 04:10 - 2014-09-04 23:04 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Google
2014-08-19 04:10 - 2014-08-19 04:10 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Macromedia
2014-08-19 04:06 - 2014-08-19 04:11 - 00000000 ____D () C:\Users\Pak Ho\Documents\Download of DS
2014-08-19 04:03 - 2014-08-20 10:44 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\uTorrent
2014-08-19 04:02 - 2014-09-13 15:47 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\BitTorrent
2014-08-19 04:00 - 2014-08-19 04:00 - 00001190 _____ () C:\Users\Pak Ho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner64.lnk
2014-08-19 03:59 - 2014-08-19 23:47 - 00001229 _____ () C:\Users\Pak Ho\Desktop\TeamSpeak 3 Client.lnk
2014-08-19 03:59 - 2014-08-19 23:46 - 00000958 _____ () C:\Users\Pak Ho\Desktop\Open Broadcaster Software.lnk
2014-08-19 03:59 - 2014-08-19 04:04 - 00000867 _____ () C:\Users\Pak Ho\Desktop\µTorrent.lnk
2014-08-19 03:59 - 2014-08-19 04:03 - 00000887 _____ () C:\Users\Pak Ho\Desktop\BitTorrent.lnk
2014-08-19 03:59 - 2014-08-19 03:59 - 00000000 ____D () C:\Users\Pak Ho\Desktop\CS Work
2014-08-19 03:59 - 2014-05-08 00:18 - 00000967 _____ () C:\Users\Pak Ho\Desktop\HexChat (x64).lnk
2014-08-19 03:59 - 2012-07-05 21:38 - 00002875 _____ () C:\Users\Pak Ho\Desktop\AppLocale.lnk
2014-08-19 03:58 - 2014-08-19 03:58 - 00000000 ____D () C:\Users\Pak Ho\.netbeans-derby
2014-08-19 02:56 - 2014-08-19 02:56 - 00000000 ____D () C:\Users\Public\Pokki
2014-08-19 02:38 - 2014-08-19 02:39 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Mozilla
2014-08-19 02:38 - 2014-08-19 02:38 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\Mozilla
2014-08-19 02:37 - 2014-09-12 21:36 - 00000000 ____D () C:\Users\Pak Ho\.VirtualBox
2014-08-19 02:32 - 2014-08-19 03:11 - 00000000 ____D () C:\Users\Pak Ho\VirtualBox VMs
2014-08-19 02:32 - 2014-08-19 02:32 - 00000000 ___RD () C:\Users\Pak Ho\Virtual Machines
2014-08-19 02:31 - 2014-09-13 15:13 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2379252050-2679611180-1516862501-1002
2014-08-19 02:31 - 2014-09-12 21:53 - 4226846720 _____ () C:\Users\Pak Ho\Desktop\Lubuntu.vdi
2014-08-19 02:30 - 2014-08-19 02:30 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\CyberLink
2014-08-19 02:30 - 2014-08-19 02:30 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\CyberLink
2014-08-19 02:26 - 2014-08-19 02:26 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Hewlett-Packard
2014-08-19 02:24 - 2014-09-13 15:07 - 00002131 _____ () C:\Users\Pak Ho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk
2014-08-19 02:24 - 2014-08-19 02:26 - 00002459 _____ () C:\Users\Pak Ho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FarmVille 2.lnk
2014-08-19 02:24 - 2014-08-19 02:24 - 00002302 _____ () C:\Users\Pak Ho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2014-08-19 02:22 - 2014-09-11 00:05 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Adobe
2014-08-19 02:22 - 2014-09-04 17:22 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\Google
2014-08-19 02:22 - 2014-08-31 19:41 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\VirtualStore
2014-08-19 02:22 - 2014-08-30 12:51 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\Hewlett-Packard
2014-08-19 02:21 - 2014-09-13 15:37 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\Pokki
2014-08-19 02:21 - 2014-09-13 14:57 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\Packages
2014-08-19 02:21 - 2014-08-29 23:38 - 00000000 ____D () C:\Users\Pak Ho
2014-08-19 02:21 - 2014-08-19 02:21 - 00000020 ___SH () C:\Users\Pak Ho\ntuser.ini
2014-08-19 02:21 - 2014-08-19 02:21 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Synaptics
2014-08-19 02:21 - 2014-08-19 02:21 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Intel
2014-08-19 02:21 - 2014-04-24 09:58 - 00000000 ___RD () C:\Users\Pak Ho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-08-19 02:21 - 2014-04-24 09:10 - 00000000 ___HD () C:\Users\Pak Ho\Documents\hp.system.package.metadata
2014-08-19 02:21 - 2014-03-18 03:06 - 00000000 ___RD () C:\Users\Pak Ho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-08-19 02:21 - 2014-03-18 02:54 - 00000369 _____ () C:\Users\Pak Ho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-08-19 02:21 - 2014-03-18 02:54 - 00000369 _____ () C:\Users\Pak Ho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-08-19 02:21 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Pak Ho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-19 02:21 - 2013-08-22 08:36 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-08-19 01:50 - 2014-08-19 01:50 - 00001099 _____ () C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2014-08-19 01:49 - 2014-08-19 01:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2014-08-19 01:49 - 2014-08-19 01:49 - 00000000 ____D () C:\Program Files\Oracle
2014-08-19 01:49 - 2014-07-15 16:16 - 00863528 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2014-08-19 01:49 - 2014-07-15 16:15 - 00129168 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2014-08-19 01:45 - 2014-09-01 12:41 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-08-19 01:45 - 2014-08-19 01:45 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-08-19 01:44 - 2014-09-01 11:27 - 00000000 ____D () C:\ProgramData\Adobe
2014-08-19 01:39 - 2014-08-19 01:39 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-08-19 01:39 - 2014-08-19 01:39 - 00000841 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-19 01:39 - 2014-08-19 01:39 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-19 01:25 - 2014-08-19 21:22 - 00000000 ____D () C:\ProgramData\Skype
2014-08-19 01:25 - 2014-08-19 01:25 - 00002531 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-08-19 01:25 - 2014-08-19 01:25 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-19 01:25 - 2014-08-19 01:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-19 01:20 - 2014-09-05 10:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-19 01:20 - 2014-08-19 01:20 - 00000000 ____D () C:\ProgramData\Mozilla
2014-08-19 01:01 - 2014-08-19 01:01 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-08-19 01:00 - 2014-08-19 01:00 - 00001034 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2014-08-19 01:00 - 2014-08-19 01:00 - 00001028 _____ () C:\Users\Public\Desktop\WinRAR.lnk
2014-08-19 01:00 - 2014-08-19 01:00 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-08-19 00:57 - 2014-09-04 22:51 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-18 06:12 - 2014-06-01 00:23 - 00133381 _____ () C:\Users\Pak Ho\Downloads\MS.Gundam.Extreme.VS.Full.Boost.Pack.DLC.[BLJS10250].by.Ps3GunZ.rar
2014-08-18 06:12 - 2014-01-04 12:16 - 18948848 _____ () C:\Users\Pak Ho\Downloads\NPJB00533_00_Shin_Gundam_Muson_SP_and_VOL1_DLC_FIX.pkg
2014-08-18 06:11 - 2014-06-01 00:24 - 11105936 _____ () C:\Users\Pak Ho\Downloads\JP0700-BLJS10250_00-FULLBOOST000105A-A0105-V0100-PE.pkg
2014-08-18 06:11 - 2014-01-04 12:08 - 06893664 _____ () C:\Users\Pak Ho\Downloads\JP0700-BLJM61140_00-UPDATE0101000000-A0101-V0100-PE.pkg
2014-08-18 06:10 - 2014-06-01 00:10 - 22738275 _____ () C:\Users\Pak Ho\Downloads\BLJS10250_A0105_341-355-421+_OPOISSO893.7z
2014-08-18 06:10 - 2014-02-04 02:36 - 00059964 _____ () C:\Users\Pak Ho\Downloads\FW301-FIFA12_US.zip
2014-08-18 04:15 - 2014-03-10 15:33 - 00000446 _____ () C:\Users\Pak Ho\Documents\gitKey.txt
2014-08-18 00:36 - 2014-08-18 18:09 - 00000000 ____D () C:\Geek Squad backup
2014-08-18 00:35 - 2014-08-18 00:35 - 00000000 ____D () C:\ProgramData\Geek Squad
2014-08-17 22:48 - 2014-08-18 23:57 - 00003906 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{9CA8BCD2-F597-448C-866F-E313471BE970}
2014-08-17 22:23 - 2014-08-17 22:23 - 00004014 _____ () C:\Windows\System32\Tasks\HPGenoobeReminder
2014-08-17 22:01 - 2014-08-19 15:19 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2379252050-2679611180-1516862501-1001
2014-08-17 21:56 - 2014-09-04 23:35 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-08-17 21:55 - 2014-08-17 21:55 - 00000180 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-08-17 21:53 - 2014-09-13 14:37 - 01482421 _____ () C:\Windows\WindowsUpdate.log
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-13 15:47 - 2014-09-13 15:47 - 00028506 _____ () C:\Users\Pak Ho\Desktop\FRST.txt
2014-09-13 15:47 - 2014-09-13 15:47 - 00000000 ____D () C:\FRST
2014-09-13 15:47 - 2014-08-19 04:02 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\BitTorrent
2014-09-13 15:46 - 2014-09-13 15:46 - 02105856 _____ (Farbar) C:\Users\Pak Ho\Desktop\FRST64.exe
2014-09-13 15:45 - 2014-09-13 15:36 - 00000150 _____ () C:\Users\Pak Ho\Desktop\fixlist.txt
2014-09-13 15:37 - 2014-08-19 02:21 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\Pokki
2014-09-13 15:34 - 2014-08-19 21:22 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Skype
2014-09-13 15:33 - 2014-09-05 01:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-13 15:13 - 2014-08-19 02:31 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2379252050-2679611180-1516862501-1002
2014-09-13 15:07 - 2014-08-19 02:24 - 00002131 _____ () C:\Users\Pak Ho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk
2014-09-13 15:00 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\sru
2014-09-13 14:57 - 2014-08-19 02:21 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\Packages
2014-09-13 14:55 - 2014-09-04 22:50 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-13 14:37 - 2014-08-17 21:53 - 01482421 _____ () C:\Windows\WindowsUpdate.log
2014-09-13 14:27 - 2014-08-31 00:46 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-09-13 14:27 - 2014-08-20 10:44 - 00000000 ____D () C:\Users\Pak Ho\Documents\Youcam
2014-09-13 14:27 - 2014-08-19 23:41 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\Adobe
2014-09-13 14:26 - 2014-09-04 22:51 - 00002210 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-13 14:26 - 2014-09-04 22:50 - 00000906 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-13 13:45 - 2014-08-20 18:45 - 00000000 ____D () C:\ProgramData\VMware
2014-09-13 13:45 - 2013-08-22 07:46 - 00039144 _____ () C:\Windows\setupact.log
2014-09-13 13:45 - 2013-08-22 07:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-13 13:44 - 2014-09-13 13:44 - 00008208 _____ () C:\Users\Pak Ho\Desktop\flushresults.txt
2014-09-13 13:38 - 2014-09-13 13:38 - 00000000 ____D () C:\Windows\ERUNT
2014-09-13 13:36 - 2014-09-13 13:36 - 01016261 _____ (Thisisu) C:\Users\Pak Ho\Desktop\JRT.exe
2014-09-13 13:35 - 2014-09-13 13:35 - 00003037 _____ () C:\Users\Pak Ho\Desktop\AdwCleaner[S0].txt
2014-09-13 13:31 - 2014-03-18 02:44 - 00080404 _____ () C:\Windows\PFRO.log
2014-09-13 13:31 - 2013-08-22 06:25 - 00786432 ___SH () C:\Windows\system32\config\BBI
2014-09-13 13:30 - 2014-09-13 13:28 - 00000000 ____D () C:\AdwCleaner
2014-09-13 13:28 - 2014-09-13 13:28 - 01373475 _____ () C:\Users\Pak Ho\Desktop\AdwCleaner.exe
2014-09-13 13:12 - 2014-08-30 12:51 - 00000348 _____ () C:\Windows\Tasks\HPCeeScheduleForPak Ho.job
2014-09-13 00:42 - 2014-08-19 23:54 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\LogMeIn Hamachi
2014-09-13 00:35 - 2008-08-01 14:24 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{3FA2392B-1EF6-4768-AD11-76DA2277903D}
2014-09-12 23:58 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-09-12 23:19 - 2014-08-19 22:22 - 00000000 ____D () C:\Program Files\Java
2014-09-12 21:53 - 2014-08-19 02:31 - 4226846720 _____ () C:\Users\Pak Ho\Desktop\Lubuntu.vdi
2014-09-12 21:40 - 2013-01-30 11:01 - 00000000 ____D () C:\Users\Pak Ho\Documents\VirtualBox Lubuntu
2014-09-12 21:36 - 2014-08-19 02:37 - 00000000 ____D () C:\Users\Pak Ho\.VirtualBox
2014-09-12 20:26 - 2013-08-22 08:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-12 18:58 - 2014-09-06 12:49 - 00000000 ____D () C:\ProgramData\Origin
2014-09-12 18:32 - 2014-08-27 12:03 - 00000000 ____D () C:\Users\Pak Ho\Documents\NetBeansProjects
2014-09-12 18:29 - 2014-08-19 22:18 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\CrashDumps
2014-09-12 18:28 - 2014-09-06 12:51 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-12 18:25 - 2014-09-01 14:47 - 00657069 _____ () C:\Users\Pak Ho\Downloads\CS-146-Lecture-1-Gomez.pptx
2014-09-12 17:08 - 2014-09-12 17:08 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-09-12 17:07 - 2014-09-12 17:07 - 00000000 ____D () C:\ProgramData\Samsung
2014-09-12 16:27 - 2014-08-19 04:11 - 00000000 ____D () C:\Users\Pak Ho\Documents\Download of PS3
2014-09-12 14:27 - 2014-09-01 22:41 - 00216394 _____ () C:\Windows\system32\prfh0404.dat
2014-09-12 14:27 - 2014-09-01 22:41 - 00070310 _____ () C:\Windows\system32\prfc0404.dat
2014-09-12 14:27 - 2014-03-18 02:53 - 01236496 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-12 00:28 - 2014-08-19 23:59 - 00000000 ____D () C:\ProgramData\Tunngle
2014-09-11 11:28 - 2014-09-11 11:28 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-09-11 11:28 - 2014-06-17 18:17 - 00002463 ____N () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - hp.lnk
2014-09-11 11:28 - 2014-06-17 18:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-11 11:26 - 2014-09-03 12:06 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\WildTangent
2014-09-11 11:25 - 2014-06-17 18:17 - 00000000 ____D () C:\ProgramData\WildTangent
2014-09-11 00:05 - 2014-08-19 02:22 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Adobe
2014-09-10 21:24 - 2012-07-05 19:54 - 00000000 ____D () C:\Users\Pak Ho\Documents\Picture
2014-09-10 20:58 - 2012-07-05 19:29 - 00000000 ____D () C:\Users\Pak Ho\Documents\Musics
2014-09-10 11:07 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-09-09 23:21 - 2014-08-19 22:39 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\HpUpdate
2014-09-09 01:20 - 2014-09-09 01:05 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\HP
2014-09-09 01:05 - 2014-09-09 01:05 - 00003622 _____ () C:\Windows\System32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series
2014-09-09 01:05 - 2014-09-09 01:05 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-09-09 01:05 - 2014-09-09 01:05 - 00000000 ____D () C:\Program Files\HP
2014-09-09 01:05 - 2014-08-19 22:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-09-09 01:05 - 2014-08-19 22:07 - 00000000 ____D () C:\Program Files (x86)\HP
2014-09-09 01:05 - 2014-08-19 22:04 - 00000000 ____D () C:\ProgramData\HP
2014-09-09 01:05 - 2014-04-24 09:10 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-09-08 21:27 - 2014-09-08 21:27 - 00000000 ____D () C:\Users\Pak Ho\Downloads\Probability and Statistics for Engineering and the Sciences by Jay L. Devore
2014-09-07 22:39 - 2014-09-07 22:39 - 02044712 _____ () C:\Users\Pak Ho\Downloads\Probability and Statistics for Engineering and the Sciences by Jay L. Devore.rar
2014-09-07 15:26 - 2014-09-07 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolphin
2014-09-07 15:26 - 2014-09-07 15:25 - 00000000 ____D () C:\Program Files\Dolphin
2014-09-07 15:26 - 2014-08-19 23:42 - 00010815 _____ () C:\Windows\DirectX.log
2014-09-07 15:25 - 2014-09-07 15:25 - 00000815 _____ () C:\Users\Public\Desktop\Dolphin.lnk
2014-09-07 15:20 - 2014-08-24 00:31 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\vlc
2014-09-07 13:12 - 2014-08-30 12:51 - 00003164 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForPak Ho
2014-09-07 13:12 - 2014-08-26 21:13 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-09-07 13:11 - 2014-08-26 21:12 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-09-07 11:40 - 2014-08-24 21:42 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\HexChat
2014-09-06 15:43 - 2014-08-19 23:54 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-09-06 13:56 - 2014-09-06 13:56 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\MMFApplications
2014-09-06 13:55 - 2014-09-06 13:55 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Five Nights at Freddy's
2014-09-06 13:55 - 2014-09-06 13:55 - 00000000 ____D () C:\Program Files (x86)\Five Nights at Freddy's
2014-09-06 13:09 - 2014-09-06 13:09 - 00000000 ____D () C:\Users\Pak Ho\Documents\Electronic Arts
2014-09-06 13:08 - 2014-06-17 18:08 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-06 13:05 - 2014-09-06 13:00 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Origin
2014-09-06 13:03 - 2014-09-06 13:03 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-09-06 13:03 - 2014-09-06 13:00 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\Origin
2014-09-06 12:56 - 2014-09-06 12:51 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-09-06 12:47 - 2014-09-06 12:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The SIMS 4 Deluxe Edition
2014-09-06 12:47 - 2014-09-06 12:42 - 00000000 ____D () C:\Program Files (x86)\The SIMS 4 Deluxe Edition
2014-09-05 18:50 - 2014-09-05 18:50 - 00021656 _____ (Echobit, LLC) C:\Windows\system32\Drivers\evolve.sys
2014-09-05 18:50 - 2014-09-05 18:50 - 00002046 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evolve.lnk
2014-09-05 18:50 - 2014-09-05 18:50 - 00002034 _____ () C:\Users\Public\Desktop\Evolve.lnk
2014-09-05 18:49 - 2014-09-05 18:49 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\Echobit
2014-09-05 18:49 - 2014-09-05 18:49 - 00000000 ____D () C:\ProgramData\Echobit
2014-09-05 18:49 - 2014-09-05 18:49 - 00000000 ____D () C:\Program Files\Echobit
2014-09-05 10:35 - 2014-08-19 01:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-05 00:07 - 2014-09-04 23:40 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2379252050-2679611180-1516862501-1009
2014-09-04 23:54 - 2013-08-22 08:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-04 23:35 - 2014-08-17 21:56 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-09-04 23:25 - 2014-09-04 23:25 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-04 23:25 - 2014-09-04 23:25 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-04 23:04 - 2014-09-04 23:04 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Talk
2014-09-04 23:04 - 2014-08-19 04:10 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Google
2014-09-04 22:51 - 2014-09-04 22:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-04 22:51 - 2014-08-19 00:57 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-04 22:50 - 2014-09-04 22:50 - 00003882 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-04 22:50 - 2014-09-04 22:50 - 00003646 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-04 17:22 - 2014-08-19 02:22 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\Google
2014-09-04 17:19 - 2014-09-04 17:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-09-04 17:19 - 2014-09-04 17:19 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-09-04 17:19 - 2014-08-19 23:51 - 00000945 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-09-04 16:55 - 2014-09-04 16:55 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\Deployment
2014-09-04 16:55 - 2014-09-04 16:55 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\Apps\2.0
2014-09-04 13:04 - 2014-09-04 13:04 - 00001048 _____ () C:\Users\Public\Desktop\R x64 3.1.1.lnk
2014-09-04 13:04 - 2014-09-04 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R
2014-09-04 13:03 - 2014-09-04 13:03 - 00000000 ____D () C:\Program Files\R
2014-09-04 11:44 - 2014-09-04 11:44 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2014-09-03 18:24 - 2014-09-06 13:07 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2014-09-03 14:47 - 2014-08-29 23:38 - 00000000 ___DO () C:\Users\Pak Ho\OneDrive
2014-09-03 12:03 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-02 21:47 - 2014-09-02 21:47 - 05078869 _____ () C:\Users\Pak Ho\Downloads\ccuswdlc.rar
2014-09-02 20:46 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\rescache
2014-09-02 20:31 - 2014-09-01 22:39 - 00000000 ____D () C:\Windows\system32\Drivers\zh-HK
2014-09-02 20:31 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-09-02 20:28 - 2014-09-01 22:39 - 00000000 ____D () C:\Windows\zh-HK
2014-09-02 20:17 - 2014-08-31 14:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-09-02 20:17 - 2014-08-30 14:43 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-02 20:10 - 2013-08-22 06:25 - 00000234 _____ () C:\Windows\win.ini
2014-09-01 22:40 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-09-01 22:40 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-09-01 22:39 - 2014-09-01 22:41 - 00119664 _____ () C:\Windows\system32\prfi0404.dat
2014-09-01 22:39 - 2014-09-01 22:41 - 00033362 _____ () C:\Windows\system32\prfd0404.dat
2014-09-01 22:39 - 2014-09-01 22:39 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-09-01 22:39 - 2014-09-01 22:39 - 00000000 ____D () C:\Windows\SysWOW64\Drivers\zh-HK
2014-09-01 22:39 - 2014-03-18 02:38 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-01 22:39 - 2014-03-18 02:25 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2014-09-01 22:39 - 2014-03-18 02:25 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2014-09-01 22:39 - 2014-03-18 02:25 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2014-09-01 22:39 - 2014-03-18 02:25 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2014-09-01 22:39 - 2014-03-18 02:25 - 00000000 ____D () C:\Windows\system32\winrm
2014-09-01 22:39 - 2014-03-18 02:25 - 00000000 ____D () C:\Windows\system32\WCN
2014-09-01 22:39 - 2014-03-18 02:25 - 00000000 ____D () C:\Windows\system32\slmgr
2014-09-01 22:39 - 2014-03-18 02:25 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2014-09-01 22:39 - 2013-08-22 08:36 - 00000000 ___SD () C:\Windows\system32\dsc
2014-09-01 22:39 - 2013-08-22 08:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-09-01 22:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\WinStore
2014-09-01 22:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-09-01 22:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\SysWOW64\inetsrv
2014-09-01 22:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\SysWOW64\Com
2014-09-01 22:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2014-09-01 22:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\MUI
2014-09-01 22:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\migwiz
2014-09-01 22:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\inetsrv
2014-09-01 22:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\Com
2014-09-01 22:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-01 22:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\IME
2014-09-01 22:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\Help
2014-09-01 22:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\FileManager
2014-09-01 22:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-09-01 22:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-09-01 22:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Common Files\System
2014-09-01 22:39 - 2013-08-22 06:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-09-01 22:39 - 2013-08-22 06:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-09-01 22:39 - 2013-08-22 06:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2014-09-01 22:39 - 2013-08-22 06:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-09-01 22:39 - 2013-08-22 06:36 - 00000000 ____D () C:\Windows\system32\Dism
2014-09-01 22:39 - 2013-08-22 06:36 - 00000000 ____D () C:\Windows\servicing
2014-09-01 16:25 - 2014-09-01 16:25 - 00102400 _____ () C:\Users\Pak Ho\Downloads\NPJB00512_Mobile_Suit_Gundam_Extreme_Vs_Full_Boost_DLC_FIX_20140806.pkg
2014-09-01 12:42 - 2014-09-01 12:42 - 00001340 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2014-09-01 12:41 - 2014-08-19 01:45 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-01 11:44 - 2014-08-31 17:19 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-09-01 11:41 - 2014-08-31 17:23 - 00000000 ____D () C:\Program Files\Adobe
2014-09-01 11:27 - 2014-08-19 01:44 - 00000000 ____D () C:\ProgramData\Adobe
2014-08-31 19:41 - 2014-08-19 02:22 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\VirtualStore
2014-08-31 17:38 - 2013-08-22 07:44 - 05141696 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-31 17:34 - 2014-08-31 17:33 - 00001243 _____ () C:\Users\Pak Ho\Desktop\Adobe Photoshop CS6.lnk
2014-08-31 17:31 - 2014-08-31 17:31 - 00003498 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-PETER-Pak Ho
2014-08-31 17:25 - 2014-08-31 17:25 - 00001098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2014-08-31 17:25 - 2014-08-31 17:25 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-08-31 17:23 - 2014-08-31 17:23 - 00001060 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2014-08-31 17:21 - 2014-08-31 17:21 - 00001550 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2014-08-31 17:21 - 2014-08-31 17:21 - 00001380 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2014-08-31 16:38 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-08-31 16:27 - 2014-08-31 16:27 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-08-31 15:05 - 2014-08-31 15:05 - 00000040 ____H () C:\35D04766C98F
2014-08-31 15:02 - 2014-08-31 14:48 - 00000000 ____D () C:\Windows\AutoKMS
2014-08-31 14:52 - 2014-08-31 14:52 - 00001650 _____ () C:\Users\Pak Ho\Desktop\Microsoft Power Point 2013.lnk
2014-08-31 14:52 - 2014-08-31 14:52 - 00001639 _____ () C:\Users\Pak Ho\Desktop\Microsoft Word 2013.lnk
2014-08-31 14:52 - 2014-08-31 14:52 - 00001619 _____ () C:\Users\Pak Ho\Desktop\Microsoft Excel 2013.lnk
2014-08-31 14:45 - 2014-08-31 14:45 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-08-31 14:45 - 2014-03-18 02:38 - 00000000 ____D () C:\Windows\ShellNew
2014-08-31 14:44 - 2014-08-31 14:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-08-31 14:44 - 2014-08-31 14:43 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-08-31 14:43 - 2014-08-31 14:43 - 00000000 ____D () C:\Windows\PCHEALTH
2014-08-31 14:43 - 2014-08-31 14:40 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-31 14:40 - 2014-08-31 14:40 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-08-31 14:40 - 2014-08-31 14:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-08-31 14:40 - 2014-04-24 09:15 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-08-31 14:39 - 2014-08-31 14:39 - 00000000 __RHD () C:\MSOCache
2014-08-31 11:09 - 2014-08-31 00:58 - 00004960 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for PETER-Pak Ho Peter
2014-08-31 01:24 - 2014-08-31 01:24 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-08-31 01:24 - 2014-08-31 01:24 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-08-30 22:44 - 2014-06-17 18:01 - 00000000 ____D () C:\Intel
2014-08-30 22:13 - 2014-08-30 21:45 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2379252050-2679611180-1516862501-1007
2014-08-30 22:00 - 2014-08-20 00:21 - 00000000 ____D () C:\Users\Pak Ho\Documents\College
2014-08-30 21:51 - 2014-08-30 21:51 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{7CB00D4D-97B4-4709-9C0E-9F625969784D}
2014-08-30 14:43 - 2014-08-30 14:43 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\Microsoft Help
2014-08-30 12:51 - 2014-08-19 02:22 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\Hewlett-Packard
2014-08-30 11:47 - 2014-08-30 11:47 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2014-08-29 23:40 - 2014-08-29 23:40 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-08-29 23:38 - 2014-08-19 02:21 - 00000000 ____D () C:\Users\Pak Ho
2014-08-28 15:58 - 2014-08-28 15:58 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\OpenOffice
2014-08-28 15:58 - 2014-08-28 15:57 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
2014-08-28 15:57 - 2014-08-28 15:57 - 00001128 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-08-28 15:57 - 2014-08-28 15:57 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-08-27 15:40 - 2014-08-27 15:28 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2379252050-2679611180-1516862501-1006
2014-08-27 15:03 - 2014-08-27 15:03 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\Evernote
2014-08-27 15:03 - 2014-04-24 09:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2014-08-26 23:24 - 2014-06-17 18:03 - 00041760 _____ () C:\Windows\DPINST.LOG
2014-08-26 23:24 - 2014-06-17 18:01 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-08-26 23:24 - 2014-03-31 18:07 - 00000000 ____D () C:\SWSetup
2014-08-26 23:23 - 2014-06-17 18:02 - 00000000 ____D () C:\ProgramData\Intel
2014-08-26 23:22 - 2014-08-26 23:22 - 00000000 ____D () C:\Program Files\Common Files\Intel
2014-08-26 23:22 - 2014-08-26 23:22 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-08-26 23:21 - 2014-06-17 18:02 - 00000000 ____D () C:\Program Files\Intel
2014-08-26 23:07 - 2014-06-17 18:08 - 00000000 ____D () C:\Windows\Hewlett-Packard
2014-08-26 22:00 - 2014-08-26 22:00 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-08-26 17:32 - 2014-09-12 23:19 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-08-26 17:32 - 2014-09-12 23:19 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-08-26 17:32 - 2014-08-19 22:23 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-26 17:32 - 2014-08-19 22:22 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-08-26 17:31 - 2014-09-12 23:19 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-08-26 17:31 - 2014-08-20 00:06 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-26 17:30 - 2014-08-20 00:05 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-24 22:00 - 2014-08-24 22:00 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\OBS
2014-08-24 21:57 - 2014-08-24 21:57 - 00003122 _____ () C:\Windows\System32\Tasks\{15D33FEC-4D12-49BA-B384-68517978D9D9}
2014-08-24 21:56 - 2014-08-19 23:23 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\DAEMON Tools Lite
2014-08-24 21:56 - 2014-08-19 23:22 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-08-23 16:08 - 2012-07-05 19:30 - 00000000 ___HD () C:\Users\Pak Ho\Documents\Personal Things
2014-08-22 17:42 - 2014-08-27 18:49 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 14:14 - 2014-08-22 14:14 - 00004096 _____ () C:\Windows\d3dx.dat
2014-08-22 14:14 - 2014-08-20 11:48 - 00000000 ____D () C:\Program Files (x86)\Marble Blast Gold
2014-08-21 18:35 - 2014-08-21 18:35 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-08-21 18:33 - 2014-08-21 18:33 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-08-21 14:26 - 2014-08-21 14:26 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Fujitsu
2014-08-21 14:26 - 2014-08-21 14:26 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\Fujitsu
2014-08-21 14:25 - 2008-08-01 14:19 - 00000000 ____D () C:\Program Files (x86)\ATLAS V14
2014-08-21 12:54 - 2014-08-21 12:54 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\hpqlog
2014-08-21 12:53 - 2014-04-24 09:20 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-08-20 21:18 - 2014-08-20 21:18 - 00007601 _____ () C:\Users\Pak Ho\AppData\Local\Resmon.ResmonCfg
2014-08-20 20:49 - 2014-08-20 18:47 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\VMware
2014-08-20 20:47 - 2014-08-20 18:47 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\VMware
2014-08-20 20:36 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-08-20 19:44 - 2014-08-20 19:44 - 00000000 ____D () C:\Users\Pak Ho\Documents\Virtual Machines
2014-08-20 19:15 - 2014-08-20 19:15 - 00002143 _____ () C:\Users\Public\Desktop\VMware Player.lnk
2014-08-20 19:15 - 2014-08-20 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2014-08-20 19:15 - 2014-08-20 19:15 - 00000000 ____D () C:\Program Files\Common Files\VMware
2014-08-20 19:15 - 2014-04-02 02:52 - 00976578 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-08-20 18:51 - 2014-08-20 18:51 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-20 18:51 - 2013-08-22 08:36 - 00000000 ___RD () C:\Windows\ToastData
2014-08-20 18:51 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-08-20 18:51 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-08-20 18:49 - 2014-08-20 18:45 - 00000000 ____D () C:\Program Files (x86)\VMware
2014-08-20 17:59 - 2014-08-20 17:54 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-20 17:41 - 2014-08-20 17:38 - 00000000 ____D () C:\Program Files (x86)\OpenVPN
2014-08-20 17:38 - 2014-08-20 17:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2014-08-20 16:10 - 2014-08-20 16:10 - 00000000 _____ () C:\Windows\SysWOW64\cd.dat
2014-08-20 16:10 - 2014-08-20 16:08 - 00000000 ____D () C:\Program Files (x86)\Expat Shield
2014-08-20 16:10 - 2014-08-20 16:08 - 00000000 ____D () C:\Expat Shield
2014-08-20 16:08 - 2014-08-20 16:08 - 00001159 _____ () C:\Users\Public\Desktop\Expat Shield Launch.lnk
2014-08-20 16:08 - 2014-08-20 16:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Expat Shield
2014-08-20 16:05 - 2014-08-20 16:05 - 00000000 ____D () C:\Windows\pss
2014-08-20 16:01 - 2014-08-20 06:23 - 00000000 ____D () C:\Program Files (x86)\OpenVPN Technologies
2014-08-20 15:47 - 2014-08-20 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-20 15:47 - 2014-08-20 15:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-20 12:48 - 2013-08-22 06:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-08-20 12:04 - 2014-08-20 12:04 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-20 11:52 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\Resources
2014-08-20 11:48 - 2014-08-20 11:48 - 00001068 _____ () C:\Users\Pak Ho\Desktop\Marble Blast Gold.lnk
2014-08-20 11:48 - 2014-08-20 11:48 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marble Blast Gold
2014-08-20 11:48 - 2014-08-20 11:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Marble Blast Gold
2014-08-20 11:04 - 2014-08-19 23:59 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Tunngle
2014-08-20 11:03 - 2014-08-20 11:02 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\TS3Client
2014-08-20 11:01 - 2014-08-20 11:01 - 00000000 ____D () C:\Users\Pak Ho\Documents\Tunngle
2014-08-20 10:44 - 2014-08-19 04:03 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\uTorrent
2014-08-20 06:02 - 2014-08-20 06:02 - 567912224 _____ () C:\Windows\MEMORY.DMP
2014-08-20 06:02 - 2014-08-20 06:02 - 00282600 _____ () C:\Windows\Minidump\082014-52328-01.dmp
2014-08-20 06:02 - 2014-08-20 06:02 - 00000000 ____D () C:\Windows\Minidump
2014-08-20 00:23 - 2014-08-20 00:23 - 00000000 ____D () C:\Users\Pak Ho\Documents\Diablo III
2014-08-20 00:22 - 2014-08-20 00:21 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\NetBeans
2014-08-20 00:22 - 2014-08-19 23:02 - 00000000 ____D () C:\Program Files\NetBeans 8.0
2014-08-20 00:21 - 2014-08-20 00:21 - 00000000 ____D () C:\Users\Pak Ho\Documents\Bank of America
2014-08-20 00:21 - 2014-08-20 00:21 - 00000000 ____D () C:\Users\Pak Ho\Documents\AudioSurf
2014-08-20 00:21 - 2014-08-20 00:21 - 00000000 ____D () C:\Users\Pak Ho\Documents\Adobe
2014-08-20 00:21 - 2014-08-20 00:21 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\NetBeans
2014-08-20 00:09 - 2014-08-20 00:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HexChat
2014-08-20 00:09 - 2014-08-20 00:09 - 00000000 ____D () C:\Program Files\HexChat
2014-08-20 00:05 - 2014-08-20 00:06 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-20 00:05 - 2014-08-20 00:06 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-20 00:05 - 2014-08-20 00:06 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-20 00:01 - 2014-08-19 23:59 - 00000000 ____D () C:\Program Files (x86)\Tunngle
2014-08-19 23:59 - 2014-08-19 23:59 - 00001014 _____ () C:\Users\Public\Desktop\Tunngle beta.lnk
2014-08-19 23:59 - 2014-08-19 23:59 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2014-08-19 23:59 - 2014-08-19 23:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2014-08-19 23:54 - 2014-08-19 23:54 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\LogMeIn
2014-08-19 23:47 - 2014-08-19 23:47 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-08-19 23:47 - 2014-08-19 23:47 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\TeamSpeak 3 Client
2014-08-19 23:47 - 2014-08-19 03:59 - 00001229 _____ () C:\Users\Pak Ho\Desktop\TeamSpeak 3 Client.lnk
2014-08-19 23:46 - 2014-08-19 23:46 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-08-19 23:46 - 2014-08-19 23:46 - 00000000 ____D () C:\Program Files\OBS
2014-08-19 23:46 - 2014-08-19 23:45 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-08-19 23:46 - 2014-08-19 03:59 - 00000958 _____ () C:\Users\Pak Ho\Desktop\Open Broadcaster Software.lnk
2014-08-19 23:45 - 2014-08-19 23:27 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-08-19 23:39 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-08-19 23:39 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-08-19 23:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-08-19 23:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-08-19 23:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\Camera
2014-08-19 23:38 - 2014-08-19 23:27 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-08-19 23:30 - 2014-08-20 12:04 - 00001093 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-19 23:30 - 2014-08-20 12:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-19 23:24 - 2014-08-19 23:24 - 00001973 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-08-19 23:23 - 2014-08-19 23:23 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-08-19 23:23 - 2014-08-19 23:23 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-08-19 23:21 - 2014-08-19 22:56 - 00000000 ____D () C:\Users\Pak Ho\.nbi
2014-08-19 23:15 - 2014-08-19 23:12 - 00000000 ____D () C:\Program Files\glassfish-4.0
2014-08-19 23:06 - 2014-08-19 23:06 - 00002044 _____ () C:\Users\Public\Desktop\NetBeans IDE 8.0.lnk
2014-08-19 23:06 - 2014-08-19 23:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
2014-08-19 22:54 - 2014-08-19 22:53 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\HP
2014-08-19 22:53 - 2014-08-19 22:53 - 00000000 ____D () C:\ProgramData\WEBREG
2014-08-19 22:53 - 2014-08-19 22:25 - 00223226 _____ () C:\Windows\hpoins43.dat
2014-08-19 22:53 - 2014-08-19 22:04 - 00002367 _____ () C:\ProgramData\hpzinstall.log
2014-08-19 22:38 - 2014-08-19 22:38 - 00001120 _____ () C:\Users\Public\Desktop\HP Photo Creations.lnk
2014-08-19 22:38 - 2014-08-19 22:38 - 00000000 ____D () C:\ProgramData\HP Photo Creations
2014-08-19 22:38 - 2014-08-19 22:38 - 00000000 ____D () C:\Program Files (x86)\HP Photo Creations
2014-08-19 22:37 - 2014-08-19 22:37 - 00001348 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2014-08-19 22:37 - 2014-08-19 22:37 - 00001342 _____ () C:\Users\Public\Desktop\HP Solution Center.lnk
2014-08-19 22:37 - 2014-08-19 22:37 - 00000000 ____D () C:\ProgramData\HP Product Assistant
2014-08-19 22:23 - 2014-08-19 22:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-19 22:22 - 2014-08-19 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-08-19 22:18 - 2014-08-19 22:18 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\Macromedia
2014-08-19 21:59 - 2014-08-19 21:59 - 00000299 _____ () C:\Users\Pak Ho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
2014-08-19 21:33 - 2014-08-19 21:33 - 00000000 ____D () C:\Users\Pak Ho\Downloads\Translation Aggregator 0.4.9.r171
2014-08-19 21:30 - 2014-08-19 21:30 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\WinRAR
2014-08-19 21:22 - 2014-08-19 21:22 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\Skype
2014-08-19 21:22 - 2014-08-19 01:25 - 00000000 ____D () C:\ProgramData\Skype
2014-08-19 21:15 - 2014-08-19 21:15 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale
2014-08-19 15:25 - 2014-08-19 15:25 - 00000000 ____D () C:\Users\Pak Ho\Documents\PETER
2014-08-19 15:19 - 2014-08-17 22:01 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2379252050-2679611180-1516862501-1001
2014-08-19 04:11 - 2014-08-19 04:06 - 00000000 ____D () C:\Users\Pak Ho\Documents\Download of DS
2014-08-19 04:10 - 2014-08-19 04:10 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Macromedia
2014-08-19 04:04 - 2014-08-19 03:59 - 00000867 _____ () C:\Users\Pak Ho\Desktop\µTorrent.lnk
2014-08-19 04:03 - 2014-08-19 03:59 - 00000887 _____ () C:\Users\Pak Ho\Desktop\BitTorrent.lnk
2014-08-19 04:00 - 2014-08-19 04:00 - 00001190 _____ () C:\Users\Pak Ho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner64.lnk
2014-08-19 03:59 - 2014-08-19 03:59 - 00000000 ____D () C:\Users\Pak Ho\Desktop\CS Work
2014-08-19 03:58 - 2014-08-19 03:58 - 00000000 ____D () C:\Users\Pak Ho\.netbeans-derby
2014-08-19 03:45 - 2014-06-17 18:26 - 00000000 ____D () C:\ProgramData\McAfee
2014-08-19 03:45 - 2014-06-17 18:26 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-08-19 03:42 - 2014-04-24 09:14 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2014-08-19 03:42 - 2013-08-22 08:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-08-19 03:11 - 2014-08-19 02:32 - 00000000 ____D () C:\Users\Pak Ho\VirtualBox VMs
2014-08-19 03:08 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-08-19 02:56 - 2014-08-19 02:56 - 00000000 ____D () C:\Users\Public\Pokki
2014-08-19 02:39 - 2014-08-19 02:38 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Mozilla
2014-08-19 02:38 - 2014-08-19 02:38 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\Mozilla
2014-08-19 02:32 - 2014-08-19 02:32 - 00000000 ___RD () C:\Users\Pak Ho\Virtual Machines
2014-08-19 02:30 - 2014-08-19 02:30 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\CyberLink
2014-08-19 02:30 - 2014-08-19 02:30 - 00000000 ____D () C:\Users\Pak Ho\AppData\Local\CyberLink
2014-08-19 02:30 - 2014-06-17 18:24 - 00000000 ____D () C:\Users\Public\CyberLink
2014-08-19 02:26 - 2014-08-19 02:26 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Hewlett-Packard
2014-08-19 02:26 - 2014-08-19 02:24 - 00002459 _____ () C:\Users\Pak Ho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FarmVille 2.lnk
2014-08-19 02:24 - 2014-08-19 02:24 - 00002302 _____ () C:\Users\Pak Ho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2014-08-19 02:21 - 2014-08-19 02:21 - 00000020 ___SH () C:\Users\Pak Ho\ntuser.ini
2014-08-19 02:21 - 2014-08-19 02:21 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Synaptics
2014-08-19 02:21 - 2014-08-19 02:21 - 00000000 ____D () C:\Users\Pak Ho\AppData\Roaming\Intel
2014-08-19 01:50 - 2014-08-19 01:50 - 00001099 _____ () C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2014-08-19 01:50 - 2014-08-19 01:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2014-08-19 01:49 - 2014-08-19 01:49 - 00000000 ____D () C:\Program Files\Oracle
2014-08-19 01:49 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\restore
2014-08-19 01:45 - 2014-08-19 01:45 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-08-19 01:39 - 2014-08-19 01:39 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-08-19 01:39 - 2014-08-19 01:39 - 00000841 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-19 01:39 - 2014-08-19 01:39 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-19 01:25 - 2014-08-19 01:25 - 00002531 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-08-19 01:25 - 2014-08-19 01:25 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-19 01:25 - 2014-08-19 01:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-19 01:20 - 2014-08-19 01:20 - 00000000 ____D () C:\ProgramData\Mozilla
2014-08-19 01:01 - 2014-08-19 01:01 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-08-19 01:00 - 2014-08-19 01:00 - 00001034 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2014-08-19 01:00 - 2014-08-19 01:00 - 00001028 _____ () C:\Users\Public\Desktop\WinRAR.lnk
2014-08-19 01:00 - 2014-08-19 01:00 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-08-18 23:57 - 2014-08-17 22:48 - 00003906 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{9CA8BCD2-F597-448C-866F-E313471BE970}
2014-08-18 18:09 - 2014-08-18 00:36 - 00000000 ____D () C:\Geek Squad backup
2014-08-18 00:35 - 2014-08-18 00:35 - 00000000 ____D () C:\ProgramData\Geek Squad
2014-08-17 22:23 - 2014-08-17 22:23 - 00004014 _____ () C:\Windows\System32\Tasks\HPGenoobeReminder
2014-08-17 21:55 - 2014-08-17 21:55 - 00000180 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-08-17 21:55 - 2014-04-24 09:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2014-08-17 21:55 - 2014-04-24 09:20 - 00000000 ___RD () C:\Program Files (x86)\Online Services
2014-08-17 21:55 - 2014-04-24 09:16 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2014-08-17 21:55 - 2014-03-31 18:07 - 00000000 ___HD () C:\SYSTEM.SAV
2014-08-17 21:46 - 2014-04-02 03:25 - 00000000 ____D () C:\Windows\Panther
 
Some content of TEMP:
====================
C:\Users\Pak Ho\AppData\Local\Temp\AdobeApplicationManager.exe
C:\Users\Pak Ho\AppData\Local\Temp\bitool.dll
C:\Users\Pak Ho\AppData\Local\Temp\dlLogic.exe
C:\Users\Pak Ho\AppData\Local\Temp\Extract.exe
C:\Users\Pak Ho\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Pak Ho\AppData\Local\Temp\gtalkwmp1.dll
C:\Users\Pak Ho\AppData\Local\Temp\JExplorer32.2.7.1.dll
C:\Users\Pak Ho\AppData\Local\Temp\JExplorer32.2.7.1.exe
C:\Users\Pak Ho\AppData\Local\Temp\JExplorer64.2.7.1.dll
C:\Users\Pak Ho\AppData\Local\Temp\jre-8u20-windows-au.exe
C:\Users\Pak Ho\AppData\Local\Temp\nsbADBF.exe
C:\Users\Pak Ho\AppData\Local\Temp\nscDE34.exe
C:\Users\Pak Ho\AppData\Local\Temp\nsd2317.exe
C:\Users\Pak Ho\AppData\Local\Temp\nsdA725.exe
C:\Users\Pak Ho\AppData\Local\Temp\nsm2D4A.exe
C:\Users\Pak Ho\AppData\Local\Temp\nsnE723.exe
C:\Users\Pak Ho\AppData\Local\Temp\nsqBBAC.exe
C:\Users\Pak Ho\AppData\Local\Temp\ose00000.exe
C:\Users\Pak Ho\AppData\Local\Temp\ose00001.exe
C:\Users\Pak Ho\AppData\Local\Temp\ose00002.exe
C:\Users\Pak Ho\AppData\Local\Temp\ose00003.exe
C:\Users\Pak Ho\AppData\Local\Temp\ose00004.exe
C:\Users\Pak Ho\AppData\Local\Temp\ose00005.exe
C:\Users\Pak Ho\AppData\Local\Temp\ose00006.exe
C:\Users\Pak Ho\AppData\Local\Temp\ose00007.exe
C:\Users\Pak Ho\AppData\Local\Temp\ose00008.exe
C:\Users\Pak Ho\AppData\Local\Temp\ose00009.exe
C:\Users\Pak Ho\AppData\Local\Temp\ose00010.exe
C:\Users\Pak Ho\AppData\Local\Temp\ose00011.exe
C:\Users\Pak Ho\AppData\Local\Temp\ose00013.exe
C:\Users\Pak Ho\AppData\Local\Temp\PidGenX.dll
C:\Users\Pak Ho\AppData\Local\Temp\Quarantine.exe
C:\Users\Pak Ho\AppData\Local\Temp\SP67000.exe
C:\Users\Pak Ho\AppData\Local\Temp\SP67002.exe
C:\Users\Pak Ho\AppData\Local\Temp\spstub.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-10 11:07
 
==================== End Of Log ============================

Edited by peterip16, 14 September 2014 - 02:20 AM.


#7 peterip16

peterip16
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:39 PM

Posted 14 September 2014 - 02:21 AM

And this is from Addition.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Pak Ho at 2014-09-13 15:49:00
Running from C:\Users\Pak Ho\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.33023 - BitTorrent Inc.)
4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.7.1.418 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
ATLAS Translation Standard V14.0 Trial Version (HKLM-x32\...\{6652750B-AA69-49B7-9D09-C0A28B6FFC9F}) (Version: 14.00.0000 - FUJITSU LIMITED)
Azkend 2: The World Beneath (x32 Version: 2.2.0.98 - WildTangent) Hidden
Barn Yarn Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.33028 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Build-a-lot Mysteries (x32 Version: 3.0.2.51 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
C4700 (x32 Version: 140.0.851.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Curse at Twilight (x32 Version: 3.0.2.51 - WildTangent) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.6.3728 - CyberLink Corp.) Hidden
CyberLink MediaEspresso 6.7 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.7.1.5112 - CyberLink Corp.)
CyberLink MediaEspresso 6.7 (x32 Version: 6.7.1.5112 - CyberLink Corp.) Hidden
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
Cyberlink PhotoDirector (x32 Version: 3.0.4.4824 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.6.3821 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.6.3821 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.6.3912 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.6.3912 - CyberLink Corp.) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3709 - CyberLink Corp.)
CyberLink PowerDVD 12 (x32 Version: 12.0.3.3709 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3.3907 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 5.0.3.3907 - CyberLink Corp.) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E17BF11-A72D-4DA8-BFAA-DD262C17C2DE}) (Version:  - Microsoft)
Delicious - Emily's Wonder Wedding Premium Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dolphin (HKLM-x32\...\Dolphin) (Version: 4.0.2 - Dolphin Development Team)
Dragon Assistant 3 (HKLM-x32\...\{4693847A-7139-4CF4-B274-916C046C9E50}) (Version: 3.0.232 - Nuance Communications Inc.)
Dragon Assistant 3 Language Data Pack en_US (HKLM-x32\...\{532A5345-1A42-4C55-B56E-CE753D0BAA02}) (Version: 3.0.232 - Nuance Communications Inc.)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.2 (HKLM-x32\...\{412F6426-A3C7-11E3-8A71-00163E98E7D6}) (Version: 5.2.0.2951 - Evernote Corp.)
Evolve (HKLM\...\{670B1B49-9FD3-4827-9B41-471EFF580AA8}) (Version: 1.8.7 - Echobit, LLC)
Expat Shield 2.25 (HKLM-x32\...\ExpatShield) (Version: 2.25 - AnchorFree)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
FarmVille 2 (HKCU\...\Pokki_34e8f5c0c9e5744bf2cdb514283762dd0524776b) (Version: 1.0.4.55785 - Pokki)
Fishdom 3: Collector's Edition (x32 Version: 3.0.2.38 - WildTangent) Hidden
Five Nights at Freddy's (HKCU\...\Five Nights at Freddy's) (Version:  - )
Fort Defense (x32 Version: 3.0.2.51 - WildTangent) Hidden
GlassFish Server Open Source Edition 4.0 (HKLM\...\nbi-glassfish-mod-4.0.0.89.0) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Talk (remove only) (HKCU\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HexChat (HKLM\...\HexChat_is1) (Version: 2.10.1 - HexChat)
HP 3D DriveGuard (HKLM-x32\...\{F90A86C9-7779-47DD-AC06-8EE832C55F55}) (Version: 6.0.18.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{E2C8D0C2-1C97-4C05-939A-5B13A0FE655C}) (Version: 2.20.31 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet 3050A J611 series Basic Device Software (HKLM\...\{1B77E249-B8D5-4E5E-8848-693ACEF84E6D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Help (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Deskjet 3050A J611 series Product Improvement Study (HKLM\...\{A772BF60-20A5-4279-A18B-B9D8DBC9B30A}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Documentation (HKLM-x32\...\{ADD75863-9A69-4C44-9B43-11AE2B12BE51}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{28981D56-C55A-4972-998F-823590FD43A2}) (Version: 14.0 - HP)
HP Postscript Converter (Version: 4.5.12202 - Hewlett-Packard) Hidden
HP Recovery Manager (x32 Version: 1.16.1420 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP SimplePass (Version: 8.01.11 - Hewlett-Packard) Hidden
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{DEF23826-DB71-4654-BC00-D5D6C20802EA}) (Version: 1.1.4 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Utility Center (HKLM\...\{36F80C5F-DC0D-4DF4-AF09-DC1867F0EB0A}) (Version: 2.4.4 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Inst5675 (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.11 - Softex Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel® PRO/Wireless Driver (HKLM\...\{a8d66642-b324-419d-87fd-a100d2f0b05f}) (Version: 17.00.3000.1542 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.9.1000 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.8.9.1000 - Intel Corporation) Hidden
Intel® Smart Connect Technology (HKLM\...\{51AC86D3-C431-48AD-9195-0D6C930D07CD}) (Version: 4.2.41.2710 - Intel Corporation)
Intel® Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.0.0.14 - Intel Corporation)
Intel® Wireless Bluetooth® 4.0 (HKLM-x32\...\{F6E38BB5-03FB-4886-AEEA-56D17597AAFC}) (Version: 17.0.1414.03 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 17.0.3.0372 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation) Hidden
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)
Java 8 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218020F0}) (Version: 8.0.200 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.20.26 - Oracle Corporation) Hidden
Java SE Development Kit 7 Update 67 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170670}) (Version: 1.7.0.670 - Oracle)
Java SE Development Kit 8 Update 11 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180110}) (Version: 8.0.110 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Joining Hands 2 (x32 Version: 3.0.2.51 - WildTangent) Hidden
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.236 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.236 - LogMeIn, Inc.) Hidden
Lost in Reefs 2 (x32 Version: 3.0.2.51 - WildTangent) Hidden
LUXOR Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Marble Blast Gold (HKLM-x32\...\Marble Blast Gold) (Version:  - )
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Access MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Microsoft DCF MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version:  - )
Microsoft Word MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 32.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0 (x86 en-US)) (Version: 32.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
NetBeans IDE 8.0 (HKLM\...\nbi-nb-base-8.0.0.0.201403101706) (Version: 8.0 - NetBeans.org)
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
Oracle VM VirtualBox 4.3.14 (HKLM\...\{8DD94059-60C6-42E3-AB59-8F37445ACC79}) (Version: 4.3.14 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Pinger (HKLM-x32\...\Pinger 1.4.0.1) (Version: 1.4.0.1 - Pinger Inc.)
Pinger (x32 Version: 1.4.0.1 - Pinger Inc.) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.51 - WildTangent) Hidden
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
PS_AIO_06_C4700_SW_Min (x32 Version: 140.0.863.000 - Hewlett-Packard) Hidden
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
R for Windows 3.1.1 (HKLM\...\R for Windows 3.1.1_is1) (Version: 3.1.1 - R Core Team)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.40 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7219 - Realtek Semiconductor Corp.)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Solitaire Mystery Four Seasons (x32 Version: 3.0.2.51 - WildTangent) Hidden
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Sparkle 2 (x32 Version: 3.0.2.51 - WildTangent) Hidden
Start Menu (HKCU\...\Pokki) (Version: 0.269.2.450 - Pokki)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.7.6 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The SIMS 4 Deluxe Edition (HKLM-x32\...\The SIMS 4 Deluxe Edition_is1) (Version: 1.0 - Релиз от R.G. Steamgames)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
tools-windows (x32 Version: 9.6.2.1895310 - VMware, Inc.) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Update for Microsoft en-us Dictionary (Version: 16.1.1106.1 - Microsoft Corporation) Hidden
Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2881070) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2B0BC4FE-4936-4EC6-8521-526CF31B3DC4}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2881070) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2B0BC4FE-4936-4EC6-8521-526CF31B3DC4}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2881070) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{2B0BC4FE-4936-4EC6-8521-526CF31B3DC4}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2881083) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{8260F0BF-F234-41FC-AB11-218A9925F77B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760249) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{7A4AB8E1-C091-4BD3-B308-844BA6EE752A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C4AEA56A-0759-4D08-9FAB-31A92137D0B8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EC2AF602-2730-4B05-9438-06CDE43153F2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881009) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3033838D-15E0-4199-8CBD-A7F2057AE653}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0409-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E919ACF4-A1D7-4CAA-A103-5EB115563721}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883049) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{39D9DAC1-16A7-430A-B2F3-4D3D000454D0}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883052) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FA74B1B8-D3F4-4B4A-88DE-41CB8CEDAC3F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883052) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{FA74B1B8-D3F4-4B4A-88DE-41CB8CEDAC3F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883052) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FA74B1B8-D3F4-4B4A-88DE-41CB8CEDAC3F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F9C35D99-CA8E-4D17-B785-66AC654D5664}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{18C53DCB-FA98-4A7B-BC2E-6DA30D4E4901}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{6E2862B8-C10A-4FD0-9B82-8D9761301AAA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883062) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{4A0B4ED7-3652-42C9-9D7E-42686986F69A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883062) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{4A0B4ED7-3652-42C9-9D7E-42686986F69A}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}_Office15.PROPLUS_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00A1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2883051) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E2C51083-2E10-4E61-8F36-E6308DD0FA94}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2883051) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{E2C51083-2E10-4E61-8F36-E6308DD0FA94}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0019-0409-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{650D4F00-56F1-4E8F-ABFD-7C842253C96A}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{650D4F00-56F1-4E8F-ABFD-7C842253C96A}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{650D4F00-56F1-4E8F-ABFD-7C842253C96A}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{650D4F00-56F1-4E8F-ABFD-7C842253C96A}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
Viking Saga (x32 Version: 3.0.2.48 - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.3 - VMware, Inc)
VMware Player (Version: 6.0.3 - VMware, Inc.) Hidden
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App for HP (x32 Version: 4.0.11.2 - WildTangent) Hidden
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-2379252050-2679611180-1516862501-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
 
==================== Restore Points  =========================
 
06-09-2014 01:50:54 Installed DirectX
07-09-2014 22:25:28 Installed DirectX
13-09-2014 06:17:58 Installed Java SE Development Kit 7 Update 67 (64-bit)
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0C0C1571-7B58-414B-A956-ED49B0B72C60} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {0D148221-0465-4AE1-80E5-A48FA883D04A} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-11-01] (Hewlett-Packard Development Company, L.P.)
Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {14832BFB-FD9C-4F82-B540-7BDC0AFE801A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {21199D4C-F9E7-4A63-8AFD-C469861365D8} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {291057CF-E870-4F39-8D8A-C8EA3BD43D2F} - System32\Tasks\AdobeAAMUpdater-1.0-PETER-Pak Ho => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2DC04CC7-CD87-47DA-A0A7-A0A74618B6F4} - System32\Tasks\HPGenoobeReminder => C:\Program Files (x86)\Hewlett-Packard\HP Registration Service\HP GenOOBE\HPGenOOBE.exe [2014-02-12] ()
Task: {331B18C7-E6E0-4D49-9982-DB8675BF6320} - System32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {51DD716C-7BD2-481C-81B9-9AB25C7E822F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-04] (Google Inc.)
Task: {68DB2BAB-B4FC-4395-B38B-F4F6F2BFD349} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77BEA90C-43FA-4597-A4FF-0146B46D621B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7B5B3B15-F52E-4862-BC28-34F780A3223F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-04] (Google Inc.)
Task: {7CDB5488-DAEF-4786-AA9E-260FB4481E38} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-03-07] (CyberLink Corp.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8BA76876-8B77-4472-9DAB-7F39DC757EE1} - System32\Tasks\HPCeeScheduleForPak Ho => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {90A0EFAB-D6A5-400B-BEFC-393C4A680B46} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {98292BAF-42C3-4FC1-9056-7EB1EE3B3C57} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A216000C-66D3-4E66-8A6E-D98AB5762D3C} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: {A2A4BC69-B66C-4B70-94B8-9C93D5FF0F4F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {A88D91E8-B016-483E-89F5-B416416243D7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {AA4A89D3-A3DF-43AE-8953-A5542691D8A1} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {B1D69E17-31EA-49DE-92BC-AEF0C16C6E36} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-09-04] ()
Task: {B2F7E3C4-475B-45CA-96B3-A218882F41F6} - System32\Tasks\Microsoft Office 15 Sync Maintenance for PETER-Pak Ho Peter => C:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe
Task: {B3EFE34A-0432-4A02-9C1A-FB2E3A066CB6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {C74D6E01-B36E-4229-97FB-EE713FFF8641} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-08-04] (Hewlett-Packard)
Task: {C7F15378-456C-4E84-93E6-7611C34A19AE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-08-04] (Hewlett-Packard)
Task: {CBDA51B5-18F3-4C3F-BBAD-09E7E42FDD0E} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D352DA66-6B83-46D8-9915-8E7B856C5978} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForPak Ho.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-03-28 13:31 - 2014-03-28 13:31 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-28 13:27 - 2014-03-28 13:27 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-28 13:27 - 2014-03-28 13:27 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-28 13:27 - 2014-03-28 13:27 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-28 13:48 - 2014-03-28 13:48 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-28 13:48 - 2014-03-28 13:48 - 00712080 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2012-01-17 14:15 - 2012-01-17 14:15 - 00331608 _____ () C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe
2012-01-04 16:02 - 2012-01-04 16:02 - 00329544 _____ () C:\Program Files (x86)\Expat Shield\bin\hsswd.exe
2013-12-04 08:44 - 2013-12-04 08:44 - 00200168 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
2013-12-04 08:44 - 2013-12-04 08:44 - 00054760 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll
2013-12-04 08:44 - 2013-12-04 08:44 - 00034792 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTNetMon.dll
2014-07-16 11:06 - 2014-07-16 11:06 - 00672416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2014-07-27 11:41 - 2014-07-27 11:41 - 08892576 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-03-28 13:36 - 2014-03-28 13:36 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2012-01-17 14:20 - 2012-01-17 14:20 - 00653640 _____ () C:\Program Files (x86)\Expat Shield\bin\openvpntray.exe
2009-03-29 19:34 - 2009-03-29 19:34 - 00280143 _____ () C:\Program Files (x86)\Expat Shield\bin\libidn-11.dll
2009-03-27 13:02 - 2009-03-27 13:02 - 01554920 _____ () C:\Program Files (x86)\Expat Shield\bin\libeay32.dll
2009-03-27 13:02 - 2009-03-27 13:02 - 00332254 _____ () C:\Program Files (x86)\Expat Shield\bin\libssl32.dll
2014-06-12 18:22 - 2014-06-12 18:22 - 01261272 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2014-06-17 18:02 - 2013-12-10 08:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-07-27 11:41 - 2014-07-27 11:41 - 08892576 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-09-11 20:58 - 2014-09-03 20:01 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-11 20:58 - 2014-09-03 20:01 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll
2012-01-17 14:21 - 2012-01-17 14:21 - 00009544 _____ () C:\Program Files (x86)\Expat Shield\bin\lang\gui-eng.dll
2014-09-11 20:58 - 2014-09-03 20:01 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-11 20:58 - 2014-09-03 20:01 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-11 20:58 - 2014-09-03 20:01 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
2014-08-19 02:21 - 2014-01-17 09:32 - 00569856 _____ () C:\Users\Pak Ho\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll
2014-08-19 02:21 - 2014-01-17 09:32 - 01400846 _____ () C:\Users\Pak Ho\AppData\Local\Pokki\Engine\avcodec-54.dll
2014-08-19 02:21 - 2014-01-17 09:32 - 00151054 _____ () C:\Users\Pak Ho\AppData\Local\Pokki\Engine\avutil-51.dll
2014-08-19 02:21 - 2014-01-17 09:32 - 00222734 _____ () C:\Users\Pak Ho\AppData\Local\Pokki\Engine\avformat-54.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Pak Ho\OneDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKCU\...\StartupApproved\Run: => "DAEMON Tools Lite"
 
==================== Faulty Device Manager Devices =============
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/13/2014 11:04:54 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: PETER)
Description: AD2F1837.GettingStartedwithWindows8_v10z8vjag6ke65
 
Error: (09/13/2014 11:04:54 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: PETER)
Description: AD2F1837.GettingStartedwithWindows8_v10z8vjag6ke65
 
Error: (09/13/2014 11:03:35 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: PETER)
Description: AD2F1837.GettingStartedwithWindows8_v10z8vjag6ke65
 
Error: (09/13/2014 11:03:35 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: PETER)
Description: AD2F1837.GettingStartedwithWindows8_v10z8vjag6ke65
 
Error: (09/12/2014 08:13:47 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
 
Error: (09/12/2014 07:49:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4547
 
Error: (09/12/2014 07:49:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4547
 
Error: (09/12/2014 07:49:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/12/2014 07:49:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3188
 
Error: (09/12/2014 07:49:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3188
 
 
System errors:
=============
Error: (09/13/2014 01:32:05 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Initialization failed because the driver device could not be created.
Use the string "A0A8CDDE9915" to identify the interface for which initialization
failed. It represents the MAC address of the failed interface or the 
Globally Unique Interface Identifier (GUID) if NetBT was unable to 
map from GUID to MAC address. If neither the MAC address nor the GUID were 
available, the string represents a cluster device name.
 
Error: (09/13/2014 01:32:05 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Initialization failed because the driver device could not be created.
Use the string "A0A8CDDE9915" to identify the interface for which initialization
failed. It represents the MAC address of the failed interface or the 
Globally Unique Interface Identifier (GUID) if NetBT was unable to 
map from GUID to MAC address. If neither the MAC address nor the GUID were 
available, the string represents a cluster device name.
 
Error: (09/13/2014 01:31:12 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error: 
%%1062
 
Error: (09/13/2014 10:58:26 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The GamesAppIntegrationService service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (09/12/2014 00:41:43 PM) (Source: DCOM) (EventID: 10010) (User: PETER)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (09/12/2014 00:41:13 PM) (Source: DCOM) (EventID: 10010) (User: PETER)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (09/12/2014 00:24:19 PM) (Source: DCOM) (EventID: 10010) (User: PETER)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (09/12/2014 00:23:49 PM) (Source: DCOM) (EventID: 10010) (User: PETER)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (09/12/2014 02:24:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The VMware USB Arbitration Service service terminated unexpectedly.  It has done this 6 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (09/12/2014 01:59:26 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The VMware USB Arbitration Service service terminated unexpectedly.  It has done this 5 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
 
Microsoft Office Sessions:
=========================
Error: (09/13/2014 11:04:54 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: PETER)
Description: AD2F1837.GettingStartedwithWindows8_v10z8vjag6ke65
 
Error: (09/13/2014 11:04:54 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: PETER)
Description: AD2F1837.GettingStartedwithWindows8_v10z8vjag6ke65
 
Error: (09/13/2014 11:03:35 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: PETER)
Description: AD2F1837.GettingStartedwithWindows8_v10z8vjag6ke65
 
Error: (09/13/2014 11:03:35 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: PETER)
Description: AD2F1837.GettingStartedwithWindows8_v10z8vjag6ke65
 
Error: (09/12/2014 08:13:47 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe
 
Error: (09/12/2014 07:49:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4547
 
Error: (09/12/2014 07:49:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4547
 
Error: (09/12/2014 07:49:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/12/2014 07:49:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3188
 
Error: (09/12/2014 07:49:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3188
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4510U CPU @ 2.00GHz
Percentage of memory in use: 42%
Total physical RAM: 8122.15 MB
Available physical RAM: 4685.18 MB
Total Pagefile: 16314.15 MB
Available Pagefile: 12715.04 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:906.72 GB) (Free:206.91 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:23.77 GB) (Free:2.38 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6DA8418D)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================


#8 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:39 AM

Posted 14 September 2014 - 09:29 AM

Hello,
 

 also ran FRST64 earlier and produce FRST.txt and Addition.txt Hope it helps 

Yes, I can see various issues in your logs. 
However, FRST logs are not permitted in this section. 
 
Please create a new topic in the Malware Removal section. Respond back with a link to the topic. 
 
Thank you.


Posted Image

#9 peterip16

peterip16
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:39 PM

Posted 14 September 2014 - 05:46 PM

This is the Topic I made: http://www.bleepingcomputer.com/forums/t/548168/gameharbororg-pop-up-at-sign-in/#entry3477506



#10 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:39 AM

Posted 14 September 2014 - 06:37 PM

Thank you for responding. I see an MRT member has already picked your topic up. 


Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users