Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

GoSave in Windows 8.1


  • This topic is locked This topic is locked
15 replies to this topic

#1 pitchie

pitchie

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:00 AM

Posted 29 September 2014 - 01:58 PM

Hi,

 

I'm a long time BleepingComputer.com reader but this is my first post.

 

I'm being pestered by the GoSave extention. I thought I'd got rid of it once, but it's back again as GoSiave (2.0) and I can't shift it. Could someone help me? Your help really would be appreciated.

 

(Windows 8.1 x64)

 

Thanks,

 

Pitchie.



BC AdBot (Login to Remove)

 


m

#2 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:00 AM

Posted 29 September 2014 - 02:07 PM

:welcome:

Hello pitchie,

my name is Jo and I will help you with your computer problems.


Please follow these guidelines:
  • Logs can take a while to research, so please be patient.
  • Read and follow the instructions in the sequence they are posted.
  • print or copy & save instructions.
  • back up all your private data / important files on another (external) drive before using our tools.
  • Do not install / uninstall any applications, unless otherwise instructed.
  • Use only that tools you have been instructed to use.
  • Copy and Paste the log files inside your post, unless otherwise instructed.
  • Ask for clarification, if you have any questions.
  • Stay with this topic til you get the all clean post.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

***


1. Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

***


2. Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right-click FRST / FSRT64 then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.
Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.



***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#3 pitchie

pitchie
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:00 AM

Posted 29 September 2014 - 03:37 PM

Hi,

 

Thanks for the help. I really appreciate it!

 

Security Check results:

 Results of screen317's Security Check version 0.99.87  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
AVG AntiVirus Free Edition 2015   
Windows Defender                  
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 JavaScript Tooling    
 Visual Studio Extensions for Windows Library for JavaScript 
 Java version out of Date! 
 Adobe Reader XI  
 Mozilla Firefox (31.0) 
 Google Chrome 37.0.2062.120  
 Google Chrome 37.0.2062.124  
````````Process Check: objlist.exe by Laurent````````  
 AVG avgwdsvc.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 
 
FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-09-2014 02
Ran by Paul (administrator) on OFFICE on 29-09-2014 21:31:57
Running from C:\Users\Paul\Desktop
Loaded Profile: Paul (Available profiles: Paul)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe
(Microsoft) C:\Program Files (x86)\Common Files\Sage\Central\AutoUpdateClient\Sage.Central.AutoUpdateManager.Service.exe
(Sage (UK) Limited) C:\Program Files (x86)\Common Files\Sage SData\Sage.SData.Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\pniomgr.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7epasrv64x.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Eastman Kodak Company) C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
(Flux Software LLC) C:\Users\Paul\AppData\Local\FluxSoftware\Flux\flux.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Spotify Ltd) C:\Users\Paul\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(SIEMENS AG) C:\Windows\SysWOW64\pniopcac.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [3182080 2012-10-08] (Eastman Kodak Company)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [111696 2013-10-18] (VMware, Inc.)
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM-x32\...\Run: [EKStatusMonitor] => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-12-11] (Eastman Kodak Company)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3593744 2014-09-05] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-09-25] ()
HKU\S-1-5-21-3153417521-1489275855-306761039-1001\...\Run: [f.lux] => C:\Users\Paul\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-3153417521-1489275855-306761039-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [1967616 2014-04-17] (AMD)
HKU\S-1-5-21-3153417521-1489275855-306761039-1001\...\Run: [Spotify Web Helper] => C:\Users\Paul\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-09-22] (Spotify Ltd)
HKU\S-1-5-21-3153417521-1489275855-306761039-1001\...\Policies\Explorer: [DisableThumbnailsOnNetworkFolders] 1
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO: GoSAve -> {40b4e122-2db2-46af-939d-f15fd3a3d656} -> C:\Program Files (x86)\GoSAve\aO2mK5gK2ppJ0J.x64.dll No File
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
 
FireFox:
========
FF ProfilePath: C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\cxp0x07n.default
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\cxp0x07n.default\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
FF Extension: AVG SafeGuard toolbar - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\cxp0x07n.default\Extensions\avg@toolbar [2014-09-25]
FF Extension: AS Magic Player - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\cxp0x07n.default\Extensions\magicplayer@acestream.org [2014-09-20]
FF Extension: GoSiaVe - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\cxp0x07n.default\Extensions\mWr2@GIp3.org [2014-09-29]
FF Extension: Firebug - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\cxp0x07n.default\Extensions\firebug@software.joehewitt.com.xpi [2014-08-29]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2014-07-27]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.bbc.co.uk/news/
CHR StartupUrls: Default -> "hxxp://www.bbc.co.uk/news/"
CHR DefaultSearchURL: Default -> 119F7248C4FFA219CA1DE1C9D49BB4E7FA24E063CE09A5E9AB3BE9A731FD0C36
CHR Profile: C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-23]
CHR Extension: (Web Developer) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2014-07-25]
CHR Extension: (YouTube) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-25]
CHR Extension: (Chromoji - Emoji for Google Chrome™) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\cahedbegdkagmcjfolhdlechbkeaieki [2014-07-25]
CHR Extension: (Google Search) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-25]
CHR Extension: (Radioplayer) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcppdfelojakeahklfgkjegnpbgndoch [2014-07-25]
CHR Extension: (EditThisCookie) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2014-08-26]
CHR Extension: (AdBlock) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-07-25]
CHR Extension: (TweetDeck by Twitter) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2014-07-25]
CHR Extension: (Google Theme) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\imoaoigekmpoalkbfohhjgkcocjdapne [2014-07-25]
CHR Extension: (GoSiaVe) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\kedbflbclajdkcjngfncfkibneopeicd [2014-09-25]
CHR Extension: (TweetDeck Launcher) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmjdnkpkpnjblbgbnkeedepgnomafojk [2014-07-25]
CHR Extension: (Google Maps) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-07-25]
CHR Extension: (Do It (Tomorrow)) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfagjoblnoeagfhfhohcdklnddjaiglo [2014-07-25]
CHR Extension: (Google Wallet) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-25]
CHR Extension: (Knockoutjs context debugger) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\oddcpmchholgcjgjdnfjmildmlielhof [2014-08-29]
CHR Extension: (Sky+) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookngkjbobceimcicokadhjonlejhobj [2014-07-25]
CHR Extension: (Gmail) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-25]
CHR Extension: (GoSiaVe) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\kedbflbclajdkcjngfncfkibneopeicd\2.0 [2014-09-25]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3364368 2014-09-05] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [293448 2014-09-05] (AVG Technologies CZ, s.r.o.)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2014-07-25] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe [14760 2013-01-01] (Microsoft Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 s7oiehsx64; C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe [139864 2011-06-22] (SIEMENS AG)
R2 S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe [229976 2011-06-22] (SIEMENS AG)
R2 Sage AutoUpdate Manager Service; C:\Program Files (x86)\Common Files\Sage\Central\AutoUpdateClient\Sage.Central.AutoUpdateManager.Service.exe [8192 2012-07-05] (Microsoft) [File not signed]
R2 Sage SData Service; C:\Program Files (x86)\Common Files\Sage SData\Sage.SData.Service.exe [53248 2012-05-17] (Sage (UK) Limited) [File not signed]
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14405200 2013-10-18] ()
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-09-25] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2014-03-11] (Advanced Micro Devices)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [247576 2014-07-24] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-09-25] (AVG Technologies)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [273176 2014-07-18] (AVG Technologies CZ, s.r.o.)
R3 dpmconv; C:\Windows\System32\drivers\dpmconv.sys [259072 2011-04-19] (SIEMENS AG)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [47008 2013-07-30] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 s7odpx2x64; C:\Windows\System32\drivers\s7odpx2x64.sys [71168 2011-05-06] (SIEMENS AG)
R3 s7oppinx64; C:\Windows\System32\drivers\s7oppinx64.sys [107008 2011-05-06] (SIEMENS AG)
R3 s7oserix64; C:\Windows\System32\Drivers\s7oserix64.sys [121344 2011-05-06] (SIEMENS AG)
R3 s7osmcax64; C:\Windows\System32\drivers\s7osmcax64.sys [195584 2011-05-06] (SIEMENS AG)
R3 s7osobux64; C:\Windows\System32\drivers\s7osobux64.sys [152576 2011-05-06] (SIEMENS AG)
R3 s7otmcd64x; C:\Windows\System32\Drivers\s7otmcd64x.sys [199680 2011-05-06] (SIEMENS AG)
R3 s7otranx64; C:\Windows\System32\drivers\s7otranx64.sys [260096 2011-05-06] (SIEMENS AG)
R3 s7otsadx64; C:\Windows\System32\drivers\s7otsadx64.sys [192000 2011-05-06] (SIEMENS AG)
R2 s7ousbu64x; C:\Windows\System32\drivers\s7ousbu64x.sys [190464 2011-05-06] (SIEMENS AG)
R2 s7sn2srtx; C:\Windows\system32\DRIVERS\s7sn2srtx.sys [83032 2011-06-16] (SIEMENS AG)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R2 SNTIE; C:\Windows\system32\DRIVERS\sntie.sys [179288 2011-05-31] (SIEMENS AG)
R3 vsnl2ada; C:\Windows\System32\drivers\vsnl2ada.sys [120832 2011-04-19] (SIEMENS AG)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 VMSMP; \SystemRoot\system32\DRIVERS\vmswitch.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-29 21:31 - 2014-09-29 21:32 - 00025036 _____ () C:\Users\Paul\Desktop\FRST.txt
2014-09-29 21:31 - 2014-09-29 21:31 - 00000000 ____D () C:\FRST
2014-09-29 21:23 - 2014-09-29 21:24 - 02108928 _____ (Farbar) C:\Users\Paul\Desktop\FRST64.exe
2014-09-29 21:22 - 2014-09-29 21:22 - 00854417 _____ () C:\Users\Paul\Desktop\SecurityCheck.exe
2014-09-29 16:46 - 2014-09-29 16:46 - 00000000 ____D () C:\Windows\ERUNT
2014-09-29 10:11 - 2014-09-29 10:11 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-29 10:11 - 2014-09-29 10:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-28 11:24 - 2014-09-28 11:25 - 00000000 ____D () C:\ma
2014-09-27 11:52 - 2014-09-27 11:42 - 33016320 _____ () C:\Users\Paul\Desktop\paul 27.09.14.bak
2014-09-25 18:05 - 2014-09-25 18:05 - 00000000 ____D () C:\Users\Public\Documents\Siemens
2014-09-25 18:04 - 2014-09-25 18:04 - 00000000 ____D () C:\ProgramData\Siemens
2014-09-25 18:04 - 2014-09-25 18:04 - 00000000 ____D () C:\Program Files\Common Files\Siemens
2014-09-25 18:04 - 2014-09-25 18:04 - 00000000 ____D () C:\Program Files (x86)\Siemens
2014-09-25 18:04 - 2014-09-25 18:04 - 00000000 _____ () C:\Windows\system32\sntieno.log
2014-09-25 18:04 - 2007-08-15 23:09 - 00036933 ____R (SIEMENS AG) C:\Windows\SysWOW64\melbreg.dll
2014-09-25 18:01 - 2014-09-25 18:01 - 00000000 ____D () C:\Users\Paul\Downloads\S7_200_PC_ACCESS_V1_SP5_SP6 (1)
2014-09-25 17:58 - 2014-09-25 17:58 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-09-25 17:58 - 2014-09-25 17:58 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-09-25 17:58 - 2014-09-25 17:58 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-09-25 17:58 - 2014-09-25 17:58 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-09-25 17:58 - 2014-09-25 17:58 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-09-25 17:58 - 2014-09-25 17:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-09-25 17:58 - 2014-09-25 17:58 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-09-25 17:52 - 2014-09-25 17:59 - 290426691 _____ () C:\Users\Paul\Downloads\S7_200_PC_ACCESS_V1_SP5_SP6 (1).zip
2014-09-25 17:41 - 2014-09-25 18:08 - 00000000 ____D () C:\Program Files (x86)\FlexHEX
2014-09-25 17:41 - 2014-09-25 17:44 - 00157184 _____ () C:\Users\Paul\Desktop\OPCS7200ExcelAddin1.xla
2014-09-25 17:40 - 2014-09-25 17:40 - 03154416 _____ () C:\Users\Paul\Downloads\FlexHex_editor_setup.exe
2014-09-25 17:39 - 2014-09-25 17:43 - 10411334 _____ () C:\Users\Paul\Downloads\HexEdit4_binary.zip
2014-09-25 17:36 - 2014-09-25 17:36 - 00024306 _____ () C:\Users\Paul\Downloads\VBA_Project_Unlocker.xlsm
2014-09-25 17:34 - 2014-09-27 05:06 - 00000000 ____D () C:\Users\Paul\AppData\Local\AVG SafeGuard toolbar
2014-09-25 17:34 - 2014-09-25 17:34 - 00050976 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-09-25 17:34 - 2014-09-25 17:34 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-09-25 17:34 - 2014-09-25 17:34 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-09-25 17:34 - 2014-09-25 17:34 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-09-25 17:34 - 2014-09-25 17:34 - 00000000 ____D () C:\Program Files\AVG SafeGuard toolbar
2014-09-25 17:34 - 2014-09-25 17:34 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-09-25 17:31 - 2014-09-26 16:20 - 00000000 ____D () C:\ProgramData\AVG2015
2014-09-25 17:31 - 2014-09-25 17:31 - 00000000 ___HD () C:\$AVG
2014-09-25 17:31 - 2014-09-25 17:31 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\TuneUp Software
2014-09-25 17:31 - 2014-09-25 17:31 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\AVG2015
2014-09-25 17:31 - 2014-09-25 17:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-09-25 17:31 - 2014-09-25 17:31 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-09-25 17:29 - 2014-09-29 10:15 - 00000000 ____D () C:\ProgramData\MFAData
2014-09-25 17:29 - 2014-09-25 17:33 - 00000000 ____D () C:\Users\Paul\AppData\Local\Avg2015
2014-09-25 17:29 - 2014-09-25 17:29 - 04579176 _____ (AVG Technologies) C:\Users\Paul\Downloads\avg_free_stb_all_2015_5315_cnet.exe
2014-09-25 17:29 - 2014-09-25 17:29 - 00000000 ____D () C:\Users\Paul\AppData\Local\MFAData
2014-09-25 17:23 - 2014-09-25 17:24 - 00000000 ____D () C:\AdwCleaner
2014-09-25 17:23 - 2014-09-25 17:23 - 01373475 _____ () C:\Users\Paul\Downloads\AdwCleaner.exe
2014-09-25 17:21 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-25 17:20 - 2014-09-29 16:55 - 00000488 ____H () C:\Windows\Tasks\GS_Booster-S-576482620.job
2014-09-25 17:20 - 2014-09-25 17:20 - 00002726 _____ () C:\Windows\System32\Tasks\GS_Booster-S-576482620
2014-09-25 17:19 - 2014-09-25 17:19 - 00000394 __RSH () C:\ProgramData\ntuser.pol
2014-09-25 17:19 - 2014-09-25 17:19 - 00000000 ____D () C:\Users\Paul\AppData\Local\Comodo
2014-09-25 17:19 - 2014-09-25 17:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-09-25 17:19 - 2014-09-25 17:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-09-25 17:19 - 2014-09-25 17:19 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-09-25 17:19 - 2014-09-25 17:19 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-09-25 17:19 - 2014-09-25 17:19 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-09-25 17:19 - 2014-09-25 17:19 - 00000000 ____D () C:\Users\Guest
2014-09-25 17:19 - 2014-09-25 17:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-09-25 17:19 - 2014-09-25 17:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-09-25 17:19 - 2014-09-25 17:19 - 00000000 ____D () C:\Users\Administrator
2014-09-25 17:10 - 2014-09-25 17:11 - 01763103 _____ () C:\Users\Paul\Downloads\vprlastic.zip
2014-09-25 17:04 - 2008-01-11 18:41 - 00212992 _____ () C:\Users\Paul\Desktop\OPCS7200ExcelAddin.xla
2014-09-25 14:24 - 2014-09-25 15:10 - 03857920 _____ () C:\Users\Paul\Downloads\1.. Blank Rota week 29th (1).xls
2014-09-25 14:23 - 2014-09-25 14:23 - 03748864 _____ () C:\Users\Paul\Downloads\1.. Blank Rota week 29th.xls
2014-09-25 10:30 - 2014-09-25 10:30 - 04371521 _____ () C:\Users\Paul\Downloads\SH_0405_mae15a_s7200_cp243it_v10_e.exe
2014-09-25 10:29 - 2014-09-25 10:34 - 290426691 _____ () C:\Users\Paul\Downloads\S7_200_PC_ACCESS_V1_SP5_SP6.zip
2014-09-23 22:22 - 2014-09-23 23:23 - 765924129 _____ () C:\Users\Paul\Downloads\99AdbAcrbtXIPr01109Multifull.rar
2014-09-23 16:52 - 2014-09-23 16:52 - 00001908 _____ () C:\Windows\diagwrn.xml
2014-09-23 16:52 - 2014-09-23 16:52 - 00001908 _____ () C:\Windows\diagerr.xml
2014-09-23 16:52 - 2014-09-23 16:52 - 00000000 ___HD () C:\$WINDOWS.~BT
2014-09-22 18:19 - 2014-09-22 18:19 - 00000306 _____ () C:\Users\Paul\Desktop\E100 3,621.60GBP.csv
2014-09-22 10:41 - 2014-09-22 10:41 - 04827337 _____ () C:\Users\Paul\Downloads\PNG-cards-1.3.zip
2014-09-22 10:41 - 2014-09-22 10:41 - 00000000 ____D () C:\Users\Paul\Downloads\PNG-cards-1.3
2014-09-22 10:36 - 2014-09-22 10:36 - 04769981 _____ () C:\Users\Paul\Downloads\SVG_and_EPS_Vector_Playing_Cards_Version_1.3.zip
2014-09-22 10:26 - 2014-09-22 10:26 - 00000000 ____D () C:\Users\Paul\Downloads\selfthinker-CSS-Playing-Cards-v2011-06-14-0-g7e0e0f2
2014-09-22 10:25 - 2014-09-22 10:25 - 00180678 _____ () C:\Users\Paul\Downloads\selfthinker-CSS-Playing-Cards-v2011-06-14-0-g7e0e0f2.zip
2014-09-22 10:17 - 2014-09-22 10:17 - 00535907 _____ () C:\Users\Paul\Downloads\donpark-scalable-css-playing-cards-d05a022.zip
2014-09-22 09:39 - 2014-09-22 09:44 - 00013950 _____ () C:\Users\Paul\Desktop\Regus Account Summary.xlsx
2014-09-20 15:06 - 2014-09-20 15:10 - 00000000 ___HD () C:\_acestream_cache_
2014-09-20 15:05 - 2014-09-29 16:55 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\ACEStream
2014-09-20 15:05 - 2014-09-29 16:53 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\.ACEStream
2014-09-20 15:05 - 2014-09-20 15:05 - 67195312 _____ () C:\Users\Paul\Downloads\Ace_Stream_Media_2.2.10-next_wiziwig.exe
2014-09-20 13:05 - 2014-09-20 13:05 - 00000000 ____D () C:\Users\Paul\Downloads\Hirens.BootCD.15.2
2014-09-20 12:54 - 2014-09-20 13:01 - 621283886 _____ () C:\Users\Paul\Downloads\Hirens.BootCD.15.2.zip
2014-09-20 12:54 - 2014-09-20 12:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard Company
2014-09-20 12:54 - 2014-09-20 12:54 - 00000000 ____D () C:\DriveKey
2014-09-15 11:47 - 2014-08-23 08:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-09-15 11:47 - 2014-08-23 08:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-09-15 11:47 - 2014-08-23 07:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-09-15 11:47 - 2014-08-23 06:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-09-15 11:47 - 2014-08-23 05:44 - 02860032 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-09-15 11:47 - 2014-08-23 05:34 - 13423104 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-09-15 11:47 - 2014-08-23 05:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-09-15 11:47 - 2014-08-23 05:31 - 01038336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-09-15 11:47 - 2014-08-23 05:20 - 11818496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-09-15 11:47 - 2014-07-30 02:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2014-09-15 11:47 - 2014-07-29 06:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2014-09-15 11:47 - 2014-07-24 16:20 - 21266336 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-15 11:47 - 2014-07-24 16:07 - 07424320 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-09-15 11:47 - 2014-07-24 14:46 - 18760328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-15 11:47 - 2014-07-24 10:44 - 16874496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-09-15 11:47 - 2014-07-24 10:16 - 12730880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-09-15 11:47 - 2014-07-24 08:46 - 08652800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-09-15 11:47 - 2014-07-24 08:43 - 02696704 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-09-15 11:47 - 2014-07-24 08:39 - 02642944 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-15 11:47 - 2014-07-24 08:38 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-09-15 11:47 - 2014-07-24 08:38 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-09-15 11:47 - 2014-07-24 08:30 - 02318336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-15 11:47 - 2014-06-14 07:03 - 02389504 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-15 11:46 - 2014-07-24 16:28 - 00468288 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-09-15 11:46 - 2014-07-24 16:28 - 00419648 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-09-15 11:46 - 2014-07-24 16:28 - 00412992 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-09-15 11:46 - 2014-07-24 16:28 - 00280384 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2014-09-15 11:46 - 2014-07-24 16:28 - 00143680 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-09-15 11:46 - 2014-07-24 16:25 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-15 11:46 - 2014-07-24 16:23 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-09-15 11:46 - 2014-07-24 16:23 - 00125472 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-09-15 11:46 - 2014-07-24 16:20 - 00645592 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-09-15 11:46 - 2014-07-24 16:20 - 00263400 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-09-15 11:46 - 2014-07-24 16:16 - 02574208 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-09-15 11:46 - 2014-07-24 16:16 - 00211216 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2014-09-15 11:46 - 2014-07-24 16:07 - 02009920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-09-15 11:46 - 2014-07-24 16:05 - 01660048 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-09-15 11:46 - 2014-07-24 16:05 - 01519560 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-09-15 11:46 - 2014-07-24 16:05 - 01488008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-09-15 11:46 - 2014-07-24 16:05 - 01356840 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-09-15 11:46 - 2014-07-24 16:03 - 02141920 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-09-15 11:46 - 2014-07-24 16:03 - 00882136 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-09-15 11:46 - 2014-07-24 16:03 - 00818624 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-09-15 11:46 - 2014-07-24 16:03 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-09-15 11:46 - 2014-07-24 16:03 - 00233888 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-09-15 11:46 - 2014-07-24 16:03 - 00205512 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll
2014-09-15 11:46 - 2014-07-24 15:57 - 02515264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-15 11:46 - 2014-07-24 15:57 - 00475968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-09-15 11:46 - 2014-07-24 14:50 - 00098048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-09-15 11:46 - 2014-07-24 14:48 - 02410976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-09-15 11:46 - 2014-07-24 14:48 - 00180208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
2014-09-15 11:46 - 2014-07-24 14:46 - 00477200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-09-15 11:46 - 2014-07-24 14:36 - 02145472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-09-15 11:46 - 2014-07-24 14:36 - 00707536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-09-15 11:46 - 2014-07-24 14:36 - 00674512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-09-15 11:46 - 2014-07-24 14:36 - 00355800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-09-15 11:46 - 2014-07-24 14:36 - 00180720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
2014-09-15 11:46 - 2014-07-24 12:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL
2014-09-15 11:46 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-09-15 11:46 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTT102.DLL
2014-09-15 11:46 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-09-15 11:46 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-09-15 11:46 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-09-15 11:46 - 2014-07-24 12:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-09-15 11:46 - 2014-07-24 12:47 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-09-15 11:46 - 2014-07-24 12:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-09-15 11:46 - 2014-07-24 12:45 - 00076800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-09-15 11:46 - 2014-07-24 12:44 - 00674816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-09-15 11:46 - 2014-07-24 12:43 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-09-15 11:46 - 2014-07-24 12:42 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-09-15 11:46 - 2014-07-24 12:42 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NdisImPlatform.sys
2014-09-15 11:46 - 2014-07-24 12:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2014-09-15 11:46 - 2014-07-24 12:33 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-15 11:46 - 2014-07-24 12:33 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-15 11:46 - 2014-07-24 12:22 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2014-09-15 11:46 - 2014-07-24 12:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
2014-09-15 11:46 - 2014-07-24 12:05 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2014-09-15 11:46 - 2014-07-24 12:05 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-09-15 11:46 - 2014-07-24 11:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-09-15 11:46 - 2014-07-24 11:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTT102.DLL
2014-09-15 11:46 - 2014-07-24 11:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-09-15 11:46 - 2014-07-24 11:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL
2014-09-15 11:46 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-09-15 11:46 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-09-15 11:46 - 2014-07-24 11:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-09-15 11:46 - 2014-07-24 11:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll
2014-09-15 11:46 - 2014-07-24 11:33 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-09-15 11:46 - 2014-07-24 11:32 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2014-09-15 11:46 - 2014-07-24 11:20 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2014-09-15 11:46 - 2014-07-24 11:18 - 01089024 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-09-15 11:46 - 2014-07-24 11:12 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2014-09-15 11:46 - 2014-07-24 11:10 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-09-15 11:46 - 2014-07-24 11:10 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-09-15 11:46 - 2014-07-24 11:10 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-09-15 11:46 - 2014-07-24 11:10 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasnap.dll
2014-09-15 11:46 - 2014-07-24 11:09 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-09-15 11:46 - 2014-07-24 11:06 - 00438272 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2014-09-15 11:46 - 2014-07-24 11:05 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-09-15 11:46 - 2014-07-24 10:58 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2014-09-15 11:46 - 2014-07-24 10:54 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2014-09-15 11:46 - 2014-07-24 10:53 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2014-09-15 11:46 - 2014-07-24 10:52 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2014-09-15 11:46 - 2014-07-24 10:42 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2014-09-15 11:46 - 2014-07-24 10:40 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
2014-09-15 11:46 - 2014-07-24 10:39 - 00770048 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-09-15 11:46 - 2014-07-24 10:33 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2014-09-15 11:46 - 2014-07-24 10:32 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-09-15 11:46 - 2014-07-24 10:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-09-15 11:46 - 2014-07-24 10:27 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-09-15 11:46 - 2014-07-24 10:25 - 00832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2014-09-15 11:46 - 2014-07-24 10:24 - 01817088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-09-15 11:46 - 2014-07-24 10:23 - 00328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2014-09-15 11:46 - 2014-07-24 10:21 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-09-15 11:46 - 2014-07-24 10:18 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll
2014-09-15 11:46 - 2014-07-24 10:14 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-09-15 11:46 - 2014-07-24 10:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2014-09-15 11:46 - 2014-07-24 10:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2014-09-15 11:46 - 2014-07-24 10:11 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-09-15 11:46 - 2014-07-24 10:11 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2014-09-15 11:46 - 2014-07-24 10:10 - 00540672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2014-09-15 11:46 - 2014-07-24 10:09 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-09-15 11:46 - 2014-07-24 10:04 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
2014-09-15 11:46 - 2014-07-24 10:04 - 00183808 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
2014-09-15 11:46 - 2014-07-24 10:03 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-09-15 11:46 - 2014-07-24 10:02 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-09-15 11:46 - 2014-07-24 09:58 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2014-09-15 11:46 - 2014-07-24 09:53 - 01261056 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-09-15 11:46 - 2014-07-24 09:53 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-09-15 11:46 - 2014-07-24 09:49 - 01361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-09-15 11:46 - 2014-07-24 09:49 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-09-15 11:46 - 2014-07-24 09:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-09-15 11:46 - 2014-07-24 09:49 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-09-15 11:46 - 2014-07-24 09:48 - 00659968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2014-09-15 11:46 - 2014-07-24 09:47 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2014-09-15 11:46 - 2014-07-24 09:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll
2014-09-15 11:46 - 2014-07-24 09:39 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2014-09-15 11:46 - 2014-07-24 09:38 - 00371200 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-09-15 11:46 - 2014-07-24 09:36 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2014-09-15 11:46 - 2014-07-24 09:32 - 01532416 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-09-15 11:46 - 2014-07-24 09:30 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-09-15 11:46 - 2014-07-24 09:29 - 00439296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-15 11:46 - 2014-07-24 09:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2014-09-15 11:46 - 2014-07-24 09:27 - 00907776 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-09-15 11:46 - 2014-07-24 09:24 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-15 11:46 - 2014-07-24 09:23 - 01404416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2014-09-15 11:46 - 2014-07-24 09:22 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-09-15 11:46 - 2014-07-24 09:21 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-09-15 11:46 - 2014-07-24 09:21 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-09-15 11:46 - 2014-07-24 09:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2014-09-15 11:46 - 2014-07-24 09:19 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-09-15 11:46 - 2014-07-24 09:18 - 01144320 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2014-09-15 11:46 - 2014-07-24 09:18 - 00795136 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-09-15 11:46 - 2014-07-24 09:18 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-15 11:46 - 2014-07-24 09:16 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2014-09-15 11:46 - 2014-07-24 09:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2014-09-15 11:46 - 2014-07-24 09:15 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-15 11:46 - 2014-07-24 09:15 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2014-09-15 11:46 - 2014-07-24 09:15 - 00432128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2014-09-15 11:46 - 2014-07-24 09:13 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2014-09-15 11:46 - 2014-07-24 09:12 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-15 11:46 - 2014-07-24 09:10 - 01029632 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-09-15 11:46 - 2014-07-24 09:10 - 00889344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-09-15 11:46 - 2014-07-24 09:10 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-09-15 11:46 - 2014-07-24 09:10 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-09-15 11:46 - 2014-07-24 09:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-09-15 11:46 - 2014-07-24 09:08 - 00162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2014-09-15 11:46 - 2014-07-24 09:07 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-15 11:46 - 2014-07-24 09:06 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-15 11:46 - 2014-07-24 09:05 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2014-09-15 11:46 - 2014-07-24 09:04 - 00667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-15 11:46 - 2014-07-24 09:02 - 03465216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-15 11:46 - 2014-07-24 09:01 - 05833216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-09-15 11:46 - 2014-07-24 09:01 - 01992192 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-09-15 11:46 - 2014-07-24 09:01 - 01126912 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-09-15 11:46 - 2014-07-24 09:00 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-09-15 11:46 - 2014-07-24 08:58 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2014-09-15 11:46 - 2014-07-24 08:58 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2014-09-15 11:46 - 2014-07-24 08:54 - 01290752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-09-15 11:46 - 2014-07-24 08:50 - 01182208 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2014-09-15 11:46 - 2014-07-24 08:50 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-09-15 11:46 - 2014-07-24 08:49 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2014-09-15 11:46 - 2014-07-24 08:47 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2014-09-15 11:46 - 2014-07-24 08:44 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2014-09-15 11:46 - 2014-07-24 08:43 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-09-15 11:46 - 2014-07-24 08:43 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2014-09-15 11:46 - 2014-07-24 08:41 - 00459264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2014-09-15 11:46 - 2014-07-24 08:33 - 03360768 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-09-15 11:46 - 2014-07-24 08:28 - 01600000 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-09-15 11:46 - 2014-07-24 05:11 - 00513544 _____ () C:\Windows\SysWOW64\locale.nls
2014-09-15 11:46 - 2014-07-24 05:11 - 00513544 _____ () C:\Windows\system32\locale.nls
2014-09-15 11:46 - 2014-07-12 06:55 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
2014-09-15 11:46 - 2014-07-12 06:23 - 00436224 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-09-15 11:46 - 2014-07-12 05:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
2014-09-15 11:46 - 2014-07-12 05:33 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-09-15 11:46 - 2014-07-12 05:13 - 01417216 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-15 11:46 - 2014-07-10 00:19 - 00387391 _____ () C:\Windows\system32\ApnDatabase.xml
2014-09-15 11:46 - 2014-07-04 13:59 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-09-15 11:46 - 2014-07-04 11:29 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
2014-09-15 11:46 - 2014-07-04 11:20 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2014-09-15 11:46 - 2014-07-04 11:06 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2014-09-15 11:46 - 2014-07-04 11:00 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-09-15 11:46 - 2014-07-04 10:30 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2014-09-15 11:46 - 2014-07-04 10:27 - 00474112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2014-09-15 11:46 - 2014-06-27 07:22 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-09-15 11:46 - 2014-06-26 01:32 - 01029632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-09-15 11:46 - 2014-06-26 01:29 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2014-09-15 11:46 - 2014-06-20 00:37 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-09-15 11:46 - 2014-06-19 03:13 - 00310080 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-09-15 11:46 - 2014-06-14 06:46 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-15 11:46 - 2014-06-07 13:46 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-09-15 11:46 - 2014-06-07 11:20 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-09-15 11:46 - 2014-06-05 15:00 - 01118040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-09-15 11:46 - 2014-06-05 11:18 - 01018368 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2014-09-15 11:46 - 2014-06-05 10:42 - 00889856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2014-09-15 11:46 - 2014-05-31 06:00 - 01463808 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2014-09-15 11:46 - 2014-05-31 05:18 - 01319936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2014-09-15 11:46 - 2014-05-29 07:23 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-09-15 11:46 - 2014-05-29 06:25 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-09-15 11:46 - 2014-05-29 06:20 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-09-15 11:46 - 2014-05-29 05:36 - 00344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-09-15 11:46 - 2014-05-26 08:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2014-09-15 11:46 - 2014-05-10 11:12 - 00387896 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2014-09-15 11:46 - 2014-05-10 09:46 - 00335680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2014-09-15 11:46 - 2014-05-06 05:41 - 00486744 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-09-15 11:46 - 2014-05-06 01:55 - 00391000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2014-09-15 11:46 - 2014-03-25 03:27 - 00160600 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2014-09-15 11:46 - 2014-03-25 03:27 - 00123920 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2014-09-15 11:46 - 2014-03-25 02:20 - 00128568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2014-09-15 11:46 - 2014-03-25 02:20 - 00127544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2014-09-15 11:38 - 2014-08-15 01:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2014-09-11 15:38 - 2014-09-11 15:38 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\Yahoo!
2014-09-10 23:40 - 2014-08-16 02:54 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 23:40 - 2014-08-16 02:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-10 23:39 - 2014-08-16 03:40 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 23:39 - 2014-08-16 03:04 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-10 23:39 - 2014-08-16 03:00 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 23:39 - 2014-08-16 03:00 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 23:39 - 2014-08-16 02:56 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 23:39 - 2014-08-16 02:45 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-10 23:39 - 2014-08-16 02:43 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 23:39 - 2014-08-16 02:32 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 23:39 - 2014-08-16 02:25 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 23:39 - 2014-08-16 02:22 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-10 23:39 - 2014-08-16 02:19 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 23:39 - 2014-08-16 02:18 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-10 23:39 - 2014-08-16 02:18 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 23:39 - 2014-08-16 02:11 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-10 23:39 - 2014-08-16 02:06 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 23:39 - 2014-08-16 02:05 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 23:39 - 2014-08-16 02:05 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 23:39 - 2014-08-16 02:03 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 23:39 - 2014-08-16 02:03 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-10 23:39 - 2014-08-16 01:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 23:39 - 2014-08-16 01:56 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 23:39 - 2014-08-16 01:53 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 23:39 - 2014-08-16 01:53 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-10 23:39 - 2014-08-16 01:53 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-10 23:39 - 2014-08-16 01:51 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-10 23:39 - 2014-08-16 01:45 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-10 23:39 - 2014-08-16 01:44 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-10 23:39 - 2014-08-16 01:44 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-10 23:39 - 2014-08-16 01:34 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 23:39 - 2014-08-16 01:20 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-10 23:39 - 2014-08-16 01:18 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 23:39 - 2014-08-16 01:14 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-10 23:39 - 2014-08-16 01:12 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-10 23:26 - 2014-09-05 03:36 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-09-10 23:26 - 2014-09-05 03:31 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-10 23:26 - 2014-09-05 01:48 - 00738816 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 23:26 - 2014-08-02 01:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-09-10 23:25 - 2014-07-24 04:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-09-10 23:25 - 2014-07-24 04:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2014-09-10 22:59 - 2014-09-17 11:44 - 00000000 ____D () C:\Users\Paul\AppData\Local\ClosuresDataExporter
2014-09-10 13:24 - 2014-09-10 13:25 - 00000000 ____D () C:\Program Files (x86)\SAP BusinessObjects
2014-09-10 13:24 - 2014-09-10 13:24 - 00000000 ____D () C:\ProgramData\Macrovision
2014-09-10 13:24 - 2014-09-10 13:24 - 00000000 ____D () C:\inetpub
2014-09-10 13:24 - 2014-02-26 18:41 - 307175616 _____ () C:\Users\Paul\Downloads\CRforVS_13_0_8.exe
2014-09-10 12:31 - 2014-09-10 12:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinImage
2014-09-10 12:31 - 2014-09-10 12:31 - 00000000 ____D () C:\Program Files\WinImage
2014-09-10 12:30 - 2014-09-10 12:30 - 01649168 _____ () C:\Users\Paul\Downloads\WinImage 9.00 x86 x64.rar
2014-09-10 12:29 - 2014-09-10 12:29 - 00872440 _____ (WinImage) C:\Users\Paul\Downloads\wima6490.exe
2014-09-10 12:29 - 2014-09-10 12:29 - 00746592 _____ (WinImage) C:\Users\Paul\Downloads\winima90.exe
2014-09-10 11:32 - 2014-09-10 11:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarWind Software
2014-09-10 11:32 - 2014-09-10 11:32 - 00000000 ____D () C:\Program Files (x86)\StarWind Software
2014-09-10 11:31 - 2014-09-10 11:31 - 01631592 _____ (StarWind Software ) C:\Users\Paul\Downloads\StarWindConverter.exe
2014-09-10 11:26 - 2014-09-10 11:26 - 06319701 _____ () C:\Users\Paul\Downloads\5nineEasyConverter.zip
2014-09-10 11:11 - 2014-09-10 11:11 - 02617344 _____ () C:\Users\Paul\Downloads\mvmc_setup.msi
2014-09-10 11:11 - 2014-09-10 11:11 - 00001274 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Microsoft Virtual Machine Converter 2.1.lnk
2014-09-10 11:11 - 2014-09-10 11:11 - 00000000 ____D () C:\Program Files\Microsoft Virtual Machine Converter
2014-09-10 10:36 - 2014-09-10 10:39 - 159578526 _____ () C:\Users\Paul\Downloads\SageAccts Paul Pitchford t a Ashfield Clutch Services 2014-09-08.001
2014-09-08 11:55 - 2014-09-08 11:55 - 00000000 ____D () C:\Users\Paul\Downloads\SignalRMessagingErrorHandling-master
2014-09-08 11:51 - 2014-09-08 11:51 - 20984303 _____ () C:\Users\Paul\Downloads\SignalRMessagingErrorHandling-master.zip
2014-09-08 11:44 - 2014-09-08 11:44 - 05158044 _____ () C:\Users\Paul\Downloads\Windows Phone 8 Chat Application using SignalR (1).zip
2014-09-08 10:48 - 2014-09-08 10:48 - 00001798 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Component One.lnk
2014-09-08 10:48 - 2014-09-08 10:48 - 00000000 ____D () C:\Program Files (x86)\ComponentOne
2014-09-08 10:47 - 2014-08-25 16:35 - 39796736 _____ () C:\Users\Paul\Downloads\C1StudioLightSwitch_4.0.20142.62.msi
2014-09-08 10:46 - 2014-09-08 10:46 - 00159952 _____ (GrapeCity Inc.) C:\Users\Paul\Downloads\C1WebInstallerStudioLightSwitch.exe
2014-09-08 08:25 - 2014-09-08 08:25 - 00000000 ____D () C:\Users\Paul\AppData\Local\Deployment
2014-09-08 08:25 - 2014-09-08 08:25 - 00000000 ____D () C:\Users\Paul\AppData\Local\Apps\2.0
2014-09-07 12:22 - 2014-09-07 12:40 - 1585775666 _____ () C:\Users\Paul\Desktop\DEV-B417.mp4
2014-09-06 17:08 - 2014-09-06 17:10 - 171518067 _____ () C:\Users\Paul\Downloads\realtimeconnectedWPapps_Source.wmv
2014-09-06 16:50 - 2014-09-06 16:50 - 02544599 _____ () C:\Users\Paul\Downloads\NuGet.Tools.vsix
2014-09-03 20:58 - 2014-09-03 20:58 - 00834269 _____ () C:\Users\Paul\Downloads\ModernUI.1.0.6.zip
2014-09-03 20:58 - 2014-09-03 20:58 - 00000000 ____D () C:\Users\Paul\Downloads\ModernUI.1.0.6
2014-09-03 16:33 - 2014-09-10 13:00 - 27590656 _____ () C:\Windows\system32\vmguest.iso
2014-09-03 16:30 - 2014-09-03 16:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.0
2014-09-03 16:30 - 2014-09-03 16:30 - 00000000 ____D () C:\Program Files (x86)\Windows Phone Kits
2014-09-03 16:30 - 2014-09-03 16:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft XDE
2014-09-03 16:29 - 2014-09-10 13:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 11.0
2014-09-03 16:29 - 2014-09-03 16:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
2014-09-03 16:27 - 2014-09-03 16:28 - 00000000 ____D () C:\Users\Paul\Downloads\Visual Studio 2013 (Second Download)
2014-09-03 16:25 - 2014-09-03 16:25 - 00000000 ____D () C:\Users\Paul\Downloads\Windows Phone 8 Chat Application using SignalR
2014-09-03 16:24 - 2014-09-03 16:24 - 05158044 _____ () C:\Users\Paul\Downloads\Windows Phone 8 Chat Application using SignalR.zip
2014-09-02 15:12 - 2014-09-02 15:12 - 00000000 ____D () C:\Windows\System32\Tasks\GenericSettingsHandler
2014-09-02 14:44 - 2014-09-02 14:50 - 00000000 ____D () C:\Users\Paul\.android
2014-09-02 14:43 - 2014-09-02 14:43 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-09-02 14:43 - 2014-09-02 14:43 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-09-02 14:43 - 2014-09-02 14:43 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-09-02 14:43 - 2014-09-02 14:43 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-09-02 14:43 - 2014-09-02 14:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-09-02 14:43 - 2014-09-02 14:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-02 14:43 - 2014-09-02 14:43 - 00000000 ____D () C:\Program Files\Java
2014-09-02 13:47 - 2014-09-02 13:47 - 00000000 ____D () C:\Users\Paul\Downloads\SignalR Self-Host
2014-09-02 11:59 - 2014-09-29 09:54 - 01048576 _____ () C:\Users\Paul\Test_log.ldf
2014-09-02 11:59 - 2014-09-09 07:38 - 04194304 _____ () C:\Users\Paul\Test.mdf
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-29 21:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2014-09-29 20:59 - 2014-07-25 14:54 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-29 20:54 - 2014-07-25 14:25 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{716F22AE-5F51-4F0D-8860-0A00617B5488}
2014-09-29 17:45 - 2014-07-25 14:27 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3153417521-1489275855-306761039-1001
2014-09-29 17:15 - 2014-07-25 14:20 - 01966632 _____ () C:\Windows\WindowsUpdate.log
2014-09-29 17:06 - 2014-07-25 18:51 - 00004962 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for OFFICE-Paul Office
2014-09-29 17:03 - 2014-07-25 14:24 - 00960752 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-29 16:55 - 2014-08-04 10:50 - 00000000 ____D () C:\ProgramData\Kodak
2014-09-29 16:55 - 2014-07-25 16:34 - 00000000 ____D () C:\ProgramData\VMware
2014-09-29 16:55 - 2014-07-25 14:54 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-29 16:55 - 2014-07-25 14:24 - 00000000 ___DO () C:\Users\Paul\SkyDrive
2014-09-29 16:55 - 2014-07-25 14:19 - 00030596 _____ () C:\Windows\PFRO.log
2014-09-29 16:55 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-29 16:54 - 2013-08-22 14:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-09-29 16:37 - 2014-08-11 10:39 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\Skype
2014-09-29 10:11 - 2014-08-11 10:39 - 00000000 ____D () C:\ProgramData\Skype
2014-09-29 09:54 - 2014-08-21 10:34 - 01048576 _____ () C:\Users\Paul\Poker_log.ldf
2014-09-29 09:50 - 2014-07-27 11:09 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\VMware
2014-09-29 09:50 - 2014-07-27 11:09 - 00000000 ____D () C:\Users\Paul\AppData\Local\VMware
2014-09-29 09:48 - 2014-07-27 18:23 - 00002334 ____H () C:\Users\Paul\Documents\Default.rdp
2014-09-29 08:40 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-09-28 12:33 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2014-09-28 11:07 - 2014-07-25 14:06 - 00000000 ____D () C:\Projects
2014-09-28 10:32 - 2014-07-27 12:44 - 00000000 ____D () C:\Users\Paul\Documents\SQL Server Management Studio
2014-09-26 17:28 - 2014-07-28 16:01 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\Spotify
2014-09-26 16:56 - 2014-07-28 16:01 - 00000000 ____D () C:\Users\Paul\AppData\Local\Spotify
2014-09-26 16:50 - 2014-07-25 14:27 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-25 18:08 - 2013-08-22 15:44 - 00510448 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-25 18:05 - 2014-08-17 16:06 - 00054882 _____ () C:\Windows\DPINST.LOG
2014-09-25 18:04 - 2014-07-25 16:17 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-25 18:04 - 2013-08-22 15:45 - 00000000 ____D () C:\Windows\Setup
2014-09-25 17:44 - 2014-08-26 16:08 - 00000000 ____D () C:\Windows\SysWOW64\HavijPro
2014-09-25 17:36 - 2014-07-25 14:22 - 00000000 ____D () C:\Users\Paul\AppData\Local\Packages
2014-09-25 17:34 - 2014-08-29 21:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-25 17:33 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-09-25 17:31 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-09-25 17:28 - 2014-07-25 14:08 - 00000000 ____D () C:\Closures
2014-09-25 17:26 - 2013-08-22 20:11 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-25 17:26 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ToastData
2014-09-25 17:26 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-09-25 17:26 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-25 17:26 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-25 17:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\WinStore
2014-09-25 17:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2014-09-25 17:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
2014-09-25 17:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\setup
2014-09-25 17:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-25 17:26 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-09-25 17:19 - 2014-07-25 14:54 - 00000000 ____D () C:\Users\Paul\AppData\Local\Google
2014-09-25 17:19 - 2014-07-25 14:54 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-25 17:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-09-25 09:34 - 2014-07-25 15:05 - 00000000 ____D () C:\Users\Paul\Documents\Visual Studio 2013
2014-09-25 05:29 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-23 21:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-09-23 16:52 - 2013-08-22 15:46 - 00000277 _____ () C:\Windows\setupact.log
2014-09-23 16:52 - 2013-08-22 15:46 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-22 21:03 - 2014-07-25 17:38 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\vlc
2014-09-22 21:01 - 2014-08-19 12:17 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-22 07:42 - 2014-07-25 15:41 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-19 10:08 - 2014-08-15 17:25 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\JWrapper-SimpleHelp Technician
2014-09-17 13:42 - 2014-07-29 11:32 - 00001118 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-09-11 07:38 - 2014-07-31 10:04 - 00000648 __RSH () C:\Users\Paul\ntuser.pol
2014-09-11 07:38 - 2014-07-25 14:21 - 00000000 ____D () C:\Users\Paul
2014-09-11 00:41 - 2014-07-26 15:40 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 23:40 - 2014-07-26 14:26 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-10 23:40 - 2014-07-26 14:26 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 23:40 - 2014-07-25 15:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-10 23:40 - 2014-07-25 15:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 23:40 - 2014-07-25 15:34 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 23:40 - 2014-07-25 15:34 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-10 23:40 - 2014-07-25 15:34 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 23:40 - 2014-07-25 15:34 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-10 23:40 - 2014-07-25 15:34 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 23:40 - 2014-07-25 15:34 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 23:40 - 2014-07-25 15:34 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-10 23:40 - 2014-07-25 15:34 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 23:40 - 2014-07-25 15:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-10 23:40 - 2014-07-25 15:34 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 23:40 - 2014-07-25 15:34 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-10 23:40 - 2014-07-25 15:34 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 23:39 - 2014-07-25 15:43 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 23:37 - 2014-07-25 15:43 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-10 13:25 - 2014-07-27 12:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 10.0
2014-09-10 13:03 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\schemas
2014-09-10 12:16 - 2014-08-04 09:59 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-09-10 11:32 - 2014-08-04 10:00 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-09-10 11:31 - 2014-08-11 11:05 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-09-08 11:43 - 2014-07-25 14:22 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\Adobe
2014-09-03 16:30 - 2014-07-25 14:57 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-09-03 16:30 - 2014-07-25 14:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-09-03 16:29 - 2014-07-25 14:45 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-02 21:06 - 2013-08-22 16:38 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-02 21:06 - 2013-08-22 16:38 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-02 15:12 - 2014-07-25 14:22 - 00000000 ____D () C:\Users\Paul\AppData\Local\PackageStaging
2014-09-02 12:06 - 2014-08-26 10:42 - 03211264 _____ () C:\Users\Paul\AshfieldSalesData.mdf
2014-09-02 12:06 - 2014-08-26 10:42 - 01114112 _____ () C:\Users\Paul\AshfieldSalesData_log.ldf
2014-09-02 12:06 - 2014-07-27 21:13 - 03211264 _____ () C:\Users\Paul\WAStorageEmulatorDb32.mdf
2014-09-02 12:06 - 2014-07-27 21:13 - 00802816 _____ () C:\Users\Paul\WAStorageEmulatorDb32_log.ldf
 
Some content of TEMP:
====================
C:\Users\Paul\AppData\Local\Temp\14-4-mobility-win7-win8-win8.1-64-dd-ccc-whql.exe
C:\Users\Paul\AppData\Local\Temp\2bv2szdp.dll
C:\Users\Paul\AppData\Local\Temp\310mo1ro.dll
C:\Users\Paul\AppData\Local\Temp\3pwxby2o.dll
C:\Users\Paul\AppData\Local\Temp\3rnrmrk5.dll
C:\Users\Paul\AppData\Local\Temp\4lgvp5kj.dll
C:\Users\Paul\AppData\Local\Temp\5sdisss0.dll
C:\Users\Paul\AppData\Local\Temp\a4v1qajw.dll
C:\Users\Paul\AppData\Local\Temp\fvpkheq3.dll
C:\Users\Paul\AppData\Local\Temp\GLF65D0.EXE
C:\Users\Paul\AppData\Local\Temp\GLF66EB.EXE
C:\Users\Paul\AppData\Local\Temp\h5ahyazd.dll
C:\Users\Paul\AppData\Local\Temp\kxnattjs.dll
C:\Users\Paul\AppData\Local\Temp\MA_0405_mae15a_s7200_cp243it_HTML_v00_e.exe
C:\Users\Paul\AppData\Local\Temp\MA_0405_mae15a_s7200_cp243it_Java_CODE_v00_e.exe
C:\Users\Paul\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\Paul\AppData\Local\Temp\q1vhdnl2.dll
C:\Users\Paul\AppData\Local\Temp\q2jfagu1.dll
C:\Users\Paul\AppData\Local\Temp\Quarantine.exe
C:\Users\Paul\AppData\Local\Temp\raptrpatch.exe
C:\Users\Paul\AppData\Local\Temp\raptr_stub.exe
C:\Users\Paul\AppData\Local\Temp\sp4lv5d3.dll
C:\Users\Paul\AppData\Local\Temp\thm03ohq.dll
C:\Users\Paul\AppData\Local\Temp\tjrmgs1m.dll
C:\Users\Paul\AppData\Local\Temp\u5ivutps.dll
C:\Users\Paul\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\Paul\AppData\Local\Temp\yyj1tuo5.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-24 10:21
 
==================== End Of Log ============================
 
Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-09-2014 02
Ran by Paul at 2014-09-29 21:32:23
Running from C:\Users\Paul\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
Accounts (x32 Version: 19.0.11.260 - Sage (UK) Ltd) Hidden
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
aioprnt (Version: 5.3.1.0 - Eastman Kodak Company) Hidden
aioscnnr (x32 Version: 5.8.10.0 - Your Company Name) Hidden
aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{3FAEEEBE-48F4-84C1-2B49-96AE73E67E3E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5315 - AVG Technologies)
AVG 2015 (Version: 15.0.4158 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5315 - AVG Technologies) Hidden
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.1.9.799 - AVG Technologies)
Azure Storage Explorer (HKLM-x32\...\{3285EEA9-A860-47DB-840B-6FD3D72331B8}) (Version: 4.0.10 - Neudesic)
AzureTools.Notifications (x32 Version: 2.3.20320.1602 - Microsoft Corporation) Hidden
Behaviors SDK (XAML) for Visual Studio (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Windows Phone 8.0 (x32 Version: 3.0.30924.0 - Microsoft Corporation) Hidden
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden
center (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
Cheeky Monkey Bars (HKCU\...\3478626762.cmb2.azurewebsites.net) (Version:  - cmb2.azurewebsites.net)
ComponentOne Studio for LightSwitch (HKLM-x32\...\{52F02A58-9A83-4E94-9D8C-559182B8DAEA}) (Version: 20142.4.62 - GrapeCity, Inc.)
DevExpress DevExtreme 13.1 (HKLM-x32\...\DevExpress DXTREME 13.1) (Version: 13.1.8 - Developer Express Inc.)
DevExpress DXperience 13.1 (HKLM-x32\...\DevExpress DXperience 13.1) (Version: 13.1.8 - Developer Express Inc.)
DisabilityNotts (HKCU\...\3856015257.remote.disabilitynottinghamshire.org.uk) (Version:  - remote.disabilitynottinghamshire.org.uk)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
essentials (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
f.lux (HKCU\...\Flux) (Version:  - )
Fiddler (HKLM-x32\...\Fiddler2) (Version: 4.4.9.2 - Telerik)
Fluid (HKCU\...\290216574.fluidair.azurewebsites.net) (Version:  - fluidair.azurewebsites.net)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HP USB Disk Storage Format Tool (HKLM-x32\...\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}) (Version:  - )
HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Install Finalizer (x32 Version: 2.3.20320.1602 - Microsoft Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java SE Development Kit 7 Update 67 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170670}) (Version: 1.7.0.670 - Oracle)
JavaScript Tooling (Version: 12.0.21005 - Microsoft Corporation) Hidden
JavaScript Tooling (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Kodak AIO Printer (Version: 7.8.1.0 - Eastman Kodak Company) Hidden
KODAK AiO Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.8.5.2 - Eastman Kodak Company)
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us (x32 Version: 8.59.29989 - Microsoft) Hidden
LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps (ENU) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Advertising SDK for Windows 8.1 - ENU (x32 Version: 8.1.30809.0 - Microsoft Corporation) Hidden
Microsoft Advertising SDK for Windows Phone - ENU (x32 Version: 6.2.960.0 - Microsoft Corporation) Hidden
Microsoft Advertising Service Extension for Visual Studio (x32 Version: 12.0.30809.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft ASP.NET and Web Tools 2013.1 - Visual Studio 2013 (HKLM-x32\...\{867775BA-5C7B-4843-89DE-769D67C7E141}) (Version: 2.1.50312.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 - Visual Studio 2013 - ENU (x32 Version: 4.1.21001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (x32 Version: 4.0.20716.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Frameworks and Tools - Visual Studio 2013 - ENU (x32 Version: 5.0.11001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 - Visual Studio 2013 - ENU (x32 Version: 4.1.21001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 Runtime (x32 Version: 2.0.20716.0 - Microsoft Corporation) Hidden
Microsoft C++ Azure Mobile SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
Microsoft C++ REST SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
Microsoft Exchange Web Services Managed API 2.0 (x32 Version: 15.0.516.14 - Microsoft Corporation) Hidden
Microsoft Expression Blend SDK for .NET 4 (x32 Version: 2.0.20525.0 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft Identity Extensions (Version: 2.0.1459.0 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2013 Core (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2013 CoreRes - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2013 v4.0 Tools (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2013 v4.0 ToolsRes - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft LightSwitch v4.0 SDK (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio 2013 (x32 Version: 2.7.40911.287 - Microsoft Corporation) Hidden
Microsoft Office 2013 Developer Tools for Microsoft Visual Studio (x64) - ENU Language Pack (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Office 2013 Developer Tools for Microsoft Visual Studio (x64) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Office 365 Small Business Premium - en-us (HKLM\...\O365SmallBusPremRetail - en-us) (Version: 15.0.4649.1003 - Microsoft Corporation)
Microsoft Portable Library Multi-Targeting Pack (x32 Version: 12.0.21005.01 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - enu (x32 Version: 12.0.21005.01 - Microsoft Corporation) Hidden
Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{9CCE40CE-A9E6-4916-8729-B008558EEF3F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Report Viewer Add-On for Visual Studio 2013 (x32 Version: 11.1.3366.16 - Microsoft Corporation) Hidden
Microsoft SharePoint 2013 Developer Tools for Visual Studio (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft SharePoint 2013 Developer Tools for Visual Studio 2012 Nuget Package (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft SharePoint 2013 Developer Tools for Visual Studio ENU Language Pack (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2012 (64-bit) (Version:  - ) Hidden
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM\...\{8CB0713F-CFE0-445D-BCB2-538465860E1A}) (Version: 11.1.3128.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Team Foundation Server 2013 Object Model (x64) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Team Foundation Server 2013 Object Model Language Pack (x64) - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Virtual Machine Converter (HKLM\...\{C190D8D9-C763-4963-AC3D-DDB9817D1687}) (Version: 2.1.0.0 - Microsoft Corporation)
Microsoft Visual C++  ARM Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64 Native Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64 Native Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64-arm Cross Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64-arm Cross Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64-x86 Cross Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64-x86 Cross Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x86 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 32bit Compilers - ENU Resources (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers - ENU Resources (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers For Windows Phone - ENU Resources (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers For Windows Phone (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Core Libraries For Windows Phone (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86-x64 Compilers (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013  x64 Designtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 32bit Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Core Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Extended Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Microsoft Foundation Class Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86-x64 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50701 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50706 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Add-in for Windows Phone - ENU Language Pack (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Add-in for Windows Phone (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Devenv (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Devenv Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 IntelliTrace Core amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 IntelliTrace Core x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 IntelliTrace Front End x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Performance Collection Tools - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Performance Collection Tools (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Preparation (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Profiling Tools (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Team Explorer Language Pack - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 VsGraphics Helper Dependencies (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Premium 2013 - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Premium 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2013 - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2013 Storyboarding (x64) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2013 Storyboarding Language Pack (x64) - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 (HKLM-x32\...\{cd09eea6-d0b3-4246-bb80-e047ceadf61f}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer Core (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer enu Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft Web Platform Installer 5.0 (HKLM\...\{4D84C195-86F0-4B34-8FDE-4A17EB41306A}) (Version: 5.0.50430.0 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-GB)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7064 - Realtek Semiconductor Corp.)
Rebex Components 2012 R3 (HKLM-x32\...\Rebex4700_is1) (Version: 2012 R3 - Rebex CR, s.r.o.)
Sage 50 Accounts 2013 (HKLM-x32\...\InstallShield_{45ECE61A-C8EE-4847-852C-6E8A8192D424}) (Version: 19.0.11.260 - Sage (UK) Ltd)
Sage Data Objects 180 (HKLM-x32\...\InstallShield_{3C6F5AE8-39B5-4D6F-938A-B08D1BB96088}) (Version: 18 - Sage)
Sage Data Objects 180 (x32 Version: 18 - Sage) Hidden
Sage Data Objects 190 (HKLM-x32\...\InstallShield_{20A1776A-DEFD-4974-BB25-716FC138D2A8}) (Version: 19 - Sage)
Sage Data Objects 190 (x32 Version: 19 - Sage) Hidden
Sage Data Objects 200 (HKLM-x32\...\InstallShield_{77C7D7B6-B7E4-42EB-B878-7A7E5A915BED}) (Version: 20 - Sage)
Sage Data Objects 200 (x32 Version: 20 - Sage) Hidden
SAP Crystal Reports runtime engine for .NET Framework (64-bit) (HKLM\...\{8AC912AB-6888-4248-A8EB-FC16F6D2BED7}) (Version: 13.0.8.1216 - SAP)
SAP Crystal Reports, version for Microsoft Visual Studio (HKLM-x32\...\{7E900D12-1F1D-4971-AF2E-0599AB525BF2}) (Version: 13.0.8.1216 - SAP)
SharePoint Client Components (Version: 15.0.4481.1505 - Microsoft Corporation) Hidden
SIMATIC Device Drivers (Version: 01.00.0000 - Siemens AG) Hidden
SIMATIC Device Drivers WoW (x32 Version: 20.00.0000 - Siemens AG) Hidden
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.13.24.g5dbb3103 - Spotify AB)
SQL Server 2012 Common Files (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Management Studio (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
StarWind V2V Image Converter V5.6 (build 2011-05-10) (HKLM-x32\...\StarWind Converter_is1) (Version:  - StarWind Software)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
tools-freebsd (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
tools-linux (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
tools-netware (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
tools-solaris (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
tools-windows (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
tools-winPre2k (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
Uninstall Finalizer (x32 Version: 2.3.20320.1602 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
USB Video/Audio Device Driver (HKLM-x32\...\{3717C4F2-7412-4793-9BB8-D73D2817B3D6}) (Version: 1.00.0000 - EETI)
Visual F# 3.1 SDK (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual F# 3.1 VS (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio 2013 Prerequisites - ENU Language Pack (Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual Studio 2013 Prerequisites (Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.9600.16408 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 10.0.1 - VMware, Inc)
VMware Workstation (Version: 10.0.1 - VMware, Inc.) Hidden
Vs2012 Verification SDK (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Windows 8 Development Essentials (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Windows App Certification Kit Native Components (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Azure Authoring Tools - v2.3 (HKLM\...\{CA53F7A1-A71D-4C7F-ABD2-7BDD26FE0D74}) (Version: 2.3.6491.3 - Microsoft Corporation)
Windows Azure Compute Emulator - v2.3 (HKLM\...\Windows Azure Compute Emulator - v2.3) (Version: 2.3.6491.3 - Microsoft Corporation)
Windows Azure Compute Emulator - v2.3 (Version: 2.3.6491.3 - Microsoft Corporation) Hidden
Windows Azure Libraries for .NET – v2.3 (HKLM\...\{C0591F2A-45AD-4189-86A7-C2B1DF3D148D}) (Version: 2.3.0424.070 - Microsoft Corporation)
Windows Azure Mobile Services SDK (x32 Version: 1.0.10815.0 - Microsoft Corporation) Hidden
Windows Azure Mobile Services Tools for Visual Studio 2013 Preview - v1.0 (x32 Version: 1.0.60906.1602 - Microsoft Corporation) Hidden
Windows Azure Shared Components for Microsoft Visual Studio 2013 - v1.1 (x32 Version: 1.1.20311.1601 - Microsoft Corporation) Hidden
Windows Azure Storage Emulator - v3.2 (HKLM-x32\...\Windows Azure Storage Emulator - v3.2) (Version: 3.2.6891.0 - Microsoft Corporation)
Windows Azure Storage Emulator - v3.2 (x32 Version: 3.2.6891.0 - Microsoft Corporation) Hidden
Windows Azure Storage Tools - v2.2.2 (HKLM-x32\...\{E7BF94EB-6D51-4813-A717-BEE9AABDF028}) (Version: 2.2.2.0 - Microsoft Corporation)
Windows Azure Tools for LightSwitch for Visual Studio 2013 - v2.1 (x32 Version: 2.1.10909.1601 - Microsoft) Hidden
Windows Azure Tools for LightSwitch for Visual Studio 2013 - v2.3 (x32 Version: 2.3.20305.1601 - Microsoft) Hidden
Windows Azure Tools for Microsoft LightSwitch for Visual Studio 2013 - v2.3 (HKLM-x32\...\{ad100c2d-0566-4608-9d2a-819f337f7c15}) (Version: 2.3.20305.1601 - Microsoft Corporation)
Windows Azure Tools for Microsoft Visual Studio 2013 - v2.3 (HKLM-x32\...\{7223ffe5-5cbb-45ca-8aa3-a455015ab1cf}) (Version: 2.3.20320.1602 - Microsoft Corporation)
Windows Azure Tools for Microsoft Visual Studio 2013 - v2.3 (x32 Version: 2.3.20320.1602 - Microsoft Corporation) Hidden
Windows Azure Tools for Microsoft Visual Studio 2013 Core (x32 Version: 2.3.20320.1602 - Microsoft Corporation) Hidden
Windows Phone 8.0 Emulation Host (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Windows Phone 8.0 Emulation Images (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Windows Phone 8.0 Managed SDK Profiler (ARM) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Windows Phone 8.0 Managed SDK Profiler (X86) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Windows Phone Emulator 8.0 Configurator (x32 Version: 11.0.60830 - Microsoft Corporation) Hidden
Windows Phone SDK 8.0 Assemblies (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Windows Phone Tools Finalizer (Version: 11.0.60610 - Microsoft Corporation) Hidden
Windows Runtime Intellisense Content - en-us (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (Version: 11.0.51106 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
WinImage (HKLM\...\WinImage) (Version:  - )
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Wireshark 1.12.0 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.0 - The Wireshark developer community, http://www.wireshark.org)
Workflow Manager Client 1.0 (Version: 2.0.30813.2 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.30725.1 - Microsoft Corporation) Hidden
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3153417521-1489275855-306761039-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
 
==================== Restore Points  =========================
 
10-09-2014 10:11:48 Installed Microsoft Virtual Machine Converter
15-09-2014 08:58:49 Windows Update
20-09-2014 11:53:58 Installed HP USB Disk Storage Format Tool
25-09-2014 04:28:45 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {10EF7CB0-1F05-4F65-BCF3-943D259CA543} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {12EA6F0D-5C3A-4C61-A434-8C5A912B1E58} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {255AA763-D40B-4716-9B31-CAC9DE8E5464} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {43BC0EA6-548A-4A09-B170-399BDEBF0A01} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-09-26] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5081A598-7C0C-4B32-BE3C-AD68D831246A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-12] (Microsoft Corporation)
Task: {577D4A0D-3251-4E60-A339-DDD6B3632F8A} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {5CCACE4E-4F50-4846-9ADC-4AFC511AE098} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6F4A5FBD-91E5-4C1D-A85F-711572DC8DBE} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3153417521-1489275855-306761039-1001
Task: {72C4C5A9-5B8F-4030-8A0C-DA9252FA3035} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {73F324CA-62D5-4D54-A356-E35D21D45516} - System32\Tasks\GS_Booster-S-576482620 => c:\programdata\trusted publisher\gs_booster\GS_Booster.exe <==== ATTENTION
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7D4058A1-9F9C-4939-AB1E-5DC4A75E23D4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-09-10] (Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A47A5EB4-FC95-465E-988B-F1163E0B6B72} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {CF9A9DC8-0A5D-488D-9EF4-068CBF24CF81} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D6DEE35D-2EBE-4872-B30D-69F5CA535F31} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {D8D725BA-7E04-4A11-B8A0-0336B31CE9B1} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E2876040-BE6E-406A-8319-5370A64ADB3E} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {E3B32D08-D778-421C-ABA8-5B8575C7985C} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F7192042-AB83-4FBE-A530-91CD579D9B24} - System32\Tasks\Microsoft Office 15 Sync Maintenance for OFFICE-Paul Office => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-09-26] (Microsoft Corporation)
Task: {FAE35CA3-1C5F-438A-946A-98BFE4E3C809} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GS_Booster-S-576482620.job => c:\programdata\trusted publisher\gs_booster\GS_Booster.exe <==== ATTENTION
 
==================== Loaded Modules (whitelisted) =============
 
2014-07-25 14:27 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2011-06-14 19:24 - 2011-06-14 19:24 - 00824320 _____ () C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\sn_regbase.dll
2014-09-25 17:34 - 2014-09-25 17:34 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
2013-10-18 12:10 - 2013-10-18 12:10 - 14405200 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
2014-09-26 16:42 - 2014-09-26 16:42 - 08894120 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2014-09-25 17:34 - 2014-09-25 17:34 - 02640408 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
2014-09-25 01:59 - 2014-09-23 04:15 - 01442120 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-25 01:59 - 2014-09-23 04:15 - 00168264 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-25 01:59 - 2014-09-23 04:15 - 10328904 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-25 01:59 - 2014-09-23 04:15 - 00405320 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-25 01:59 - 2014-09-23 04:15 - 01831752 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
2014-09-09 07:02 - 2014-09-09 07:02 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\ErrorReporting.dll
2013-01-01 19:01 - 2013-01-01 19:01 - 00228264 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbPc.DLL
2014-09-25 17:34 - 2014-09-25 17:34 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll
2013-10-18 12:46 - 2013-10-18 12:46 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2014-09-25 17:34 - 2014-09-25 17:34 - 01654296 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\TBAPI.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Paul\SkyDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-3153417521-1489275855-306761039-500 - Administrator - Disabled)
Guest (S-1-5-21-3153417521-1489275855-306761039-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3153417521-1489275855-306761039-1003 - Limited - Enabled)
Paul (S-1-5-21-3153417521-1489275855-306761039-1001 - Administrator - Enabled) => C:\Users\Paul
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/29/2014 04:55:23 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
 
Error: (09/29/2014 04:55:23 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
 
 
System errors:
=============
Error: (09/29/2014 04:57:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2
 
 
Microsoft Office Sessions:
=========================
Error: (09/29/2014 04:55:23 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
 
Error: (09/29/2014 04:55:23 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-09-25 17:28:00.711
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-09-25 17:28:00.650
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-09-25 17:28:00.587
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-09-25 17:27:58.802
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-09-25 17:27:58.738
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-09-25 17:27:58.675
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-09-25 17:27:15.536
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-09-25 17:27:15.444
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-09-25 17:27:15.349
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-09-25 17:27:13.404
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 26%
Total physical RAM: 16269.7 MB
Available physical RAM: 11963.06 MB
Total Pagefile: 18701.7 MB
Available Pagefile: 13374.09 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:238.13 GB) (Free:141 GB) NTFS
Drive d: (Backup) (Fixed) (Total:931.51 GB) (Free:585.46 GB) NTFS
Drive e: () (Fixed) (Total:596.17 GB) (Free:595.99 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 3FF839A6)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.1 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: AFC12D97)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (Size: 596.2 GB) (Disk ID: 2F8A91C5)
Partition 1: (Active) - (Size=596.2 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#4 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:00 AM

Posted 29 September 2014 - 03:48 PM

Hello pitchie,

Please download Malwarebytes Anti-Rootkit and save it to your desktop.
  • Be sure to print out and follow the instructions provided on that same page.
  • Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.
  • Scan your system for malware
With some infections, you may see two messages boxes.
  • 'Could not load protection driver'. Click 'OK'.
  • 'Could not load DDA driver'. Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions.
  • If malware is found - do not press the Clean up button, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.
  • If there is no malware found, please let me know as well.

***


Please download AdwCleaner by Xplode and save to your Desktop.
Double-click AdwCleaner.exe
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
    When the scan has finished, the actual line should say "Pending. Please uncheck elements you do not want to remove" => scan is complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it.
    If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#5 pitchie

pitchie
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:00 AM

Posted 29 September 2014 - 04:03 PM

Hi,

 

Thanks for the help so far!

 

MalwareBytes:

Scan Finished: No malware found!

 

AdwCleaner Report:

# AdwCleaner v3.310 - Report created 29/09/2014 at 22:01:59
# Updated 12/09/2014 by Xplode
# Operating System : Windows 8.1 Pro  (64 bits)
# Username : Paul - OFFICE
# Running from : C:\Users\Paul\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
File Found : C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\cxp0x07n.default\searchplugins\avg-secure-search.xml
Folder Found : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found : C:\Program Files\AVG SafeGuard toolbar
Folder Found : C:\ProgramData\AVG SafeGuard toolbar
Folder Found : C:\ProgramData\AVG Secure Search
Folder Found : C:\ProgramData\AVG Security Toolbar
Folder Found : C:\Users\Paul\AppData\Local\AVG SafeGuard toolbar
Folder Found : C:\Users\Paul\AppData\LocalLow\AVG SafeGuard toolbar
Folder Found : C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\cxp0x07n.default\Extensions\Avg@toolbar
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\AVG SafeGuard toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : [x64] HKCU\Software\AVG SafeGuard toolbar
Key Found : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Found : HKLM\SOFTWARE\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17278
 
 
-\\ Mozilla Firefox v31.0 (x86 en-GB)
 
[ File : C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\cxp0x07n.default\prefs.js ]
 
Line Found : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Line Found : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Line Found : user_pref("extensions.4PFqZ3tFdg8dijeG.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\[...]
 
-\\ Google Chrome v37.0.2062.124
 
[ File : C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [2754 octets] - [25/09/2014 17:23:52]
AdwCleaner[R1].txt - [5724 octets] - [29/09/2014 22:01:59]
AdwCleaner[S0].txt - [2639 octets] - [25/09/2014 17:24:40]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [5844 octets] ##########


#6 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:00 AM

Posted 29 September 2014 - 04:33 PM

Hello pitchie,

Please download Junkware Removal Tool from HERE and save it to your desktop.
Shutdown your antivirus to avoid any potential conflicts.
Double click JRT.exe to run the tool.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • JRT will begin to backup your registry and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, the log JRT.txt is saved on your desktop and will automatically open.
Enable your antivirus!
Post the contents of JRT.txt into your next reply.


***


Run the Farbar Recovery Scan Tool again.
  • Double-click to run FSRT / FSRT64. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

***


How the computer is running now?


***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#7 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:00 AM

Posted 29 September 2014 - 04:45 PM

edit:
deleted, posted to wrong Topic. Sorry.

Edited by Jo*, 29 September 2014 - 04:48 PM.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#8 pitchie

pitchie
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:00 AM

Posted 29 September 2014 - 05:05 PM

Hello again,

 

JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.2.3 (09.27.2014:1)
OS: Windows 8.1 Pro x64
Ran by Paul on 29/09/2014 at 23:02:18.49
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ FireFox
 
Successfully deleted the following from C:\Users\Paul\AppData\Roaming\mozilla\firefox\profiles\cxp0x07n.default\prefs.js
 
user_pref("extensions.4PFqZ3tFdg8dijeG.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29/09/2014 at 23:03:59.87
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
FRST64:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-09-2014 02
Ran by Paul (administrator) on OFFICE on 29-09-2014 23:04:48
Running from C:\Users\Paul\Desktop
Loaded Profile: Paul (Available profiles: Paul)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(Microsoft) C:\Program Files (x86)\Common Files\Sage\Central\AutoUpdateClient\Sage.Central.AutoUpdateManager.Service.exe
(Sage (UK) Limited) C:\Program Files (x86)\Common Files\Sage SData\Sage.SData.Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Eastman Kodak Company) C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
(Flux Software LLC) C:\Users\Paul\AppData\Local\FluxSoftware\Flux\flux.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Spotify Ltd) C:\Users\Paul\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [3182080 2012-10-08] (Eastman Kodak Company)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [111696 2013-10-18] (VMware, Inc.)
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM-x32\...\Run: [EKStatusMonitor] => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-12-11] (Eastman Kodak Company)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3593744 2014-09-05] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-09-25] ()
HKU\S-1-5-21-3153417521-1489275855-306761039-1001\...\Run: [f.lux] => C:\Users\Paul\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-3153417521-1489275855-306761039-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [1967616 2014-04-17] (AMD)
HKU\S-1-5-21-3153417521-1489275855-306761039-1001\...\Run: [Spotify Web Helper] => C:\Users\Paul\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-09-22] (Spotify Ltd)
HKU\S-1-5-21-3153417521-1489275855-306761039-1001\...\Policies\Explorer: [DisableThumbnailsOnNetworkFolders] 1
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO: GoSAve -> {40b4e122-2db2-46af-939d-f15fd3a3d656} -> C:\Program Files (x86)\GoSAve\aO2mK5gK2ppJ0J.x64.dll No File
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
 
FireFox:
========
FF ProfilePath: C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\cxp0x07n.default
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\cxp0x07n.default\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
FF Extension: AVG SafeGuard toolbar - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\cxp0x07n.default\Extensions\avg@toolbar [2014-09-25]
FF Extension: AS Magic Player - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\cxp0x07n.default\Extensions\magicplayer@acestream.org [2014-09-20]
FF Extension: GoSiaVe - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\cxp0x07n.default\Extensions\mWr2@GIp3.org [2014-09-29]
FF Extension: Firebug - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\cxp0x07n.default\Extensions\firebug@software.joehewitt.com.xpi [2014-08-29]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2014-07-27]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.bbc.co.uk/news/
CHR StartupUrls: Default -> "hxxp://www.bbc.co.uk/news/"
CHR DefaultSearchURL: Default -> 119F7248C4FFA219CA1DE1C9D49BB4E7FA24E063CE09A5E9AB3BE9A731FD0C36
CHR Profile: C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-23]
CHR Extension: (Web Developer) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2014-07-25]
CHR Extension: (YouTube) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-25]
CHR Extension: (Chromoji - Emoji for Google Chrome™) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\cahedbegdkagmcjfolhdlechbkeaieki [2014-07-25]
CHR Extension: (Google Search) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-25]
CHR Extension: (Radioplayer) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcppdfelojakeahklfgkjegnpbgndoch [2014-07-25]
CHR Extension: (EditThisCookie) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2014-08-26]
CHR Extension: (AdBlock) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-07-25]
CHR Extension: (TweetDeck by Twitter) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2014-07-25]
CHR Extension: (Google Theme) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\imoaoigekmpoalkbfohhjgkcocjdapne [2014-07-25]
CHR Extension: (GoSiaVe) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\kedbflbclajdkcjngfncfkibneopeicd [2014-09-25]
CHR Extension: (TweetDeck Launcher) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmjdnkpkpnjblbgbnkeedepgnomafojk [2014-07-25]
CHR Extension: (Google Maps) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-07-25]
CHR Extension: (Do It (Tomorrow)) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfagjoblnoeagfhfhohcdklnddjaiglo [2014-07-25]
CHR Extension: (Google Wallet) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-25]
CHR Extension: (Knockoutjs context debugger) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\oddcpmchholgcjgjdnfjmildmlielhof [2014-08-29]
CHR Extension: (Sky+) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookngkjbobceimcicokadhjonlejhobj [2014-07-25]
CHR Extension: (Gmail) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-25]
CHR Extension: (GoSiaVe) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\kedbflbclajdkcjngfncfkibneopeicd\2.0 [2014-09-25]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3364368 2014-09-05] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [293448 2014-09-05] (AVG Technologies CZ, s.r.o.)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2014-07-25] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe [14760 2013-01-01] (Microsoft Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 Sage AutoUpdate Manager Service; C:\Program Files (x86)\Common Files\Sage\Central\AutoUpdateClient\Sage.Central.AutoUpdateManager.Service.exe [8192 2012-07-05] (Microsoft) [File not signed]
R2 Sage SData Service; C:\Program Files (x86)\Common Files\Sage SData\Sage.SData.Service.exe [53248 2012-05-17] (Sage (UK) Limited) [File not signed]
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14405200 2013-10-18] ()
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-09-25] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S4 s7oiehsx64; C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe [X]
S2 S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2014-03-11] (Advanced Micro Devices)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [247576 2014-07-24] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-09-25] (AVG Technologies)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [273176 2014-07-18] (AVG Technologies CZ, s.r.o.)
R3 dpmconv; C:\Windows\System32\drivers\dpmconv.sys [259072 2011-04-19] (SIEMENS AG)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [47008 2013-07-30] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 s7odpx2x64; C:\Windows\System32\drivers\s7odpx2x64.sys [71168 2011-05-06] (SIEMENS AG)
R3 s7oppinx64; C:\Windows\System32\drivers\s7oppinx64.sys [107008 2011-05-06] (SIEMENS AG)
R3 s7oserix64; C:\Windows\System32\Drivers\s7oserix64.sys [121344 2011-05-06] (SIEMENS AG)
R3 s7osmcax64; C:\Windows\System32\drivers\s7osmcax64.sys [195584 2011-05-06] (SIEMENS AG)
R3 s7osobux64; C:\Windows\System32\drivers\s7osobux64.sys [152576 2011-05-06] (SIEMENS AG)
R3 s7otmcd64x; C:\Windows\System32\Drivers\s7otmcd64x.sys [199680 2011-05-06] (SIEMENS AG)
R3 s7otranx64; C:\Windows\System32\drivers\s7otranx64.sys [260096 2011-05-06] (SIEMENS AG)
R3 s7otsadx64; C:\Windows\System32\drivers\s7otsadx64.sys [192000 2011-05-06] (SIEMENS AG)
R2 s7ousbu64x; C:\Windows\System32\drivers\s7ousbu64x.sys [190464 2011-05-06] (SIEMENS AG)
R2 s7sn2srtx; C:\Windows\system32\DRIVERS\s7sn2srtx.sys [83032 2011-06-16] (SIEMENS AG)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R2 SNTIE; C:\Windows\system32\DRIVERS\sntie.sys [179288 2011-05-31] (SIEMENS AG)
R3 vsnl2ada; C:\Windows\System32\drivers\vsnl2ada.sys [120832 2011-04-19] (SIEMENS AG)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 VMSMP; \SystemRoot\system32\DRIVERS\vmswitch.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-29 23:04 - 2014-09-29 23:03 - 00000939 _____ () C:\Users\Paul\Desktop\JRT.txt
2014-09-29 22:35 - 2014-09-29 22:36 - 01699276 _____ (Thisisu) C:\Users\Paul\Desktop\JRT.exe
2014-09-29 21:53 - 2014-09-29 21:53 - 01373475 _____ () C:\Users\Paul\Desktop\AdwCleaner.exe
2014-09-29 21:52 - 2014-09-29 22:01 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-09-29 21:52 - 2014-09-29 21:52 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-29 21:52 - 2014-09-29 21:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-29 21:51 - 2014-09-29 22:01 - 00000000 ____D () C:\Users\Paul\Desktop\mbar
2014-09-29 21:51 - 2014-09-29 21:51 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-29 21:50 - 2014-09-29 21:51 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Paul\Desktop\mbar-1.07.0.1012.exe
2014-09-29 21:32 - 2014-09-29 21:32 - 00056953 _____ () C:\Users\Paul\Desktop\Addition.txt
2014-09-29 21:31 - 2014-09-29 23:04 - 00023560 _____ () C:\Users\Paul\Desktop\FRST.txt
2014-09-29 21:31 - 2014-09-29 23:04 - 00000000 ____D () C:\FRST
2014-09-29 21:23 - 2014-09-29 21:24 - 02108928 _____ (Farbar) C:\Users\Paul\Desktop\FRST64.exe
2014-09-29 21:22 - 2014-09-29 21:22 - 00854417 _____ () C:\Users\Paul\Desktop\SecurityCheck.exe
2014-09-29 16:46 - 2014-09-29 16:46 - 00000000 ____D () C:\Windows\ERUNT
2014-09-29 10:11 - 2014-09-29 10:11 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-29 10:11 - 2014-09-29 10:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-28 11:24 - 2014-09-29 22:17 - 00000000 ____D () C:\ma
2014-09-27 11:52 - 2014-09-27 11:42 - 33016320 _____ () C:\Users\Paul\Desktop\paul 27.09.14.bak
2014-09-25 18:05 - 2014-09-25 18:05 - 00000000 ____D () C:\Users\Public\Documents\Siemens
2014-09-25 18:04 - 2014-09-29 21:36 - 00000000 ____D () C:\Program Files\Common Files\Siemens
2014-09-25 18:04 - 2014-09-25 18:04 - 00000000 ____D () C:\Program Files (x86)\Siemens
2014-09-25 18:04 - 2014-09-25 18:04 - 00000000 _____ () C:\Windows\system32\sntieno.log
2014-09-25 18:04 - 2007-08-15 23:09 - 00036933 ____R (SIEMENS AG) C:\Windows\SysWOW64\melbreg.dll
2014-09-25 18:01 - 2014-09-25 18:01 - 00000000 ____D () C:\Users\Paul\Downloads\S7_200_PC_ACCESS_V1_SP5_SP6 (1)
2014-09-25 17:58 - 2014-09-25 17:58 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-09-25 17:58 - 2014-09-25 17:58 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-09-25 17:58 - 2014-09-25 17:58 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-09-25 17:58 - 2014-09-25 17:58 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-09-25 17:58 - 2014-09-25 17:58 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-09-25 17:58 - 2014-09-25 17:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-09-25 17:58 - 2014-09-25 17:58 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-09-25 17:52 - 2014-09-25 17:59 - 290426691 _____ () C:\Users\Paul\Downloads\S7_200_PC_ACCESS_V1_SP5_SP6 (1).zip
2014-09-25 17:41 - 2014-09-25 18:08 - 00000000 ____D () C:\Program Files (x86)\FlexHEX
2014-09-25 17:41 - 2014-09-25 17:44 - 00157184 _____ () C:\Users\Paul\Desktop\OPCS7200ExcelAddin1.xla
2014-09-25 17:40 - 2014-09-25 17:40 - 03154416 _____ () C:\Users\Paul\Downloads\FlexHex_editor_setup.exe
2014-09-25 17:39 - 2014-09-25 17:43 - 10411334 _____ () C:\Users\Paul\Downloads\HexEdit4_binary.zip
2014-09-25 17:36 - 2014-09-25 17:36 - 00024306 _____ () C:\Users\Paul\Downloads\VBA_Project_Unlocker.xlsm
2014-09-25 17:34 - 2014-09-27 05:06 - 00000000 ____D () C:\Users\Paul\AppData\Local\AVG SafeGuard toolbar
2014-09-25 17:34 - 2014-09-25 17:34 - 00050976 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-09-25 17:34 - 2014-09-25 17:34 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-09-25 17:34 - 2014-09-25 17:34 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-09-25 17:34 - 2014-09-25 17:34 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-09-25 17:34 - 2014-09-25 17:34 - 00000000 ____D () C:\Program Files\AVG SafeGuard toolbar
2014-09-25 17:34 - 2014-09-25 17:34 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-09-25 17:31 - 2014-09-26 16:20 - 00000000 ____D () C:\ProgramData\AVG2015
2014-09-25 17:31 - 2014-09-25 17:31 - 00000000 ___HD () C:\$AVG
2014-09-25 17:31 - 2014-09-25 17:31 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\TuneUp Software
2014-09-25 17:31 - 2014-09-25 17:31 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\AVG2015
2014-09-25 17:31 - 2014-09-25 17:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-09-25 17:31 - 2014-09-25 17:31 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-09-25 17:29 - 2014-09-29 22:15 - 00000000 ____D () C:\ProgramData\MFAData
2014-09-25 17:29 - 2014-09-25 17:33 - 00000000 ____D () C:\Users\Paul\AppData\Local\Avg2015
2014-09-25 17:29 - 2014-09-25 17:29 - 04579176 _____ (AVG Technologies) C:\Users\Paul\Downloads\avg_free_stb_all_2015_5315_cnet.exe
2014-09-25 17:29 - 2014-09-25 17:29 - 00000000 ____D () C:\Users\Paul\AppData\Local\MFAData
2014-09-25 17:23 - 2014-09-29 22:02 - 00000000 ____D () C:\AdwCleaner
2014-09-25 17:23 - 2014-09-25 17:23 - 01373475 _____ () C:\Users\Paul\Downloads\AdwCleaner.exe
2014-09-25 17:21 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-25 17:20 - 2014-09-29 23:00 - 00000488 ____H () C:\Windows\Tasks\GS_Booster-S-576482620.job
2014-09-25 17:20 - 2014-09-25 17:20 - 00002726 _____ () C:\Windows\System32\Tasks\GS_Booster-S-576482620
2014-09-25 17:19 - 2014-09-25 17:19 - 00000394 __RSH () C:\ProgramData\ntuser.pol
2014-09-25 17:19 - 2014-09-25 17:19 - 00000000 ____D () C:\Users\Paul\AppData\Local\Comodo
2014-09-25 17:19 - 2014-09-25 17:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-09-25 17:19 - 2014-09-25 17:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-09-25 17:19 - 2014-09-25 17:19 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-09-25 17:19 - 2014-09-25 17:19 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-09-25 17:19 - 2014-09-25 17:19 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-09-25 17:19 - 2014-09-25 17:19 - 00000000 ____D () C:\Users\Guest
2014-09-25 17:19 - 2014-09-25 17:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-09-25 17:19 - 2014-09-25 17:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-09-25 17:19 - 2014-09-25 17:19 - 00000000 ____D () C:\Users\Administrator
2014-09-25 17:10 - 2014-09-25 17:11 - 01763103 _____ () C:\Users\Paul\Downloads\vprlastic.zip
2014-09-25 17:04 - 2008-01-11 18:41 - 00212992 _____ () C:\Users\Paul\Desktop\OPCS7200ExcelAddin.xla
2014-09-25 14:24 - 2014-09-25 15:10 - 03857920 _____ () C:\Users\Paul\Downloads\1.. Blank Rota week 29th (1).xls
2014-09-25 14:23 - 2014-09-25 14:23 - 03748864 _____ () C:\Users\Paul\Downloads\1.. Blank Rota week 29th.xls
2014-09-25 10:30 - 2014-09-25 10:30 - 04371521 _____ () C:\Users\Paul\Downloads\SH_0405_mae15a_s7200_cp243it_v10_e.exe
2014-09-25 10:29 - 2014-09-25 10:34 - 290426691 _____ () C:\Users\Paul\Downloads\S7_200_PC_ACCESS_V1_SP5_SP6.zip
2014-09-23 22:22 - 2014-09-23 23:23 - 765924129 _____ () C:\Users\Paul\Downloads\99AdbAcrbtXIPr01109Multifull.rar
2014-09-23 16:52 - 2014-09-23 16:52 - 00001908 _____ () C:\Windows\diagwrn.xml
2014-09-23 16:52 - 2014-09-23 16:52 - 00001908 _____ () C:\Windows\diagerr.xml
2014-09-23 16:52 - 2014-09-23 16:52 - 00000000 ___HD () C:\$WINDOWS.~BT
2014-09-22 18:19 - 2014-09-22 18:19 - 00000306 _____ () C:\Users\Paul\Desktop\E100 3,621.60GBP.csv
2014-09-22 10:41 - 2014-09-22 10:41 - 04827337 _____ () C:\Users\Paul\Downloads\PNG-cards-1.3.zip
2014-09-22 10:41 - 2014-09-22 10:41 - 00000000 ____D () C:\Users\Paul\Downloads\PNG-cards-1.3
2014-09-22 10:36 - 2014-09-22 10:36 - 04769981 _____ () C:\Users\Paul\Downloads\SVG_and_EPS_Vector_Playing_Cards_Version_1.3.zip
2014-09-22 10:26 - 2014-09-22 10:26 - 00000000 ____D () C:\Users\Paul\Downloads\selfthinker-CSS-Playing-Cards-v2011-06-14-0-g7e0e0f2
2014-09-22 10:25 - 2014-09-22 10:25 - 00180678 _____ () C:\Users\Paul\Downloads\selfthinker-CSS-Playing-Cards-v2011-06-14-0-g7e0e0f2.zip
2014-09-22 10:17 - 2014-09-22 10:17 - 00535907 _____ () C:\Users\Paul\Downloads\donpark-scalable-css-playing-cards-d05a022.zip
2014-09-22 09:39 - 2014-09-22 09:44 - 00013950 _____ () C:\Users\Paul\Desktop\Regus Account Summary.xlsx
2014-09-20 15:06 - 2014-09-20 15:10 - 00000000 ___HD () C:\_acestream_cache_
2014-09-20 15:05 - 2014-09-29 16:55 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\ACEStream
2014-09-20 15:05 - 2014-09-29 16:53 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\.ACEStream
2014-09-20 15:05 - 2014-09-20 15:05 - 67195312 _____ () C:\Users\Paul\Downloads\Ace_Stream_Media_2.2.10-next_wiziwig.exe
2014-09-20 13:05 - 2014-09-20 13:05 - 00000000 ____D () C:\Users\Paul\Downloads\Hirens.BootCD.15.2
2014-09-20 12:54 - 2014-09-20 13:01 - 621283886 _____ () C:\Users\Paul\Downloads\Hirens.BootCD.15.2.zip
2014-09-20 12:54 - 2014-09-20 12:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard Company
2014-09-20 12:54 - 2014-09-20 12:54 - 00000000 ____D () C:\DriveKey
2014-09-15 11:47 - 2014-08-23 08:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-09-15 11:47 - 2014-08-23 08:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-09-15 11:47 - 2014-08-23 07:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-09-15 11:47 - 2014-08-23 06:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-09-15 11:47 - 2014-08-23 05:44 - 02860032 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-09-15 11:47 - 2014-08-23 05:34 - 13423104 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-09-15 11:47 - 2014-08-23 05:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-09-15 11:47 - 2014-08-23 05:31 - 01038336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-09-15 11:47 - 2014-08-23 05:20 - 11818496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-09-15 11:47 - 2014-07-30 02:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2014-09-15 11:47 - 2014-07-29 06:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2014-09-15 11:47 - 2014-07-24 16:20 - 21266336 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-15 11:47 - 2014-07-24 16:07 - 07424320 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-09-15 11:47 - 2014-07-24 14:46 - 18760328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-15 11:47 - 2014-07-24 10:44 - 16874496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-09-15 11:47 - 2014-07-24 10:16 - 12730880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-09-15 11:47 - 2014-07-24 08:46 - 08652800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-09-15 11:47 - 2014-07-24 08:43 - 02696704 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-09-15 11:47 - 2014-07-24 08:39 - 02642944 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-15 11:47 - 2014-07-24 08:38 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-09-15 11:47 - 2014-07-24 08:38 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-09-15 11:47 - 2014-07-24 08:30 - 02318336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-15 11:47 - 2014-06-14 07:03 - 02389504 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-15 11:46 - 2014-07-24 16:28 - 00468288 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-09-15 11:46 - 2014-07-24 16:28 - 00419648 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-09-15 11:46 - 2014-07-24 16:28 - 00412992 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-09-15 11:46 - 2014-07-24 16:28 - 00280384 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2014-09-15 11:46 - 2014-07-24 16:28 - 00143680 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-09-15 11:46 - 2014-07-24 16:25 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-15 11:46 - 2014-07-24 16:23 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-09-15 11:46 - 2014-07-24 16:23 - 00125472 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-09-15 11:46 - 2014-07-24 16:20 - 00645592 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-09-15 11:46 - 2014-07-24 16:20 - 00263400 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-09-15 11:46 - 2014-07-24 16:16 - 02574208 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-09-15 11:46 - 2014-07-24 16:16 - 00211216 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2014-09-15 11:46 - 2014-07-24 16:07 - 02009920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-09-15 11:46 - 2014-07-24 16:05 - 01660048 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-09-15 11:46 - 2014-07-24 16:05 - 01519560 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-09-15 11:46 - 2014-07-24 16:05 - 01488008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-09-15 11:46 - 2014-07-24 16:05 - 01356840 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-09-15 11:46 - 2014-07-24 16:03 - 02141920 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-09-15 11:46 - 2014-07-24 16:03 - 00882136 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-09-15 11:46 - 2014-07-24 16:03 - 00818624 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-09-15 11:46 - 2014-07-24 16:03 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-09-15 11:46 - 2014-07-24 16:03 - 00233888 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-09-15 11:46 - 2014-07-24 16:03 - 00205512 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll
2014-09-15 11:46 - 2014-07-24 15:57 - 02515264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-15 11:46 - 2014-07-24 15:57 - 00475968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-09-15 11:46 - 2014-07-24 14:50 - 00098048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-09-15 11:46 - 2014-07-24 14:48 - 02410976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-09-15 11:46 - 2014-07-24 14:48 - 00180208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
2014-09-15 11:46 - 2014-07-24 14:46 - 00477200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-09-15 11:46 - 2014-07-24 14:36 - 02145472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-09-15 11:46 - 2014-07-24 14:36 - 00707536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-09-15 11:46 - 2014-07-24 14:36 - 00674512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-09-15 11:46 - 2014-07-24 14:36 - 00355800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-09-15 11:46 - 2014-07-24 14:36 - 00180720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
2014-09-15 11:46 - 2014-07-24 12:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL
2014-09-15 11:46 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-09-15 11:46 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTT102.DLL
2014-09-15 11:46 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-09-15 11:46 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-09-15 11:46 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-09-15 11:46 - 2014-07-24 12:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-09-15 11:46 - 2014-07-24 12:47 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-09-15 11:46 - 2014-07-24 12:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-09-15 11:46 - 2014-07-24 12:45 - 00076800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-09-15 11:46 - 2014-07-24 12:44 - 00674816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-09-15 11:46 - 2014-07-24 12:43 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-09-15 11:46 - 2014-07-24 12:42 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-09-15 11:46 - 2014-07-24 12:42 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NdisImPlatform.sys
2014-09-15 11:46 - 2014-07-24 12:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2014-09-15 11:46 - 2014-07-24 12:33 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-15 11:46 - 2014-07-24 12:33 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-15 11:46 - 2014-07-24 12:22 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2014-09-15 11:46 - 2014-07-24 12:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
2014-09-15 11:46 - 2014-07-24 12:05 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2014-09-15 11:46 - 2014-07-24 12:05 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-09-15 11:46 - 2014-07-24 11:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-09-15 11:46 - 2014-07-24 11:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTT102.DLL
2014-09-15 11:46 - 2014-07-24 11:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-09-15 11:46 - 2014-07-24 11:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL
2014-09-15 11:46 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-09-15 11:46 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-09-15 11:46 - 2014-07-24 11:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-09-15 11:46 - 2014-07-24 11:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll
2014-09-15 11:46 - 2014-07-24 11:33 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-09-15 11:46 - 2014-07-24 11:32 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2014-09-15 11:46 - 2014-07-24 11:20 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2014-09-15 11:46 - 2014-07-24 11:18 - 01089024 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-09-15 11:46 - 2014-07-24 11:12 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2014-09-15 11:46 - 2014-07-24 11:10 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-09-15 11:46 - 2014-07-24 11:10 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-09-15 11:46 - 2014-07-24 11:10 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-09-15 11:46 - 2014-07-24 11:10 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasnap.dll
2014-09-15 11:46 - 2014-07-24 11:09 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-09-15 11:46 - 2014-07-24 11:06 - 00438272 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2014-09-15 11:46 - 2014-07-24 11:05 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-09-15 11:46 - 2014-07-24 10:58 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2014-09-15 11:46 - 2014-07-24 10:54 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2014-09-15 11:46 - 2014-07-24 10:53 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2014-09-15 11:46 - 2014-07-24 10:52 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2014-09-15 11:46 - 2014-07-24 10:42 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2014-09-15 11:46 - 2014-07-24 10:40 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
2014-09-15 11:46 - 2014-07-24 10:39 - 00770048 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-09-15 11:46 - 2014-07-24 10:33 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2014-09-15 11:46 - 2014-07-24 10:32 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-09-15 11:46 - 2014-07-24 10:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-09-15 11:46 - 2014-07-24 10:27 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-09-15 11:46 - 2014-07-24 10:25 - 00832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2014-09-15 11:46 - 2014-07-24 10:24 - 01817088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-09-15 11:46 - 2014-07-24 10:23 - 00328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2014-09-15 11:46 - 2014-07-24 10:21 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-09-15 11:46 - 2014-07-24 10:18 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll
2014-09-15 11:46 - 2014-07-24 10:14 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-09-15 11:46 - 2014-07-24 10:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2014-09-15 11:46 - 2014-07-24 10:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2014-09-15 11:46 - 2014-07-24 10:11 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-09-15 11:46 - 2014-07-24 10:11 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2014-09-15 11:46 - 2014-07-24 10:10 - 00540672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2014-09-15 11:46 - 2014-07-24 10:09 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-09-15 11:46 - 2014-07-24 10:04 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
2014-09-15 11:46 - 2014-07-24 10:04 - 00183808 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
2014-09-15 11:46 - 2014-07-24 10:03 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-09-15 11:46 - 2014-07-24 10:02 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-09-15 11:46 - 2014-07-24 09:58 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2014-09-15 11:46 - 2014-07-24 09:53 - 01261056 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-09-15 11:46 - 2014-07-24 09:53 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-09-15 11:46 - 2014-07-24 09:49 - 01361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-09-15 11:46 - 2014-07-24 09:49 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-09-15 11:46 - 2014-07-24 09:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-09-15 11:46 - 2014-07-24 09:49 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-09-15 11:46 - 2014-07-24 09:48 - 00659968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2014-09-15 11:46 - 2014-07-24 09:47 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2014-09-15 11:46 - 2014-07-24 09:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll
2014-09-15 11:46 - 2014-07-24 09:39 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2014-09-15 11:46 - 2014-07-24 09:38 - 00371200 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-09-15 11:46 - 2014-07-24 09:36 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2014-09-15 11:46 - 2014-07-24 09:32 - 01532416 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-09-15 11:46 - 2014-07-24 09:30 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-09-15 11:46 - 2014-07-24 09:29 - 00439296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-15 11:46 - 2014-07-24 09:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2014-09-15 11:46 - 2014-07-24 09:27 - 00907776 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-09-15 11:46 - 2014-07-24 09:24 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-15 11:46 - 2014-07-24 09:23 - 01404416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2014-09-15 11:46 - 2014-07-24 09:22 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-09-15 11:46 - 2014-07-24 09:21 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-09-15 11:46 - 2014-07-24 09:21 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-09-15 11:46 - 2014-07-24 09:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2014-09-15 11:46 - 2014-07-24 09:19 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-09-15 11:46 - 2014-07-24 09:18 - 01144320 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2014-09-15 11:46 - 2014-07-24 09:18 - 00795136 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-09-15 11:46 - 2014-07-24 09:18 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-15 11:46 - 2014-07-24 09:16 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2014-09-15 11:46 - 2014-07-24 09:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2014-09-15 11:46 - 2014-07-24 09:15 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-15 11:46 - 2014-07-24 09:15 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2014-09-15 11:46 - 2014-07-24 09:15 - 00432128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2014-09-15 11:46 - 2014-07-24 09:13 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2014-09-15 11:46 - 2014-07-24 09:12 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-15 11:46 - 2014-07-24 09:10 - 01029632 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-09-15 11:46 - 2014-07-24 09:10 - 00889344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-09-15 11:46 - 2014-07-24 09:10 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-09-15 11:46 - 2014-07-24 09:10 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-09-15 11:46 - 2014-07-24 09:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-09-15 11:46 - 2014-07-24 09:08 - 00162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2014-09-15 11:46 - 2014-07-24 09:07 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-15 11:46 - 2014-07-24 09:06 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-15 11:46 - 2014-07-24 09:05 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2014-09-15 11:46 - 2014-07-24 09:04 - 00667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-15 11:46 - 2014-07-24 09:02 - 03465216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-15 11:46 - 2014-07-24 09:01 - 05833216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-09-15 11:46 - 2014-07-24 09:01 - 01992192 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-09-15 11:46 - 2014-07-24 09:01 - 01126912 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-09-15 11:46 - 2014-07-24 09:00 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-09-15 11:46 - 2014-07-24 08:58 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2014-09-15 11:46 - 2014-07-24 08:58 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2014-09-15 11:46 - 2014-07-24 08:54 - 01290752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-09-15 11:46 - 2014-07-24 08:50 - 01182208 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2014-09-15 11:46 - 2014-07-24 08:50 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-09-15 11:46 - 2014-07-24 08:49 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2014-09-15 11:46 - 2014-07-24 08:47 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2014-09-15 11:46 - 2014-07-24 08:44 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2014-09-15 11:46 - 2014-07-24 08:43 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-09-15 11:46 - 2014-07-24 08:43 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2014-09-15 11:46 - 2014-07-24 08:41 - 00459264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2014-09-15 11:46 - 2014-07-24 08:33 - 03360768 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-09-15 11:46 - 2014-07-24 08:28 - 01600000 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-09-15 11:46 - 2014-07-24 05:11 - 00513544 _____ () C:\Windows\SysWOW64\locale.nls
2014-09-15 11:46 - 2014-07-24 05:11 - 00513544 _____ () C:\Windows\system32\locale.nls
2014-09-15 11:46 - 2014-07-12 06:55 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
2014-09-15 11:46 - 2014-07-12 06:23 - 00436224 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-09-15 11:46 - 2014-07-12 05:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
2014-09-15 11:46 - 2014-07-12 05:33 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-09-15 11:46 - 2014-07-12 05:13 - 01417216 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-15 11:46 - 2014-07-10 00:19 - 00387391 _____ () C:\Windows\system32\ApnDatabase.xml
2014-09-15 11:46 - 2014-07-04 13:59 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-09-15 11:46 - 2014-07-04 11:29 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
2014-09-15 11:46 - 2014-07-04 11:20 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2014-09-15 11:46 - 2014-07-04 11:06 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2014-09-15 11:46 - 2014-07-04 11:00 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-09-15 11:46 - 2014-07-04 10:30 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2014-09-15 11:46 - 2014-07-04 10:27 - 00474112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2014-09-15 11:46 - 2014-06-27 07:22 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-09-15 11:46 - 2014-06-26 01:32 - 01029632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-09-15 11:46 - 2014-06-26 01:29 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2014-09-15 11:46 - 2014-06-20 00:37 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-09-15 11:46 - 2014-06-19 03:13 - 00310080 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-09-15 11:46 - 2014-06-14 06:46 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-15 11:46 - 2014-06-07 13:46 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-09-15 11:46 - 2014-06-07 11:20 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-09-15 11:46 - 2014-06-05 15:00 - 01118040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-09-15 11:46 - 2014-06-05 11:18 - 01018368 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2014-09-15 11:46 - 2014-06-05 10:42 - 00889856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2014-09-15 11:46 - 2014-05-31 06:00 - 01463808 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2014-09-15 11:46 - 2014-05-31 05:18 - 01319936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2014-09-15 11:46 - 2014-05-29 07:23 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-09-15 11:46 - 2014-05-29 06:25 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-09-15 11:46 - 2014-05-29 06:20 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-09-15 11:46 - 2014-05-29 05:36 - 00344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-09-15 11:46 - 2014-05-26 08:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2014-09-15 11:46 - 2014-05-10 11:12 - 00387896 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2014-09-15 11:46 - 2014-05-10 09:46 - 00335680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2014-09-15 11:46 - 2014-05-06 05:41 - 00486744 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-09-15 11:46 - 2014-05-06 01:55 - 00391000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2014-09-15 11:46 - 2014-03-25 03:27 - 00160600 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2014-09-15 11:46 - 2014-03-25 03:27 - 00123920 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2014-09-15 11:46 - 2014-03-25 02:20 - 00128568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2014-09-15 11:46 - 2014-03-25 02:20 - 00127544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2014-09-15 11:38 - 2014-08-15 01:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2014-09-11 15:38 - 2014-09-11 15:38 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\Yahoo!
2014-09-10 23:40 - 2014-08-16 02:54 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 23:40 - 2014-08-16 02:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-10 23:39 - 2014-08-16 03:40 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 23:39 - 2014-08-16 03:04 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-10 23:39 - 2014-08-16 03:00 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 23:39 - 2014-08-16 03:00 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 23:39 - 2014-08-16 02:56 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 23:39 - 2014-08-16 02:45 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-10 23:39 - 2014-08-16 02:43 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 23:39 - 2014-08-16 02:32 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 23:39 - 2014-08-16 02:25 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 23:39 - 2014-08-16 02:22 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-10 23:39 - 2014-08-16 02:19 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 23:39 - 2014-08-16 02:18 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-10 23:39 - 2014-08-16 02:18 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 23:39 - 2014-08-16 02:11 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-10 23:39 - 2014-08-16 02:06 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 23:39 - 2014-08-16 02:05 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 23:39 - 2014-08-16 02:05 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 23:39 - 2014-08-16 02:03 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 23:39 - 2014-08-16 02:03 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-10 23:39 - 2014-08-16 01:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 23:39 - 2014-08-16 01:56 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 23:39 - 2014-08-16 01:53 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 23:39 - 2014-08-16 01:53 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-10 23:39 - 2014-08-16 01:53 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-10 23:39 - 2014-08-16 01:51 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-10 23:39 - 2014-08-16 01:45 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-10 23:39 - 2014-08-16 01:44 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-10 23:39 - 2014-08-16 01:44 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-10 23:39 - 2014-08-16 01:34 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 23:39 - 2014-08-16 01:20 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-10 23:39 - 2014-08-16 01:18 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 23:39 - 2014-08-16 01:14 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-10 23:39 - 2014-08-16 01:12 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-10 23:26 - 2014-09-05 03:36 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-09-10 23:26 - 2014-09-05 03:31 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-10 23:26 - 2014-09-05 01:48 - 00738816 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 23:26 - 2014-08-02 01:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-09-10 23:25 - 2014-07-24 04:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-09-10 23:25 - 2014-07-24 04:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2014-09-10 22:59 - 2014-09-17 11:44 - 00000000 ____D () C:\Users\Paul\AppData\Local\ClosuresDataExporter
2014-09-10 13:24 - 2014-09-10 13:25 - 00000000 ____D () C:\Program Files (x86)\SAP BusinessObjects
2014-09-10 13:24 - 2014-09-10 13:24 - 00000000 ____D () C:\ProgramData\Macrovision
2014-09-10 13:24 - 2014-09-10 13:24 - 00000000 ____D () C:\inetpub
2014-09-10 13:24 - 2014-02-26 18:41 - 307175616 _____ () C:\Users\Paul\Downloads\CRforVS_13_0_8.exe
2014-09-10 12:31 - 2014-09-10 12:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinImage
2014-09-10 12:31 - 2014-09-10 12:31 - 00000000 ____D () C:\Program Files\WinImage
2014-09-10 12:30 - 2014-09-10 12:30 - 01649168 _____ () C:\Users\Paul\Downloads\WinImage 9.00 x86 x64.rar
2014-09-10 12:29 - 2014-09-10 12:29 - 00872440 _____ (WinImage) C:\Users\Paul\Downloads\wima6490.exe
2014-09-10 12:29 - 2014-09-10 12:29 - 00746592 _____ (WinImage) C:\Users\Paul\Downloads\winima90.exe
2014-09-10 11:32 - 2014-09-10 11:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarWind Software
2014-09-10 11:32 - 2014-09-10 11:32 - 00000000 ____D () C:\Program Files (x86)\StarWind Software
2014-09-10 11:31 - 2014-09-10 11:31 - 01631592 _____ (StarWind Software ) C:\Users\Paul\Downloads\StarWindConverter.exe
2014-09-10 11:26 - 2014-09-10 11:26 - 06319701 _____ () C:\Users\Paul\Downloads\5nineEasyConverter.zip
2014-09-10 11:11 - 2014-09-10 11:11 - 02617344 _____ () C:\Users\Paul\Downloads\mvmc_setup.msi
2014-09-10 11:11 - 2014-09-10 11:11 - 00001274 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Microsoft Virtual Machine Converter 2.1.lnk
2014-09-10 11:11 - 2014-09-10 11:11 - 00000000 ____D () C:\Program Files\Microsoft Virtual Machine Converter
2014-09-10 10:36 - 2014-09-10 10:39 - 159578526 _____ () C:\Users\Paul\Downloads\SageAccts Paul Pitchford t a Ashfield Clutch Services 2014-09-08.001
2014-09-08 11:55 - 2014-09-08 11:55 - 00000000 ____D () C:\Users\Paul\Downloads\SignalRMessagingErrorHandling-master
2014-09-08 11:51 - 2014-09-08 11:51 - 20984303 _____ () C:\Users\Paul\Downloads\SignalRMessagingErrorHandling-master.zip
2014-09-08 11:44 - 2014-09-08 11:44 - 05158044 _____ () C:\Users\Paul\Downloads\Windows Phone 8 Chat Application using SignalR (1).zip
2014-09-08 10:48 - 2014-09-08 10:48 - 00001798 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Component One.lnk
2014-09-08 10:48 - 2014-09-08 10:48 - 00000000 ____D () C:\Program Files (x86)\ComponentOne
2014-09-08 10:47 - 2014-08-25 16:35 - 39796736 _____ () C:\Users\Paul\Downloads\C1StudioLightSwitch_4.0.20142.62.msi
2014-09-08 10:46 - 2014-09-08 10:46 - 00159952 _____ (GrapeCity Inc.) C:\Users\Paul\Downloads\C1WebInstallerStudioLightSwitch.exe
2014-09-08 08:25 - 2014-09-08 08:25 - 00000000 ____D () C:\Users\Paul\AppData\Local\Deployment
2014-09-08 08:25 - 2014-09-08 08:25 - 00000000 ____D () C:\Users\Paul\AppData\Local\Apps\2.0
2014-09-07 12:22 - 2014-09-07 12:40 - 1585775666 _____ () C:\Users\Paul\Desktop\DEV-B417.mp4
2014-09-06 17:08 - 2014-09-06 17:10 - 171518067 _____ () C:\Users\Paul\Downloads\realtimeconnectedWPapps_Source.wmv
2014-09-06 16:50 - 2014-09-06 16:50 - 02544599 _____ () C:\Users\Paul\Downloads\NuGet.Tools.vsix
2014-09-03 20:58 - 2014-09-03 20:58 - 00834269 _____ () C:\Users\Paul\Downloads\ModernUI.1.0.6.zip
2014-09-03 20:58 - 2014-09-03 20:58 - 00000000 ____D () C:\Users\Paul\Downloads\ModernUI.1.0.6
2014-09-03 16:33 - 2014-09-10 13:00 - 27590656 _____ () C:\Windows\system32\vmguest.iso
2014-09-03 16:30 - 2014-09-03 16:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.0
2014-09-03 16:30 - 2014-09-03 16:30 - 00000000 ____D () C:\Program Files (x86)\Windows Phone Kits
2014-09-03 16:30 - 2014-09-03 16:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft XDE
2014-09-03 16:29 - 2014-09-10 13:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 11.0
2014-09-03 16:29 - 2014-09-03 16:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
2014-09-03 16:27 - 2014-09-03 16:28 - 00000000 ____D () C:\Users\Paul\Downloads\Visual Studio 2013 (Second Download)
2014-09-03 16:25 - 2014-09-03 16:25 - 00000000 ____D () C:\Users\Paul\Downloads\Windows Phone 8 Chat Application using SignalR
2014-09-03 16:24 - 2014-09-03 16:24 - 05158044 _____ () C:\Users\Paul\Downloads\Windows Phone 8 Chat Application using SignalR.zip
2014-09-02 15:12 - 2014-09-02 15:12 - 00000000 ____D () C:\Windows\System32\Tasks\GenericSettingsHandler
2014-09-02 14:44 - 2014-09-02 14:50 - 00000000 ____D () C:\Users\Paul\.android
2014-09-02 14:43 - 2014-09-02 14:43 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-09-02 14:43 - 2014-09-02 14:43 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-09-02 14:43 - 2014-09-02 14:43 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-09-02 14:43 - 2014-09-02 14:43 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-09-02 14:43 - 2014-09-02 14:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-09-02 14:43 - 2014-09-02 14:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-02 14:43 - 2014-09-02 14:43 - 00000000 ____D () C:\Program Files\Java
2014-09-02 13:47 - 2014-09-02 13:47 - 00000000 ____D () C:\Users\Paul\Downloads\SignalR Self-Host
2014-09-02 11:59 - 2014-09-29 22:39 - 01048576 _____ () C:\Users\Paul\Test_log.ldf
2014-09-02 11:59 - 2014-09-09 07:38 - 04194304 _____ () C:\Users\Paul\Test.mdf
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-29 23:01 - 2014-07-25 18:51 - 00004962 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for OFFICE-Paul Office
2014-09-29 23:00 - 2014-08-04 10:50 - 00000000 ____D () C:\ProgramData\Kodak
2014-09-29 23:00 - 2014-07-25 16:34 - 00000000 ____D () C:\ProgramData\VMware
2014-09-29 23:00 - 2014-07-25 14:54 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-29 23:00 - 2014-07-25 14:24 - 00000000 __RDO () C:\Users\Paul\SkyDrive
2014-09-29 23:00 - 2014-07-25 14:20 - 01978596 _____ () C:\Windows\WindowsUpdate.log
2014-09-29 23:00 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-29 22:59 - 2014-07-25 14:54 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-29 22:59 - 2013-08-22 14:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-09-29 22:56 - 2014-07-27 11:09 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\VMware
2014-09-29 22:56 - 2014-07-27 11:09 - 00000000 ____D () C:\Users\Paul\AppData\Local\VMware
2014-09-29 22:55 - 2014-07-28 16:01 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\Spotify
2014-09-29 22:51 - 2014-07-27 18:23 - 00002334 ____H () C:\Users\Paul\Documents\Default.rdp
2014-09-29 22:39 - 2014-08-21 10:34 - 01048576 _____ () C:\Users\Paul\Poker_log.ldf
2014-09-29 22:25 - 2014-07-28 16:01 - 00000000 ____D () C:\Users\Paul\AppData\Local\Spotify
2014-09-29 22:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2014-09-29 20:54 - 2014-07-25 14:25 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{716F22AE-5F51-4F0D-8860-0A00617B5488}
2014-09-29 17:45 - 2014-07-25 14:27 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3153417521-1489275855-306761039-1001
2014-09-29 17:03 - 2014-07-25 14:24 - 00960752 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-29 16:55 - 2014-07-25 14:19 - 00030596 _____ () C:\Windows\PFRO.log
2014-09-29 16:37 - 2014-08-11 10:39 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\Skype
2014-09-29 10:11 - 2014-08-11 10:39 - 00000000 ____D () C:\ProgramData\Skype
2014-09-29 08:40 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-09-28 12:33 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2014-09-28 11:07 - 2014-07-25 14:06 - 00000000 ____D () C:\Projects
2014-09-28 10:32 - 2014-07-27 12:44 - 00000000 ____D () C:\Users\Paul\Documents\SQL Server Management Studio
2014-09-26 16:50 - 2014-07-25 14:27 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-25 18:08 - 2013-08-22 15:44 - 00510448 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-25 18:05 - 2014-08-17 16:06 - 00054882 _____ () C:\Windows\DPINST.LOG
2014-09-25 18:04 - 2014-07-25 16:17 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-25 18:04 - 2013-08-22 15:45 - 00000000 ____D () C:\Windows\Setup
2014-09-25 17:44 - 2014-08-26 16:08 - 00000000 ____D () C:\Windows\SysWOW64\HavijPro
2014-09-25 17:36 - 2014-07-25 14:22 - 00000000 ____D () C:\Users\Paul\AppData\Local\Packages
2014-09-25 17:34 - 2014-08-29 21:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-25 17:33 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-09-25 17:31 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-09-25 17:28 - 2014-07-25 14:08 - 00000000 ____D () C:\Closures
2014-09-25 17:26 - 2013-08-22 20:11 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-25 17:26 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ToastData
2014-09-25 17:26 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-09-25 17:26 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-25 17:26 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-25 17:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\WinStore
2014-09-25 17:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2014-09-25 17:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
2014-09-25 17:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\setup
2014-09-25 17:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-25 17:26 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-09-25 17:19 - 2014-07-25 14:54 - 00000000 ____D () C:\Users\Paul\AppData\Local\Google
2014-09-25 17:19 - 2014-07-25 14:54 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-25 17:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-09-25 09:34 - 2014-07-25 15:05 - 00000000 ____D () C:\Users\Paul\Documents\Visual Studio 2013
2014-09-25 05:29 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-23 21:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-09-23 16:52 - 2013-08-22 15:46 - 00000277 _____ () C:\Windows\setupact.log
2014-09-23 16:52 - 2013-08-22 15:46 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-22 21:03 - 2014-07-25 17:38 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\vlc
2014-09-22 21:01 - 2014-08-19 12:17 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-22 07:42 - 2014-07-25 15:41 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-19 10:08 - 2014-08-15 17:25 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\JWrapper-SimpleHelp Technician
2014-09-17 13:42 - 2014-07-29 11:32 - 00001118 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-09-11 07:38 - 2014-07-31 10:04 - 00000648 __RSH () C:\Users\Paul\ntuser.pol
2014-09-11 07:38 - 2014-07-25 14:21 - 00000000 ____D () C:\Users\Paul
2014-09-11 00:41 - 2014-07-26 15:40 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 23:40 - 2014-07-26 14:26 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-10 23:40 - 2014-07-26 14:26 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 23:40 - 2014-07-25 15:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-10 23:40 - 2014-07-25 15:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 23:40 - 2014-07-25 15:34 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 23:40 - 2014-07-25 15:34 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-10 23:40 - 2014-07-25 15:34 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 23:40 - 2014-07-25 15:34 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-10 23:40 - 2014-07-25 15:34 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 23:40 - 2014-07-25 15:34 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 23:40 - 2014-07-25 15:34 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-10 23:40 - 2014-07-25 15:34 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 23:40 - 2014-07-25 15:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-10 23:40 - 2014-07-25 15:34 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 23:40 - 2014-07-25 15:34 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-10 23:40 - 2014-07-25 15:34 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 23:39 - 2014-07-25 15:43 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 23:37 - 2014-07-25 15:43 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-10 13:25 - 2014-07-27 12:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 10.0
2014-09-10 13:03 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\schemas
2014-09-10 12:16 - 2014-08-04 09:59 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-09-10 11:32 - 2014-08-04 10:00 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-09-10 11:31 - 2014-08-11 11:05 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-09-08 11:43 - 2014-07-25 14:22 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\Adobe
2014-09-03 16:30 - 2014-07-25 14:57 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-09-03 16:30 - 2014-07-25 14:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-09-03 16:29 - 2014-07-25 14:45 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-02 21:06 - 2013-08-22 16:38 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-02 21:06 - 2013-08-22 16:38 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-02 15:12 - 2014-07-25 14:22 - 00000000 ____D () C:\Users\Paul\AppData\Local\PackageStaging
2014-09-02 12:06 - 2014-08-26 10:42 - 03211264 _____ () C:\Users\Paul\AshfieldSalesData.mdf
2014-09-02 12:06 - 2014-08-26 10:42 - 01114112 _____ () C:\Users\Paul\AshfieldSalesData_log.ldf
2014-09-02 12:06 - 2014-07-27 21:13 - 03211264 _____ () C:\Users\Paul\WAStorageEmulatorDb32.mdf
2014-09-02 12:06 - 2014-07-27 21:13 - 00802816 _____ () C:\Users\Paul\WAStorageEmulatorDb32_log.ldf
 
Some content of TEMP:
====================
C:\Users\Paul\AppData\Local\Temp\14-4-mobility-win7-win8-win8.1-64-dd-ccc-whql.exe
C:\Users\Paul\AppData\Local\Temp\2bv2szdp.dll
C:\Users\Paul\AppData\Local\Temp\310mo1ro.dll
C:\Users\Paul\AppData\Local\Temp\3pwxby2o.dll
C:\Users\Paul\AppData\Local\Temp\3rnrmrk5.dll
C:\Users\Paul\AppData\Local\Temp\4lgvp5kj.dll
C:\Users\Paul\AppData\Local\Temp\5sdisss0.dll
C:\Users\Paul\AppData\Local\Temp\a4v1qajw.dll
C:\Users\Paul\AppData\Local\Temp\fvpkheq3.dll
C:\Users\Paul\AppData\Local\Temp\GLF65D0.EXE
C:\Users\Paul\AppData\Local\Temp\GLF66EB.EXE
C:\Users\Paul\AppData\Local\Temp\h5ahyazd.dll
C:\Users\Paul\AppData\Local\Temp\kxnattjs.dll
C:\Users\Paul\AppData\Local\Temp\MA_0405_mae15a_s7200_cp243it_HTML_v00_e.exe
C:\Users\Paul\AppData\Local\Temp\MA_0405_mae15a_s7200_cp243it_Java_CODE_v00_e.exe
C:\Users\Paul\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\Paul\AppData\Local\Temp\q1vhdnl2.dll
C:\Users\Paul\AppData\Local\Temp\q2jfagu1.dll
C:\Users\Paul\AppData\Local\Temp\raptrpatch.exe
C:\Users\Paul\AppData\Local\Temp\raptr_stub.exe
C:\Users\Paul\AppData\Local\Temp\sp4lv5d3.dll
C:\Users\Paul\AppData\Local\Temp\thm03ohq.dll
C:\Users\Paul\AppData\Local\Temp\tjrmgs1m.dll
C:\Users\Paul\AppData\Local\Temp\u5ivutps.dll
C:\Users\Paul\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\Paul\AppData\Local\Temp\yyj1tuo5.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-24 10:21
 
==================== End Of Log ============================
 
The extension still resides in Chrome. :(


#9 pitchie

pitchie
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:00 AM

Posted 30 September 2014 - 05:17 AM

Hi Jo,

 

Did you see anything in the logs that indicates what the problem may be?

 

Thanks, Paul.



#10 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:00 AM

Posted 30 September 2014 - 07:23 AM

Hello pitchie,

yes, we remove it now with a script.
 

***


Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
Save it in the same location as / FSRT / FSRT64 (usually your desktop) as fixlist.txt

 
start
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
BHO: GoSAve -> {40b4e122-2db2-46af-939d-f15fd3a3d656} -> C:\Program Files (x86)\GoSAve\aO2mK5gK2ppJ0J.x64.dll No File
FF Extension: GoSiaVe - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\cxp0x07n.default\Extensions\mWr2@GIp3.org [2014-09-29]
CHR Extension: (GoSiaVe) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\kedbflbclajdkcjngfncfkibneopeicd [2014-09-25]
CHR Extension: (GoSiaVe) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\kedbflbclajdkcjngfncfkibneopeicd\2.0 [2014-09-25]
C:\Program Files (x86)\GoSAve
EmptyTemp:
end


NOTICE: This script was written specifically for this user, for use on that particular machine.
Running this on another machine may cause damage to your operating system


Run FRST / FSRT64 again like we did before but this time press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) please post it to your reply.


***


FRST / FSRT64: run it again.
  • Right-click FRST / FSRT64 then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.

***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#11 pitchie

pitchie
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:00 AM

Posted 30 September 2014 - 08:49 AM

Hi Jo,

 

Thank you. Please find as requested:

 

Fixlog:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-09-2014 02
Ran by Paul at 2014-09-30 14:45:11 Run:1
Running from C:\Users\Paul\Desktop
Loaded Profile: Paul (Available profiles: Paul)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
BHO: GoSAve -> {40b4e122-2db2-46af-939d-f15fd3a3d656} -> C:\Program Files (x86)\GoSAve\aO2mK5gK2ppJ0J.x64.dll No File
FF Extension: GoSiaVe - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\cxp0x07n.default\Extensions\mWr2@GIp3.org [2014-09-29]
CHR Extension: (GoSiaVe) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\kedbflbclajdkcjngfncfkibneopeicd [2014-09-25]
CHR Extension: (GoSiaVe) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\kedbflbclajdkcjngfncfkibneopeicd\2.0 [2014-09-25]
C:\Program Files (x86)\GoSAve
EmptyTemp:
end
*****************
 
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{40b4e122-2db2-46af-939d-f15fd3a3d656}" => Key deleted successfully.
"HKCR\CLSID\{40b4e122-2db2-46af-939d-f15fd3a3d656}" => Key deleted successfully.
C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\cxp0x07n.default\Extensions\mWr2@GIp3.org => Moved successfully.
C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\kedbflbclajdkcjngfncfkibneopeicd => Moved successfully.
C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\kedbflbclajdkcjngfncfkibneopeicd\2.0 directory not found.
"C:\Program Files (x86)\GoSAve" => File/Directory not found.
EmptyTemp: => Removed 5.5 GB temporary data.
 
 
The system needed a reboot. 
 

 

==== End of Fixlog ====
 
FRST:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-09-2014 02
Ran by Paul (administrator) on OFFICE on 30-09-2014 14:48:29
Running from C:\Users\Paul\Desktop
Loaded Profile: Paul (Available profiles: Paul)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Microsoft) C:\Program Files (x86)\Common Files\Sage\Central\AutoUpdateClient\Sage.Central.AutoUpdateManager.Service.exe
(Sage (UK) Limited) C:\Program Files (x86)\Common Files\Sage SData\Sage.SData.Service.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17246_none_fa4ae8e99b1f603c\TiWorker.exe
(Eastman Kodak Company) C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
(Flux Software LLC) C:\Users\Paul\AppData\Local\FluxSoftware\Flux\flux.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Spotify Ltd) C:\Users\Paul\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [3182080 2012-10-08] (Eastman Kodak Company)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [111696 2013-10-18] (VMware, Inc.)
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM-x32\...\Run: [EKStatusMonitor] => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-12-11] (Eastman Kodak Company)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3593744 2014-09-05] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-09-25] ()
HKU\S-1-5-21-3153417521-1489275855-306761039-1001\...\Run: [f.lux] => C:\Users\Paul\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-3153417521-1489275855-306761039-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [1967616 2014-04-17] (AMD)
HKU\S-1-5-21-3153417521-1489275855-306761039-1001\...\Run: [Spotify Web Helper] => C:\Users\Paul\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-09-22] (Spotify Ltd)
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.msn.com/?pc=U206&ocid=U206DHP
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.co.uk/
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
 
FireFox:
========
FF ProfilePath: C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\cxp0x07n.default
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Keyword.URL: user_pref("keyword.URL", "");
FF Homepage: hxxp://uk.msn.com/?pc=U206&ocid=U206DHP
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\cxp0x07n.default\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
FF Extension: AVG SafeGuard toolbar - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\cxp0x07n.default\Extensions\avg@toolbar [2014-09-25]
FF Extension: AS Magic Player - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\cxp0x07n.default\Extensions\magicplayer@acestream.org [2014-09-20]
FF Extension: Firebug - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\cxp0x07n.default\Extensions\firebug@software.joehewitt.com.xpi [2014-08-29]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2014-07-27]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://uk.msn.com/?pc=U206&ocid=U206DHP
CHR StartupUrls: Default -> "hxxp://uk.msn.com/?pc=U206&ocid=U206DHP", "hxxp://www.bbc.co.uk/news/"
CHR DefaultSearchURL: Default -> 119F7248C4FFA219CA1DE1C9D49BB4E7FA24E063CE09A5E9AB3BE9A731FD0C36
CHR Profile: C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-23]
CHR Extension: (Web Developer) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2014-07-25]
CHR Extension: (YouTube) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-25]
CHR Extension: (Chromoji - Emoji for Google Chrome™) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\cahedbegdkagmcjfolhdlechbkeaieki [2014-07-25]
CHR Extension: (Google Search) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-25]
CHR Extension: (Radioplayer) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcppdfelojakeahklfgkjegnpbgndoch [2014-07-25]
CHR Extension: (EditThisCookie) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2014-08-26]
CHR Extension: (AdBlock) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-07-25]
CHR Extension: (TweetDeck by Twitter) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2014-07-25]
CHR Extension: (Google Theme) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\imoaoigekmpoalkbfohhjgkcocjdapne [2014-07-25]
CHR Extension: (TweetDeck Launcher) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmjdnkpkpnjblbgbnkeedepgnomafojk [2014-07-25]
CHR Extension: (Google Maps) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-07-25]
CHR Extension: (Do It (Tomorrow)) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfagjoblnoeagfhfhohcdklnddjaiglo [2014-07-25]
CHR Extension: (Google Wallet) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-25]
CHR Extension: (Knockoutjs context debugger) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\oddcpmchholgcjgjdnfjmildmlielhof [2014-08-29]
CHR Extension: (Sky+) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookngkjbobceimcicokadhjonlejhobj [2014-07-25]
CHR Extension: (Gmail) - C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-25]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3364368 2014-09-05] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [293448 2014-09-05] (AVG Technologies CZ, s.r.o.)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2014-07-25] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe [14760 2013-01-01] (Microsoft Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 Sage AutoUpdate Manager Service; C:\Program Files (x86)\Common Files\Sage\Central\AutoUpdateClient\Sage.Central.AutoUpdateManager.Service.exe [8192 2012-07-05] (Microsoft) [File not signed]
R2 Sage SData Service; C:\Program Files (x86)\Common Files\Sage SData\Sage.SData.Service.exe [53248 2012-05-17] (Sage (UK) Limited) [File not signed]
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14405200 2013-10-18] ()
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-09-25] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S4 s7oiehsx64; C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe [X]
S2 S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2014-03-11] (Advanced Micro Devices)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [247576 2014-07-24] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-09-25] (AVG Technologies)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [273176 2014-07-18] (AVG Technologies CZ, s.r.o.)
R3 dpmconv; C:\Windows\System32\drivers\dpmconv.sys [259072 2011-04-19] (SIEMENS AG)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [47008 2013-07-30] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 s7odpx2x64; C:\Windows\System32\drivers\s7odpx2x64.sys [71168 2011-05-06] (SIEMENS AG)
R3 s7oppinx64; C:\Windows\System32\drivers\s7oppinx64.sys [107008 2011-05-06] (SIEMENS AG)
R3 s7oserix64; C:\Windows\System32\Drivers\s7oserix64.sys [121344 2011-05-06] (SIEMENS AG)
R3 s7osmcax64; C:\Windows\System32\drivers\s7osmcax64.sys [195584 2011-05-06] (SIEMENS AG)
R3 s7osobux64; C:\Windows\System32\drivers\s7osobux64.sys [152576 2011-05-06] (SIEMENS AG)
R3 s7otmcd64x; C:\Windows\System32\Drivers\s7otmcd64x.sys [199680 2011-05-06] (SIEMENS AG)
R3 s7otranx64; C:\Windows\System32\drivers\s7otranx64.sys [260096 2011-05-06] (SIEMENS AG)
R3 s7otsadx64; C:\Windows\System32\drivers\s7otsadx64.sys [192000 2011-05-06] (SIEMENS AG)
R2 s7ousbu64x; C:\Windows\System32\drivers\s7ousbu64x.sys [190464 2011-05-06] (SIEMENS AG)
R2 s7sn2srtx; C:\Windows\system32\DRIVERS\s7sn2srtx.sys [83032 2011-06-16] (SIEMENS AG)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R2 SNTIE; C:\Windows\system32\DRIVERS\sntie.sys [179288 2011-05-31] (SIEMENS AG)
R3 vsnl2ada; C:\Windows\System32\drivers\vsnl2ada.sys [120832 2011-04-19] (SIEMENS AG)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 VMSMP; \SystemRoot\system32\DRIVERS\vmswitch.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-30 11:50 - 2014-09-30 11:50 - 02197640 _____ (Microsoft Corporation) C:\Users\Paul\Downloads\DefaultPack.EXE
2014-09-29 23:04 - 2014-09-29 23:03 - 00000939 _____ () C:\Users\Paul\Desktop\JRT.txt
2014-09-29 22:35 - 2014-09-29 22:36 - 01699276 _____ (Thisisu) C:\Users\Paul\Desktop\JRT.exe
2014-09-29 21:53 - 2014-09-29 21:53 - 01373475 _____ () C:\Users\Paul\Desktop\AdwCleaner.exe
2014-09-29 21:52 - 2014-09-29 22:01 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-09-29 21:52 - 2014-09-29 21:52 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-29 21:52 - 2014-09-29 21:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-29 21:51 - 2014-09-29 22:01 - 00000000 ____D () C:\Users\Paul\Desktop\mbar
2014-09-29 21:51 - 2014-09-29 21:51 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-29 21:50 - 2014-09-29 21:51 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Paul\Desktop\mbar-1.07.0.1012.exe
2014-09-29 21:32 - 2014-09-29 21:32 - 00056953 _____ () C:\Users\Paul\Desktop\Addition.txt
2014-09-29 21:31 - 2014-09-30 14:48 - 00023671 _____ () C:\Users\Paul\Desktop\FRST.txt
2014-09-29 21:31 - 2014-09-30 14:48 - 00000000 ____D () C:\FRST
2014-09-29 21:23 - 2014-09-29 21:24 - 02108928 _____ (Farbar) C:\Users\Paul\Desktop\FRST64.exe
2014-09-29 21:22 - 2014-09-29 21:22 - 00854417 _____ () C:\Users\Paul\Desktop\SecurityCheck.exe
2014-09-29 16:46 - 2014-09-29 16:46 - 00000000 ____D () C:\Windows\ERUNT
2014-09-29 10:11 - 2014-09-29 10:11 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-29 10:11 - 2014-09-29 10:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-28 11:24 - 2014-09-29 22:17 - 00000000 ____D () C:\ma
2014-09-27 11:52 - 2014-09-27 11:42 - 33016320 _____ () C:\Users\Paul\Desktop\paul 27.09.14.bak
2014-09-25 18:05 - 2014-09-25 18:05 - 00000000 ____D () C:\Users\Public\Documents\Siemens
2014-09-25 18:04 - 2014-09-29 21:36 - 00000000 ____D () C:\Program Files\Common Files\Siemens
2014-09-25 18:04 - 2014-09-25 18:04 - 00000000 ____D () C:\Program Files (x86)\Siemens
2014-09-25 18:04 - 2014-09-25 18:04 - 00000000 _____ () C:\Windows\system32\sntieno.log
2014-09-25 18:04 - 2007-08-15 23:09 - 00036933 ____R (SIEMENS AG) C:\Windows\SysWOW64\melbreg.dll
2014-09-25 18:01 - 2014-09-25 18:01 - 00000000 ____D () C:\Users\Paul\Downloads\S7_200_PC_ACCESS_V1_SP5_SP6 (1)
2014-09-25 17:58 - 2014-09-25 17:58 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-09-25 17:58 - 2014-09-25 17:58 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-09-25 17:58 - 2014-09-25 17:58 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-09-25 17:58 - 2014-09-25 17:58 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-09-25 17:58 - 2014-09-25 17:58 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-09-25 17:58 - 2014-09-25 17:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-09-25 17:58 - 2014-09-25 17:58 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-09-25 17:52 - 2014-09-25 17:59 - 290426691 _____ () C:\Users\Paul\Downloads\S7_200_PC_ACCESS_V1_SP5_SP6 (1).zip
2014-09-25 17:41 - 2014-09-25 18:08 - 00000000 ____D () C:\Program Files (x86)\FlexHEX
2014-09-25 17:41 - 2014-09-25 17:44 - 00157184 _____ () C:\Users\Paul\Desktop\OPCS7200ExcelAddin1.xla
2014-09-25 17:40 - 2014-09-25 17:40 - 03154416 _____ () C:\Users\Paul\Downloads\FlexHex_editor_setup.exe
2014-09-25 17:39 - 2014-09-25 17:43 - 10411334 _____ () C:\Users\Paul\Downloads\HexEdit4_binary.zip
2014-09-25 17:36 - 2014-09-25 17:36 - 00024306 _____ () C:\Users\Paul\Downloads\VBA_Project_Unlocker.xlsm
2014-09-25 17:34 - 2014-09-27 05:06 - 00000000 ____D () C:\Users\Paul\AppData\Local\AVG SafeGuard toolbar
2014-09-25 17:34 - 2014-09-25 17:34 - 00050976 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-09-25 17:34 - 2014-09-25 17:34 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-09-25 17:34 - 2014-09-25 17:34 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-09-25 17:34 - 2014-09-25 17:34 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-09-25 17:34 - 2014-09-25 17:34 - 00000000 ____D () C:\Program Files\AVG SafeGuard toolbar
2014-09-25 17:34 - 2014-09-25 17:34 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-09-25 17:31 - 2014-09-26 16:20 - 00000000 ____D () C:\ProgramData\AVG2015
2014-09-25 17:31 - 2014-09-25 17:31 - 00000000 ___HD () C:\$AVG
2014-09-25 17:31 - 2014-09-25 17:31 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\TuneUp Software
2014-09-25 17:31 - 2014-09-25 17:31 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\AVG2015
2014-09-25 17:31 - 2014-09-25 17:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-09-25 17:31 - 2014-09-25 17:31 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-09-25 17:29 - 2014-09-29 22:15 - 00000000 ____D () C:\ProgramData\MFAData
2014-09-25 17:29 - 2014-09-25 17:33 - 00000000 ____D () C:\Users\Paul\AppData\Local\Avg2015
2014-09-25 17:29 - 2014-09-25 17:29 - 04579176 _____ (AVG Technologies) C:\Users\Paul\Downloads\avg_free_stb_all_2015_5315_cnet.exe
2014-09-25 17:29 - 2014-09-25 17:29 - 00000000 ____D () C:\Users\Paul\AppData\Local\MFAData
2014-09-25 17:23 - 2014-09-29 22:02 - 00000000 ____D () C:\AdwCleaner
2014-09-25 17:23 - 2014-09-25 17:23 - 01373475 _____ () C:\Users\Paul\Downloads\AdwCleaner.exe
2014-09-25 17:21 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-25 17:20 - 2014-09-30 14:46 - 00000488 ____H () C:\Windows\Tasks\GS_Booster-S-576482620.job
2014-09-25 17:20 - 2014-09-25 17:20 - 00002726 _____ () C:\Windows\System32\Tasks\GS_Booster-S-576482620
2014-09-25 17:19 - 2014-09-30 14:46 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-09-25 17:19 - 2014-09-25 17:19 - 00000000 ____D () C:\Users\Paul\AppData\Local\Comodo
2014-09-25 17:19 - 2014-09-25 17:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-09-25 17:19 - 2014-09-25 17:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-09-25 17:19 - 2014-09-25 17:19 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-09-25 17:19 - 2014-09-25 17:19 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-09-25 17:19 - 2014-09-25 17:19 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-09-25 17:19 - 2014-09-25 17:19 - 00000000 ____D () C:\Users\Guest
2014-09-25 17:19 - 2014-09-25 17:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-09-25 17:19 - 2014-09-25 17:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-09-25 17:19 - 2014-09-25 17:19 - 00000000 ____D () C:\Users\Administrator
2014-09-25 17:10 - 2014-09-25 17:11 - 01763103 _____ () C:\Users\Paul\Downloads\vprlastic.zip
2014-09-25 17:04 - 2008-01-11 18:41 - 00212992 _____ () C:\Users\Paul\Desktop\OPCS7200ExcelAddin.xla
2014-09-25 14:24 - 2014-09-25 15:10 - 03857920 _____ () C:\Users\Paul\Downloads\1.. Blank Rota week 29th (1).xls
2014-09-25 14:23 - 2014-09-25 14:23 - 03748864 _____ () C:\Users\Paul\Downloads\1.. Blank Rota week 29th.xls
2014-09-25 10:30 - 2014-09-25 10:30 - 04371521 _____ () C:\Users\Paul\Downloads\SH_0405_mae15a_s7200_cp243it_v10_e.exe
2014-09-25 10:29 - 2014-09-25 10:34 - 290426691 _____ () C:\Users\Paul\Downloads\S7_200_PC_ACCESS_V1_SP5_SP6.zip
2014-09-23 22:22 - 2014-09-23 23:23 - 765924129 _____ () C:\Users\Paul\Downloads\99AdbAcrbtXIPr01109Multifull.rar
2014-09-23 16:52 - 2014-09-23 16:52 - 00001908 _____ () C:\Windows\diagwrn.xml
2014-09-23 16:52 - 2014-09-23 16:52 - 00001908 _____ () C:\Windows\diagerr.xml
2014-09-23 16:52 - 2014-09-23 16:52 - 00000000 ___HD () C:\$WINDOWS.~BT
2014-09-22 18:19 - 2014-09-22 18:19 - 00000306 _____ () C:\Users\Paul\Desktop\E100 3,621.60GBP.csv
2014-09-22 10:41 - 2014-09-22 10:41 - 04827337 _____ () C:\Users\Paul\Downloads\PNG-cards-1.3.zip
2014-09-22 10:41 - 2014-09-22 10:41 - 00000000 ____D () C:\Users\Paul\Downloads\PNG-cards-1.3
2014-09-22 10:36 - 2014-09-22 10:36 - 04769981 _____ () C:\Users\Paul\Downloads\SVG_and_EPS_Vector_Playing_Cards_Version_1.3.zip
2014-09-22 10:26 - 2014-09-22 10:26 - 00000000 ____D () C:\Users\Paul\Downloads\selfthinker-CSS-Playing-Cards-v2011-06-14-0-g7e0e0f2
2014-09-22 10:25 - 2014-09-22 10:25 - 00180678 _____ () C:\Users\Paul\Downloads\selfthinker-CSS-Playing-Cards-v2011-06-14-0-g7e0e0f2.zip
2014-09-22 10:17 - 2014-09-22 10:17 - 00535907 _____ () C:\Users\Paul\Downloads\donpark-scalable-css-playing-cards-d05a022.zip
2014-09-22 09:39 - 2014-09-22 09:44 - 00013950 _____ () C:\Users\Paul\Desktop\Regus Account Summary.xlsx
2014-09-20 15:06 - 2014-09-20 15:10 - 00000000 ___HD () C:\_acestream_cache_
2014-09-20 15:05 - 2014-09-29 16:55 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\ACEStream
2014-09-20 15:05 - 2014-09-29 16:53 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\.ACEStream
2014-09-20 15:05 - 2014-09-20 15:05 - 67195312 _____ () C:\Users\Paul\Downloads\Ace_Stream_Media_2.2.10-next_wiziwig.exe
2014-09-20 13:05 - 2014-09-20 13:05 - 00000000 ____D () C:\Users\Paul\Downloads\Hirens.BootCD.15.2
2014-09-20 12:54 - 2014-09-20 13:01 - 621283886 _____ () C:\Users\Paul\Downloads\Hirens.BootCD.15.2.zip
2014-09-20 12:54 - 2014-09-20 12:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard Company
2014-09-20 12:54 - 2014-09-20 12:54 - 00000000 ____D () C:\DriveKey
2014-09-15 11:47 - 2014-08-23 08:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-09-15 11:47 - 2014-08-23 08:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-09-15 11:47 - 2014-08-23 07:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-09-15 11:47 - 2014-08-23 06:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-09-15 11:47 - 2014-08-23 05:44 - 02860032 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-09-15 11:47 - 2014-08-23 05:34 - 13423104 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-09-15 11:47 - 2014-08-23 05:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-09-15 11:47 - 2014-08-23 05:31 - 01038336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-09-15 11:47 - 2014-08-23 05:20 - 11818496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-09-15 11:47 - 2014-07-30 02:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2014-09-15 11:47 - 2014-07-29 06:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2014-09-15 11:47 - 2014-07-24 16:20 - 21266336 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-15 11:47 - 2014-07-24 16:07 - 07424320 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-09-15 11:47 - 2014-07-24 14:46 - 18760328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-15 11:47 - 2014-07-24 10:44 - 16874496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-09-15 11:47 - 2014-07-24 10:16 - 12730880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-09-15 11:47 - 2014-07-24 08:46 - 08652800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-09-15 11:47 - 2014-07-24 08:43 - 02696704 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-09-15 11:47 - 2014-07-24 08:39 - 02642944 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-15 11:47 - 2014-07-24 08:38 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-09-15 11:47 - 2014-07-24 08:38 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-09-15 11:47 - 2014-07-24 08:30 - 02318336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-15 11:47 - 2014-06-14 07:03 - 02389504 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-15 11:46 - 2014-07-24 16:28 - 00468288 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-09-15 11:46 - 2014-07-24 16:28 - 00419648 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-09-15 11:46 - 2014-07-24 16:28 - 00412992 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-09-15 11:46 - 2014-07-24 16:28 - 00280384 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2014-09-15 11:46 - 2014-07-24 16:28 - 00143680 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-09-15 11:46 - 2014-07-24 16:25 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-15 11:46 - 2014-07-24 16:23 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-09-15 11:46 - 2014-07-24 16:23 - 00125472 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-09-15 11:46 - 2014-07-24 16:20 - 00645592 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-09-15 11:46 - 2014-07-24 16:20 - 00263400 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-09-15 11:46 - 2014-07-24 16:16 - 02574208 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-09-15 11:46 - 2014-07-24 16:16 - 00211216 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2014-09-15 11:46 - 2014-07-24 16:07 - 02009920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-09-15 11:46 - 2014-07-24 16:05 - 01660048 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-09-15 11:46 - 2014-07-24 16:05 - 01519560 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-09-15 11:46 - 2014-07-24 16:05 - 01488008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-09-15 11:46 - 2014-07-24 16:05 - 01356840 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-09-15 11:46 - 2014-07-24 16:03 - 02141920 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-09-15 11:46 - 2014-07-24 16:03 - 00882136 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-09-15 11:46 - 2014-07-24 16:03 - 00818624 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-09-15 11:46 - 2014-07-24 16:03 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-09-15 11:46 - 2014-07-24 16:03 - 00233888 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-09-15 11:46 - 2014-07-24 16:03 - 00205512 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll
2014-09-15 11:46 - 2014-07-24 15:57 - 02515264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-15 11:46 - 2014-07-24 15:57 - 00475968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-09-15 11:46 - 2014-07-24 14:50 - 00098048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-09-15 11:46 - 2014-07-24 14:48 - 02410976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-09-15 11:46 - 2014-07-24 14:48 - 00180208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
2014-09-15 11:46 - 2014-07-24 14:46 - 00477200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-09-15 11:46 - 2014-07-24 14:36 - 02145472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-09-15 11:46 - 2014-07-24 14:36 - 00707536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-09-15 11:46 - 2014-07-24 14:36 - 00674512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-09-15 11:46 - 2014-07-24 14:36 - 00355800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-09-15 11:46 - 2014-07-24 14:36 - 00180720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
2014-09-15 11:46 - 2014-07-24 12:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL
2014-09-15 11:46 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-09-15 11:46 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTT102.DLL
2014-09-15 11:46 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-09-15 11:46 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-09-15 11:46 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-09-15 11:46 - 2014-07-24 12:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-09-15 11:46 - 2014-07-24 12:47 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-09-15 11:46 - 2014-07-24 12:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-09-15 11:46 - 2014-07-24 12:45 - 00076800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-09-15 11:46 - 2014-07-24 12:44 - 00674816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-09-15 11:46 - 2014-07-24 12:43 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-09-15 11:46 - 2014-07-24 12:42 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-09-15 11:46 - 2014-07-24 12:42 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NdisImPlatform.sys
2014-09-15 11:46 - 2014-07-24 12:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2014-09-15 11:46 - 2014-07-24 12:33 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-15 11:46 - 2014-07-24 12:33 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-15 11:46 - 2014-07-24 12:22 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2014-09-15 11:46 - 2014-07-24 12:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
2014-09-15 11:46 - 2014-07-24 12:05 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2014-09-15 11:46 - 2014-07-24 12:05 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-09-15 11:46 - 2014-07-24 11:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-09-15 11:46 - 2014-07-24 11:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTT102.DLL
2014-09-15 11:46 - 2014-07-24 11:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-09-15 11:46 - 2014-07-24 11:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL
2014-09-15 11:46 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-09-15 11:46 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-09-15 11:46 - 2014-07-24 11:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-09-15 11:46 - 2014-07-24 11:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll
2014-09-15 11:46 - 2014-07-24 11:33 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-09-15 11:46 - 2014-07-24 11:32 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2014-09-15 11:46 - 2014-07-24 11:20 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2014-09-15 11:46 - 2014-07-24 11:18 - 01089024 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-09-15 11:46 - 2014-07-24 11:12 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2014-09-15 11:46 - 2014-07-24 11:10 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-09-15 11:46 - 2014-07-24 11:10 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-09-15 11:46 - 2014-07-24 11:10 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-09-15 11:46 - 2014-07-24 11:10 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasnap.dll
2014-09-15 11:46 - 2014-07-24 11:09 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-09-15 11:46 - 2014-07-24 11:06 - 00438272 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2014-09-15 11:46 - 2014-07-24 11:05 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-09-15 11:46 - 2014-07-24 10:58 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2014-09-15 11:46 - 2014-07-24 10:54 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2014-09-15 11:46 - 2014-07-24 10:53 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2014-09-15 11:46 - 2014-07-24 10:52 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2014-09-15 11:46 - 2014-07-24 10:42 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2014-09-15 11:46 - 2014-07-24 10:40 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
2014-09-15 11:46 - 2014-07-24 10:39 - 00770048 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-09-15 11:46 - 2014-07-24 10:33 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2014-09-15 11:46 - 2014-07-24 10:32 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-09-15 11:46 - 2014-07-24 10:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-09-15 11:46 - 2014-07-24 10:27 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-09-15 11:46 - 2014-07-24 10:25 - 00832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2014-09-15 11:46 - 2014-07-24 10:24 - 01817088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-09-15 11:46 - 2014-07-24 10:23 - 00328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2014-09-15 11:46 - 2014-07-24 10:21 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-09-15 11:46 - 2014-07-24 10:18 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll
2014-09-15 11:46 - 2014-07-24 10:14 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-09-15 11:46 - 2014-07-24 10:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2014-09-15 11:46 - 2014-07-24 10:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2014-09-15 11:46 - 2014-07-24 10:11 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-09-15 11:46 - 2014-07-24 10:11 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2014-09-15 11:46 - 2014-07-24 10:10 - 00540672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2014-09-15 11:46 - 2014-07-24 10:09 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-09-15 11:46 - 2014-07-24 10:04 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
2014-09-15 11:46 - 2014-07-24 10:04 - 00183808 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
2014-09-15 11:46 - 2014-07-24 10:03 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-09-15 11:46 - 2014-07-24 10:02 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-09-15 11:46 - 2014-07-24 09:58 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2014-09-15 11:46 - 2014-07-24 09:53 - 01261056 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-09-15 11:46 - 2014-07-24 09:53 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-09-15 11:46 - 2014-07-24 09:49 - 01361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-09-15 11:46 - 2014-07-24 09:49 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-09-15 11:46 - 2014-07-24 09:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-09-15 11:46 - 2014-07-24 09:49 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-09-15 11:46 - 2014-07-24 09:48 - 00659968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2014-09-15 11:46 - 2014-07-24 09:47 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2014-09-15 11:46 - 2014-07-24 09:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll
2014-09-15 11:46 - 2014-07-24 09:39 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2014-09-15 11:46 - 2014-07-24 09:38 - 00371200 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-09-15 11:46 - 2014-07-24 09:36 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2014-09-15 11:46 - 2014-07-24 09:32 - 01532416 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-09-15 11:46 - 2014-07-24 09:30 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-09-15 11:46 - 2014-07-24 09:29 - 00439296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-15 11:46 - 2014-07-24 09:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2014-09-15 11:46 - 2014-07-24 09:27 - 00907776 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-09-15 11:46 - 2014-07-24 09:24 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-15 11:46 - 2014-07-24 09:23 - 01404416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2014-09-15 11:46 - 2014-07-24 09:22 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-09-15 11:46 - 2014-07-24 09:21 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-09-15 11:46 - 2014-07-24 09:21 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-09-15 11:46 - 2014-07-24 09:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2014-09-15 11:46 - 2014-07-24 09:19 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-09-15 11:46 - 2014-07-24 09:18 - 01144320 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2014-09-15 11:46 - 2014-07-24 09:18 - 00795136 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-09-15 11:46 - 2014-07-24 09:18 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-15 11:46 - 2014-07-24 09:16 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2014-09-15 11:46 - 2014-07-24 09:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2014-09-15 11:46 - 2014-07-24 09:15 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-15 11:46 - 2014-07-24 09:15 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2014-09-15 11:46 - 2014-07-24 09:15 - 00432128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2014-09-15 11:46 - 2014-07-24 09:13 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2014-09-15 11:46 - 2014-07-24 09:12 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-15 11:46 - 2014-07-24 09:10 - 01029632 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-09-15 11:46 - 2014-07-24 09:10 - 00889344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-09-15 11:46 - 2014-07-24 09:10 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-09-15 11:46 - 2014-07-24 09:10 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-09-15 11:46 - 2014-07-24 09:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-09-15 11:46 - 2014-07-24 09:08 - 00162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2014-09-15 11:46 - 2014-07-24 09:07 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-15 11:46 - 2014-07-24 09:06 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-15 11:46 - 2014-07-24 09:05 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2014-09-15 11:46 - 2014-07-24 09:04 - 00667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-15 11:46 - 2014-07-24 09:02 - 03465216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-15 11:46 - 2014-07-24 09:01 - 05833216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-09-15 11:46 - 2014-07-24 09:01 - 01992192 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-09-15 11:46 - 2014-07-24 09:01 - 01126912 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-09-15 11:46 - 2014-07-24 09:00 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-09-15 11:46 - 2014-07-24 08:58 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2014-09-15 11:46 - 2014-07-24 08:58 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2014-09-15 11:46 - 2014-07-24 08:54 - 01290752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-09-15 11:46 - 2014-07-24 08:50 - 01182208 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2014-09-15 11:46 - 2014-07-24 08:50 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-09-15 11:46 - 2014-07-24 08:49 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2014-09-15 11:46 - 2014-07-24 08:47 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2014-09-15 11:46 - 2014-07-24 08:44 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2014-09-15 11:46 - 2014-07-24 08:43 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-09-15 11:46 - 2014-07-24 08:43 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2014-09-15 11:46 - 2014-07-24 08:41 - 00459264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2014-09-15 11:46 - 2014-07-24 08:33 - 03360768 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-09-15 11:46 - 2014-07-24 08:28 - 01600000 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-09-15 11:46 - 2014-07-24 05:11 - 00513544 _____ () C:\Windows\SysWOW64\locale.nls
2014-09-15 11:46 - 2014-07-24 05:11 - 00513544 _____ () C:\Windows\system32\locale.nls
2014-09-15 11:46 - 2014-07-12 06:55 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
2014-09-15 11:46 - 2014-07-12 06:23 - 00436224 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-09-15 11:46 - 2014-07-12 05:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
2014-09-15 11:46 - 2014-07-12 05:33 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-09-15 11:46 - 2014-07-12 05:13 - 01417216 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-15 11:46 - 2014-07-10 00:19 - 00387391 _____ () C:\Windows\system32\ApnDatabase.xml
2014-09-15 11:46 - 2014-07-04 13:59 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-09-15 11:46 - 2014-07-04 11:29 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
2014-09-15 11:46 - 2014-07-04 11:20 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2014-09-15 11:46 - 2014-07-04 11:06 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2014-09-15 11:46 - 2014-07-04 11:00 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-09-15 11:46 - 2014-07-04 10:30 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2014-09-15 11:46 - 2014-07-04 10:27 - 00474112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2014-09-15 11:46 - 2014-06-27 07:22 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-09-15 11:46 - 2014-06-26 01:32 - 01029632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-09-15 11:46 - 2014-06-26 01:29 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2014-09-15 11:46 - 2014-06-20 00:37 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-09-15 11:46 - 2014-06-19 03:13 - 00310080 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-09-15 11:46 - 2014-06-14 06:46 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-15 11:46 - 2014-06-07 13:46 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-09-15 11:46 - 2014-06-07 11:20 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-09-15 11:46 - 2014-06-05 15:00 - 01118040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-09-15 11:46 - 2014-06-05 11:18 - 01018368 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2014-09-15 11:46 - 2014-06-05 10:42 - 00889856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2014-09-15 11:46 - 2014-05-31 06:00 - 01463808 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2014-09-15 11:46 - 2014-05-31 05:18 - 01319936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2014-09-15 11:46 - 2014-05-29 07:23 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-09-15 11:46 - 2014-05-29 06:25 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-09-15 11:46 - 2014-05-29 06:20 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-09-15 11:46 - 2014-05-29 05:36 - 00344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-09-15 11:46 - 2014-05-26 08:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2014-09-15 11:46 - 2014-05-10 11:12 - 00387896 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2014-09-15 11:46 - 2014-05-10 09:46 - 00335680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2014-09-15 11:46 - 2014-05-06 05:41 - 00486744 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-09-15 11:46 - 2014-05-06 01:55 - 00391000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2014-09-15 11:46 - 2014-03-25 03:27 - 00160600 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2014-09-15 11:46 - 2014-03-25 03:27 - 00123920 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2014-09-15 11:46 - 2014-03-25 02:20 - 00128568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2014-09-15 11:46 - 2014-03-25 02:20 - 00127544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2014-09-15 11:38 - 2014-08-15 01:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2014-09-11 15:38 - 2014-09-11 15:38 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\Yahoo!
2014-09-10 23:40 - 2014-08-16 02:54 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 23:40 - 2014-08-16 02:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-10 23:39 - 2014-08-16 03:40 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 23:39 - 2014-08-16 03:04 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-10 23:39 - 2014-08-16 03:00 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 23:39 - 2014-08-16 03:00 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 23:39 - 2014-08-16 02:56 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 23:39 - 2014-08-16 02:45 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-10 23:39 - 2014-08-16 02:43 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 23:39 - 2014-08-16 02:32 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 23:39 - 2014-08-16 02:25 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 23:39 - 2014-08-16 02:22 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-10 23:39 - 2014-08-16 02:19 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 23:39 - 2014-08-16 02:18 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-10 23:39 - 2014-08-16 02:18 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 23:39 - 2014-08-16 02:11 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-10 23:39 - 2014-08-16 02:06 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 23:39 - 2014-08-16 02:05 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 23:39 - 2014-08-16 02:05 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 23:39 - 2014-08-16 02:03 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 23:39 - 2014-08-16 02:03 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-10 23:39 - 2014-08-16 01:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 23:39 - 2014-08-16 01:56 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 23:39 - 2014-08-16 01:53 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 23:39 - 2014-08-16 01:53 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-10 23:39 - 2014-08-16 01:53 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-10 23:39 - 2014-08-16 01:51 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-10 23:39 - 2014-08-16 01:45 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-10 23:39 - 2014-08-16 01:44 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-10 23:39 - 2014-08-16 01:44 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-10 23:39 - 2014-08-16 01:34 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 23:39 - 2014-08-16 01:20 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-10 23:39 - 2014-08-16 01:18 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 23:39 - 2014-08-16 01:14 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-10 23:39 - 2014-08-16 01:12 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-10 23:26 - 2014-09-05 03:36 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-09-10 23:26 - 2014-09-05 03:31 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-10 23:26 - 2014-09-05 01:48 - 00738816 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 23:26 - 2014-08-02 01:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-09-10 23:25 - 2014-07-24 04:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-09-10 23:25 - 2014-07-24 04:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2014-09-10 22:59 - 2014-09-17 11:44 - 00000000 ____D () C:\Users\Paul\AppData\Local\ClosuresDataExporter
2014-09-10 13:24 - 2014-09-10 13:25 - 00000000 ____D () C:\Program Files (x86)\SAP BusinessObjects
2014-09-10 13:24 - 2014-09-10 13:24 - 00000000 ____D () C:\ProgramData\Macrovision
2014-09-10 13:24 - 2014-09-10 13:24 - 00000000 ____D () C:\inetpub
2014-09-10 13:24 - 2014-02-26 18:41 - 307175616 _____ () C:\Users\Paul\Downloads\CRforVS_13_0_8.exe
2014-09-10 12:31 - 2014-09-10 12:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinImage
2014-09-10 12:31 - 2014-09-10 12:31 - 00000000 ____D () C:\Program Files\WinImage
2014-09-10 12:30 - 2014-09-10 12:30 - 01649168 _____ () C:\Users\Paul\Downloads\WinImage 9.00 x86 x64.rar
2014-09-10 12:29 - 2014-09-10 12:29 - 00872440 _____ (WinImage) C:\Users\Paul\Downloads\wima6490.exe
2014-09-10 12:29 - 2014-09-10 12:29 - 00746592 _____ (WinImage) C:\Users\Paul\Downloads\winima90.exe
2014-09-10 11:32 - 2014-09-10 11:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarWind Software
2014-09-10 11:32 - 2014-09-10 11:32 - 00000000 ____D () C:\Program Files (x86)\StarWind Software
2014-09-10 11:31 - 2014-09-10 11:31 - 01631592 _____ (StarWind Software ) C:\Users\Paul\Downloads\StarWindConverter.exe
2014-09-10 11:26 - 2014-09-10 11:26 - 06319701 _____ () C:\Users\Paul\Downloads\5nineEasyConverter.zip
2014-09-10 11:11 - 2014-09-10 11:11 - 02617344 _____ () C:\Users\Paul\Downloads\mvmc_setup.msi
2014-09-10 11:11 - 2014-09-10 11:11 - 00001274 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Microsoft Virtual Machine Converter 2.1.lnk
2014-09-10 11:11 - 2014-09-10 11:11 - 00000000 ____D () C:\Program Files\Microsoft Virtual Machine Converter
2014-09-10 10:36 - 2014-09-10 10:39 - 159578526 _____ () C:\Users\Paul\Downloads\SageAccts Paul Pitchford t a Ashfield Clutch Services 2014-09-08.001
2014-09-08 11:55 - 2014-09-08 11:55 - 00000000 ____D () C:\Users\Paul\Downloads\SignalRMessagingErrorHandling-master
2014-09-08 11:51 - 2014-09-08 11:51 - 20984303 _____ () C:\Users\Paul\Downloads\SignalRMessagingErrorHandling-master.zip
2014-09-08 11:44 - 2014-09-08 11:44 - 05158044 _____ () C:\Users\Paul\Downloads\Windows Phone 8 Chat Application using SignalR (1).zip
2014-09-08 10:48 - 2014-09-08 10:48 - 00001798 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Component One.lnk
2014-09-08 10:48 - 2014-09-08 10:48 - 00000000 ____D () C:\Program Files (x86)\ComponentOne
2014-09-08 10:47 - 2014-08-25 16:35 - 39796736 _____ () C:\Users\Paul\Downloads\C1StudioLightSwitch_4.0.20142.62.msi
2014-09-08 10:46 - 2014-09-08 10:46 - 00159952 _____ (GrapeCity Inc.) C:\Users\Paul\Downloads\C1WebInstallerStudioLightSwitch.exe
2014-09-08 08:25 - 2014-09-08 08:25 - 00000000 ____D () C:\Users\Paul\AppData\Local\Deployment
2014-09-08 08:25 - 2014-09-08 08:25 - 00000000 ____D () C:\Users\Paul\AppData\Local\Apps\2.0
2014-09-07 12:22 - 2014-09-07 12:40 - 1585775666 _____ () C:\Users\Paul\Desktop\DEV-B417.mp4
2014-09-06 17:08 - 2014-09-06 17:10 - 171518067 _____ () C:\Users\Paul\Downloads\realtimeconnectedWPapps_Source.wmv
2014-09-06 16:50 - 2014-09-06 16:50 - 02544599 _____ () C:\Users\Paul\Downloads\NuGet.Tools.vsix
2014-09-03 20:58 - 2014-09-03 20:58 - 00834269 _____ () C:\Users\Paul\Downloads\ModernUI.1.0.6.zip
2014-09-03 20:58 - 2014-09-03 20:58 - 00000000 ____D () C:\Users\Paul\Downloads\ModernUI.1.0.6
2014-09-03 16:33 - 2014-09-10 13:00 - 27590656 _____ () C:\Windows\system32\vmguest.iso
2014-09-03 16:30 - 2014-09-03 16:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.0
2014-09-03 16:30 - 2014-09-03 16:30 - 00000000 ____D () C:\Program Files (x86)\Windows Phone Kits
2014-09-03 16:30 - 2014-09-03 16:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft XDE
2014-09-03 16:29 - 2014-09-10 13:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 11.0
2014-09-03 16:29 - 2014-09-03 16:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
2014-09-03 16:27 - 2014-09-03 16:28 - 00000000 ____D () C:\Users\Paul\Downloads\Visual Studio 2013 (Second Download)
2014-09-03 16:25 - 2014-09-03 16:25 - 00000000 ____D () C:\Users\Paul\Downloads\Windows Phone 8 Chat Application using SignalR
2014-09-03 16:24 - 2014-09-03 16:24 - 05158044 _____ () C:\Users\Paul\Downloads\Windows Phone 8 Chat Application using SignalR.zip
2014-09-02 15:12 - 2014-09-02 15:12 - 00000000 ____D () C:\Windows\System32\Tasks\GenericSettingsHandler
2014-09-02 14:44 - 2014-09-02 14:50 - 00000000 ____D () C:\Users\Paul\.android
2014-09-02 14:43 - 2014-09-02 14:43 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-09-02 14:43 - 2014-09-02 14:43 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-09-02 14:43 - 2014-09-02 14:43 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-09-02 14:43 - 2014-09-02 14:43 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-09-02 14:43 - 2014-09-02 14:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-09-02 14:43 - 2014-09-02 14:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-02 14:43 - 2014-09-02 14:43 - 00000000 ____D () C:\Program Files\Java
2014-09-02 13:47 - 2014-09-02 13:47 - 00000000 ____D () C:\Users\Paul\Downloads\SignalR Self-Host
2014-09-02 11:59 - 2014-09-30 14:10 - 01048576 _____ () C:\Users\Paul\Test_log.ldf
2014-09-02 11:59 - 2014-09-09 07:38 - 04194304 _____ () C:\Users\Paul\Test.mdf
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-30 14:47 - 2014-07-25 18:51 - 00004962 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for OFFICE-Paul Office
2014-09-30 14:46 - 2014-08-04 10:50 - 00000000 ____D () C:\ProgramData\Kodak
2014-09-30 14:46 - 2014-07-31 10:04 - 00000008 __RSH () C:\Users\Paul\ntuser.pol
2014-09-30 14:46 - 2014-07-25 16:34 - 00000000 ____D () C:\ProgramData\VMware
2014-09-30 14:46 - 2014-07-25 14:54 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-30 14:46 - 2014-07-25 14:31 - 00053248 ___SH () C:\Users\Paul\Desktop\Thumbs.db
2014-09-30 14:46 - 2014-07-25 14:24 - 00000000 ___DO () C:\Users\Paul\SkyDrive
2014-09-30 14:46 - 2014-07-25 14:21 - 00000000 ____D () C:\Users\Paul
2014-09-30 14:46 - 2014-07-25 14:20 - 01272302 _____ () C:\Windows\WindowsUpdate.log
2014-09-30 14:46 - 2014-07-25 14:19 - 00109574 _____ () C:\Windows\PFRO.log
2014-09-30 14:46 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-30 14:46 - 2013-08-22 14:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-09-30 14:45 - 2014-07-27 11:09 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\VMware
2014-09-30 14:45 - 2014-07-27 11:09 - 00000000 ____D () C:\Users\Paul\AppData\Local\VMware
2014-09-30 14:45 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-30 14:13 - 2014-07-27 18:23 - 00002334 ____H () C:\Users\Paul\Documents\Default.rdp
2014-09-30 14:10 - 2014-08-21 10:34 - 01048576 _____ () C:\Users\Paul\Poker_log.ldf
2014-09-30 14:06 - 2014-07-25 14:06 - 00000000 ____D () C:\Projects
2014-09-30 14:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2014-09-30 13:59 - 2014-07-25 14:54 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-30 12:10 - 2014-07-25 14:27 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3153417521-1489275855-306761039-1001
2014-09-30 11:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-09-30 11:12 - 2014-07-25 14:25 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{716F22AE-5F51-4F0D-8860-0A00617B5488}
2014-09-29 23:17 - 2014-07-25 14:24 - 00969246 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-29 22:55 - 2014-07-28 16:01 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\Spotify
2014-09-29 22:25 - 2014-07-28 16:01 - 00000000 ____D () C:\Users\Paul\AppData\Local\Spotify
2014-09-29 16:37 - 2014-08-11 10:39 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\Skype
2014-09-29 10:11 - 2014-08-11 10:39 - 00000000 ____D () C:\ProgramData\Skype
2014-09-28 12:33 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2014-09-28 10:32 - 2014-07-27 12:44 - 00000000 ____D () C:\Users\Paul\Documents\SQL Server Management Studio
2014-09-26 16:50 - 2014-07-25 14:27 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-25 18:08 - 2013-08-22 15:44 - 00510448 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-25 18:05 - 2014-08-17 16:06 - 00054882 _____ () C:\Windows\DPINST.LOG
2014-09-25 18:04 - 2014-07-25 16:17 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-25 18:04 - 2013-08-22 15:45 - 00000000 ____D () C:\Windows\Setup
2014-09-25 17:44 - 2014-08-26 16:08 - 00000000 ____D () C:\Windows\SysWOW64\HavijPro
2014-09-25 17:36 - 2014-07-25 14:22 - 00000000 ____D () C:\Users\Paul\AppData\Local\Packages
2014-09-25 17:34 - 2014-08-29 21:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-25 17:33 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-09-25 17:31 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-09-25 17:28 - 2014-07-25 14:08 - 00000000 ____D () C:\Closures
2014-09-25 17:26 - 2013-08-22 20:11 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-25 17:26 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ToastData
2014-09-25 17:26 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-09-25 17:26 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-25 17:26 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-25 17:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\WinStore
2014-09-25 17:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2014-09-25 17:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
2014-09-25 17:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\setup
2014-09-25 17:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-25 17:26 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-09-25 17:19 - 2014-07-25 14:54 - 00000000 ____D () C:\Users\Paul\AppData\Local\Google
2014-09-25 17:19 - 2014-07-25 14:54 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-25 17:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-09-25 09:34 - 2014-07-25 15:05 - 00000000 ____D () C:\Users\Paul\Documents\Visual Studio 2013
2014-09-25 05:29 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-23 21:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-09-23 16:52 - 2013-08-22 15:46 - 00000277 _____ () C:\Windows\setupact.log
2014-09-23 16:52 - 2013-08-22 15:46 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-22 21:03 - 2014-07-25 17:38 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\vlc
2014-09-22 21:01 - 2014-08-19 12:17 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-22 07:42 - 2014-07-25 15:41 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-19 10:08 - 2014-08-15 17:25 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\JWrapper-SimpleHelp Technician
2014-09-17 13:42 - 2014-07-29 11:32 - 00001118 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-09-11 00:41 - 2014-07-26 15:40 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 23:40 - 2014-07-26 14:26 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-10 23:40 - 2014-07-26 14:26 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 23:40 - 2014-07-25 15:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-10 23:40 - 2014-07-25 15:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 23:40 - 2014-07-25 15:34 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 23:40 - 2014-07-25 15:34 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-10 23:40 - 2014-07-25 15:34 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 23:40 - 2014-07-25 15:34 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-10 23:40 - 2014-07-25 15:34 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 23:40 - 2014-07-25 15:34 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 23:40 - 2014-07-25 15:34 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-10 23:40 - 2014-07-25 15:34 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 23:40 - 2014-07-25 15:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-10 23:40 - 2014-07-25 15:34 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 23:40 - 2014-07-25 15:34 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-10 23:40 - 2014-07-25 15:34 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 23:39 - 2014-07-25 15:43 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 23:37 - 2014-07-25 15:43 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-10 13:25 - 2014-07-27 12:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 10.0
2014-09-10 13:03 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\schemas
2014-09-10 12:16 - 2014-08-04 09:59 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-09-10 11:32 - 2014-08-04 10:00 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-09-10 11:31 - 2014-08-11 11:05 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-09-08 11:43 - 2014-07-25 14:22 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\Adobe
2014-09-03 16:30 - 2014-07-25 14:57 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-09-03 16:30 - 2014-07-25 14:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-09-03 16:29 - 2014-07-25 14:45 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-02 21:06 - 2013-08-22 16:38 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-02 21:06 - 2013-08-22 16:38 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-02 15:12 - 2014-07-25 14:22 - 00000000 ____D () C:\Users\Paul\AppData\Local\PackageStaging
2014-09-02 12:06 - 2014-08-26 10:42 - 03211264 _____ () C:\Users\Paul\AshfieldSalesData.mdf
2014-09-02 12:06 - 2014-08-26 10:42 - 01114112 _____ () C:\Users\Paul\AshfieldSalesData_log.ldf
2014-09-02 12:06 - 2014-07-27 21:13 - 03211264 _____ () C:\Users\Paul\WAStorageEmulatorDb32.mdf
2014-09-02 12:06 - 2014-07-27 21:13 - 00802816 _____ () C:\Users\Paul\WAStorageEmulatorDb32_log.ldf
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-24 10:21
 
==================== End Of Log ============================

 

Thanks,

Paul.



#12 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:00 AM

Posted 30 September 2014 - 09:14 AM

Hello pitchie,


1. Java
1.1 Uninstall old Java versions (if present):
  • Please go to Start > Control Panel > Programs and Features .
  • Locate all Java Updates
  • Uninstall them all.
1.2 Install latest Java 7 update. Click this link and click on the Free JAVA Download.

1.3 Find here instructions how to clear the java cache.
Go into the Control Panel and double-click the Java Icon. (looks like a coffee cup)
Under Temporary Internet Files, click the Delete Files button.
There are options in the window to clear the cache - Leave ALL Checked
  • Applications and Applets
  • Trace and log files
Click OK on Delete Temporary Files Window
Note: This deletes ALL the Downloaded Applications and Applets from the CACHE. Click OK to leave the Java Control Panel.
 

---


ESET Online Scanner

Connect any existing external hard drives and / or other removable media.

Note:
It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.



If this program is already installed: Skip the installation and run only the scan!
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the esetOnline.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetSmartInstallDesktopIcon.png icon on your desktop.
  • Check esetAcceptTerms.png
  • Click the esetStart.png button.
  • Accept any security warnings from your browser.
  • Check esetScanArchives.png
  • Make sure that the option "Remove found threats" is Unchecked
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push esetListThreats.png
  • Push esetExport.png, and save the file to your desktop using a unique name, such as MyEsetScan. Alternatively, look for report in C:\Program Files\ESET\ESET Online Scanner\log.txt. Include the contents of this report in your next reply.
  • Push the Back button.
  • Select Uninstall application on close check box and push esetFinish.png

---


How the computer is running now?


---


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#13 pitchie

pitchie
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:00 AM

Posted 01 October 2014 - 04:54 AM

The PC seems to be running lots better and the extension has gone from Chrome. Thank you so much for your help I really appreciate it.

 

The scanner found this:

 

C:\AdwCleaner\Quarantine\C\ProgramData\Trusted Publisher\GS_Booster\GS_Booster.exe.vir Win32/TrojanDownloader.Agent.ACF trojan
 
Which is presume can just be deleted as it's in the quarantine?
 
Thank you,
 
Paul.


#14 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:00 AM

Posted 01 October 2014 - 05:23 AM

Hi pitchie,

well done. :)

It Appears That Your Pc Is Now Clean!
 

C:\AdwCleaner\Quarantine\C\ProgramData\Trusted Publisher\GS_Booster\GS_Booster.exe.vir Win32/TrojanDownloader.Agent.ACF trojan

Which is presume can just be deleted as it's in the quarantine?

This will be removed when we uninstall AdwCleaner.
 

***


Clean up:

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
Save it in the same location as / FSRT / FSRT64 (usually your desktop) as fixlist.txt


start
EmptyTemp:
DeleteQuarantine:
end

Run FRST/FRST64 and press the Fix button just once and wait.
no needed to post the log this time.
 

***


Right-click AdwCleaner.exe and select Run As Administrator.
  • Click on the Uninstall button.
  • A window will open, press the Confirm button.
  • AdwCleaner will uninstall now.

***


Clean up with delfix:
  • please download delfix to your desktop.
  • Close all other programms and start delfix.
  • Please check all the boxes and run the tool.
  • delfix will now delete all found traces of our removal process

***


Delete the log files our tools created; they are located at your desktop or at the
"c:\users\{.......}\Downloads" folder.
Highlight them, and press the del or delete key on the keyboard.
You can browse to the location of the file or folder using either My Computer or Windows Explorer.


***


Here are some Preventive tips to reduce the potential for spyware infection in the future:

1. Browse more secure2. Enable Protected Mode in Internet Explorer. This helps Windows Vista, 7 / 8 users stay more protected from attack by running Internet Explorer with restricted privileges as well as reducing the ability to write, alter or destroy data on your system or install malicious code. To make sure this is running follow these steps:
  • Open Internet Explorer
  • Click on Tools > Internet Options
  • Press Security tab
  • Select Internet zone then place check next to Enable Protected Mode if not already done
  • Do the same for Local Intranet, Trusted Sites and Restricted Sites and then press Apply
  • Restart Internet Explorer and in the bottom right corner of your screen you will see Protected Mode: On showing you it is enabled.
3. Make sure you keep your Windows OS current.
  • Windows XP users can visit Windows update regularly to download and install any critical updates and service packs.
  • Windows Vista / 7 users can update via
    Start menu > All Programs > Windows Update > Check for Updates (in left hand task pane).
4. Avoid P2P
  • If you think you're using a "safe" P2P program, only the program is safe, not the data.
  • You will share files from unsafe sources, and these may be infected.
  • Some bad guys use P2P filesharing as an important chanel to spread their wares.
5. Use only one anti-virus software and keep it up-to-date.

6. Firewall
Without a firewall your computer is succeptible to being hacked and taken over. I am very serious about this and see it happen almost every day with my clients. Simply using a Firewall in its default configuration can lower your risk greatly.

7. Backup regularly
You never know when your PC will become unstable or become so infected that you can't recover it.

8. Use Strong passwords!

9. Email attachments
Do not open any unknown email attachments, which you received without asking for it!


Extra note:
Keep your Browser, Java, pdf Reader and Adobe Flash Up to Date.
Make sure your programs are up to date - because older versions may contain Security Leaks.
To find out what programs need to be updated, please run the Secunia Software Inspector Scan.
https://secunia.com/vulnerability_scanning/personal/


***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#15 pitchie

pitchie
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:00 AM

Posted 01 October 2014 - 05:29 AM

Jo,

 

I cannot thank you enough, that was an excellent and interesting thread! Thanks for your help.

 

Paul.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users