Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot get my computer Malware free!


  • This topic is locked This topic is locked
42 replies to this topic

#1 Haldo10

Haldo10

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:03:48 AM

Posted 30 October 2014 - 05:23 PM

This is driving me nuts. I somehow got infected with malware in the form of constant browser pop ups claiming my browser was out of date and prompting me to download a new version. This happened with chrome, IR, Firefox and flash player also (both I believe are fake programmes mascarading as the real thing).

 

I have bombarded my laptop with Malware bytes, SUPERantispyware and Hitman Pro and have managed to get rid of a lot. Now however, Hitman keeps detecting 2 'proxy servers' being run through IE which, despite repairing, contantly keep showing up upon restarting and rescanning.

The 2 proxy server messages reads 'proxy server on this computer (user) 127.0.0.1:57056

 

please help, thanks.

 

Lenovo yoga 13

System - windows 8.1

 


Edited by Haldo10, 30 October 2014 - 05:31 PM.


BC AdBot (Login to Remove)

 


m

#2 Haldo10

Haldo10
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:03:48 AM

Posted 30 October 2014 - 05:32 PM

Screenshot attached of the proxy server showing up on hitman scan

Attached Files



#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,549 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:48 PM

Posted 05 November 2014 - 08:50 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/554054 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 Haldo10

Haldo10
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:03:48 AM

Posted 05 November 2014 - 02:20 PM

I have tried installing DDS but I get a pop up error when opening the .exe installer saying that 'DDS is not meant to run in compatibility mode, the program will now exit'



#5 Haldo10

Haldo10
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:03:48 AM

Posted 05 November 2014 - 04:06 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-11-2014
Ran by David (administrator) on IDEA-PC on 05-11-2014 21:01:19
Running from C:\Users\David\Desktop\frst
Loaded Profile: David (Available profiles: David)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\SystemAgent\SystemAgentService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe
() C:\Windows\runSW.exe
(Realtek) C:\Windows\SwUSB.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(MicroTools) C:\Program Files (x86)\Windows Optimizer\v9\optimizer.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(MicroStudio) C:\Program Files (x86)\Windows Network Accelerater\v3\winvxm.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe
(Lenovo) C:\ProgramData\YogaSmartSwicth\Server\x64\ymc.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\ProgramData\YogaSmartSwicth\yogaserver.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Password Manager\password_manager.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_metro.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_199.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_199.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynLenovoGestureMgr] => C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [665400 2012-11-24] (Synaptics)
HKLM\...\Run: [yogaserver] => C:\ProgramData\YogaSmartSwicth\yogaserver.exe [208464 2012-12-01] ()
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2012-12-01] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2012-12-01] (Lenovo(beijing) Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2968376 2012-11-24] (Synaptics Incorporated)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [111488 2013-10-14] (Intel Corporation)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [253952 2013-05-07] (Realtek Semiconductor Corporation)
HKLM\...\Run: [PasswordManager] => C:\Program Files\Lenovo\Password Manager\password_manager.exe [1665824 2014-06-23] (Lenovo Group Limited)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [909016 2013-10-21] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-10-12] (AVAST Software)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-2433331430-149645389-3559486150-1001\...\Policies\Explorer: [Run] "C:\Users\David\AppData\Roaming\Microsoft\Windows\IEUpdate\Magnify.exe"
HKU\S-1-5-21-2433331430-149645389-3559486150-1001\...\Command Processor: "C:\Users\David\AppData\Roaming\Microsoft\Windows\IEUpdate\Magnify.exe" <===== ATTENTION!
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Motion Control.lnk
ShortcutTarget: Motion Control.lnk -> C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe ()
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Magnify.lnk
ShortcutTarget: Magnify.lnk -> C:\Users\David\AppData\Roaming\Microsoft\Windows\IEUpdate\Magnify.exe (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [1SecureIconsProvider] -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll ()
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} =>  No File
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - {D4435789-048C-4E4E-9B6F-F9910FD1D2DC} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites05_14_19_ff&cd=2XzuyEtN2Y1L1QzutBtDyCzzzy0D0EyD0E0B0B0DyCtAtD0BtN0D0Tzu0SzzyDzztN1L2XzutBtFtBtDtFyCtFtDtN1L1CzutCyEtDtAtDyD1V1PtN1L1G1B1V1N2Y1L1Qzu2SyEyD0AyC0C0EyEzztGtAtC0C0FtGyBtD0A0DtG0E0ByEtDtGtC0EtCtDtC0CzzyCtDtByB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDyDyE0FtBtAtAtCtGtByEzztBtGyCtC0FtDtGzy0D0FzztGtDtA0E0D0BzyyD0F0EyEyBtA2Q&cr=1097754377&ir=
SearchScopes: HKLM-x32 - {D4435789-048C-4E4E-9B6F-F9910FD1D2DC} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: WSISVCUchrome - No CLSID Value -
Handler-x32: WSISVCUchrome - No CLSID Value -
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{7AD82333-73AD-4B26-B567-19AD8A7E7629}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{96701864-194B-47F7-B207-8173B7554B0D}: [NameServer] 8.8.8.8,8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\l78bnv5a.default-1404331229174
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_199.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_199.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\David\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
FF Extension: Bluhell Firewall - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\l78bnv5a.default-1404331229174\Extensions\{6BB5760D-F97E-421B-AF5B-8457A90C3CED}.xpi [2014-10-13]
FF Extension: YouTube High Definition - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\l78bnv5a.default-1404331229174\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2014-10-13]
FF HKLM-x32\...\Firefox\Extensions: [{b9bfaf1c-a63f-47cd-0829-29526ced3775}] - C:\Program Files (x86)\Mozilla Firefox\extension\\freeyoubutetomp3.xpi
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-12]
FF HKLM-x32\...\Mozilla Firefox 30.0\Extensions: [{b9bfaf1c-a63f-47cd-0829-29526ced3775}] - C:\Program Files (x86)\Mozilla Firefox\extension\\freeyoubutetomp3.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKCU\...\Firefox\Extensions: [{F74D5734-46F5-4B16-96F0-1E7FBF41B750}] - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12
FF Extension: ThinkVantage Password Manager - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12 [2014-10-25]
FF Extension: No Name - wrc@avast.com [Not Found]
FF Extension: No Name - {F74D5734-46F5-4B16-96F0-1E7FBF41B750} [Not Found]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-12]
CHR HKLM-x32\...\Chrome\Extension: [nomnoaehhnmbolpapbjeopogjfefdpnl] - C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com.crx [2014-10-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-12] (AVAST Software)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [56832 2013-08-28] () [File not signed]
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [115656 2013-10-14] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [118728 2013-10-14] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [124904 2013-10-14] (Intel Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
R2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [193576 2012-07-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [559872 2014-08-06] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [579400 2013-02-08] (LENOVO INCORPORATED.)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 RunSwUSB; C:\Windows\runSW.exe [44104 2013-05-23] ()
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [72992 2014-06-06] (IObit)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-09-16] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 WindowsOptimizer_v9; C:\Program Files (x86)\Windows Optimizer\v9\optimizer.exe [2963064 2014-10-22] (MicroTools)
R2 WindowsVNT_R3; C:\Program Files (x86)\Windows Network Accelerater\v3\winvxm.exe [2973600 2014-10-20] (MicroStudio) [File not signed]
R2 ymc; C:\ProgramData\YogaSmartSwicth\Server\x64\ymc.exe [27216 2012-12-01] (Lenovo)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-10-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-10-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-10-12] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-10-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-10-12] ()
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [49952 2014-03-20] (AVG Technologies)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [116752 2013-10-14] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [290256 2013-10-14] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494808 2013-10-14] (Intel Corporation)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-29] (Malwarebytes Corporation)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [547032 2013-07-04] (Realtek Semiconductor Corporation)
R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [2968280 2013-11-15] (Realtek Semiconductor Corporation                           )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SensorsHIDClassDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1058680 2012-08-11] (Sunplus)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S0 hitmanpro37duringboot; system32\drivers\hitmanpro37.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-05 21:01 - 2014-11-05 21:01 - 00000000 ____D () C:\Users\David\Desktop\frst
2014-11-05 21:01 - 2014-11-05 21:01 - 00000000 ____D () C:\FRST
2014-11-05 20:18 - 2014-11-05 20:18 - 00688992 _____ (Swearware) C:\Users\David\Desktop\dds(2).com
2014-11-05 19:25 - 2014-11-05 19:29 - 42807296 _____ () C:\Users\David\Downloads\BlackboardCollaborateLauncher-Win(2).msi
2014-11-05 19:14 - 2014-11-05 19:14 - 00688992 _____ (Swearware) C:\Users\David\Downloads\dds(1).com
2014-11-05 19:11 - 2014-11-05 19:11 - 00688992 _____ (Swearware) C:\Users\David\Downloads\dds.com
2014-11-05 09:01 - 2014-11-05 09:01 - 00000000 ____D () C:\Users\David\Desktop\test
2014-11-05 08:34 - 2014-11-05 09:00 - 00815206 _____ () C:\Users\David\Desktop\TMA01 David Halliday MST124.zip
2014-11-05 08:30 - 2014-11-05 08:30 - 00707364 _____ () C:\Users\David\Desktop\David Halliday TMA01.zip
2014-11-05 08:29 - 2014-11-05 08:29 - 00002276 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2014-11-05 08:29 - 2014-11-05 08:29 - 00002270 _____ () C:\Users\Public\Desktop\WinZip.lnk
2014-11-05 08:29 - 2014-11-05 08:29 - 00000000 ____D () C:\Users\David\AppData\Local\WinZip
2014-11-05 08:29 - 2014-11-05 08:29 - 00000000 ____D () C:\ProgramData\WinZip
2014-11-05 08:29 - 2014-11-05 08:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2014-11-05 08:29 - 2014-11-05 08:29 - 00000000 ____D () C:\Program Files (x86)\WinZip
2014-11-05 08:24 - 2014-11-05 08:27 - 59910144 _____ () C:\Users\David\Downloads\winzip190-32.msi
2014-11-05 08:23 - 2014-11-05 08:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-11-05 08:23 - 2014-11-05 08:23 - 00000000 ____D () C:\Program Files\7-Zip
2014-11-05 08:21 - 2014-11-05 08:21 - 00000408 _____ () C:\WINDOWS\PFRO.log
2014-11-05 08:17 - 2014-11-05 08:17 - 01444352 _____ () C:\Users\David\Downloads\7z922-x64.msi
2014-11-05 08:16 - 2014-11-05 08:16 - 00770360 _____ ( ) C:\Users\David\Downloads\7z922-x64_inst.exe
2014-11-05 07:59 - 2014-11-05 07:59 - 02979459 _____ () C:\Users\David\Downloads\tma1.zip
2014-11-05 07:59 - 2014-11-05 07:59 - 01219422 _____ () C:\Users\David\Desktop\MST 124 TMA03.tiff
2014-11-05 07:59 - 2014-11-05 07:59 - 01219422 _____ () C:\Users\David\Desktop\MST 124 TMA02.tiff
2014-11-05 07:59 - 2014-11-05 07:59 - 01219422 _____ () C:\Users\David\Desktop\MST 124 TMA01.tiff
2014-11-05 07:59 - 2014-11-05 07:59 - 01219422 _____ () C:\Users\David\Desktop\MST 124 TMA.tiff
2014-11-05 07:59 - 2014-11-05 07:59 - 01219422 _____ () C:\Users\David\Desktop\MST 124 TMA 107.tiff
2014-11-05 07:59 - 2014-11-05 07:59 - 01219422 _____ () C:\Users\David\Desktop\MST 124 TMA 105.tiff
2014-11-05 07:59 - 2014-11-05 07:59 - 01219422 _____ () C:\Users\David\Desktop\MST 124 TMA 104.tiff
2014-11-05 07:59 - 2014-11-05 07:59 - 01219422 _____ () C:\Users\David\Desktop\MST 124 TMA 103.tiff
2014-11-05 07:59 - 2014-11-05 07:59 - 01216862 _____ () C:\Users\David\Desktop\MST 124 TMA 106.tiff
2014-11-04 22:10 - 2014-11-05 20:17 - 00007634 _____ () C:\WINDOWS\runSW.log
2014-11-04 22:02 - 2014-11-05 19:24 - 00218927 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-04 22:02 - 2014-11-04 22:02 - 00002857 _____ () C:\WINDOWS\setupact.log
2014-11-04 22:02 - 2014-11-04 22:02 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-11-04 21:53 - 2014-11-04 21:53 - 00008424 _____ () C:\Users\David\Documents\cc_20141104_215336.reg
2014-11-04 21:30 - 2014-11-04 21:30 - 00000728 _____ () C:\Users\David\Desktop\TMA01 q5.wxm
2014-11-04 20:49 - 2014-11-04 20:52 - 00005047 _____ () C:\Users\David\maxout.gnuplot
2014-11-04 19:49 - 2014-11-04 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxima-5.30.0
2014-11-04 19:46 - 2014-11-04 19:47 - 33439662 _____ (The Maxima Development Team ) C:\Users\David\Downloads\maxima-5.30.0.exe
2014-11-03 19:23 - 2014-11-03 19:26 - 104874964 _____ () C:\Users\David\Downloads\South.Park.S18E05.HDTV.x264-KILLERS.mp4
2014-11-03 19:23 - 2014-11-03 19:26 - 103685920 ____R () C:\Users\David\Downloads\South.Park.S18E04.HDTV.x264-KILLERS.mp4
2014-11-01 17:57 - 2014-11-01 18:33 - 00000000 ____D () C:\Users\David\Downloads\A Million Ways to Die in the West (2014) [1080p]
2014-10-30 22:09 - 2014-10-30 22:09 - 00490256 _____ () C:\Users\David\Downloads\HelpAsst_mebroot_fix.exe
2014-10-30 19:50 - 2014-10-30 19:54 - 42807296 _____ () C:\Users\David\Downloads\BlackboardCollaborateLauncher-Win(1).msi
2014-10-28 21:53 - 2014-10-28 21:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-26 16:46 - 2014-10-26 16:46 - 00000000 ____D () C:\Users\David\AppData\Roaming\Lenovo
2014-10-26 16:43 - 2014-10-26 16:43 - 00000000 ____D () C:\Users\David\AppData\Local\Lenovo
2014-10-25 20:06 - 2014-10-25 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ooVoo
2014-10-25 20:05 - 2014-10-25 20:05 - 02387520 _____ (ooVoo LLC) C:\Users\David\Downloads\ooVooSetup.exe
2014-10-25 20:04 - 2014-10-25 20:04 - 00000000 ____D () C:\Users\David\AppData\Local\Tvsukernel
2014-10-25 19:46 - 2014-10-25 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2014-10-25 19:46 - 2014-10-25 19:46 - 00000000 ____D () C:\Program Files\Dolby Digital Plus
2014-10-25 19:45 - 2014-10-25 19:45 - 00000000 ____D () C:\Users\Public\Documents\Conexant
2014-10-25 19:45 - 2011-09-01 14:23 - 00447104 _____ (Conexant Systems, Inc.) C:\WINDOWS\SysWOW64\SASrv.exe
2014-10-25 19:44 - 2013-07-25 13:39 - 00206552 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CxAudMsg64.exe
2014-10-25 19:44 - 2012-06-04 11:34 - 00002008 _____ () C:\WINDOWS\system32\Drivers\SamSfPa.dat
2014-10-25 19:39 - 2014-10-25 19:39 - 00001577 _____ () C:\WINDOWS\Delfg.cmd
2014-10-25 19:39 - 2014-10-25 19:39 - 00000146 _____ () C:\WINDOWS\launchpw.cmd
2014-10-25 19:38 - 2014-10-25 19:39 - 00000006 _____ () C:\WINDOWS\systemtype.txt
2014-10-25 19:32 - 2014-10-25 19:32 - 00000000 ____D () C:\Program Files (x86)\Lenovo EasyCamera
2014-10-25 19:25 - 2014-10-25 19:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2014-10-25 19:25 - 2014-10-25 19:25 - 00000000 ____D () C:\WINDOWS\System32\Tasks\TVT
2014-10-25 19:25 - 2013-12-11 17:40 - 00002092 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Update Search.lnk
2014-10-25 19:25 - 2013-12-11 17:40 - 00002092 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Update Search.lnk
2014-10-25 19:25 - 2013-12-11 17:40 - 00002092 _____ () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Update Search.lnk
2014-10-25 19:24 - 2014-10-25 20:03 - 00000000 ____D () C:\ProgramData\Lenovo
2014-10-25 19:24 - 2014-10-25 19:38 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2014-10-25 19:12 - 2014-10-25 19:14 - 47369288 _____ (Lenovo Group Limited ) C:\Users\David\Downloads\0tme03ww.exe
2014-10-25 19:10 - 2014-10-25 19:11 - 07643992 _____ (Lenovo Group Limited ) C:\Users\David\Downloads\0tcr03ww.exe
2014-10-25 19:09 - 2014-10-25 19:10 - 02773984 _____ (Lenovo Group Limited ) C:\Users\David\Downloads\0tca05ww_chicony.exe
2014-10-25 19:09 - 2014-10-25 19:10 - 00527280 _____ (Lenovo Group Limited ) C:\Users\David\Downloads\0tal01ww.exe
2014-10-25 19:08 - 2014-10-25 19:09 - 01542256 _____ (Lenovo Group Limited ) C:\Users\David\Downloads\0tch06ww.exe
2014-10-25 19:06 - 2014-10-25 19:12 - 49349280 _____ (Lenovo Group Limited) C:\Users\David\Downloads\zb55z004us00.exe
2014-10-25 19:05 - 2014-10-25 19:18 - 194472856 _____ (Lenovo Group Limited ) C:\Users\David\Downloads\0tau23ww.exe
2014-10-25 19:04 - 2014-10-25 19:21 - 365264872 _____ (Lenovo Group Limited ) C:\Users\David\Downloads\0tg622ww.exe
2014-10-25 19:04 - 2014-10-25 19:12 - 47001192 _____ (Lenovo Group Limited ) C:\Users\David\Downloads\0ttp18ww.exe
2014-10-25 19:04 - 2014-10-25 19:04 - 05095608 _____ (Lenovo Group Limited ) C:\Users\David\Downloads\0tdf05ww.exe
2014-10-25 19:03 - 2014-10-25 19:11 - 53139280 _____ (Lenovo Group Limited ) C:\Users\David\Downloads\0twb33ww.exe
2014-10-25 19:03 - 2014-10-25 19:08 - 34689608 _____ (Lenovo) C:\Users\David\Downloads\smartgestureinstall.exe
2014-10-25 19:03 - 2014-10-25 19:06 - 29142384 _____ (Lenovo Group Limited ) C:\Users\David\Downloads\0twb32ww.exe
2014-10-25 19:03 - 2014-10-25 19:05 - 11501640 _____ (Lenovo Group Limited ) C:\Users\David\Downloads\lenovoshareit-win.exe
2014-10-25 19:03 - 2014-10-25 19:03 - 13066744 _____ ( ) C:\Users\David\Downloads\systemupdate506-09-16-2014.exe
2014-10-25 17:35 - 2014-10-25 17:37 - 00000000 ____D () C:\Users\David\Downloads\Teenage.Mutant.Ninja.Turtles.2014.720p.HDRip.x264.AC3.5.1-RARBG
2014-10-25 16:44 - 2014-10-25 16:44 - 00003134 _____ () C:\Users\David\Documents\cc_20141025_174430.reg
2014-10-25 15:29 - 2014-10-09 22:16 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-10-25 15:29 - 2014-10-08 22:09 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-10-25 15:29 - 2014-09-19 01:24 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-10-25 15:29 - 2014-09-13 06:02 - 02779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-25 15:29 - 2014-09-13 05:30 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-10-25 15:29 - 2014-09-10 06:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-10-25 15:29 - 2014-09-08 03:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-10-25 15:29 - 2014-09-08 03:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-10-25 15:29 - 2014-09-07 22:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-10-25 15:29 - 2014-09-04 22:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-10-25 15:29 - 2014-09-04 22:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-10-25 15:29 - 2014-09-04 03:15 - 00561416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-10-25 15:29 - 2014-09-04 03:14 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-10-25 15:29 - 2014-09-04 03:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-10-25 15:29 - 2014-09-04 02:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-10-25 15:29 - 2014-09-04 01:19 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-10-25 15:29 - 2014-09-04 01:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-10-25 15:29 - 2014-09-04 00:45 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-10-25 15:29 - 2014-09-04 00:41 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-10-25 15:29 - 2014-09-04 00:36 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-10-25 15:29 - 2014-09-04 00:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-10-25 15:29 - 2014-09-04 00:15 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-10-25 15:29 - 2014-09-04 00:10 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-10-25 15:29 - 2014-09-03 23:57 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-10-25 15:29 - 2014-09-03 23:49 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-10-25 15:29 - 2014-08-31 00:17 - 00148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-10-25 15:29 - 2014-08-31 00:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-10-25 15:29 - 2014-08-30 22:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-10-25 15:29 - 2014-08-30 22:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2014-10-25 15:29 - 2014-08-30 21:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2014-10-25 15:29 - 2014-08-30 21:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-10-25 15:29 - 2014-08-30 20:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2014-10-25 15:29 - 2014-08-30 20:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-10-25 15:29 - 2014-08-28 02:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-10-25 15:29 - 2014-08-28 00:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-10-25 15:29 - 2014-08-28 00:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-10-25 15:29 - 2014-08-23 05:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-10-25 15:29 - 2014-08-23 05:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-10-25 15:29 - 2014-08-23 04:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-10-25 15:29 - 2014-08-02 00:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-10-25 15:29 - 2014-08-02 00:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-10-25 15:23 - 2014-09-08 03:15 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-10-25 15:23 - 2014-09-08 01:46 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-10-25 15:23 - 2014-09-08 01:46 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-10-25 15:23 - 2014-09-08 00:08 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-10-25 15:23 - 2014-09-08 00:07 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-10-25 15:23 - 2014-09-08 00:05 - 03448320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-10-25 15:23 - 2014-09-08 00:04 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-25 15:23 - 2014-09-08 00:04 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-10-25 15:23 - 2014-09-08 00:03 - 01702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-10-25 15:23 - 2014-09-08 00:03 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-10-25 15:23 - 2014-09-07 23:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-10-25 15:23 - 2014-09-07 23:59 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-10-25 15:23 - 2014-09-07 23:56 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-10-25 15:23 - 2014-09-07 23:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-10-25 13:51 - 2014-10-25 13:51 - 00000000 ____D () C:\Users\David\Documents\Outlook Files
2014-10-21 19:55 - 2014-10-21 19:55 - 00000000 ____D () C:\Users\David\AppData\Roaming\ooVoo Details
2014-10-21 19:54 - 2014-10-25 20:06 - 00000000 ____D () C:\Program Files (x86)\ooVoo
2014-10-16 09:20 - 2014-09-19 02:25 - 23631360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-16 09:16 - 2014-09-19 01:44 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-16 09:15 - 2014-09-25 22:50 - 13619200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-16 09:15 - 2014-09-25 22:46 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-16 09:15 - 2014-09-25 22:46 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-16 09:15 - 2014-09-25 22:43 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-16 09:15 - 2014-09-25 22:32 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-16 09:15 - 2014-09-25 22:31 - 02108416 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-16 09:15 - 2014-09-19 01:41 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-16 09:15 - 2014-09-19 01:40 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-10-16 09:15 - 2014-09-19 01:38 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-10-16 09:15 - 2014-09-19 01:36 - 05829632 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-16 09:15 - 2014-09-19 01:25 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-16 09:15 - 2014-09-19 01:25 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-10-16 09:15 - 2014-09-19 01:02 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-10-16 09:15 - 2014-09-19 01:00 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-16 09:15 - 2014-09-19 00:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-10-16 09:15 - 2014-09-19 00:58 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-16 09:15 - 2014-09-19 00:55 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-16 09:15 - 2014-09-19 00:42 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-16 09:15 - 2014-09-19 00:42 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-16 09:15 - 2014-09-19 00:42 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-16 09:15 - 2014-09-19 00:33 - 02309632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-16 09:15 - 2014-09-19 00:20 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-16 09:15 - 2014-09-19 00:20 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-16 09:15 - 2014-09-19 00:14 - 01447936 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-16 09:15 - 2014-09-18 23:59 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-10-16 09:15 - 2014-09-18 23:59 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-10-16 09:15 - 2014-09-18 23:53 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-16 09:15 - 2014-09-18 23:52 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-10-15 22:24 - 2014-09-27 22:25 - 04183040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-15 22:03 - 2014-09-13 06:29 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-15 22:03 - 2014-09-13 05:49 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-10-15 22:03 - 2014-09-04 00:12 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-15 22:03 - 2014-09-04 00:01 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-10-14 18:17 - 2014-10-30 19:56 - 00001693 _____ () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blackboard Collaborate Launcher.lnk
2014-10-14 18:14 - 2014-10-14 18:16 - 42807296 _____ () C:\Users\David\Downloads\BlackboardCollaborateLauncher-Win.msi
2014-10-14 18:14 - 2014-10-14 18:14 - 00010684 _____ () C:\Users\David\Downloads\meeting(1).collab
2014-10-13 12:35 - 2014-10-13 12:35 - 00004151 _____ () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileHippo.lnk
2014-10-13 12:29 - 2014-10-13 12:30 - 17921200 _____ (Adobe Systems Incorporated) C:\Users\David\Downloads\flashplayer15_install_win_pi.exe
2014-10-13 12:28 - 2014-10-13 12:30 - 04965896 _____ (Piriform Ltd) C:\Users\David\Downloads\ccsetup418.exe
2014-10-13 12:26 - 2014-10-13 12:26 - 00499976 _____ () C:\Users\David\Downloads\AppManagerSetup_1.44.exe
2014-10-13 11:49 - 2014-10-13 11:49 - 01976320 _____ () C:\Users\David\Downloads\adwcleaner_4.000.exe
2014-10-13 10:15 - 2014-07-24 15:28 - 00419648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-10-13 10:15 - 2014-07-24 15:28 - 00412992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-10-13 10:15 - 2014-07-24 15:28 - 00280384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-10-13 10:15 - 2014-07-24 15:28 - 00143680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-10-13 10:15 - 2014-07-24 15:23 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-10-13 10:15 - 2014-07-24 15:23 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-10-13 10:15 - 2014-07-24 15:20 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-10-13 10:15 - 2014-07-24 15:20 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-10-13 10:15 - 2014-07-24 15:16 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-10-13 10:15 - 2014-07-24 15:16 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-10-13 10:15 - 2014-07-24 15:07 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-10-13 10:15 - 2014-07-24 15:05 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-10-13 10:15 - 2014-07-24 15:05 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-10-13 10:15 - 2014-07-24 15:05 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-10-13 10:15 - 2014-07-24 15:05 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-10-13 10:15 - 2014-07-24 15:03 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-10-13 10:15 - 2014-07-24 15:03 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-10-13 10:15 - 2014-07-24 15:03 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-10-13 10:15 - 2014-07-24 15:03 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-10-13 10:15 - 2014-07-24 15:03 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2014-10-13 10:15 - 2014-07-24 13:50 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-10-13 10:15 - 2014-07-24 13:48 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-10-13 10:15 - 2014-07-24 13:48 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-10-13 10:15 - 2014-07-24 13:46 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-10-13 10:15 - 2014-07-24 13:36 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-10-13 10:15 - 2014-07-24 13:36 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-10-13 10:15 - 2014-07-24 13:36 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-10-13 10:15 - 2014-07-24 13:36 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2014-10-13 10:15 - 2014-07-24 11:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2014-10-13 10:15 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2014-10-13 10:15 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL
2014-10-13 10:15 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2014-10-13 10:15 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2014-10-13 10:15 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2014-10-13 10:15 - 2014-07-24 11:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2014-10-13 10:15 - 2014-07-24 11:47 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-10-13 10:15 - 2014-07-24 11:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-10-13 10:15 - 2014-07-24 11:45 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-10-13 10:15 - 2014-07-24 11:44 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-10-13 10:15 - 2014-07-24 11:43 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2014-10-13 10:15 - 2014-07-24 11:42 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-10-13 10:15 - 2014-07-24 11:42 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2014-10-13 10:15 - 2014-07-24 11:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2014-10-13 10:15 - 2014-07-24 11:22 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2014-10-13 10:15 - 2014-07-24 11:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2014-10-13 10:15 - 2014-07-24 11:05 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2014-10-13 10:15 - 2014-07-24 11:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-10-13 10:15 - 2014-07-24 10:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2014-10-13 10:15 - 2014-07-24 10:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL
2014-10-13 10:15 - 2014-07-24 10:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2014-10-13 10:15 - 2014-07-24 10:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2014-10-13 10:15 - 2014-07-24 10:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2014-10-13 10:15 - 2014-07-24 10:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2014-10-13 10:15 - 2014-07-24 10:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2014-10-13 10:15 - 2014-07-24 10:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2014-10-13 10:15 - 2014-07-24 10:33 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-10-13 10:15 - 2014-07-24 10:32 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2014-10-13 10:15 - 2014-07-24 10:20 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2014-10-13 10:15 - 2014-07-24 10:18 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-10-13 10:15 - 2014-07-24 10:12 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-10-13 10:15 - 2014-07-24 10:10 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-10-13 10:15 - 2014-07-24 10:10 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-10-13 10:15 - 2014-07-24 10:10 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-10-13 10:15 - 2014-07-24 10:10 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2014-10-13 10:15 - 2014-07-24 10:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-10-13 10:15 - 2014-07-24 09:53 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2014-10-13 10:15 - 2014-07-24 09:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-10-13 10:15 - 2014-07-24 09:44 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-10-13 10:15 - 2014-07-24 09:42 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2014-10-13 10:15 - 2014-07-24 09:40 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-10-13 10:15 - 2014-07-24 09:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-10-13 10:15 - 2014-07-24 09:33 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2014-10-13 10:15 - 2014-07-24 09:32 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-10-13 10:15 - 2014-07-24 09:27 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-10-13 10:15 - 2014-07-24 09:25 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-10-13 10:15 - 2014-07-24 09:24 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-10-13 10:15 - 2014-07-24 09:21 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2014-10-13 10:15 - 2014-07-24 09:18 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2014-10-13 10:15 - 2014-07-24 09:16 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-10-13 10:15 - 2014-07-24 09:14 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-10-13 10:15 - 2014-07-24 09:13 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2014-10-13 10:15 - 2014-07-24 09:12 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-10-13 10:15 - 2014-07-24 09:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-10-13 10:15 - 2014-07-24 09:11 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2014-10-13 10:15 - 2014-07-24 09:10 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-10-13 10:15 - 2014-07-24 09:04 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-10-13 10:15 - 2014-07-24 09:04 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-10-13 10:15 - 2014-07-24 09:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-10-13 10:15 - 2014-07-24 09:02 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-10-13 10:15 - 2014-07-24 08:58 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2014-10-13 10:15 - 2014-07-24 08:53 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-10-13 10:15 - 2014-07-24 08:53 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-10-13 10:15 - 2014-07-24 08:49 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-10-13 10:15 - 2014-07-24 08:49 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-10-13 10:15 - 2014-07-24 08:49 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-10-13 10:15 - 2014-07-24 08:48 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-10-13 10:15 - 2014-07-24 08:47 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-10-13 10:15 - 2014-07-24 08:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2014-10-13 10:15 - 2014-07-24 08:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-10-13 10:15 - 2014-07-24 08:38 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-10-13 10:15 - 2014-07-24 08:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2014-10-13 10:15 - 2014-07-24 08:32 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-10-13 10:15 - 2014-07-24 08:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-10-13 10:15 - 2014-07-24 08:29 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-10-13 10:15 - 2014-07-24 08:28 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2014-10-13 10:15 - 2014-07-24 08:23 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-10-13 10:15 - 2014-07-24 08:22 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-10-13 10:15 - 2014-07-24 08:21 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-10-13 10:15 - 2014-07-24 08:21 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-10-13 10:15 - 2014-07-24 08:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2014-10-13 10:15 - 2014-07-24 08:18 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-10-13 10:15 - 2014-07-24 08:18 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-10-13 10:15 - 2014-07-24 08:16 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-10-13 10:15 - 2014-07-24 08:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2014-10-13 10:15 - 2014-07-24 08:15 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-10-13 10:15 - 2014-07-24 08:15 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2014-10-13 10:15 - 2014-07-24 08:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-10-13 10:15 - 2014-07-24 08:10 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-10-13 10:15 - 2014-07-24 08:10 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-10-13 10:15 - 2014-07-24 08:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-10-13 10:15 - 2014-07-24 08:08 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2014-10-13 10:15 - 2014-07-24 08:05 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-10-13 10:15 - 2014-07-24 08:01 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2014-10-13 10:15 - 2014-07-24 08:00 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-10-13 10:15 - 2014-07-24 07:58 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-10-13 10:15 - 2014-07-24 07:58 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-10-13 10:15 - 2014-07-24 07:54 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2014-10-13 10:15 - 2014-07-24 07:50 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-10-13 10:15 - 2014-07-24 07:49 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2014-10-13 10:15 - 2014-07-24 07:47 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-10-13 10:15 - 2014-07-24 07:44 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-10-13 10:15 - 2014-07-24 07:43 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2014-10-13 10:15 - 2014-07-24 07:41 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-10-13 10:15 - 2014-07-24 07:33 - 03360768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-10-13 10:15 - 2014-07-24 07:28 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-10-13 10:15 - 2014-07-24 04:11 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-10-13 10:15 - 2014-07-24 04:11 - 00513544 _____ () C:\WINDOWS\system32\locale.nls
2014-10-13 10:15 - 2014-07-12 05:55 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2014-10-13 10:15 - 2014-07-12 04:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2014-10-13 10:15 - 2014-07-04 12:59 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-10-13 10:15 - 2014-07-04 10:29 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2014-10-13 10:15 - 2014-07-04 10:20 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-10-13 10:15 - 2014-07-04 10:06 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2014-10-13 10:15 - 2014-07-04 10:00 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-10-13 10:15 - 2014-07-04 09:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-10-13 10:15 - 2014-07-04 09:27 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-10-13 10:15 - 2014-06-27 06:22 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-10-13 10:15 - 2014-06-26 00:32 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-10-13 10:15 - 2014-06-26 00:29 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2014-10-13 10:15 - 2014-06-19 23:37 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-10-13 10:15 - 2014-06-19 02:13 - 00310080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-10-13 10:15 - 2014-06-14 06:03 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-10-13 10:15 - 2014-06-14 05:46 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-10-13 10:15 - 2014-06-07 12:46 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-10-13 10:15 - 2014-06-07 10:20 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-10-13 10:15 - 2014-06-05 14:00 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-10-13 10:15 - 2014-06-05 10:18 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-10-13 10:15 - 2014-06-05 09:42 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-10-13 10:15 - 2014-05-31 05:00 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2014-10-13 10:15 - 2014-05-31 04:18 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2014-10-13 10:15 - 2014-05-29 06:23 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-10-13 10:15 - 2014-05-29 05:25 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-10-13 10:15 - 2014-05-26 07:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-10-13 10:15 - 2014-05-10 10:12 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-10-13 10:15 - 2014-05-10 08:46 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-10-13 10:15 - 2014-05-06 04:41 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-10-13 10:15 - 2014-05-06 00:55 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-10-13 10:15 - 2014-03-25 02:27 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-10-13 10:15 - 2014-03-25 02:27 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-10-13 10:15 - 2014-03-25 01:20 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-10-13 10:15 - 2014-03-25 01:20 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-10-13 10:14 - 2014-08-15 00:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-10-13 10:14 - 2014-07-30 01:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-10-13 10:14 - 2014-07-29 05:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-10-13 10:06 - 2014-10-25 15:36 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-10-13 09:48 - 2014-04-14 03:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-10-13 09:41 - 2014-10-13 09:41 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-10-13 09:41 - 2014-10-13 09:41 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-10-13 09:41 - 2014-10-13 09:41 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-10-13 09:41 - 2014-10-13 09:41 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-10-13 09:41 - 2014-10-13 09:41 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-10-13 09:41 - 2014-10-13 09:41 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-10-13 09:41 - 2014-10-13 09:41 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-10-13 09:41 - 2014-10-13 09:41 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-10-13 09:41 - 2014-10-13 09:41 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-10-13 09:41 - 2014-10-13 09:41 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-10-13 09:41 - 2014-10-13 09:41 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-10-13 09:41 - 2014-10-13 09:41 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-10-13 09:41 - 2014-10-13 09:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-10-13 09:41 - 2014-10-13 09:41 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-10-13 09:41 - 2014-08-16 01:32 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-10-13 09:41 - 2014-08-16 01:25 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-10-13 09:41 - 2014-08-16 01:11 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-10-13 09:41 - 2014-08-16 01:03 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-10-13 09:41 - 2014-08-16 00:58 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-13 09:41 - 2014-05-30 09:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-10-13 09:41 - 2014-05-30 08:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-10-13 09:30 - 2014-04-11 08:25 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-10-13 09:30 - 2014-04-11 03:54 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-10-13 09:30 - 2014-04-11 02:57 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-10-13 07:27 - 2014-10-13 07:27 - 00000000 ____D () C:\Users\David\Downloads\Hitman Pro 3.7.9 Cracked 32+64-Bit [danhuk]
2014-10-13 07:23 - 2014-10-13 07:23 - 00000000 ____D () C:\Program Files\HitmanPro
2014-10-13 07:02 - 2014-09-05 02:36 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-10-13 07:02 - 2014-06-28 07:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-10-13 07:02 - 2014-05-30 03:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-10-13 07:00 - 2014-06-20 01:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-10-13 07:00 - 2014-06-19 23:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-10-13 06:57 - 2014-08-07 02:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-10-13 06:57 - 2014-08-02 03:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-10-13 06:57 - 2014-07-15 18:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-10-13 06:57 - 2014-07-15 08:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-10-13 06:57 - 2014-07-15 08:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-10-13 06:57 - 2014-07-15 08:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-10-13 06:57 - 2014-06-13 01:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-10-13 06:57 - 2014-06-13 01:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-10-13 06:57 - 2014-06-13 00:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-10-13 06:57 - 2014-06-06 11:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-10-13 06:57 - 2014-05-10 03:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-10-13 06:57 - 2014-05-10 03:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-10-13 06:57 - 2014-03-24 02:30 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-10-13 06:57 - 2014-03-24 02:30 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-10-13 06:57 - 2014-03-24 02:27 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-10-12 21:49 - 2014-08-02 00:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-10-12 21:49 - 2014-05-29 07:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-10-12 21:49 - 2014-05-29 06:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-10-12 21:49 - 2014-03-13 07:42 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-10-12 21:49 - 2014-03-13 06:51 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-10-12 21:38 - 2014-06-09 22:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-10-12 21:38 - 2014-06-09 22:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-10-12 21:34 - 2014-05-03 05:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-10-12 21:34 - 2014-05-03 04:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-10-12 21:34 - 2014-04-30 06:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-10-12 21:34 - 2014-04-30 04:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-10-12 21:34 - 2014-04-30 04:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-10-12 21:34 - 2014-04-30 03:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-10-12 21:34 - 2014-04-30 03:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-10-12 21:34 - 2014-04-28 22:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-10-12 21:34 - 2014-04-26 16:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-10-12 21:34 - 2014-04-14 09:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-10-12 21:34 - 2014-04-14 08:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-10-12 21:33 - 2014-05-13 07:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-10-12 21:33 - 2014-05-03 05:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-10-12 21:33 - 2014-05-03 05:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-10-12 21:33 - 2014-05-03 05:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-10-12 21:33 - 2014-05-03 04:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-10-12 21:33 - 2014-05-03 04:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-10-12 21:33 - 2014-05-02 23:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-10-12 21:33 - 2014-04-30 06:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-10-12 21:33 - 2014-04-30 06:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-10-12 21:33 - 2014-04-30 06:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-10-12 21:33 - 2014-04-30 05:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-10-12 21:33 - 2014-04-30 04:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-10-12 21:33 - 2014-04-30 04:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-10-12 21:33 - 2014-04-30 04:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-10-12 21:33 - 2014-04-30 04:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-10-12 21:33 - 2014-04-30 03:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-10-12 21:33 - 2014-04-30 03:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-10-12 21:33 - 2014-04-30 03:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-10-12 21:33 - 2014-04-30 03:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-10-12 21:33 - 2014-04-14 05:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-10-12 21:32 - 2014-04-18 14:57 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-10-12 21:32 - 2014-04-18 09:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-10-12 21:32 - 2014-04-14 09:20 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-10-12 21:32 - 2014-04-14 08:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-10-12 21:32 - 2014-04-11 04:51 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-10-12 21:32 - 2014-04-11 04:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-10-12 21:32 - 2014-04-09 11:53 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-10-12 21:32 - 2014-04-09 06:39 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-10-12 21:32 - 2014-04-09 05:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-10-12 21:32 - 2014-04-09 03:33 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-10-12 21:32 - 2014-04-08 02:01 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-10-12 21:32 - 2014-04-06 16:34 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-10-12 21:32 - 2014-04-06 16:34 - 00275800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-10-12 21:32 - 2014-04-06 16:30 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-10-12 21:32 - 2014-04-06 16:24 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-10-12 21:32 - 2014-04-06 16:20 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-10-12 21:32 - 2014-04-06 16:20 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-10-12 21:32 - 2014-04-06 16:20 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-10-12 21:32 - 2014-04-06 16:20 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-10-12 21:32 - 2014-04-06 16:20 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-10-12 21:32 - 2014-04-06 16:20 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-10-12 21:32 - 2014-04-06 16:20 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-10-12 21:32 - 2014-04-06 16:20 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-10-12 21:32 - 2014-04-06 15:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-10-12 21:32 - 2014-04-06 15:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-10-12 21:32 - 2014-04-06 15:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-10-12 21:32 - 2014-04-06 15:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-10-12 21:32 - 2014-04-06 15:16 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-10-12 21:32 - 2014-04-06 15:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-10-12 21:32 - 2014-04-06 15:16 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-10-12 21:32 - 2014-04-06 15:16 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-10-12 21:32 - 2014-04-06 12:33 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-10-12 21:32 - 2014-04-06 11:01 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-10-12 21:32 - 2014-04-06 10:05 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-10-12 21:32 - 2014-04-06 09:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-10-12 21:32 - 2014-04-03 08:12 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-10-12 21:32 - 2014-04-03 08:12 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-10-12 21:32 - 2014-04-03 04:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-10-12 21:32 - 2014-04-03 04:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-10-12 21:32 - 2014-03-28 15:58 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-10-12 21:32 - 2014-03-27 05:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-10-12 21:32 - 2014-03-27 03:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-10-12 21:32 - 2014-03-27 03:10 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-10-12 21:32 - 2014-03-18 05:00 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-10-12 21:32 - 2014-03-18 04:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-10-12 21:32 - 2014-03-17 05:09 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-10-12 21:32 - 2014-03-17 04:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-10-12 21:32 - 2014-03-14 06:26 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-10-12 21:32 - 2014-03-14 06:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-10-12 21:31 - 2014-04-06 16:20 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-10-12 21:31 - 2014-04-06 16:20 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-10-12 21:31 - 2014-04-06 12:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-10-12 21:31 - 2014-04-06 12:51 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-10-12 21:31 - 2014-04-06 12:24 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-10-12 21:31 - 2014-04-06 12:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-10-12 21:31 - 2014-04-06 11:26 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-10-12 21:31 - 2014-04-06 11:20 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-10-12 21:31 - 2014-04-03 02:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-10-12 21:31 - 2014-04-03 02:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-10-12 21:31 - 2014-03-27 04:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-10-12 21:31 - 2014-03-19 08:15 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-10-12 21:31 - 2014-03-19 07:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-10-12 21:30 - 2014-05-19 06:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-10-12 21:30 - 2014-05-19 06:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-10-12 21:30 - 2014-05-19 05:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-10-12 21:30 - 2014-04-30 04:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-10-12 21:30 - 2014-04-30 04:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-10-12 21:30 - 2014-04-30 03:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-10-12 21:30 - 2014-04-08 22:46 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-10-12 21:30 - 2014-04-08 22:46 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-10-12 21:30 - 2014-04-08 18:54 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-10-12 21:30 - 2014-04-08 18:54 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-10-12 21:19 - 2014-06-02 02:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-10-12 21:19 - 2014-05-31 10:07 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-10-12 21:19 - 2014-05-31 10:07 - 00089944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-10-12 21:19 - 2014-05-31 10:07 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-10-12 21:19 - 2014-05-31 06:30 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-10-12 21:19 - 2014-05-31 06:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-10-12 21:19 - 2014-05-31 06:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-10-12 21:19 - 2014-05-31 04:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-10-12 21:19 - 2014-05-31 04:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-10-12 21:19 - 2014-05-31 04:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-10-12 21:19 - 2014-05-27 09:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-10-12 21:19 - 2014-05-27 09:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-10-12 21:18 - 2014-05-31 10:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-10-12 21:18 - 2014-05-31 02:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-10-12 21:18 - 2014-05-31 02:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-10-12 21:17 - 2014-07-24 03:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-10-12 21:17 - 2014-07-24 03:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-10-12 21:16 - 2014-06-06 13:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-10-12 21:16 - 2014-06-06 12:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-10-12 21:16 - 2014-05-01 13:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-10-12 21:16 - 2014-05-01 05:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-10-12 21:15 - 2014-07-12 04:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-10-12 20:39 - 2014-08-16 04:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-10-12 20:39 - 2014-08-16 04:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-10-12 20:39 - 2014-08-16 03:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-10-12 20:39 - 2014-08-16 03:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-10-12 20:39 - 2014-08-16 03:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-10-12 20:39 - 2014-08-16 01:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-10-12 20:39 - 2014-08-16 01:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-10-12 20:39 - 2014-08-16 00:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-12 20:39 - 2014-08-16 00:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-10-12 20:39 - 2014-08-16 00:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-10-12 20:39 - 2014-08-16 00:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-10-12 20:39 - 2014-08-16 00:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-10-12 20:39 - 2014-08-16 00:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-10-12 20:39 - 2014-08-16 00:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-10-12 20:39 - 2014-08-16 00:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-10-12 20:39 - 2014-08-16 00:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-12 20:39 - 2014-08-16 00:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-10-12 20:39 - 2014-08-16 00:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-12 20:39 - 2014-08-16 00:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-12 20:39 - 2014-08-16 00:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-12 20:39 - 2014-08-16 00:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-10-12 20:39 - 2014-08-16 00:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-12 20:39 - 2014-08-16 00:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-10-12 20:39 - 2014-08-16 00:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-10-12 20:39 - 2014-08-16 00:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-10-12 20:39 - 2014-08-16 00:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-10-12 20:39 - 2014-08-16 00:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-10-12 20:39 - 2014-08-16 00:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-10-12 20:39 - 2014-08-16 00:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-10-12 20:39 - 2014-08-16 00:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-10-12 20:39 - 2014-07-24 15:28 - 00468288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-10-12 20:39 - 2014-07-24 11:42 - 01200640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-10-12 20:39 - 2014-07-24 11:41 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2014-10-12 20:39 - 2014-07-24 10:09 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-10-12 20:39 - 2014-07-24 09:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-10-12 20:39 - 2014-04-11 05:53 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-10-12 20:39 - 2014-03-19 07:24 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-10-12 20:37 - 2014-08-29 01:58 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-10-12 20:37 - 2014-08-28 23:56 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-12 20:37 - 2014-08-28 23:47 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-10-12 20:37 - 2014-08-23 07:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-10-12 20:37 - 2014-08-23 07:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-10-12 20:37 - 2014-08-23 06:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-10-12 20:37 - 2014-08-23 05:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-10-12 20:37 - 2014-08-23 04:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-10-12 20:37 - 2014-08-23 04:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-10-12 20:37 - 2014-08-23 04:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-10-12 20:37 - 2014-06-04 09:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-10-12 20:37 - 2014-06-04 05:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-10-12 20:37 - 2014-06-04 04:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-10-12 19:47 - 2014-10-25 17:33 - 00000000 ____D () C:\Users\David\Downloads\22 Jump Street (2014)
2014-10-12 19:46 - 2014-10-12 19:46 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-10-12 18:03 - 2014-10-26 21:07 - 00000000 ____D () C:\SUPERDelete
2014-10-12 15:38 - 2014-10-12 19:36 - 00000000 ____D () C:\Program Files\Google
2014-10-12 15:29 - 2014-10-12 15:29 - 00000000 ____D () C:\Program Files (x86)\Avast Update
2014-10-12 15:26 - 2014-10-12 15:26 - 00000000 ____D () C:\Users\David\AppData\Roaming\AVAST Software
2014-10-12 15:26 - 2014-10-12 15:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-10-12 15:25 - 2014-11-05 17:36 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-10-12 15:25 - 2014-10-12 15:39 - 00427360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-10-12 15:25 - 2014-10-12 15:25 - 01041168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-10-12 15:25 - 2014-10-12 15:25 - 00307344 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-10-12 15:25 - 2014-10-12 15:25 - 00224896 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-10-12 15:25 - 2014-10-12 15:25 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-10-12 15:25 - 2014-10-12 15:25 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-10-12 15:25 - 2014-10-12 15:25 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-10-12 15:25 - 2014-10-12 15:25 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-10-12 15:25 - 2014-10-12 15:25 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-10-12 15:25 - 2014-10-12 15:25 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-10-12 15:25 - 2014-10-12 15:25 - 00000000 ____D () C:\Program Files\AVAST Software
2014-10-12 15:17 - 2014-10-12 15:24 - 91906368 _____ (AVAST Software) C:\Users\David\Downloads\avast_free_antivirus_setup.exe
2014-10-12 15:12 - 2014-10-12 15:13 - 07315296 _____ (IObit ) C:\Users\David\Downloads\startmenu-setup.exe
2014-10-12 15:03 - 2014-10-12 15:03 - 01705755 _____ (Thisisu) C:\Users\David\Downloads\JRT(1).exe
2014-10-12 13:59 - 2014-10-12 13:59 - 01705755 _____ (Thisisu) C:\Users\David\Downloads\JRT.exe
2014-10-12 13:52 - 2014-10-29 23:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-12 13:52 - 2014-10-12 13:52 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-12 13:43 - 2014-10-12 13:43 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-10-12 11:26 - 2014-10-29 18:07 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-12 11:26 - 2014-10-25 15:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-12 11:26 - 2014-10-12 11:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-10-12 11:26 - 2014-10-01 10:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-10-12 11:26 - 2014-10-01 10:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-10-12 11:26 - 2014-10-01 10:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-10-11 20:26 - 2014-10-11 20:34 - 00000000 ____D () C:\Users\David\Downloads\Sunshine (2007) [1080p]
2014-10-11 20:25 - 2014-10-11 20:25 - 00015723 _____ () C:\Users\David\Downloads\[kickass.to]sunshine.2007.1080p.brrip.x264.yify.torrent
2014-10-10 21:41 - 2014-10-11 20:23 - 00000000 ____D () C:\Users\David\Downloads\Sunshine (2007)
2014-10-10 21:41 - 2014-10-10 21:41 - 00149135 _____ () C:\Users\David\Downloads\Sunshine_(2007).torrent
2014-10-09 18:40 - 2014-10-09 20:07 - 00000000 ____D () C:\Users\David\AppData\Local\CrashDumps
2014-10-09 18:39 - 2014-10-12 11:11 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-10-09 18:30 - 2014-10-09 18:39 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-10-09 17:58 - 2014-10-09 17:58 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2014-10-08 20:52 - 2014-10-08 20:53 - 00000000 ____D () C:\Users\David\Downloads\Waking Up - A Guide to Spirituality Without Religion [Audiobook]
2014-10-08 20:52 - 2014-10-08 20:52 - 00014233 _____ () C:\Users\David\Downloads\[kickass.to]waking.up.a.guide.to.spirituality.without.religion.sam.harris.audiobook.torrent
2014-10-08 18:22 - 2014-10-08 18:47 - 00000000 ____D () C:\Users\David\AppData\Roaming\Xyqayt
2014-10-08 18:21 - 2014-10-21 19:54 - 00000000 ____D () C:\ProgramData\Skype
2014-10-07 21:51 - 2014-11-04 19:48 - 00000000 ____D () C:\Program Files (x86)\Maxima-5.30.0
2014-10-06 22:09 - 2014-10-06 23:37 - 00000000 ____D () C:\Users\David\AppData\Roaming\Awubaxu

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-05 21:00 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-11-05 20:59 - 2013-09-30 04:04 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-05 20:55 - 2013-03-01 16:56 - 00081428 _____ () C:\Users\David\AppData\Local\BTServer.log
2014-11-05 20:28 - 2013-10-23 21:58 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-05 19:28 - 2013-10-23 21:58 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-05 19:18 - 2013-03-01 17:04 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2433331430-149645389-3559486150-1001
2014-11-05 19:14 - 2013-03-04 19:33 - 00000271 _____ () C:\Users\David\AppData\Local\RegisteredPackageInformation.xml
2014-11-05 19:13 - 2014-02-26 19:32 - 03651206 _____ () C:\Users\Public\CAFADEBUG.log
2014-11-05 19:13 - 2013-08-22 14:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-05 17:44 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-11-05 17:29 - 2013-10-18 15:10 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B7E6E1BB-EBCB-4714-AD6B-B732B9D7116F}
2014-11-05 08:52 - 2013-08-22 13:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-11-05 08:29 - 2013-10-18 13:21 - 00000000 ____D () C:\Users\David
2014-11-05 08:22 - 2013-03-22 20:05 - 00649728 ___SH () C:\Users\David\Downloads\Thumbs.db
2014-11-05 08:20 - 2013-03-18 23:47 - 02257408 ___SH () C:\Users\David\Desktop\Thumbs.db
2014-11-04 22:06 - 2014-10-01 22:24 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-11-04 21:53 - 2013-03-04 19:18 - 00000000 ____D () C:\Users\David\AppData\Roaming\uTorrent
2014-11-02 00:23 - 2014-09-13 20:30 - 00000000 ____D () C:\Users\David\AppData\Roaming\vlc
2014-10-26 00:02 - 2014-09-14 09:38 - 00000000 ____D () C:\Users\David\AppData\Local\Otmfics
2014-10-26 00:02 - 2014-09-13 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-10-26 00:02 - 2014-09-13 20:14 - 00000000 ____D () C:\ProgramData\Windows VXM
2014-10-26 00:02 - 2014-06-21 19:07 - 00000000 ____D () C:\ProgramData\Optimizer
2014-10-26 00:02 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-10-26 00:01 - 2014-05-09 20:16 - 00000000 ____D () C:\AdwCleaner
2014-10-26 00:01 - 2014-01-04 15:57 - 00000000 ____D () C:\Users\David\AppData\Local\Mozilla
2014-10-26 00:01 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\registration
2014-10-26 00:01 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-10-26 00:01 - 2013-03-04 21:08 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-10-25 19:46 - 2014-03-09 13:12 - 00009314 _____ () C:\WINDOWS\system32\UCI_VistaWaveRTWA.log
2014-10-25 19:46 - 2014-03-09 13:08 - 00006556 _____ () C:\WINDOWS\system32\DIF_UNSUPPORTED_23.LOG
2014-10-25 19:46 - 2014-02-26 19:32 - 00006728 _____ () C:\WINDOWS\system32\DIF_NEWDEVICEWIZARD_FINISHINSTALL.LOG
2014-10-25 19:46 - 2014-02-26 19:32 - 00000405 _____ () C:\WINDOWS\system32\DIF_UNSUPPORTED_12.LOG
2014-10-25 19:46 - 2014-02-26 19:30 - 00285769 _____ () C:\WINDOWS\system32\DIF_INSTALLDEVICE_POST.LOG
2014-10-25 19:44 - 2014-03-09 13:10 - 00005606 _____ () C:\WINDOWS\system32\DIF_UNSUPPORTED_34.LOG
2014-10-25 19:44 - 2014-03-09 13:10 - 00005606 _____ () C:\WINDOWS\system32\DIF_UNSUPPORTED_21.LOG
2014-10-25 19:44 - 2014-03-09 13:08 - 00035614 _____ () C:\WINDOWS\system32\DIF_ALLOW_INSTALL.LOG
2014-10-25 19:44 - 2014-02-26 19:30 - 00121172 _____ () C:\WINDOWS\system32\DIF_INSTALLDEVICE_PRE.LOG
2014-10-25 19:44 - 2014-02-26 19:30 - 00004974 _____ () C:\WINDOWS\system32\DIF_INSTALLINTERFACES.LOG
2014-10-25 19:39 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\Help
2014-10-25 19:39 - 2012-12-01 06:15 - 00000000 ____D () C:\Program Files\Lenovo
2014-10-25 19:39 - 2012-12-01 06:11 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2014-10-25 19:36 - 2012-12-01 06:06 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-10-25 19:34 - 2012-12-01 06:06 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2014-10-25 19:28 - 2014-03-09 13:18 - 00000000 ____D () C:\Program Files (x86)\REALTEK USB Wireless LAN Driver
2014-10-25 19:26 - 2013-03-03 22:00 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2014-10-25 19:26 - 2012-12-01 06:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-10-25 18:52 - 2013-03-17 17:01 - 00415744 ___SH () C:\Users\David\Documents\Thumbs.db
2014-10-25 17:26 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-25 15:58 - 2012-12-01 06:09 - 00000000 ____D () C:\ProgramData\Realtek
2014-10-25 15:57 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-10-25 15:57 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-10-25 15:57 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-10-25 15:57 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-10-25 15:57 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-10-25 15:42 - 2013-12-30 00:04 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-10-25 15:42 - 2013-03-04 21:08 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-25 15:42 - 2012-07-26 07:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-10-25 15:42 - 2012-07-26 05:26 - 00000167 _____ () C:\WINDOWS\win.ini
2014-10-25 15:40 - 2013-10-06 00:13 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-25 15:36 - 2013-03-05 21:56 - 103265616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-25 15:11 - 2014-10-01 20:21 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-25 15:05 - 2014-06-21 19:07 - 00000000 ____D () C:\Program Files (x86)\Windows Optimizer
2014-10-21 19:37 - 2014-09-30 17:04 - 00000000 ____D () C:\Users\David\AppData\Roaming\Skype
2014-10-21 19:36 - 2014-09-30 17:04 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-21 17:15 - 2014-09-13 20:31 - 00000000 ____D () C:\Users\David\AppData\Local\Urfkmedia
2014-10-20 18:23 - 2013-10-23 21:58 - 00003894 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-20 18:23 - 2013-10-23 21:58 - 00003658 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-20 18:13 - 2014-09-13 20:14 - 00000000 ____D () C:\Program Files (x86)\Windows Network Accelerater
2014-10-20 18:11 - 2013-08-22 14:44 - 05096392 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-13 13:03 - 2014-04-25 21:37 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-10-13 12:31 - 2014-04-25 21:37 - 00003720 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-10-13 12:31 - 2013-03-04 19:20 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-13 12:27 - 2013-10-06 00:49 - 00000000 ____D () C:\Program Files (x86)\FileHippo.com
2014-10-13 10:17 - 2013-09-30 03:51 - 00000000 ____D () C:\Program Files\Windows Journal
2014-10-13 10:17 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-13 10:17 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-13 10:17 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-10-13 10:17 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-10-13 10:17 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-10-13 10:07 - 2013-10-06 00:10 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-10-13 10:07 - 2013-10-06 00:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-10-13 10:06 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-13 10:06 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-13 10:06 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-10-13 10:06 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-10-13 10:06 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-10-13 10:06 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-10-13 09:44 - 2013-10-06 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-10-13 09:39 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-10-13 07:35 - 2014-05-09 20:37 - 00002168 _____ () C:\WINDOWS\system32\.crusader
2014-10-13 07:22 - 2014-08-02 19:39 - 00000000 ____D () C:\Program Files\Immunet
2014-10-12 20:44 - 2014-04-25 21:29 - 00000451 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-10-12 20:43 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-10-12 19:36 - 2013-03-03 23:06 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-12 18:02 - 2013-03-03 21:42 - 00000000 ____D () C:\Users\David\AppData\Local\Google
2014-10-12 15:25 - 2013-03-04 20:47 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-12 15:14 - 2013-12-29 22:02 - 00003160 _____ () C:\WINDOWS\System32\Tasks\StartMenuAutoupdate
2014-10-12 15:14 - 2013-12-29 22:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8
2014-10-12 13:58 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\L2Schemas
2014-10-12 13:32 - 2014-09-14 10:11 - 00000000 ____D () C:\Users\David\AppData\Roaming\Noeqafwa
2014-10-12 13:32 - 2014-09-14 09:55 - 00000000 ____D () C:\Users\David\AppData\Roaming\Taipwot
2014-10-12 11:54 - 2013-03-01 16:56 - 00000000 ____D () C:\Users\David\AppData\Roaming\Adobe
2014-10-12 11:12 - 2014-08-22 21:06 - 00000000 ____D () C:\Users\David\Downloads\[ www.Torrentday.com ] - I'm.So.Excited.2013.BRRip.XviD.AC3-playXD
2014-10-12 11:12 - 2014-08-02 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transmission-Qt
2014-10-12 11:12 - 2014-08-02 18:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack
2014-10-12 11:12 - 2014-07-12 10:10 - 00000000 ____D () C:\Users\David\Downloads\Frozen [2013]  Soundtrack (Deluxe Edition) (Christophe Beck) YG
2014-10-12 11:12 - 2014-06-23 17:17 - 00000000 ____D () C:\Users\David\Documents\solid-install
2014-10-12 11:12 - 2013-12-20 13:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-10-12 11:12 - 2013-11-05 22:44 - 00000000 ____D () C:\Users\David\Downloads\Applications
2014-10-12 11:12 - 2013-11-05 22:39 - 00000000 ____D () C:\Users\David\Documents\Other
2014-10-12 11:12 - 2013-05-20 10:23 - 00000000 ___RD () C:\Users\David\Documents\Notes
2014-10-12 11:11 - 2014-10-02 08:25 - 00000000 ____D () C:\Users\David\Documents\RootkitRevealer
2014-10-12 11:11 - 2014-08-02 19:47 - 00000000 ____D () C:\Program Files\Transmission
2014-10-12 11:11 - 2014-07-12 10:27 - 00000000 ____D () C:\Users\David\Downloads\Collective Soul • 7even Year Itch • Greatest Hits [1994 • 2001]
2014-10-12 11:11 - 2014-05-03 18:42 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-10-12 11:11 - 2013-12-30 00:28 - 00000000 ____D () C:\Users\David\Downloads\Win8.1 KMS Activator v.2.2 For Win8.1 and Office 2013
2014-10-12 11:11 - 2013-12-30 00:27 - 00000000 ____D () C:\Users\David\Downloads\Microsoft Office 2013 Professional Plus (32-Bit) (x86) + Activator (for Windows and Microsoft Office)  Fully activated by Dhruvloves007!
2014-10-12 11:11 - 2013-12-29 22:02 - 00000000 ____D () C:\ProgramData\IObit
2014-10-12 11:11 - 2013-12-20 13:58 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-12 11:10 - 2014-02-03 20:00 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-10-12 11:10 - 2014-01-04 15:57 - 00000000 ____D () C:\Users\David\AppData\Roaming\Mozilla
2014-10-12 11:10 - 2013-09-21 17:27 - 00000000 ____D () C:\Users\David\AppData\Roaming\Sling Media
2014-10-12 11:10 - 2013-04-21 13:19 - 00000000 ____D () C:\Users\David\AppData\Roaming\Foxit Software
2014-10-12 11:10 - 2013-03-18 08:08 - 00000000 ____D () C:\Users\David\Documents\samsung
2014-10-12 11:10 - 2013-03-05 19:16 - 00000000 ____D () C:\Users\David\Documents\Work
2014-10-12 11:10 - 2013-03-03 21:46 - 00000000 ____D () C:\Users\David\AppData\Roaming\Nitro PDF
2014-10-12 11:10 - 2012-12-01 06:09 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-10-06 23:03 - 2014-10-05 17:48 - 00000000 ____D () C:\Users\David\AppData\Local\Blackboard
2014-10-06 23:00 - 2013-12-29 22:02 - 00165659 _____ () C:\MyXML.xml
2014-10-06 22:50 - 2014-10-01 22:24 - 00000000 ____D () C:\Users\David\AppData\Roaming\SUPERAntiSpyware.com

Some content of TEMP:
====================
C:\Users\David\AppData\Local\Temp\ICReinstall_7z922-x64_inst.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-05 17:44

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2014
Ran by David at 2014-11-05 21:01:58
Running from C:\Users\David\Desktop\frst
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.35288 - BitTorrent Inc.)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.199 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
AVG 2014 (Version: 14.0.4259 - AVG Technologies) Hidden
Blackboard Collaborate Launcher (HKLM-x32\...\{7D82D616-8BD8-4BE3-B19C-C4BC772E8426}) (Version: 1.2.0.0 - Blackboard)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.3.53 - Conexant)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.4 - Lenovo)
Energy Management (x32 Version: 8.0.2.4 - Lenovo) Hidden
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version:  - FileHippo.com)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.4.217 - Foxit Corporation)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2106 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel® Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Lenovo Dependency Package (HKLM-x32\...\Lenovo Dependency Package_is1) (Version: 1.5.23.0 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.5.13 - SunplusIT)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.0710 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.0710 - CyberLink Corp.) Hidden
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0020 - Lenovo)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3127 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3127 - CyberLink Corp.) Hidden
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Maxima 5.30.0 (HKLM-x32\...\Maxima-5.30.0_is1) (Version: 5.30.0 - The Maxima Development Team)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Mathematics Add-In for Word and OneNote (HKLM\...\{90150000-00D8-0409-1000-0000000FF1CE}) (Version: 15.0.4481.1002 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Motion Control (HKLM\...\Motion Control) (Version: 1.1.2.43 - Lenovo)
Mozilla Firefox 33.0.2 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 33.0.2 (x86 en-GB)) (Version: 33.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)
MyDriveConnect 3.3.0.1502 (HKLM-x32\...\MyDriveConnect) (Version: 3.3.0.1502 - TomTom)
ooVoo (HKLM-x32\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.6.5001 - ooVoo LLC.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.754.754.082813 - REALTEK Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN and Bluetooth Driver (HKLM-x32\...\{B6322D12-A133-4128-8306-DAFFF7231152}) (Version: 1.04.0213 - REALTEK Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{B63CCD1C-A133-4DF8-8306-DA0387231152}) (Version: 1.00.0230 - REALTEK Semiconductor Corp.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.5.0 - Lenovo Group Limited)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 1.5.0.0 - IObit)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1158 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.21.4 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
ThinkVantage Password Manager (HKLM-x32\...\{70EE2BAA-F82A-4B8A-950E-649EFD64D5B9}) (Version: 4.60.4.0 - Lenovo Group Limited)
Transmission-Qt (HKLM\...\Transmission-Qt) (Version: 2.84 - Transmission)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo)
UserGuide (x32 Version: 1.0.0.9 - Lenovo) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VS10Runtimex64 (Version: 1.0.0 - sourcefire) Hidden
Windows Driver Package - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
WinZip 19.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E4}) (Version: 19.0.11293 - WinZip Computing, S.L. )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2433331430-149645389-3559486150-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points  =========================

29-10-2014 18:23:15 Scheduled Checkpoint
05-11-2014 08:23:17 Installed 7-Zip 9.22 (x64 edition)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 13:25 - 2014-10-13 07:35 - 00000019 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {031C044D-C880-46FF-82D0-753777BA1D3B} - System32\Tasks\Lenovo\LenovoWarrantyChinaTask => C:\Program Files\lenovo\SystemAgent\ChinaWarrantyService.exe [2013-02-08] ()
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {05C4289A-A139-4BFC-B3CB-C70A6F164F87} - System32\Tasks\Lenovo\LenovoMachineInformation => C:\Program Files\lenovo\SystemAgent\MachineInformation.exe [2013-02-08] ()
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0BFB01D4-D4DE-49A7-95A3-C38224AF4124} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {1528FAE9-49EC-4B5F-9730-998639F03F8D} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2014-09-16] ()
Task: {160062C6-19D3-4F25-A53E-55E4B8EB24EA} - System32\Tasks\Lenovo\LenovoDependencyVersionTask => C:\Program Files\lenovo\SystemAgent\DependencyVersion.exe [2013-02-08] ()
Task: {1CBCA632-969D-488C-93E0-2DC78A34B8CF} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-david.halliday1@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {1E12B41C-56D0-469C-8C77-26D0E309EA92} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2433331430-149645389-3559486150-1001UA => C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {21DBE845-F1E9-43F4-8D44-4C96218D224D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3CFB8862-C754-4E5B-810B-4F47B2493EEB} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-13] (Adobe Systems Incorporated)
Task: {42797542-F5AE-4A8E-8ACF-71D6D5026B12} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2012-07-20] (Intel)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4A8E3876-083B-4683-A21B-9BC47BD22BAF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-23] (Google Inc.)
Task: {4E71ED1C-00D0-4BA7-AD4D-6C437F64DB02} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {535423E0-DC6F-4B5E-887E-1F20394574D3} - System32\Tasks\StartMenuAutoupdate => C:\Program Files (x86)\IObit\Start Menu 8\AutoUpdate.exe [2014-06-06] (IObit)
Task: {60556498-56AC-4676-9647-D720DD0B1C83} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7926AC58-1638-4B35-8D9F-7F7E38D0305D} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {82801F31-7A34-4C61-918B-7CEBD3C468C8} - System32\Tasks\TVT\LenovoWERMonitor => C:\Program Files (x86)\Common Files\lenovo\SUP\sup_wermonitor_shim.exe [2014-09-11] ()
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9033547B-3BDA-4086-94F3-98F9263D6F01} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {9249A3F2-9FCB-4F6F-AC29-F936C16E659E} - System32\Tasks\Lenovo\LenovoUserguidesCopy => C:\Program Files\lenovo\SystemAgent\UserguidesCopy.exe [2013-02-08] ()
Task: {938C9C88-B799-436A-AD14-90E91089138D} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {9ED3E5F9-2A5E-41C6-8EE2-B23CA3FD9C30} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A01A105B-1355-4010-BDD2-18B160AC700B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {A4F9A1C9-81C3-4878-BA6E-6B07FFC09CAC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-10-12] (AVAST Software)
Task: {A57021DF-A242-43FE-B8CB-75521C46A117} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {BBEC48BA-26E2-4F73-8D50-9F84812D4039} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-11-24] (Synaptics Incorporated)
Task: {C0A504BD-BABA-4084-AF46-0B650B4DA839} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E1D2BD28-D46F-469B-A9CC-6B0E6F9B463D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-10-25] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F1BF85A1-225D-4676-BF52-BD3D942AB0E4} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2433331430-149645389-3559486150-1001Core => C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {F2D2427D-9A54-4256-A1EE-34A51845DE91} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-23] (Google Inc.)
Task: {FC0D36FE-01E7-40F4-98E8-E7607A3637DD} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {FEACD5FE-6010-446B-A5B2-CC49ACAB329C} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2433331430-149645389-3559486150-1001Core.job => C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2433331430-149645389-3559486150-1001UA.job => C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) =============

2014-09-16 12:52 - 2014-09-16 12:52 - 08896160 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-09-13 20:30 - 2014-09-13 20:30 - 03140096 _____ () C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll
2014-09-13 20:30 - 2014-09-13 20:30 - 02498560 _____ () C:\ProgramData\Microsoft\Secure\Icons\IconsCacheHelper.dll
2013-10-05 23:36 - 2013-08-28 12:35 - 00056832 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2012-12-01 06:09 - 2013-05-23 14:33 - 00044104 _____ () C:\Windows\runSW.exe
2012-12-01 06:14 - 2012-12-01 06:14 - 00060760 _____ () C:\ProgramData\YogaSmartSwicth\Server\x64\dptf.dll
2012-12-01 06:14 - 2012-12-01 06:14 - 00208464 _____ () C:\ProgramData\YogaSmartSwicth\yogaserver.exe
2014-10-25 19:39 - 2014-06-23 19:47 - 00601376 _____ () C:\Program Files\Lenovo\Password Manager\pwm_website_config.dll
2014-10-25 19:44 - 2010-10-26 11:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2012-12-01 06:13 - 2014-10-25 19:30 - 00172112 _____ () C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
2014-10-12 15:25 - 2014-10-12 15:25 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-11-05 17:26 - 2014-11-05 17:26 - 02899456 _____ () C:\Program Files\AVAST Software\Avast\defs\14110500\algo.dll
2014-10-12 15:14 - 2014-06-06 12:07 - 00348960 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl
2014-10-12 15:14 - 2014-06-06 12:07 - 00183584 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl
2014-10-12 15:14 - 2014-06-06 12:07 - 00050976 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl
2013-12-29 22:02 - 2014-06-06 12:08 - 00041248 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll
2014-10-28 21:53 - 2014-10-28 21:53 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-06-23 19:44 - 2014-06-23 19:44 - 00546592 _____ () C:\Program Files (x86)\Lenovo\Password Manager\pwm_website_config.dll
2012-12-01 06:13 - 2014-10-25 19:30 - 01623632 _____ () C:\Program Files (x86)\Lenovo\MotionControl\eyeKeys.dll
2012-12-01 06:13 - 2014-10-25 19:30 - 00030288 _____ () C:\Program Files (x86)\Lenovo\MotionControl\esmlib.dll
2012-12-01 06:10 - 2012-07-12 12:59 - 00891392 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
2012-12-01 06:10 - 2012-07-12 12:59 - 02281984 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
2012-12-01 06:10 - 2012-07-12 12:59 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2012-12-01 06:10 - 2012-07-12 12:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2012-12-01 06:10 - 2012-07-12 12:59 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2012-12-01 06:10 - 2012-07-12 12:59 - 00339456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
2012-12-01 06:10 - 2012-07-12 12:59 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2012-12-01 06:10 - 2012-07-12 12:59 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2012-12-01 06:10 - 2012-07-12 12:59 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2012-12-01 06:10 - 2012-07-12 12:59 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2012-12-01 06:10 - 2012-07-12 12:59 - 00019456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2012-12-01 06:10 - 2012-07-12 12:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2014-10-12 15:25 - 2014-10-12 15:25 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-12-01 06:06 - 2012-06-25 02:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\Users\David\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: BingDesktopUpdate => 2
MSCONFIG\Services: Browser => 3
MSCONFIG\Services: WMPNetworkSvc => 2
MSCONFIG\Services: wuauserv => 3
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "SynLenovoGestureMgr"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "AVG_UI"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "BingDesktop"
HKCU\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKCU\...\StartupApproved\Run: => "Spybot-S&D Cleaning"

========================= Accounts: ==========================

Administrator (S-1-5-21-2433331430-149645389-3559486150-500 - Administrator - Disabled)
David (S-1-5-21-2433331430-149645389-3559486150-1001 - Administrator - Enabled) => C:\Users\David
david_000 (S-1-5-21-2433331430-149645389-3559486150-1006 - Administrator - Enabled)
Guest (S-1-5-21-2433331430-149645389-3559486150-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2433331430-149645389-3559486150-1005 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/05/2014 07:14:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MachineInformation.exe, version: 1.0.0.0, time stamp: 0x5114b26b
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eeb460
Exception code: 0xe0434352
Fault offset: 0x00012f71
Faulting process id: 0x1630
Faulting application start time: 0xMachineInformation.exe0
Faulting application path: MachineInformation.exe1
Faulting module path: MachineInformation.exe2
Report Id: MachineInformation.exe3
Faulting package full name: MachineInformation.exe4
Faulting package-relative application ID: MachineInformation.exe5

Error: (11/05/2014 07:14:28 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: MachineInformation.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.IOException
Stack:
   at System.Xml.XmlTextReaderImpl.OpenUrl()
   at System.Xml.XmlTextReaderImpl.Read()
   at System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
   at System.Xml.XmlDocument.Load(System.Xml.XmlReader)
   at System.Xml.XmlDocument.Load(System.String)
   at MachineInformation.Program.Main(System.String[])

Error: (11/05/2014 08:34:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: winzip32.exe, version: 29.0.11293.0, time stamp: 0x54466d11
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0b94621b
Faulting process id: 0x1b0c
Faulting application start time: 0xwinzip32.exe0
Faulting application path: winzip32.exe1
Faulting module path: winzip32.exe2
Report Id: winzip32.exe3
Faulting package full name: winzip32.exe4
Faulting package-relative application ID: winzip32.exe5

Error: (11/05/2014 08:34:14 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: winzip32.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
   at CloudStoragePicker.WPFUI.FilesPane.UserControl_Unloaded(System.Object, System.Windows.RoutedEventArgs)
   at System.Windows.RoutedEventHandlerInfo.InvokeHandler(System.Object, System.Windows.RoutedEventArgs)
   at System.Windows.EventRoute.InvokeHandlersImpl(System.Object, System.Windows.RoutedEventArgs, Boolean)
   at System.Windows.UIElement.RaiseEventImpl(System.Windows.DependencyObject, System.Windows.RoutedEventArgs)
   at System.Windows.UIElement.RaiseEvent(System.Windows.RoutedEventArgs)
   at System.Windows.BroadcastEventHelper.BroadcastEvent(System.Windows.DependencyObject, System.Windows.RoutedEvent)
   at System.Windows.BroadcastEventHelper.BroadcastUnloadedEvent(System.Object)
   at MS.Internal.LoadedOrUnloadedOperation.DoWork()
   at System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()
   at System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks()
   at System.Windows.Media.MediaContext.RenderMessageHandlerCore(System.Object)
   at System.Windows.Media.MediaContext.RenderMessageHandler(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)

Error: (11/05/2014 08:30:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: winzip32.exe, version: 29.0.11293.0, time stamp: 0x54466d11
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0b126043
Faulting process id: 0x1540
Faulting application start time: 0xwinzip32.exe0
Faulting application path: winzip32.exe1
Faulting module path: winzip32.exe2
Report Id: winzip32.exe3
Faulting package full name: winzip32.exe4
Faulting package-relative application ID: winzip32.exe5

Error: (11/05/2014 08:30:47 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: winzip32.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
   at CloudStoragePicker.WPFUI.FilesPane.UserControl_Unloaded(System.Object, System.Windows.RoutedEventArgs)
   at System.Windows.RoutedEventHandlerInfo.InvokeHandler(System.Object, System.Windows.RoutedEventArgs)
   at System.Windows.EventRoute.InvokeHandlersImpl(System.Object, System.Windows.RoutedEventArgs, Boolean)
   at System.Windows.UIElement.RaiseEventImpl(System.Windows.DependencyObject, System.Windows.RoutedEventArgs)
   at System.Windows.UIElement.RaiseEvent(System.Windows.RoutedEventArgs)
   at System.Windows.BroadcastEventHelper.BroadcastEvent(System.Windows.DependencyObject, System.Windows.RoutedEvent)
   at System.Windows.BroadcastEventHelper.BroadcastUnloadedEvent(System.Object)
   at MS.Internal.LoadedOrUnloadedOperation.DoWork()
   at System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()
   at System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks()
   at System.Windows.Media.MediaContext.RenderMessageHandlerCore(System.Object)
   at System.Windows.Media.MediaContext.RenderMessageHandler(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)

Error: (11/04/2014 11:34:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Activation of app Microsoft.SkypeApp_kzf8qxf38zg5c!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/04/2014 10:55:34 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (11/02/2014 01:19:09 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (11/01/2014 00:20:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Activation of app 40881RusselA.TheFinalFrontier_29hsn5m2j4x1g!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.


System errors:
=============
Error: (11/05/2014 05:45:32 PM) (Source: DCOM) (EventID: 10010) (User: idea-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (11/05/2014 05:45:02 PM) (Source: DCOM) (EventID: 10010) (User: idea-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (11/05/2014 05:26:58 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.

Error: (11/05/2014 08:55:16 AM) (Source: DCOM) (EventID: 10010) (User: idea-PC)
Description: {B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (11/04/2014 11:34:26 PM) (Source: DCOM) (EventID: 10010) (User: idea-PC)
Description: App.AppX54xz6wnkhmw763c2y8tb018n7d71dtx7.wwa

Error: (11/04/2014 10:02:32 PM) (Source: Modem) (EventID: 1) (User: )
Description: \0000009a

Error: (11/04/2014 06:53:28 PM) (Source: DCOM) (EventID: 10010) (User: idea-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (11/04/2014 06:52:58 PM) (Source: DCOM) (EventID: 10010) (User: idea-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (11/02/2014 03:53:58 PM) (Source: DCOM) (EventID: 10010) (User: idea-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (11/02/2014 03:53:28 PM) (Source: DCOM) (EventID: 10010) (User: idea-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}


Microsoft Office Sessions:
=========================
Error: (11/05/2014 07:14:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MachineInformation.exe1.0.0.05114b26bKERNELBASE.dll6.3.9600.1727853eeb460e043435200012f71163001cff92cb4085f8eC:\Program Files\lenovo\SystemAgent\MachineInformation.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dllf83a3974-651f-11e4-81bb-20689de5ebbd

Error: (11/05/2014 07:14:28 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: MachineInformation.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.IOException
Stack:
   at System.Xml.XmlTextReaderImpl.OpenUrl()
   at System.Xml.XmlTextReaderImpl.Read()
   at System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
   at System.Xml.XmlDocument.Load(System.Xml.XmlReader)
   at System.Xml.XmlDocument.Load(System.String)
   at MachineInformation.Program.Main(System.String[])

Error: (11/05/2014 08:34:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: winzip32.exe29.0.11293.054466d11unknown0.0.0.000000000c00000050b94621b1b0c01cff8d333beb6a2C:\PROGRA~2\WinZip\winzip32.exeunknown85abba5b-64c6-11e4-81b7-20689de5ebbd

Error: (11/05/2014 08:34:14 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: winzip32.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
   at CloudStoragePicker.WPFUI.FilesPane.UserControl_Unloaded(System.Object, System.Windows.RoutedEventArgs)
   at System.Windows.RoutedEventHandlerInfo.InvokeHandler(System.Object, System.Windows.RoutedEventArgs)
   at System.Windows.EventRoute.InvokeHandlersImpl(System.Object, System.Windows.RoutedEventArgs, Boolean)
   at System.Windows.UIElement.RaiseEventImpl(System.Windows.DependencyObject, System.Windows.RoutedEventArgs)
   at System.Windows.UIElement.RaiseEvent(System.Windows.RoutedEventArgs)
   at System.Windows.BroadcastEventHelper.BroadcastEvent(System.Windows.DependencyObject, System.Windows.RoutedEvent)
   at System.Windows.BroadcastEventHelper.BroadcastUnloadedEvent(System.Object)
   at MS.Internal.LoadedOrUnloadedOperation.DoWork()
   at System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()
   at System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks()
   at System.Windows.Media.MediaContext.RenderMessageHandlerCore(System.Object)
   at System.Windows.Media.MediaContext.RenderMessageHandler(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)

Error: (11/05/2014 08:30:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: winzip32.exe29.0.11293.054466d11unknown0.0.0.000000000c00000050b126043154001cff8d2b74478b5C:\PROGRA~2\WinZip\winzip32.exeunknown0a4429df-64c6-11e4-81b7-20689de5ebbd

Error: (11/05/2014 08:30:47 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: winzip32.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
   at CloudStoragePicker.WPFUI.FilesPane.UserControl_Unloaded(System.Object, System.Windows.RoutedEventArgs)
   at System.Windows.RoutedEventHandlerInfo.InvokeHandler(System.Object, System.Windows.RoutedEventArgs)
   at System.Windows.EventRoute.InvokeHandlersImpl(System.Object, System.Windows.RoutedEventArgs, Boolean)
   at System.Windows.UIElement.RaiseEventImpl(System.Windows.DependencyObject, System.Windows.RoutedEventArgs)
   at System.Windows.UIElement.RaiseEvent(System.Windows.RoutedEventArgs)
   at System.Windows.BroadcastEventHelper.BroadcastEvent(System.Windows.DependencyObject, System.Windows.RoutedEvent)
   at System.Windows.BroadcastEventHelper.BroadcastUnloadedEvent(System.Object)
   at MS.Internal.LoadedOrUnloadedOperation.DoWork()
   at System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()
   at System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks()
   at System.Windows.Media.MediaContext.RenderMessageHandlerCore(System.Object)
   at System.Windows.Media.MediaContext.RenderMessageHandler(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)

Error: (11/04/2014 11:34:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927141

Error: (11/04/2014 10:55:34 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (11/02/2014 01:19:09 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (11/01/2014 00:20:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: 40881RusselA.TheFinalFrontier_29hsn5m2j4x1g!App-2144927141


CodeIntegrity Errors:
===================================
  Date: 2014-10-13 11:11:40.983
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\DDPO64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-13 11:11:30.852
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\DDPO64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-13 11:09:19.523
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\DDPO64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-13 11:09:16.606
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\DDPO64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-13 11:09:09.113
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\DDPO64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-13 11:09:08.615
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\DDPO64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-13 11:09:03.540
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\DDPO64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-13 11:09:00.661
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\DDPO64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-13 10:29:03.248
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\DDPO64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-13 10:28:13.699
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\DDPO64A.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™ i7-3517U CPU @ 1.90GHz
Percentage of memory in use: 59%
Total physical RAM: 3975.27 MB
Available physical RAM: 1601.64 MB
Total Pagefile: 8071.27 MB
Available Pagefile: 4472.17 MB
Total Virtual: 131072 MB
Available Virtual: 131071.77 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:100.42 GB) (Free:24.7 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 6C06D618)

Partition: GPT Partition Type.

==================== End Of Log ============================

 



#6 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,154 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:10:48 AM

Posted 08 November 2014 - 02:52 AM

Hello Haldo10 and welcome to BleepingComputer!      :)

 

My name is Sirawit and I'm here to help you.

 

Please note that I'm currently in training and my fixes need to be check for approval first, that may delay our fix a bit, but I will normally reply back in 24 hours.

 

If I don't reply after 2 days, feel free to PM me.      :)

==========================================================================

Some points for you to keep in mind:

  • Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planned. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
  • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Do not attach logs or use code boxes, just copy and paste the text.
  • Periodically update me on the condition of your computer, and provide detail in every post.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • Once things seem to be working again, please do not abandon the thread. I will give an "all-clean" message at the very end with some additional information on how to stay malware-free.
  • Lastly, I would like to remind you that most members here are volunteers, and sometimes "real life" can get in the way of our malware hunt. I will notify you if I know I will need to be away for longer than 48 hours.

==========================================================================

Going over your logs I noticed that you have uTorrent installed.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall uTorrent, however that choice is up to you. If you choose to remove these programs, you can do so viaStart > Control Panel > Add/Remove Programs.

If you wish to keep it, please do not use it until your computer is cleaned.

 

I'm currently analyzing your log. I will reply to you as soon as possible.

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#7 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,154 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:10:48 AM

Posted 09 November 2014 - 07:13 AM

Hi Haldo10.
 
In your logs I see that you use illegal software in your computer. These are probably the reason why you got infected. So please refrain from using illegal software.
 
One or more of the identified infections is a backdoor trojan.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do.
 
If you want to continue, please do the following:

 

We need to run a fix with FRST:

  • Please download the attached fixlist.txt file and save it to the same location as FRST
    Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply

After the fix is done, please create new FRST log for me. Are things got better?

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#8 Haldo10

Haldo10
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:03:48 AM

Posted 09 November 2014 - 08:39 AM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-11-2014
Ran by David at 2014-11-09 13:36:03 Run:1
Running from C:\Users\David\Desktop\frst
Loaded Profile: David (Available profiles: David)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-2433331430-149645389-3559486150-1001\...\Policies\Explorer: [Run] "C:\Users\David\AppData\Roaming\Microsoft\Windows\IEUpdate\Magnify.exe"
HKU\S-1-5-21-2433331430-149645389-3559486150-1001\...\Command Processor: "C:\Users\David\AppData\Roaming\Microsoft\Windows\IEUpdate\Magnify.exe" <===== ATTENTION!
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Magnify.lnk
ShortcutTarget: Magnify.lnk -> C:\Users\David\AppData\Roaming\Microsoft\Windows\IEUpdate\Magnify.exe (No File)
ShellIconOverlayIdentifiers: [1SecureIconsProvider] -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll ()
SearchScopes: HKLM - {D4435789-048C-4E4E-9B6F-F9910FD1D2DC} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites05_14_19_ff&cd=2XzuyEtN2Y1L1QzutBtDyCzzzy0D0EyD0E0B0B0DyCtAtD0BtN0D0Tzu0SzzyDzztN1L2XzutBtFtBtDtFyCtFtDtN1L1CzutCyEtDtAtDyD1V1PtN1L1G1B1V1N2Y1L1Qzu2SyEyD0AyC0C0EyEzztGtAtC0C0FtGyBtD0A0DtG0E0ByEtDtGtC0EtCtDtC0CzzyCtDtByB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDyDyE0FtBtAtAtCtGtByEzztBtGyCtC0FtDtGzy0D0FzztGtDtA0E0D0BzyyD0F0EyEyBtA2Q&cr=1097754377&ir=
FF HKLM-x32\...\Firefox\Extensions: [{b9bfaf1c-a63f-47cd-0829-29526ced3775}] - C:\Program Files (x86)\Mozilla Firefox\extension\\freeyoubutetomp3.xpi
FF HKLM-x32\...\Mozilla Firefox 30.0\Extensions: [{b9bfaf1c-a63f-47cd-0829-29526ced3775}] - C:\Program Files (x86)\Mozilla Firefox\extension\\freeyoubutetomp3.xpi
R2 WindowsOptimizer_v9; C:\Program Files (x86)\Windows Optimizer\v9\optimizer.exe [2963064 2014-10-22] (MicroTools)
R2 WindowsVNT_R3; C:\Program Files (x86)\Windows Network Accelerater\v3\winvxm.exe [2973600 2014-10-20] (MicroStudio) [File not signed]
2014-10-26 00:02 - 2014-06-21 19:07 - 00000000 ____D () C:\ProgramData\Optimizer
C:\Program Files (x86)\Windows Optimizer
2014-10-20 18:13 - 2014-09-13 20:14 - 00000000 ____D () C:\Program Files (x86)\Windows Network Accelerater
2014-10-25 19:25 - 2013-12-11 17:40 - 00002092 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Update Search.lnk
2014-10-25 19:25 - 2013-12-11 17:40 - 00002092 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Update Search.lnk
2014-10-25 19:25 - 2013-12-11 17:40 - 00002092 _____ () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Update Search.lnk
2014-10-25 20:04 - 2014-10-25 20:04 - 00000000 ____D () C:\Users\David\AppData\Local\Tvsukernel
2014-10-08 18:22 - 2014-10-08 18:47 - 00000000 ____D () C:\Users\David\AppData\Roaming\Xyqayt
2014-10-06 22:09 - 2014-10-06 23:37 - 00000000 ____D () C:\Users\David\AppData\Roaming\Awubaxu
2014-10-21 17:15 - 2014-09-13 20:31 - 00000000 ____D () C:\Users\David\AppData\Local\Urfkmedia
2014-10-12 13:32 - 2014-09-14 10:11 - 00000000 ____D () C:\Users\David\AppData\Roaming\Noeqafwa
2014-10-12 13:32 - 2014-09-14 09:55 - 00000000 ____D () C:\Users\David\AppData\Roaming\Taipwot
AVG 2014 (Version: 14.0.4259 - AVG Technologies) Hidden
EmptyTemp:
*****************

HKU\S-1-5-21-2433331430-149645389-3559486150-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\Run => value deleted successfully.
HKU\S-1-5-21-2433331430-149645389-3559486150-1001\Software\Microsoft\Command Processor\\AutoRun => value deleted successfully.
C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Magnify.lnk => Moved successfully.
C:\Users\David\AppData\Roaming\Microsoft\Windows\IEUpdate\Magnify.exe not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\1SecureIconsProvider" => Key deleted successfully.
"HKCR\CLSID\{FC9D8189-520A-4417-AED7-9EAC810C6FBA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D4435789-048C-4E4E-9B6F-F9910FD1D2DC}" => Key deleted successfully.
"HKCR\CLSID\{D4435789-048C-4E4E-9B6F-F9910FD1D2DC}" => Key not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{b9bfaf1c-a63f-47cd-0829-29526ced3775} => value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Mozilla Firefox 30.0\Extensions\\{b9bfaf1c-a63f-47cd-0829-29526ced3775} => value deleted successfully.
WindowsOptimizer_v9 => Unable to stop service
WindowsOptimizer_v9 => Service deleted successfully.
WindowsVNT_R3 => Unable to stop service
WindowsVNT_R3 => Service deleted successfully.
C:\ProgramData\Optimizer => Moved successfully.
C:\Program Files (x86)\Windows Optimizer => Moved successfully.
C:\Program Files (x86)\Windows Network Accelerater => Moved successfully.
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Update Search.lnk => Moved successfully.
"C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Update Search.lnk" => File/Directory not found.
C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Update Search.lnk => Moved successfully.
C:\Users\David\AppData\Local\Tvsukernel => Moved successfully.
C:\Users\David\AppData\Roaming\Xyqayt => Moved successfully.
C:\Users\David\AppData\Roaming\Awubaxu => Moved successfully.
C:\Users\David\AppData\Local\Urfkmedia => Moved successfully.
C:\Users\David\AppData\Roaming\Noeqafwa => Moved successfully.
C:\Users\David\AppData\Roaming\Taipwot => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{34883B9C-CDFE-46F0-9C5B-935484C218C3}\\SystemComponent => value deleted successfully.
EmptyTemp: => Removed 424.4 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====



#9 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,154 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:10:48 AM

Posted 10 November 2014 - 04:42 AM

Hi Haldo10.

 

The fix looks good.

 

We need to remove programs using "Programs and Features"

Click the "Start" orb on the taskbar, and then click the "Control Panel" button.

  • If you use Category mode, click on Uninstall a Program.
  • If you use Icons mode, click on Program and Features.

A list of programs installed will be "populated" (this may take a bit of time).
If they exist, uninstall the following by clicking on the below entries and selecting "Remove":

  • AVG 2014
  • Adobe Flash player 15 plugin.

Additional instructions can be found here if needed.

 

Then, please reinstall your Flash Player:

 

Please follow these steps to update Adobe flash:

  • Please download the latest version of Adobe Flash from http://get.adobe.com/flashplayer/otherversions/ to your Desktop (Uncheck McAfee Security Scan Plus first!)
  • Double click the file to start the installation process
  • Repeat 1. and 2. for every other browser you have installed (eg Internet Explorer / Firefox / Chrome / Safari / Opera..) as applicable.

-------------

 

After you finished steps above, please create me new FRST log. How's your computer's running now?

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#10 Haldo10

Haldo10
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:03:48 AM

Posted 10 November 2014 - 12:42 PM

I have followed your instructions and uninstalled Flash then reinstalled from the link you posted. However, I was unable to uninstall AVG 2014 as I was given an error message: "CA_Error27055: SetupActionManager_init(0xE0010058):Installation failed"

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-11-2014 01
Ran by David (administrator) on IDEA-PC on 10-11-2014 17:39:22
Running from C:\Users\David\Desktop\frst
Loaded Profile: David (Available profiles: David)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\SystemAgent\SystemAgentService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe
() C:\Windows\runSW.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Realtek) C:\Windows\SwUSB.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(Lenovo) C:\ProgramData\YogaSmartSwicth\Server\x64\ymc.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
() C:\ProgramData\YogaSmartSwicth\yogaserver.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Password Manager\password_manager.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_metro.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynLenovoGestureMgr] => C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [665400 2012-11-24] (Synaptics)
HKLM\...\Run: [yogaserver] => C:\ProgramData\YogaSmartSwicth\yogaserver.exe [208464 2012-12-01] ()
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2012-12-01] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2012-12-01] (Lenovo(beijing) Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2968376 2012-11-24] (Synaptics Incorporated)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [111488 2013-10-14] (Intel Corporation)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [253952 2013-05-07] (Realtek Semiconductor Corporation)
HKLM\...\Run: [PasswordManager] => C:\Program Files\Lenovo\Password Manager\password_manager.exe [1665824 2014-06-23] (Lenovo Group Limited)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [909016 2013-10-21] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-10-12] (AVAST Software)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Motion Control.lnk
ShortcutTarget: Motion Control.lnk -> C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} =>  No File
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM-x32 - {D4435789-048C-4E4E-9B6F-F9910FD1D2DC} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: WSISVCUchrome - No CLSID Value -
Handler-x32: WSISVCUchrome - No CLSID Value -
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{7AD82333-73AD-4B26-B567-19AD8A7E7629}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{96701864-194B-47F7-B207-8173B7554B0D}: [NameServer] 8.8.8.8,8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\l78bnv5a.default-1404331229174
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2433331430-149645389-3559486150-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\David\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
FF Extension: Bluhell Firewall - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\l78bnv5a.default-1404331229174\Extensions\{6BB5760D-F97E-421B-AF5B-8457A90C3CED}.xpi [2014-10-13]
FF Extension: YouTube High Definition - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\l78bnv5a.default-1404331229174\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2014-10-13]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-12]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: ThinkVantage Password Manager - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12 [2014-10-25]
FF Extension: No Name - wrc@avast.com [Not Found]
FF Extension: No Name - {F74D5734-46F5-4B16-96F0-1E7FBF41B750} [Not Found]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-12]
CHR HKLM-x32\...\Chrome\Extension: [nomnoaehhnmbolpapbjeopogjfefdpnl] - C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com.crx [2014-10-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-12] (AVAST Software)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [56832 2013-08-28] () [File not signed]
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [115656 2013-10-14] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [118728 2013-10-14] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [124904 2013-10-14] (Intel Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
R2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [193576 2012-07-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [559872 2014-08-06] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [579400 2013-02-08] (LENOVO INCORPORATED.)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 RunSwUSB; C:\Windows\runSW.exe [44104 2013-05-23] ()
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [72992 2014-06-06] (IObit)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-09-16] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 ymc; C:\ProgramData\YogaSmartSwicth\Server\x64\ymc.exe [27216 2012-12-01] (Lenovo)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-10-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-10-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-10-12] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-10-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-10-12] ()
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [49952 2014-03-20] (AVG Technologies)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [116752 2013-10-14] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [290256 2013-10-14] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494808 2013-10-14] (Intel Corporation)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-29] (Malwarebytes Corporation)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [547032 2013-07-04] (Realtek Semiconductor Corporation)
R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [2968280 2013-11-15] (Realtek Semiconductor Corporation                           )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SensorsHIDClassDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1058680 2012-08-11] (Sunplus)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S0 hitmanpro37duringboot; system32\drivers\hitmanpro37.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-10 17:35 - 2014-11-10 17:35 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-11-10 17:35 - 2014-11-10 17:35 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-11-10 17:32 - 2014-11-10 17:32 - 00000000 ____D () C:\Users\David\AppData\Local\Avg2014
2014-11-09 13:36 - 2014-11-09 13:36 - 00000000 ____D () C:\ProgramData\Optimizer
2014-11-09 13:34 - 2014-11-10 17:39 - 00000000 ____D () C:\Users\David\Desktop\frst
2014-11-09 13:34 - 2014-11-09 13:34 - 00003074 _____ () C:\Users\David\Downloads\fixlist(1).txt
2014-11-08 14:03 - 2014-11-08 14:04 - 00000000 ____D () C:\Users\David\Documents\mst124 TMA01
2014-11-08 13:16 - 2014-11-10 17:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-05 21:01 - 2014-11-10 17:39 - 00000000 ____D () C:\FRST
2014-11-05 19:25 - 2014-11-05 19:29 - 42807296 _____ () C:\Users\David\Downloads\BlackboardCollaborateLauncher-Win(2).msi
2014-11-05 19:14 - 2014-11-05 19:14 - 00688992 _____ (Swearware) C:\Users\David\Downloads\dds(1).com
2014-11-05 19:11 - 2014-11-05 19:11 - 00688992 _____ (Swearware) C:\Users\David\Downloads\dds.com
2014-11-05 08:29 - 2014-11-05 08:29 - 00002276 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2014-11-05 08:29 - 2014-11-05 08:29 - 00000000 ____D () C:\Users\David\AppData\Local\WinZip
2014-11-05 08:29 - 2014-11-05 08:29 - 00000000 ____D () C:\ProgramData\WinZip
2014-11-05 08:29 - 2014-11-05 08:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2014-11-05 08:29 - 2014-11-05 08:29 - 00000000 ____D () C:\Program Files (x86)\WinZip
2014-11-05 08:24 - 2014-11-05 08:27 - 59910144 _____ () C:\Users\David\Downloads\winzip190-32.msi
2014-11-05 08:23 - 2014-11-05 08:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-11-05 08:23 - 2014-11-05 08:23 - 00000000 ____D () C:\Program Files\7-Zip
2014-11-05 08:21 - 2014-11-09 13:37 - 00000698 _____ () C:\WINDOWS\PFRO.log
2014-11-05 08:17 - 2014-11-05 08:17 - 01444352 _____ () C:\Users\David\Downloads\7z922-x64.msi
2014-11-05 08:16 - 2014-11-05 08:16 - 00770360 _____ ( ) C:\Users\David\Downloads\7z922-x64_inst.exe
2014-11-05 07:59 - 2014-11-05 07:59 - 02979459 _____ () C:\Users\David\Downloads\tma1.zip
2014-11-04 22:10 - 2014-11-10 17:19 - 00021309 _____ () C:\WINDOWS\runSW.log
2014-11-04 22:02 - 2014-11-10 17:22 - 00590520 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-04 22:02 - 2014-11-04 22:02 - 00002857 _____ () C:\WINDOWS\setupact.log
2014-11-04 22:02 - 2014-11-04 22:02 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-11-04 21:53 - 2014-11-04 21:53 - 00008424 _____ () C:\Users\David\Documents\cc_20141104_215336.reg
2014-11-04 20:49 - 2014-11-08 16:53 - 00021790 _____ () C:\Users\David\maxout.gnuplot
2014-11-04 19:49 - 2014-11-04 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxima-5.30.0
2014-11-04 19:46 - 2014-11-04 19:47 - 33439662 _____ (The Maxima Development Team ) C:\Users\David\Downloads\maxima-5.30.0.exe
2014-11-03 19:23 - 2014-11-03 19:26 - 104874964 _____ () C:\Users\David\Downloads\South.Park.S18E05.HDTV.x264-KILLERS.mp4
2014-11-03 19:23 - 2014-11-03 19:26 - 103685920 ____R () C:\Users\David\Downloads\South.Park.S18E04.HDTV.x264-KILLERS.mp4
2014-11-01 17:57 - 2014-11-01 18:33 - 00000000 ____D () C:\Users\David\Downloads\A Million Ways to Die in the West (2014) [1080p]
2014-10-30 22:09 - 2014-10-30 22:09 - 00490256 _____ () C:\Users\David\Downloads\HelpAsst_mebroot_fix.exe
2014-10-30 19:50 - 2014-10-30 19:54 - 42807296 _____ () C:\Users\David\Downloads\BlackboardCollaborateLauncher-Win(1).msi
2014-10-26 16:46 - 2014-10-26 16:46 - 00000000 ____D () C:\Users\David\AppData\Roaming\Lenovo
2014-10-26 16:43 - 2014-10-26 16:43 - 00000000 ____D () C:\Users\David\AppData\Local\Lenovo
2014-10-25 20:06 - 2014-10-25 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ooVoo
2014-10-25 20:05 - 2014-10-25 20:05 - 02387520 _____ (ooVoo LLC) C:\Users\David\Downloads\ooVooSetup.exe
2014-10-25 19:46 - 2014-10-25 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2014-10-25 19:46 - 2014-10-25 19:46 - 00000000 ____D () C:\Program Files\Dolby Digital Plus
2014-10-25 19:45 - 2014-10-25 19:45 - 00000000 ____D () C:\Users\Public\Documents\Conexant
2014-10-25 19:45 - 2011-09-01 14:23 - 00447104 _____ (Conexant Systems, Inc.) C:\WINDOWS\SysWOW64\SASrv.exe
2014-10-25 19:44 - 2013-07-25 13:39 - 00206552 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CxAudMsg64.exe
2014-10-25 19:44 - 2012-06-04 11:34 - 00002008 _____ () C:\WINDOWS\system32\Drivers\SamSfPa.dat
2014-10-25 19:39 - 2014-10-25 19:39 - 00001577 _____ () C:\WINDOWS\Delfg.cmd
2014-10-25 19:39 - 2014-10-25 19:39 - 00000146 _____ () C:\WINDOWS\launchpw.cmd
2014-10-25 19:38 - 2014-10-25 19:39 - 00000006 _____ () C:\WINDOWS\systemtype.txt
2014-10-25 19:32 - 2014-10-25 19:32 - 00000000 ____D () C:\Program Files (x86)\Lenovo EasyCamera
2014-10-25 19:25 - 2014-10-25 19:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2014-10-25 19:25 - 2014-10-25 19:25 - 00000000 ____D () C:\WINDOWS\System32\Tasks\TVT
2014-10-25 19:24 - 2014-10-25 20:03 - 00000000 ____D () C:\ProgramData\Lenovo
2014-10-25 19:24 - 2014-10-25 19:38 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2014-10-25 19:12 - 2014-10-25 19:14 - 47369288 _____ (Lenovo Group Limited ) C:\Users\David\Downloads\0tme03ww.exe
2014-10-25 19:10 - 2014-10-25 19:11 - 07643992 _____ (Lenovo Group Limited ) C:\Users\David\Downloads\0tcr03ww.exe
2014-10-25 19:09 - 2014-10-25 19:10 - 02773984 _____ (Lenovo Group Limited ) C:\Users\David\Downloads\0tca05ww_chicony.exe
2014-10-25 19:09 - 2014-10-25 19:10 - 00527280 _____ (Lenovo Group Limited ) C:\Users\David\Downloads\0tal01ww.exe
2014-10-25 19:08 - 2014-10-25 19:09 - 01542256 _____ (Lenovo Group Limited ) C:\Users\David\Downloads\0tch06ww.exe
2014-10-25 19:06 - 2014-10-25 19:12 - 49349280 _____ (Lenovo Group Limited) C:\Users\David\Downloads\zb55z004us00.exe
2014-10-25 19:05 - 2014-10-25 19:18 - 194472856 _____ (Lenovo Group Limited ) C:\Users\David\Downloads\0tau23ww.exe
2014-10-25 19:04 - 2014-10-25 19:21 - 365264872 _____ (Lenovo Group Limited ) C:\Users\David\Downloads\0tg622ww.exe
2014-10-25 19:04 - 2014-10-25 19:12 - 47001192 _____ (Lenovo Group Limited ) C:\Users\David\Downloads\0ttp18ww.exe
2014-10-25 19:04 - 2014-10-25 19:04 - 05095608 _____ (Lenovo Group Limited ) C:\Users\David\Downloads\0tdf05ww.exe
2014-10-25 19:03 - 2014-10-25 19:11 - 53139280 _____ (Lenovo Group Limited ) C:\Users\David\Downloads\0twb33ww.exe
2014-10-25 19:03 - 2014-10-25 19:08 - 34689608 _____ (Lenovo) C:\Users\David\Downloads\smartgestureinstall.exe
2014-10-25 19:03 - 2014-10-25 19:06 - 29142384 _____ (Lenovo Group Limited ) C:\Users\David\Downloads\0twb32ww.exe
2014-10-25 19:03 - 2014-10-25 19:05 - 11501640 _____ (Lenovo Group Limited ) C:\Users\David\Downloads\lenovoshareit-win.exe
2014-10-25 19:03 - 2014-10-25 19:03 - 13066744 _____ ( ) C:\Users\David\Downloads\systemupdate506-09-16-2014.exe
2014-10-25 17:35 - 2014-10-25 17:37 - 00000000 ____D () C:\Users\David\Downloads\Teenage.Mutant.Ninja.Turtles.2014.720p.HDRip.x264.AC3.5.1-RARBG
2014-10-25 16:44 - 2014-10-25 16:44 - 00003134 _____ () C:\Users\David\Documents\cc_20141025_174430.reg
2014-10-25 15:29 - 2014-10-09 22:16 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-10-25 15:29 - 2014-10-08 22:09 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-10-25 15:29 - 2014-09-19 01:24 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-10-25 15:29 - 2014-09-13 06:02 - 02779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-25 15:29 - 2014-09-13 05:30 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-10-25 15:29 - 2014-09-10 06:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-10-25 15:29 - 2014-09-08 03:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-10-25 15:29 - 2014-09-08 03:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-10-25 15:29 - 2014-09-07 22:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-10-25 15:29 - 2014-09-04 22:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-10-25 15:29 - 2014-09-04 22:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-10-25 15:29 - 2014-09-04 03:15 - 00561416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-10-25 15:29 - 2014-09-04 03:14 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-10-25 15:29 - 2014-09-04 03:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-10-25 15:29 - 2014-09-04 02:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-10-25 15:29 - 2014-09-04 01:19 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-10-25 15:29 - 2014-09-04 01:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-10-25 15:29 - 2014-09-04 00:45 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-10-25 15:29 - 2014-09-04 00:41 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-10-25 15:29 - 2014-09-04 00:36 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-10-25 15:29 - 2014-09-04 00:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-10-25 15:29 - 2014-09-04 00:15 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-10-25 15:29 - 2014-09-04 00:10 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-10-25 15:29 - 2014-09-03 23:57 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-10-25 15:29 - 2014-09-03 23:49 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-10-25 15:29 - 2014-08-31 00:17 - 00148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-10-25 15:29 - 2014-08-31 00:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-10-25 15:29 - 2014-08-30 22:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-10-25 15:29 - 2014-08-30 22:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2014-10-25 15:29 - 2014-08-30 21:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2014-10-25 15:29 - 2014-08-30 21:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-10-25 15:29 - 2014-08-30 20:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2014-10-25 15:29 - 2014-08-30 20:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-10-25 15:29 - 2014-08-28 02:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-10-25 15:29 - 2014-08-28 00:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-10-25 15:29 - 2014-08-28 00:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-10-25 15:29 - 2014-08-23 05:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-10-25 15:29 - 2014-08-23 05:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-10-25 15:29 - 2014-08-23 04:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-10-25 15:29 - 2014-08-02 00:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-10-25 15:29 - 2014-08-02 00:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-10-25 15:23 - 2014-09-08 03:15 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-10-25 15:23 - 2014-09-08 01:46 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-10-25 15:23 - 2014-09-08 01:46 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-10-25 15:23 - 2014-09-08 00:08 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-10-25 15:23 - 2014-09-08 00:07 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-10-25 15:23 - 2014-09-08 00:05 - 03448320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-10-25 15:23 - 2014-09-08 00:04 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-25 15:23 - 2014-09-08 00:04 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-10-25 15:23 - 2014-09-08 00:03 - 01702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-10-25 15:23 - 2014-09-08 00:03 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-10-25 15:23 - 2014-09-07 23:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-10-25 15:23 - 2014-09-07 23:59 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-10-25 15:23 - 2014-09-07 23:56 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-10-25 15:23 - 2014-09-07 23:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-10-25 13:51 - 2014-10-25 13:51 - 00000000 ____D () C:\Users\David\Documents\Outlook Files
2014-10-21 19:55 - 2014-10-21 19:55 - 00000000 ____D () C:\Users\David\AppData\Roaming\ooVoo Details
2014-10-21 19:54 - 2014-10-25 20:06 - 00000000 ____D () C:\Program Files (x86)\ooVoo
2014-10-16 09:20 - 2014-09-19 02:25 - 23631360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-16 09:16 - 2014-09-19 01:44 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-16 09:15 - 2014-09-25 22:50 - 13619200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-16 09:15 - 2014-09-25 22:46 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-16 09:15 - 2014-09-25 22:46 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-16 09:15 - 2014-09-25 22:43 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-16 09:15 - 2014-09-25 22:32 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-16 09:15 - 2014-09-25 22:31 - 02108416 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-16 09:15 - 2014-09-19 01:41 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-16 09:15 - 2014-09-19 01:40 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-10-16 09:15 - 2014-09-19 01:38 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-10-16 09:15 - 2014-09-19 01:36 - 05829632 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-16 09:15 - 2014-09-19 01:25 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-16 09:15 - 2014-09-19 01:25 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-10-16 09:15 - 2014-09-19 01:02 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-10-16 09:15 - 2014-09-19 01:00 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-16 09:15 - 2014-09-19 00:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-10-16 09:15 - 2014-09-19 00:58 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-16 09:15 - 2014-09-19 00:55 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-16 09:15 - 2014-09-19 00:42 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-16 09:15 - 2014-09-19 00:42 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-16 09:15 - 2014-09-19 00:42 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-16 09:15 - 2014-09-19 00:33 - 02309632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-16 09:15 - 2014-09-19 00:20 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-16 09:15 - 2014-09-19 00:20 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-16 09:15 - 2014-09-19 00:14 - 01447936 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-16 09:15 - 2014-09-18 23:59 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-10-16 09:15 - 2014-09-18 23:59 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-10-16 09:15 - 2014-09-18 23:53 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-16 09:15 - 2014-09-18 23:52 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-10-15 22:24 - 2014-09-27 22:25 - 04183040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-15 22:03 - 2014-09-13 06:29 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-15 22:03 - 2014-09-13 05:49 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-10-15 22:03 - 2014-09-04 00:12 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-15 22:03 - 2014-09-04 00:01 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-10-14 18:17 - 2014-10-30 19:56 - 00001693 _____ () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blackboard Collaborate Launcher.lnk
2014-10-14 18:14 - 2014-10-14 18:16 - 42807296 _____ () C:\Users\David\Downloads\BlackboardCollaborateLauncher-Win.msi
2014-10-14 18:14 - 2014-10-14 18:14 - 00010684 _____ () C:\Users\David\Downloads\meeting(1).collab
2014-10-13 12:35 - 2014-10-13 12:35 - 00004151 _____ () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileHippo.lnk
2014-10-13 12:29 - 2014-10-13 12:30 - 17921200 _____ (Adobe Systems Incorporated) C:\Users\David\Downloads\flashplayer15_install_win_pi.exe
2014-10-13 12:28 - 2014-10-13 12:30 - 04965896 _____ (Piriform Ltd) C:\Users\David\Downloads\ccsetup418.exe
2014-10-13 12:26 - 2014-10-13 12:26 - 00499976 _____ () C:\Users\David\Downloads\AppManagerSetup_1.44.exe
2014-10-13 11:49 - 2014-10-13 11:49 - 01976320 _____ () C:\Users\David\Downloads\adwcleaner_4.000.exe
2014-10-13 10:15 - 2014-07-24 15:28 - 00419648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-10-13 10:15 - 2014-07-24 15:28 - 00412992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-10-13 10:15 - 2014-07-24 15:28 - 00280384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-10-13 10:15 - 2014-07-24 15:28 - 00143680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-10-13 10:15 - 2014-07-24 15:23 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-10-13 10:15 - 2014-07-24 15:23 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-10-13 10:15 - 2014-07-24 15:20 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-10-13 10:15 - 2014-07-24 15:20 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-10-13 10:15 - 2014-07-24 15:16 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-10-13 10:15 - 2014-07-24 15:16 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-10-13 10:15 - 2014-07-24 15:07 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-10-13 10:15 - 2014-07-24 15:05 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-10-13 10:15 - 2014-07-24 15:05 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-10-13 10:15 - 2014-07-24 15:05 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-10-13 10:15 - 2014-07-24 15:05 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-10-13 10:15 - 2014-07-24 15:03 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-10-13 10:15 - 2014-07-24 15:03 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-10-13 10:15 - 2014-07-24 15:03 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-10-13 10:15 - 2014-07-24 15:03 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-10-13 10:15 - 2014-07-24 15:03 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2014-10-13 10:15 - 2014-07-24 13:50 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-10-13 10:15 - 2014-07-24 13:48 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-10-13 10:15 - 2014-07-24 13:48 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-10-13 10:15 - 2014-07-24 13:46 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-10-13 10:15 - 2014-07-24 13:36 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-10-13 10:15 - 2014-07-24 13:36 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-10-13 10:15 - 2014-07-24 13:36 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-10-13 10:15 - 2014-07-24 13:36 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2014-10-13 10:15 - 2014-07-24 11:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2014-10-13 10:15 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2014-10-13 10:15 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL
2014-10-13 10:15 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2014-10-13 10:15 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2014-10-13 10:15 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2014-10-13 10:15 - 2014-07-24 11:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2014-10-13 10:15 - 2014-07-24 11:47 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-10-13 10:15 - 2014-07-24 11:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-10-13 10:15 - 2014-07-24 11:45 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-10-13 10:15 - 2014-07-24 11:44 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-10-13 10:15 - 2014-07-24 11:43 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2014-10-13 10:15 - 2014-07-24 11:42 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-10-13 10:15 - 2014-07-24 11:42 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2014-10-13 10:15 - 2014-07-24 11:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2014-10-13 10:15 - 2014-07-24 11:22 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2014-10-13 10:15 - 2014-07-24 11:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2014-10-13 10:15 - 2014-07-24 11:05 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2014-10-13 10:15 - 2014-07-24 11:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-10-13 10:15 - 2014-07-24 10:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2014-10-13 10:15 - 2014-07-24 10:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL
2014-10-13 10:15 - 2014-07-24 10:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2014-10-13 10:15 - 2014-07-24 10:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2014-10-13 10:15 - 2014-07-24 10:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2014-10-13 10:15 - 2014-07-24 10:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2014-10-13 10:15 - 2014-07-24 10:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2014-10-13 10:15 - 2014-07-24 10:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2014-10-13 10:15 - 2014-07-24 10:33 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-10-13 10:15 - 2014-07-24 10:32 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2014-10-13 10:15 - 2014-07-24 10:20 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2014-10-13 10:15 - 2014-07-24 10:18 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-10-13 10:15 - 2014-07-24 10:12 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-10-13 10:15 - 2014-07-24 10:10 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-10-13 10:15 - 2014-07-24 10:10 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-10-13 10:15 - 2014-07-24 10:10 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-10-13 10:15 - 2014-07-24 10:10 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2014-10-13 10:15 - 2014-07-24 10:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-10-13 10:15 - 2014-07-24 09:53 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2014-10-13 10:15 - 2014-07-24 09:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-10-13 10:15 - 2014-07-24 09:44 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-10-13 10:15 - 2014-07-24 09:42 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2014-10-13 10:15 - 2014-07-24 09:40 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-10-13 10:15 - 2014-07-24 09:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-10-13 10:15 - 2014-07-24 09:33 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2014-10-13 10:15 - 2014-07-24 09:32 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-10-13 10:15 - 2014-07-24 09:27 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-10-13 10:15 - 2014-07-24 09:25 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-10-13 10:15 - 2014-07-24 09:24 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-10-13 10:15 - 2014-07-24 09:21 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2014-10-13 10:15 - 2014-07-24 09:18 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2014-10-13 10:15 - 2014-07-24 09:16 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-10-13 10:15 - 2014-07-24 09:14 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-10-13 10:15 - 2014-07-24 09:13 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2014-10-13 10:15 - 2014-07-24 09:12 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-10-13 10:15 - 2014-07-24 09:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-10-13 10:15 - 2014-07-24 09:11 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2014-10-13 10:15 - 2014-07-24 09:10 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-10-13 10:15 - 2014-07-24 09:04 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-10-13 10:15 - 2014-07-24 09:04 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-10-13 10:15 - 2014-07-24 09:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-10-13 10:15 - 2014-07-24 09:02 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-10-13 10:15 - 2014-07-24 08:58 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2014-10-13 10:15 - 2014-07-24 08:53 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-10-13 10:15 - 2014-07-24 08:53 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-10-13 10:15 - 2014-07-24 08:49 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-10-13 10:15 - 2014-07-24 08:49 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-10-13 10:15 - 2014-07-24 08:49 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-10-13 10:15 - 2014-07-24 08:48 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-10-13 10:15 - 2014-07-24 08:47 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-10-13 10:15 - 2014-07-24 08:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2014-10-13 10:15 - 2014-07-24 08:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-10-13 10:15 - 2014-07-24 08:38 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-10-13 10:15 - 2014-07-24 08:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2014-10-13 10:15 - 2014-07-24 08:32 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-10-13 10:15 - 2014-07-24 08:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-10-13 10:15 - 2014-07-24 08:29 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-10-13 10:15 - 2014-07-24 08:28 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2014-10-13 10:15 - 2014-07-24 08:23 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-10-13 10:15 - 2014-07-24 08:22 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-10-13 10:15 - 2014-07-24 08:21 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-10-13 10:15 - 2014-07-24 08:21 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-10-13 10:15 - 2014-07-24 08:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2014-10-13 10:15 - 2014-07-24 08:18 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-10-13 10:15 - 2014-07-24 08:18 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-10-13 10:15 - 2014-07-24 08:16 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-10-13 10:15 - 2014-07-24 08:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2014-10-13 10:15 - 2014-07-24 08:15 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-10-13 10:15 - 2014-07-24 08:15 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2014-10-13 10:15 - 2014-07-24 08:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-10-13 10:15 - 2014-07-24 08:10 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-10-13 10:15 - 2014-07-24 08:10 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-10-13 10:15 - 2014-07-24 08:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-10-13 10:15 - 2014-07-24 08:08 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2014-10-13 10:15 - 2014-07-24 08:05 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-10-13 10:15 - 2014-07-24 08:01 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2014-10-13 10:15 - 2014-07-24 08:00 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-10-13 10:15 - 2014-07-24 07:58 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-10-13 10:15 - 2014-07-24 07:58 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-10-13 10:15 - 2014-07-24 07:54 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2014-10-13 10:15 - 2014-07-24 07:50 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-10-13 10:15 - 2014-07-24 07:49 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2014-10-13 10:15 - 2014-07-24 07:47 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-10-13 10:15 - 2014-07-24 07:44 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-10-13 10:15 - 2014-07-24 07:43 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2014-10-13 10:15 - 2014-07-24 07:41 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-10-13 10:15 - 2014-07-24 07:33 - 03360768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-10-13 10:15 - 2014-07-24 07:28 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-10-13 10:15 - 2014-07-24 04:11 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-10-13 10:15 - 2014-07-24 04:11 - 00513544 _____ () C:\WINDOWS\system32\locale.nls
2014-10-13 10:15 - 2014-07-12 05:55 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2014-10-13 10:15 - 2014-07-12 04:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2014-10-13 10:15 - 2014-07-04 12:59 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-10-13 10:15 - 2014-07-04 10:29 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2014-10-13 10:15 - 2014-07-04 10:20 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-10-13 10:15 - 2014-07-04 10:06 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2014-10-13 10:15 - 2014-07-04 10:00 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-10-13 10:15 - 2014-07-04 09:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-10-13 10:15 - 2014-07-04 09:27 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-10-13 10:15 - 2014-06-27 06:22 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-10-13 10:15 - 2014-06-26 00:32 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-10-13 10:15 - 2014-06-26 00:29 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2014-10-13 10:15 - 2014-06-19 23:37 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-10-13 10:15 - 2014-06-19 02:13 - 00310080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-10-13 10:15 - 2014-06-14 06:03 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-10-13 10:15 - 2014-06-14 05:46 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-10-13 10:15 - 2014-06-07 12:46 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-10-13 10:15 - 2014-06-07 10:20 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-10-13 10:15 - 2014-06-05 14:00 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-10-13 10:15 - 2014-06-05 10:18 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-10-13 10:15 - 2014-06-05 09:42 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-10-13 10:15 - 2014-05-31 05:00 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2014-10-13 10:15 - 2014-05-31 04:18 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2014-10-13 10:15 - 2014-05-29 06:23 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-10-13 10:15 - 2014-05-29 05:25 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-10-13 10:15 - 2014-05-26 07:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-10-13 10:15 - 2014-05-10 10:12 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-10-13 10:15 - 2014-05-10 08:46 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-10-13 10:15 - 2014-05-06 04:41 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-10-13 10:15 - 2014-05-06 00:55 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-10-13 10:15 - 2014-03-25 02:27 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-10-13 10:15 - 2014-03-25 02:27 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-10-13 10:15 - 2014-03-25 01:20 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-10-13 10:15 - 2014-03-25 01:20 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-10-13 10:14 - 2014-08-15 00:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-10-13 10:14 - 2014-07-30 01:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-10-13 10:14 - 2014-07-29 05:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-10-13 10:06 - 2014-10-25 15:36 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-10-13 09:48 - 2014-04-14 03:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-10-13 09:41 - 2014-10-13 09:41 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-10-13 09:41 - 2014-10-13 09:41 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-10-13 09:41 - 2014-10-13 09:41 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-10-13 09:41 - 2014-10-13 09:41 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-10-13 09:41 - 2014-10-13 09:41 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-10-13 09:41 - 2014-10-13 09:41 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-10-13 09:41 - 2014-10-13 09:41 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-10-13 09:41 - 2014-10-13 09:41 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-10-13 09:41 - 2014-10-13 09:41 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-10-13 09:41 - 2014-10-13 09:41 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-10-13 09:41 - 2014-10-13 09:41 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-10-13 09:41 - 2014-10-13 09:41 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-10-13 09:41 - 2014-10-13 09:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-10-13 09:41 - 2014-10-13 09:41 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-10-13 09:41 - 2014-08-16 01:32 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-10-13 09:41 - 2014-08-16 01:25 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-10-13 09:41 - 2014-08-16 01:11 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-10-13 09:41 - 2014-08-16 01:03 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-10-13 09:41 - 2014-08-16 00:58 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-13 09:41 - 2014-05-30 09:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-10-13 09:41 - 2014-05-30 08:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-10-13 09:30 - 2014-04-11 08:25 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-10-13 09:30 - 2014-04-11 03:54 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-10-13 09:30 - 2014-04-11 02:57 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-10-13 07:27 - 2014-10-13 07:27 - 00000000 ____D () C:\Users\David\Downloads\Hitman Pro 3.7.9 Cracked 32+64-Bit [danhuk]
2014-10-13 07:23 - 2014-10-13 07:23 - 00000000 ____D () C:\Program Files\HitmanPro
2014-10-13 07:02 - 2014-09-05 02:36 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-10-13 07:02 - 2014-06-28 07:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-10-13 07:02 - 2014-05-30 03:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-10-13 07:00 - 2014-06-20 01:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-10-13 07:00 - 2014-06-19 23:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-10-13 06:57 - 2014-08-07 02:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-10-13 06:57 - 2014-08-02 03:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-10-13 06:57 - 2014-07-15 18:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-10-13 06:57 - 2014-07-15 08:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-10-13 06:57 - 2014-07-15 08:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-10-13 06:57 - 2014-07-15 08:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-10-13 06:57 - 2014-06-13 01:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-10-13 06:57 - 2014-06-13 01:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-10-13 06:57 - 2014-06-13 00:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-10-13 06:57 - 2014-06-06 11:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-10-13 06:57 - 2014-05-10 03:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-10-13 06:57 - 2014-05-10 03:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-10-13 06:57 - 2014-03-24 02:30 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-10-13 06:57 - 2014-03-24 02:30 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-10-13 06:57 - 2014-03-24 02:27 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-10-12 21:49 - 2014-08-02 00:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-10-12 21:49 - 2014-05-29 07:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-10-12 21:49 - 2014-05-29 06:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-10-12 21:49 - 2014-03-13 07:42 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-10-12 21:49 - 2014-03-13 06:51 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-10-12 21:38 - 2014-06-09 22:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-10-12 21:38 - 2014-06-09 22:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-10-12 21:34 - 2014-05-03 05:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-10-12 21:34 - 2014-05-03 04:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-10-12 21:34 - 2014-04-30 06:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-10-12 21:34 - 2014-04-30 04:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-10-12 21:34 - 2014-04-30 04:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-10-12 21:34 - 2014-04-30 03:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-10-12 21:34 - 2014-04-30 03:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-10-12 21:34 - 2014-04-28 22:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-10-12 21:34 - 2014-04-26 16:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-10-12 21:34 - 2014-04-14 09:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-10-12 21:34 - 2014-04-14 08:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-10-12 21:33 - 2014-05-13 07:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-10-12 21:33 - 2014-05-03 05:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-10-12 21:33 - 2014-05-03 05:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-10-12 21:33 - 2014-05-03 05:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-10-12 21:33 - 2014-05-03 04:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-10-12 21:33 - 2014-05-03 04:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-10-12 21:33 - 2014-05-02 23:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-10-12 21:33 - 2014-04-30 06:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-10-12 21:33 - 2014-04-30 06:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-10-12 21:33 - 2014-04-30 06:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-10-12 21:33 - 2014-04-30 05:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-10-12 21:33 - 2014-04-30 04:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-10-12 21:33 - 2014-04-30 04:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-10-12 21:33 - 2014-04-30 04:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-10-12 21:33 - 2014-04-30 04:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-10-12 21:33 - 2014-04-30 03:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-10-12 21:33 - 2014-04-30 03:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-10-12 21:33 - 2014-04-30 03:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-10-12 21:33 - 2014-04-30 03:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-10-12 21:33 - 2014-04-14 05:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-10-12 21:32 - 2014-04-18 14:57 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-10-12 21:32 - 2014-04-18 09:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-10-12 21:32 - 2014-04-14 09:20 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-10-12 21:32 - 2014-04-14 08:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-10-12 21:32 - 2014-04-11 04:51 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-10-12 21:32 - 2014-04-11 04:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-10-12 21:32 - 2014-04-09 11:53 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-10-12 21:32 - 2014-04-09 06:39 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-10-12 21:32 - 2014-04-09 05:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-10-12 21:32 - 2014-04-09 03:33 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-10-12 21:32 - 2014-04-08 02:01 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-10-12 21:32 - 2014-04-06 16:34 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-10-12 21:32 - 2014-04-06 16:34 - 00275800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-10-12 21:32 - 2014-04-06 16:30 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-10-12 21:32 - 2014-04-06 16:24 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-10-12 21:32 - 2014-04-06 16:20 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-10-12 21:32 - 2014-04-06 16:20 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-10-12 21:32 - 2014-04-06 16:20 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-10-12 21:32 - 2014-04-06 16:20 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-10-12 21:32 - 2014-04-06 16:20 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-10-12 21:32 - 2014-04-06 16:20 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-10-12 21:32 - 2014-04-06 16:20 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-10-12 21:32 - 2014-04-06 16:20 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-10-12 21:32 - 2014-04-06 15:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-10-12 21:32 - 2014-04-06 15:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-10-12 21:32 - 2014-04-06 15:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-10-12 21:32 - 2014-04-06 15:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-10-12 21:32 - 2014-04-06 15:16 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-10-12 21:32 - 2014-04-06 15:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-10-12 21:32 - 2014-04-06 15:16 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-10-12 21:32 - 2014-04-06 15:16 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-10-12 21:32 - 2014-04-06 12:33 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-10-12 21:32 - 2014-04-06 11:01 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-10-12 21:32 - 2014-04-06 10:05 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-10-12 21:32 - 2014-04-06 09:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-10-12 21:32 - 2014-04-03 08:12 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-10-12 21:32 - 2014-04-03 08:12 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-10-12 21:32 - 2014-04-03 04:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-10-12 21:32 - 2014-04-03 04:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-10-12 21:32 - 2014-03-28 15:58 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-10-12 21:32 - 2014-03-27 05:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-10-12 21:32 - 2014-03-27 03:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-10-12 21:32 - 2014-03-27 03:10 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-10-12 21:32 - 2014-03-18 05:00 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-10-12 21:32 - 2014-03-18 04:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-10-12 21:32 - 2014-03-17 05:09 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-10-12 21:32 - 2014-03-17 04:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-10-12 21:32 - 2014-03-14 06:26 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-10-12 21:32 - 2014-03-14 06:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-10-12 21:31 - 2014-04-06 16:20 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-10-12 21:31 - 2014-04-06 16:20 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-10-12 21:31 - 2014-04-06 12:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-10-12 21:31 - 2014-04-06 12:51 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-10-12 21:31 - 2014-04-06 12:24 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-10-12 21:31 - 2014-04-06 12:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-10-12 21:31 - 2014-04-06 11:26 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-10-12 21:31 - 2014-04-06 11:20 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-10-12 21:31 - 2014-04-03 02:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-10-12 21:31 - 2014-04-03 02:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-10-12 21:31 - 2014-03-27 04:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-10-12 21:31 - 2014-03-19 08:15 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-10-12 21:31 - 2014-03-19 07:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-10-12 21:30 - 2014-05-19 06:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-10-12 21:30 - 2014-05-19 06:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-10-12 21:30 - 2014-05-19 05:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-10-12 21:30 - 2014-04-30 04:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-10-12 21:30 - 2014-04-30 04:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-10-12 21:30 - 2014-04-30 03:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-10-12 21:30 - 2014-04-08 22:46 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-10-12 21:30 - 2014-04-08 22:46 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-10-12 21:30 - 2014-04-08 18:54 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-10-12 21:30 - 2014-04-08 18:54 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-10-12 21:19 - 2014-06-02 02:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-10-12 21:19 - 2014-05-31 10:07 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-10-12 21:19 - 2014-05-31 10:07 - 00089944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-10-12 21:19 - 2014-05-31 10:07 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-10-12 21:19 - 2014-05-31 06:30 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-10-12 21:19 - 2014-05-31 06:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-10-12 21:19 - 2014-05-31 06:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-10-12 21:19 - 2014-05-31 04:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-10-12 21:19 - 2014-05-31 04:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-10-12 21:19 - 2014-05-31 04:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-10-12 21:19 - 2014-05-27 09:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-10-12 21:19 - 2014-05-27 09:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-10-12 21:18 - 2014-05-31 10:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-10-12 21:18 - 2014-05-31 02:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-10-12 21:18 - 2014-05-31 02:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-10-12 21:17 - 2014-07-24 03:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-10-12 21:17 - 2014-07-24 03:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-10-12 21:16 - 2014-06-06 13:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-10-12 21:16 - 2014-06-06 12:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-10-12 21:16 - 2014-05-01 13:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-10-12 21:16 - 2014-05-01 05:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-10-12 21:15 - 2014-07-12 04:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-10-12 20:39 - 2014-08-16 04:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-10-12 20:39 - 2014-08-16 04:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-10-12 20:39 - 2014-08-16 03:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-10-12 20:39 - 2014-08-16 03:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-10-12 20:39 - 2014-08-16 03:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-10-12 20:39 - 2014-08-16 01:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-10-12 20:39 - 2014-08-16 01:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-10-12 20:39 - 2014-08-16 00:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-12 20:39 - 2014-08-16 00:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-10-12 20:39 - 2014-08-16 00:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-10-12 20:39 - 2014-08-16 00:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-10-12 20:39 - 2014-08-16 00:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-10-12 20:39 - 2014-08-16 00:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-10-12 20:39 - 2014-08-16 00:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-10-12 20:39 - 2014-08-16 00:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-10-12 20:39 - 2014-08-16 00:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-12 20:39 - 2014-08-16 00:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-10-12 20:39 - 2014-08-16 00:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-12 20:39 - 2014-08-16 00:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-12 20:39 - 2014-08-16 00:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-12 20:39 - 2014-08-16 00:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-10-12 20:39 - 2014-08-16 00:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-12 20:39 - 2014-08-16 00:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-10-12 20:39 - 2014-08-16 00:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-10-12 20:39 - 2014-08-16 00:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-10-12 20:39 - 2014-08-16 00:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-10-12 20:39 - 2014-08-16 00:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-10-12 20:39 - 2014-08-16 00:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-10-12 20:39 - 2014-08-16 00:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-10-12 20:39 - 2014-08-16 00:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-10-12 20:39 - 2014-07-24 15:28 - 00468288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-10-12 20:39 - 2014-07-24 11:42 - 01200640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-10-12 20:39 - 2014-07-24 11:41 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2014-10-12 20:39 - 2014-07-24 10:09 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-10-12 20:39 - 2014-07-24 09:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-10-12 20:39 - 2014-04-11 05:53 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-10-12 20:39 - 2014-03-19 07:24 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-10-12 20:37 - 2014-08-29 01:58 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-10-12 20:37 - 2014-08-28 23:56 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-12 20:37 - 2014-08-28 23:47 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-10-12 20:37 - 2014-08-23 07:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-10-12 20:37 - 2014-08-23 07:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-10-12 20:37 - 2014-08-23 06:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-10-12 20:37 - 2014-08-23 05:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-10-12 20:37 - 2014-08-23 04:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-10-12 20:37 - 2014-08-23 04:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-10-12 20:37 - 2014-08-23 04:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-10-12 20:37 - 2014-06-04 09:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-10-12 20:37 - 2014-06-04 05:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-10-12 20:37 - 2014-06-04 04:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-10-12 19:47 - 2014-10-25 17:33 - 00000000 ____D () C:\Users\David\Downloads\22 Jump Street (2014)
2014-10-12 19:46 - 2014-10-12 19:46 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-10-12 18:03 - 2014-10-26 21:07 - 00000000 ____D () C:\SUPERDelete
2014-10-12 15:38 - 2014-10-12 19:36 - 00000000 ____D () C:\Program Files\Google
2014-10-12 15:29 - 2014-10-12 15:29 - 00000000 ____D () C:\Program Files (x86)\Avast Update
2014-10-12 15:26 - 2014-10-12 15:26 - 00000000 ____D () C:\Users\David\AppData\Roaming\AVAST Software
2014-10-12 15:26 - 2014-10-12 15:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-10-12 15:25 - 2014-11-07 08:28 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-10-12 15:25 - 2014-10-12 15:39 - 00427360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-10-12 15:25 - 2014-10-12 15:25 - 01041168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-10-12 15:25 - 2014-10-12 15:25 - 00307344 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-10-12 15:25 - 2014-10-12 15:25 - 00224896 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-10-12 15:25 - 2014-10-12 15:25 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-10-12 15:25 - 2014-10-12 15:25 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-10-12 15:25 - 2014-10-12 15:25 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-10-12 15:25 - 2014-10-12 15:25 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-10-12 15:25 - 2014-10-12 15:25 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-10-12 15:25 - 2014-10-12 15:25 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-10-12 15:25 - 2014-10-12 15:25 - 00000000 ____D () C:\Program Files\AVAST Software
2014-10-12 15:17 - 2014-10-12 15:24 - 91906368 _____ (AVAST Software) C:\Users\David\Downloads\avast_free_antivirus_setup.exe
2014-10-12 15:12 - 2014-10-12 15:13 - 07315296 _____ (IObit ) C:\Users\David\Downloads\startmenu-setup.exe
2014-10-12 15:03 - 2014-10-12 15:03 - 01705755 _____ (Thisisu) C:\Users\David\Downloads\JRT(1).exe
2014-10-12 13:59 - 2014-10-12 13:59 - 01705755 _____ (Thisisu) C:\Users\David\Downloads\JRT.exe
2014-10-12 13:52 - 2014-11-09 13:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-12 13:52 - 2014-10-12 13:52 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-12 13:43 - 2014-10-12 13:43 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-10-12 11:26 - 2014-10-29 18:07 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-12 11:26 - 2014-10-25 15:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-12 11:26 - 2014-10-12 11:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-10-12 11:26 - 2014-10-01 10:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-10-12 11:26 - 2014-10-01 10:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-10-12 11:26 - 2014-10-01 10:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-10-11 20:26 - 2014-10-11 20:34 - 00000000 ____D () C:\Users\David\Downloads\Sunshine (2007) [1080p]
2014-10-11 20:25 - 2014-10-11 20:25 - 00015723 _____ () C:\Users\David\Downloads\[kickass.to]sunshine.2007.1080p.brrip.x264.yify.torrent

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-10 17:39 - 2013-10-18 15:10 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B7E6E1BB-EBCB-4714-AD6B-B732B9D7116F}
2014-11-10 17:37 - 2013-03-22 20:05 - 00649728 ___SH () C:\Users\David\Downloads\Thumbs.db
2014-11-10 17:37 - 2013-03-18 23:47 - 02257408 ___SH () C:\Users\David\Desktop\Thumbs.db
2014-11-10 17:37 - 2013-03-17 17:01 - 00415744 ___SH () C:\Users\David\Documents\Thumbs.db
2014-11-10 17:36 - 2013-03-04 21:41 - 00000000 ____D () C:\Users\David\AppData\Local\Adobe
2014-11-10 17:29 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-11-10 17:28 - 2013-10-23 21:58 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-10 17:26 - 2013-09-30 04:04 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-10 17:23 - 2013-03-01 17:04 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2433331430-149645389-3559486150-1001
2014-11-10 17:19 - 2013-03-04 19:33 - 00000271 _____ () C:\Users\David\AppData\Local\RegisteredPackageInformation.xml
2014-11-10 17:19 - 2013-03-01 16:56 - 00019044 _____ () C:\Users\David\AppData\Local\BTServer.log
2014-11-10 17:18 - 2013-10-23 21:58 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-10 17:18 - 2013-08-22 14:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-09 13:52 - 2014-02-26 19:32 - 03933554 _____ () C:\Users\Public\CAFADEBUG.log
2014-11-09 13:52 - 2013-08-22 13:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-11-09 13:47 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-11-08 16:54 - 2013-10-18 13:21 - 00000000 ____D () C:\Users\David
2014-11-07 08:27 - 2012-12-01 06:09 - 00000000 ____D () C:\ProgramData\Realtek
2014-11-04 22:06 - 2014-10-01 22:24 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-11-04 21:53 - 2013-03-04 19:18 - 00000000 ____D () C:\Users\David\AppData\Roaming\uTorrent
2014-11-04 19:48 - 2014-10-07 21:51 - 00000000 ____D () C:\Program Files (x86)\Maxima-5.30.0
2014-11-02 00:23 - 2014-09-13 20:30 - 00000000 ____D () C:\Users\David\AppData\Roaming\vlc
2014-10-26 00:02 - 2014-09-14 09:38 - 00000000 ____D () C:\Users\David\AppData\Local\Otmfics
2014-10-26 00:02 - 2014-09-13 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-10-26 00:02 - 2014-09-13 20:14 - 00000000 ____D () C:\ProgramData\Windows VXM
2014-10-26 00:02 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-10-26 00:01 - 2014-05-09 20:16 - 00000000 ____D () C:\AdwCleaner
2014-10-26 00:01 - 2014-01-04 15:57 - 00000000 ____D () C:\Users\David\AppData\Local\Mozilla
2014-10-26 00:01 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\registration
2014-10-26 00:01 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-10-26 00:01 - 2013-03-04 21:08 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-10-25 19:46 - 2014-03-09 13:12 - 00009314 _____ () C:\WINDOWS\system32\UCI_VistaWaveRTWA.log
2014-10-25 19:46 - 2014-03-09 13:08 - 00006556 _____ () C:\WINDOWS\system32\DIF_UNSUPPORTED_23.LOG
2014-10-25 19:46 - 2014-02-26 19:32 - 00006728 _____ () C:\WINDOWS\system32\DIF_NEWDEVICEWIZARD_FINISHINSTALL.LOG
2014-10-25 19:46 - 2014-02-26 19:32 - 00000405 _____ () C:\WINDOWS\system32\DIF_UNSUPPORTED_12.LOG
2014-10-25 19:46 - 2014-02-26 19:30 - 00285769 _____ () C:\WINDOWS\system32\DIF_INSTALLDEVICE_POST.LOG
2014-10-25 19:44 - 2014-03-09 13:10 - 00005606 _____ () C:\WINDOWS\system32\DIF_UNSUPPORTED_34.LOG
2014-10-25 19:44 - 2014-03-09 13:10 - 00005606 _____ () C:\WINDOWS\system32\DIF_UNSUPPORTED_21.LOG
2014-10-25 19:44 - 2014-03-09 13:08 - 00035614 _____ () C:\WINDOWS\system32\DIF_ALLOW_INSTALL.LOG
2014-10-25 19:44 - 2014-02-26 19:30 - 00121172 _____ () C:\WINDOWS\system32\DIF_INSTALLDEVICE_PRE.LOG
2014-10-25 19:44 - 2014-02-26 19:30 - 00004974 _____ () C:\WINDOWS\system32\DIF_INSTALLINTERFACES.LOG
2014-10-25 19:39 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\Help
2014-10-25 19:39 - 2012-12-01 06:15 - 00000000 ____D () C:\Program Files\Lenovo
2014-10-25 19:39 - 2012-12-01 06:11 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2014-10-25 19:36 - 2012-12-01 06:06 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-10-25 19:34 - 2012-12-01 06:06 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2014-10-25 19:28 - 2014-03-09 13:18 - 00000000 ____D () C:\Program Files (x86)\REALTEK USB Wireless LAN Driver
2014-10-25 19:26 - 2013-03-03 22:00 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2014-10-25 19:26 - 2012-12-01 06:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-10-25 17:26 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-25 15:57 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-10-25 15:57 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-10-25 15:57 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-10-25 15:57 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-10-25 15:57 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-10-25 15:42 - 2013-12-30 00:04 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-10-25 15:42 - 2013-03-04 21:08 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-25 15:42 - 2012-07-26 07:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-10-25 15:42 - 2012-07-26 05:26 - 00000167 _____ () C:\WINDOWS\win.ini
2014-10-25 15:40 - 2013-10-06 00:13 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-25 15:36 - 2013-03-05 21:56 - 103265616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-25 15:11 - 2014-10-01 20:21 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-21 19:54 - 2014-10-08 18:21 - 00000000 ____D () C:\ProgramData\Skype
2014-10-21 19:37 - 2014-09-30 17:04 - 00000000 ____D () C:\Users\David\AppData\Roaming\Skype
2014-10-21 19:36 - 2014-09-30 17:04 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-20 18:23 - 2013-10-23 21:58 - 00003894 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-20 18:23 - 2013-10-23 21:58 - 00003658 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-20 18:11 - 2013-08-22 14:44 - 05096392 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-13 12:31 - 2013-03-04 19:20 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-13 12:27 - 2013-10-06 00:49 - 00000000 ____D () C:\Program Files (x86)\FileHippo.com
2014-10-13 10:17 - 2013-09-30 03:51 - 00000000 ____D () C:\Program Files\Windows Journal
2014-10-13 10:17 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-13 10:17 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-13 10:17 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-10-13 10:17 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-10-13 10:17 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-10-13 10:07 - 2013-10-06 00:10 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-10-13 10:07 - 2013-10-06 00:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-10-13 10:06 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-13 10:06 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-13 10:06 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-10-13 10:06 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-10-13 10:06 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-10-13 10:06 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-10-13 09:44 - 2013-10-06 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-10-13 09:39 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-10-13 07:35 - 2014-05-09 20:37 - 00002168 _____ () C:\WINDOWS\system32\.crusader
2014-10-13 07:22 - 2014-08-02 19:39 - 00000000 ____D () C:\Program Files\Immunet
2014-10-12 20:44 - 2014-04-25 21:29 - 00000451 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-10-12 20:43 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-10-12 19:36 - 2013-03-03 23:06 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-12 18:02 - 2013-03-03 21:42 - 00000000 ____D () C:\Users\David\AppData\Local\Google
2014-10-12 15:25 - 2013-03-04 20:47 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-12 15:14 - 2013-12-29 22:02 - 00003160 _____ () C:\WINDOWS\System32\Tasks\StartMenuAutoupdate
2014-10-12 15:14 - 2013-12-29 22:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8
2014-10-12 13:58 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\L2Schemas
2014-10-12 11:54 - 2013-03-01 16:56 - 00000000 ____D () C:\Users\David\AppData\Roaming\Adobe
2014-10-12 11:12 - 2014-08-22 21:06 - 00000000 ____D () C:\Users\David\Downloads\[ www.Torrentday.com ] - I'm.So.Excited.2013.BRRip.XviD.AC3-playXD
2014-10-12 11:12 - 2014-08-02 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transmission-Qt
2014-10-12 11:12 - 2014-08-02 18:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack
2014-10-12 11:12 - 2014-07-12 10:10 - 00000000 ____D () C:\Users\David\Downloads\Frozen [2013]  Soundtrack (Deluxe Edition) (Christophe Beck) YG
2014-10-12 11:12 - 2014-06-23 17:17 - 00000000 ____D () C:\Users\David\Documents\solid-install
2014-10-12 11:12 - 2013-12-20 13:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-10-12 11:12 - 2013-11-05 22:44 - 00000000 ____D () C:\Users\David\Downloads\Applications
2014-10-12 11:12 - 2013-11-05 22:39 - 00000000 ____D () C:\Users\David\Documents\Other
2014-10-12 11:12 - 2013-05-20 10:23 - 00000000 ___RD () C:\Users\David\Documents\Notes
2014-10-12 11:11 - 2014-10-09 18:39 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-10-12 11:11 - 2014-10-02 08:25 - 00000000 ____D () C:\Users\David\Documents\RootkitRevealer
2014-10-12 11:11 - 2014-08-02 19:47 - 00000000 ____D () C:\Program Files\Transmission
2014-10-12 11:11 - 2014-07-12 10:27 - 00000000 ____D () C:\Users\David\Downloads\Collective Soul • 7even Year Itch • Greatest Hits [1994 • 2001]
2014-10-12 11:11 - 2014-05-03 18:42 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-10-12 11:11 - 2013-12-30 00:28 - 00000000 ____D () C:\Users\David\Downloads\Win8.1 KMS Activator v.2.2 For Win8.1 and Office 2013
2014-10-12 11:11 - 2013-12-30 00:27 - 00000000 ____D () C:\Users\David\Downloads\Microsoft Office 2013 Professional Plus (32-Bit) (x86) + Activator (for Windows and Microsoft Office)  Fully activated by Dhruvloves007!
2014-10-12 11:11 - 2013-12-29 22:02 - 00000000 ____D () C:\ProgramData\IObit
2014-10-12 11:11 - 2013-12-20 13:58 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-12 11:10 - 2014-02-03 20:00 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-10-12 11:10 - 2014-01-04 15:57 - 00000000 ____D () C:\Users\David\AppData\Roaming\Mozilla
2014-10-12 11:10 - 2013-09-21 17:27 - 00000000 ____D () C:\Users\David\AppData\Roaming\Sling Media
2014-10-12 11:10 - 2013-04-21 13:19 - 00000000 ____D () C:\Users\David\AppData\Roaming\Foxit Software
2014-10-12 11:10 - 2013-03-18 08:08 - 00000000 ____D () C:\Users\David\Documents\samsung
2014-10-12 11:10 - 2013-03-05 19:16 - 00000000 ____D () C:\Users\David\Documents\Work
2014-10-12 11:10 - 2013-03-03 21:46 - 00000000 ____D () C:\Users\David\AppData\Roaming\Nitro PDF
2014-10-12 11:10 - 2012-12-01 06:09 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-10-11 20:23 - 2014-10-10 21:41 - 00000000 ____D () C:\Users\David\Downloads\Sunshine (2007)

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-05 17:44

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-11-2014 01
Ran by David at 2014-11-10 17:40:23
Running from C:\Users\David\Desktop\frst
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2433331430-149645389-3559486150-1001\...\uTorrent) (Version: 3.4.2.35288 - BitTorrent Inc.)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
AVG 2014 (HKLM\...\{34883B9C-CDFE-46F0-9C5B-935484C218C3}) (Version: 14.0.4259 - AVG Technologies)
Blackboard Collaborate Launcher (HKLM-x32\...\{7D82D616-8BD8-4BE3-B19C-C4BC772E8426}) (Version: 1.2.0.0 - Blackboard)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.3.53 - Conexant)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.4 - Lenovo)
Energy Management (x32 Version: 8.0.2.4 - Lenovo) Hidden
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version:  - FileHippo.com)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.4.217 - Foxit Corporation)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2106 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel® Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Lenovo Dependency Package (HKLM-x32\...\Lenovo Dependency Package_is1) (Version: 1.5.23.0 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.5.13 - SunplusIT)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.0710 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.0710 - CyberLink Corp.) Hidden
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0020 - Lenovo)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3127 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3127 - CyberLink Corp.) Hidden
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Maxima 5.30.0 (HKLM-x32\...\Maxima-5.30.0_is1) (Version: 5.30.0 - The Maxima Development Team)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Mathematics Add-In for Word and OneNote (HKLM\...\{90150000-00D8-0409-1000-0000000FF1CE}) (Version: 15.0.4481.1002 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Motion Control (HKLM\...\Motion Control) (Version: 1.1.2.43 - Lenovo)
Mozilla Firefox 33.0.3 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 33.0.3 (x86 en-GB)) (Version: 33.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)
MyDriveConnect 3.3.0.1502 (HKLM-x32\...\MyDriveConnect) (Version: 3.3.0.1502 - TomTom)
ooVoo (HKLM-x32\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.6.5001 - ooVoo LLC.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.754.754.082813 - REALTEK Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN and Bluetooth Driver (HKLM-x32\...\{B6322D12-A133-4128-8306-DAFFF7231152}) (Version: 1.04.0213 - REALTEK Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{B63CCD1C-A133-4DF8-8306-DA0387231152}) (Version: 1.00.0230 - REALTEK Semiconductor Corp.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.5.0 - Lenovo Group Limited)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 1.5.0.0 - IObit)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1158 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.21.4 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
ThinkVantage Password Manager (HKLM-x32\...\{70EE2BAA-F82A-4B8A-950E-649EFD64D5B9}) (Version: 4.60.4.0 - Lenovo Group Limited)
Transmission-Qt (HKLM\...\Transmission-Qt) (Version: 2.84 - Transmission)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo)
UserGuide (x32 Version: 1.0.0.9 - Lenovo) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VS10Runtimex64 (Version: 1.0.0 - sourcefire) Hidden
Windows Driver Package - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
WinZip 19.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E4}) (Version: 19.0.11293 - WinZip Computing, S.L. )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2433331430-149645389-3559486150-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points  =========================

29-10-2014 18:23:15 Scheduled Checkpoint
05-11-2014 08:23:17 Installed 7-Zip 9.22 (x64 edition)
10-11-2014 17:32:09 Removed AVG 2014

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 13:25 - 2014-10-13 07:35 - 00000019 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {031C044D-C880-46FF-82D0-753777BA1D3B} - System32\Tasks\Lenovo\LenovoWarrantyChinaTask => C:\Program Files\lenovo\SystemAgent\ChinaWarrantyService.exe [2013-02-08] ()
Task: {05C4289A-A139-4BFC-B3CB-C70A6F164F87} - System32\Tasks\Lenovo\LenovoMachineInformation => C:\Program Files\lenovo\SystemAgent\MachineInformation.exe [2013-02-08] ()
Task: {0BFB01D4-D4DE-49A7-95A3-C38224AF4124} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {1528FAE9-49EC-4B5F-9730-998639F03F8D} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2014-09-16] ()
Task: {160062C6-19D3-4F25-A53E-55E4B8EB24EA} - System32\Tasks\Lenovo\LenovoDependencyVersionTask => C:\Program Files\lenovo\SystemAgent\DependencyVersion.exe [2013-02-08] ()
Task: {1CBCA632-969D-488C-93E0-2DC78A34B8CF} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-david.halliday1@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {1E12B41C-56D0-469C-8C77-26D0E309EA92} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2433331430-149645389-3559486150-1001UA => C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {21DBE845-F1E9-43F4-8D44-4C96218D224D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {42797542-F5AE-4A8E-8ACF-71D6D5026B12} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2012-07-20] (Intel)
Task: {4A8E3876-083B-4683-A21B-9BC47BD22BAF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-23] (Google Inc.)
Task: {4E71ED1C-00D0-4BA7-AD4D-6C437F64DB02} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {535423E0-DC6F-4B5E-887E-1F20394574D3} - System32\Tasks\StartMenuAutoupdate => C:\Program Files (x86)\IObit\Start Menu 8\AutoUpdate.exe [2014-06-06] (IObit)
Task: {5CEF1698-6CED-4AF8-8348-F9CF103A1D77} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-10] (Adobe Systems Incorporated)
Task: {60556498-56AC-4676-9647-D720DD0B1C83} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {82801F31-7A34-4C61-918B-7CEBD3C468C8} - System32\Tasks\TVT\LenovoWERMonitor => C:\Program Files (x86)\Common Files\lenovo\SUP\sup_wermonitor_shim.exe [2014-09-11] ()
Task: {9249A3F2-9FCB-4F6F-AC29-F936C16E659E} - System32\Tasks\Lenovo\LenovoUserguidesCopy => C:\Program Files\lenovo\SystemAgent\UserguidesCopy.exe [2013-02-08] ()
Task: {9ED3E5F9-2A5E-41C6-8EE2-B23CA3FD9C30} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {A01A105B-1355-4010-BDD2-18B160AC700B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {A4F9A1C9-81C3-4878-BA6E-6B07FFC09CAC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-10-12] (AVAST Software)
Task: {BBEC48BA-26E2-4F73-8D50-9F84812D4039} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-11-24] (Synaptics Incorporated)
Task: {C0A504BD-BABA-4084-AF46-0B650B4DA839} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {D8D0E796-6E7F-4BDB-ABC0-F489A89E2250} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-10-25] (Microsoft Corporation)
Task: {F1BF85A1-225D-4676-BF52-BD3D942AB0E4} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2433331430-149645389-3559486150-1001Core => C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {F2D2427D-9A54-4256-A1EE-34A51845DE91} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-23] (Google Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2433331430-149645389-3559486150-1001Core.job => C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2433331430-149645389-3559486150-1001UA.job => C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) =============

2014-09-16 12:52 - 2014-09-16 12:52 - 08896160 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-10-05 23:36 - 2013-08-28 12:35 - 00056832 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2012-12-01 06:09 - 2013-05-23 14:33 - 00044104 _____ () C:\Windows\runSW.exe
2012-12-01 06:14 - 2012-12-01 06:14 - 00060760 _____ () C:\ProgramData\YogaSmartSwicth\Server\x64\dptf.dll
2012-12-01 06:14 - 2012-12-01 06:14 - 00208464 _____ () C:\ProgramData\YogaSmartSwicth\yogaserver.exe
2014-10-25 19:39 - 2014-06-23 19:47 - 00601376 _____ () C:\Program Files\Lenovo\Password Manager\pwm_website_config.dll
2014-10-25 19:44 - 2010-10-26 11:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2012-12-01 06:13 - 2014-10-25 19:30 - 00172112 _____ () C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
2014-10-12 15:25 - 2014-10-12 15:25 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-11-09 13:32 - 2014-11-09 13:32 - 02900992 _____ () C:\Program Files\AVAST Software\Avast\defs\14110900\algo.dll
2014-11-10 17:20 - 2014-11-10 17:20 - 02900992 _____ () C:\Program Files\AVAST Software\Avast\defs\14111001\algo.dll
2014-10-12 15:14 - 2014-06-06 12:07 - 00348960 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl
2014-10-12 15:14 - 2014-06-06 12:07 - 00183584 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl
2014-10-12 15:14 - 2014-06-06 12:07 - 00050976 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl
2014-09-16 12:53 - 2014-09-16 12:53 - 08896160 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-12-29 22:02 - 2014-06-06 12:08 - 00041248 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll
2014-06-23 19:44 - 2014-06-23 19:44 - 00546592 _____ () C:\Program Files (x86)\Lenovo\Password Manager\pwm_website_config.dll
2012-12-01 06:13 - 2014-10-25 19:30 - 01623632 _____ () C:\Program Files (x86)\Lenovo\MotionControl\eyeKeys.dll
2012-12-01 06:13 - 2014-10-25 19:30 - 00030288 _____ () C:\Program Files (x86)\Lenovo\MotionControl\esmlib.dll
2012-12-01 06:10 - 2012-07-12 12:59 - 00891392 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
2012-12-01 06:10 - 2012-07-12 12:59 - 02281984 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
2012-12-01 06:10 - 2012-07-12 12:59 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2012-12-01 06:10 - 2012-07-12 12:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2012-12-01 06:10 - 2012-07-12 12:59 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2012-12-01 06:10 - 2012-07-12 12:59 - 00339456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
2012-12-01 06:10 - 2012-07-12 12:59 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2012-12-01 06:10 - 2012-07-12 12:59 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2012-12-01 06:10 - 2012-07-12 12:59 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2012-12-01 06:10 - 2012-07-12 12:59 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2012-12-01 06:10 - 2012-07-12 12:59 - 00019456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2012-12-01 06:10 - 2012-07-12 12:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2014-10-12 15:25 - 2014-10-12 15:25 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-12-01 06:06 - 2012-06-25 02:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-11-08 13:16 - 2014-11-08 13:16 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\Users\David\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: BingDesktopUpdate => 2
MSCONFIG\Services: Browser => 3
MSCONFIG\Services: WMPNetworkSvc => 2
MSCONFIG\Services: wuauserv => 3
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "SynLenovoGestureMgr"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "AVG_UI"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "BingDesktop"
HKCU\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKCU\...\StartupApproved\Run: => "Spybot-S&D Cleaning"

========================= Accounts: ==========================

Administrator (S-1-5-21-2433331430-149645389-3559486150-500 - Administrator - Disabled)
David (S-1-5-21-2433331430-149645389-3559486150-1001 - Administrator - Enabled) => C:\Users\David
david_000 (S-1-5-21-2433331430-149645389-3559486150-1006 - Administrator - Enabled)
Guest (S-1-5-21-2433331430-149645389-3559486150-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2433331430-149645389-3559486150-1005 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/10/2014 05:38:10 PM) (Source: MsiInstaller) (EventID: 10005) (User: idea-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 27055. CA_Error27055: SetupActionManager_init(0xE0010058): Installation failed.

Error: (11/10/2014 05:33:09 PM) (Source: MsiInstaller) (EventID: 10005) (User: idea-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 27055. CA_Error27055: SetupActionManager_init(0xE0010058): Installation failed.

Error: (11/10/2014 05:32:34 PM) (Source: MsiInstaller) (EventID: 10005) (User: idea-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 27055. CA_Error27055: SetupActionManager_init(0xE0010058): Installation failed.

Error: (11/08/2014 10:21:16 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (11/08/2014 01:04:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MachineInformation.exe, version: 1.0.0.0, time stamp: 0x5114b26b
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eeb460
Exception code: 0xe0434352
Fault offset: 0x00012f71
Faulting process id: 0x15d8
Faulting application start time: 0xMachineInformation.exe0
Faulting application path: MachineInformation.exe1
Faulting module path: MachineInformation.exe2
Report Id: MachineInformation.exe3
Faulting package full name: MachineInformation.exe4
Faulting package-relative application ID: MachineInformation.exe5

Error: (11/08/2014 01:04:19 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: MachineInformation.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.IOException
Stack:
   at System.Xml.XmlTextReaderImpl.OpenUrl()
   at System.Xml.XmlTextReaderImpl.Read()
   at System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
   at System.Xml.XmlDocument.Load(System.Xml.XmlReader)
   at System.Xml.XmlDocument.Load(System.String)
   at MachineInformation.Program.Main(System.String[])

Error: (11/07/2014 08:26:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/07/2014 08:26:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Calendar failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/07/2014 08:26:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Calendar failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/06/2014 07:02:31 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005


System errors:
=============
Error: (11/09/2014 01:36:50 PM) (Source: DCOM) (EventID: 10010) (User: idea-PC)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (11/07/2014 08:27:00 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.

Error: (11/07/2014 08:26:19 AM) (Source: DCOM) (EventID: 10010) (User: idea-PC)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.2

Error: (11/07/2014 08:26:19 AM) (Source: DCOM) (EventID: 10010) (User: idea-PC)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4

Error: (11/07/2014 08:26:19 AM) (Source: DCOM) (EventID: 10010) (User: idea-PC)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.2

Error: (11/06/2014 06:37:53 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: The system detected an address conflict for IP address 192.168.1.65 with the system
having network hardware address 9C-20-7B-C9-9F-08. Network operations on this system may
be disrupted as a result.

Error: (11/05/2014 05:45:32 PM) (Source: DCOM) (EventID: 10010) (User: idea-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (11/05/2014 05:45:02 PM) (Source: DCOM) (EventID: 10010) (User: idea-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (11/05/2014 05:26:58 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.

Error: (11/05/2014 08:55:16 AM) (Source: DCOM) (EventID: 10010) (User: idea-PC)
Description: {B52D54BB-4818-4EB9-AA80-F9EACD371DF8}


Microsoft Office Sessions:
=========================
Error: (11/10/2014 05:38:10 PM) (Source: MsiInstaller) (EventID: 10005) (User: idea-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 27055. CA_Error27055: SetupActionManager_init(0xE0010058): Installation failed.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/10/2014 05:33:09 PM) (Source: MsiInstaller) (EventID: 10005) (User: idea-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 27055. CA_Error27055: SetupActionManager_init(0xE0010058): Installation failed.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/10/2014 05:32:34 PM) (Source: MsiInstaller) (EventID: 10005) (User: idea-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 27055. CA_Error27055: SetupActionManager_init(0xE0010058): Installation failed.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/08/2014 10:21:16 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (11/08/2014 01:04:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MachineInformation.exe1.0.0.05114b26bKERNELBASE.dll6.3.9600.1727853eeb460e043435200012f7115d801cffb547e77cf5cC:\Program Files\lenovo\SystemAgent\MachineInformation.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dllc1ef659c-6747-11e4-81c0-20689de5ebbd

Error: (11/08/2014 01:04:19 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: MachineInformation.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.IOException
Stack:
   at System.Xml.XmlTextReaderImpl.OpenUrl()
   at System.Xml.XmlTextReaderImpl.Read()
   at System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
   at System.Xml.XmlDocument.Load(System.Xml.XmlReader)
   at System.Xml.XmlDocument.Load(System.String)
   at MachineInformation.Program.Main(System.String[])

Error: (11/07/2014 08:26:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (11/07/2014 08:26:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Calendar-2144927141

Error: (11/07/2014 08:26:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Calendar-2144927141

Error: (11/06/2014 07:02:31 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005


CodeIntegrity Errors:
===================================
  Date: 2014-10-13 11:11:40.983
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\DDPO64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-13 11:11:30.852
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\DDPO64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-13 11:09:19.523
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\DDPO64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-13 11:09:16.606
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\DDPO64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-13 11:09:09.113
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\DDPO64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-13 11:09:08.615
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\DDPO64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-13 11:09:03.540
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\DDPO64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-13 11:09:00.661
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\DDPO64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-13 10:29:03.248
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\DDPO64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-13 10:28:13.699
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\DDPO64A.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™ i7-3517U CPU @ 1.90GHz
Percentage of memory in use: 41%
Total physical RAM: 3975.27 MB
Available physical RAM: 2321.86 MB
Total Pagefile: 8071.27 MB
Available Pagefile: 5577.38 MB
Total Virtual: 131072 MB
Available Virtual: 131071.82 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:100.42 GB) (Free:24.39 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 6C06D618)

Partition: GPT Partition Type.

==================== End Of Log ============================


Edited by Haldo10, 10 November 2014 - 12:46 PM.


#11 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,154 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:10:48 AM

Posted 11 November 2014 - 11:09 AM

Hi Haldo10.

 

Please download AVG Remover from here and save to the desktop. (Please use the file AVG Remover(64bit) 2015.)

 

After you downloaded the file, close all programs and start the tool by right click and select Run as Adminstrator.

 

Then follow the instruction, if it ask you to restart the computer please do so immediately.

 

After you remove AVG, please run this fix for me:

 

We need to run a fix with FRST:

 

  • Press Windows key + R, this will open up Run dialog box. Type in notepad.exe and click OK. Notepad will now open.
  • Copy the text in codebox below, copy and paste them in notepad and save it as fixlist.txt to the same location as FRST
    Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
    2014-11-09 13:36 - 2014-11-09 13:36 - 00000000 ____D () C:\ProgramData\Optimizer
  • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply

-----------------

 

Now please check your proxy by go to Control Panel > Internet Options > Connections > LAN settings. If the proxy is set please remove them. Did it comes back?

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#12 Haldo10

Haldo10
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:03:48 AM

Posted 11 November 2014 - 03:08 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-11-2014 01
Ran by David at 2014-11-11 20:06:43 Run:2
Running from C:\Users\David\Desktop\frst
Loaded Profile: David (Available profiles: David)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
2014-11-09 13:36 - 2014-11-09 13:36 - 00000000 ____D () C:\ProgramData\Optimizer
*****************

C:\ProgramData\Optimizer => Moved successfully.

==== End of Fixlog ====



#13 Haldo10

Haldo10
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:03:48 AM

Posted 11 November 2014 - 03:14 PM

Have carried out your instructions. However, Hitman pro scan is still showing proxy servers running: (see screenshot attachment)


 

Attached Files



#14 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,154 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:10:48 AM

Posted 12 November 2014 - 11:57 AM

Hi Haldo10.
 
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

-----------
 
Also, please take the screenshot for me here:
 
Open Internet Explorer by clicking the Start button Picture of the Start button. In the search box, type Internet Explorer, and then, in the list of results, click Internet Explorer.

Click the Tools button, and then click Internet Options.

Click the Connections tab, and then click LAN settings. Please take a screenshot of LAN settings dialog box.
 
Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#15 Haldo10

Haldo10
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:03:48 AM

Posted 12 November 2014 - 02:02 PM

MiniToolBox by Farbar  Version: 21-07-2014
Ran by David (administrator) on 12-11-2014 at 18:58:47
Running from "C:\Users\David\Desktop"
Microsoft Windows 8.1  (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
127.0.0.1 localhost
127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek RTL8723AU Wireless LAN 802.11n USB 2.0 Network Adapter = Wi-Fi (Connected)
TAP-Windows Adapter V9 = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
 

Attached Files






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users