Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ads everywhere, have malwarebytes installed


  • Please log in to reply
34 replies to this topic

#1 claimtheword

claimtheword

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:30 AM

Posted 20 December 2014 - 07:12 PM

I am getting ads everywhere and have malwarebytes installed that is popping up every minute saying it blocked malware.  The malware that is blocked always says the same: Adware,ObronaAds, Path: c:program files (x86)... EhopperacresHelper.exe

Am I not using malwarebytes correctly that I still get these ads?  They say "Hot Deals", Ads by sasa, etc. and pop up on the right hand side of my webpages, also the bottom and very top of my webpages crowding out what I want to read.  : (

 

I have windows 8. 

I use Internet Explorer, Firefox Mozilla, and have downloaded Chrome but don't use it.

 

Thanks.



BC AdBot (Login to Remove)

 


m

#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,462 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:30 PM

Posted 20 December 2014 - 08:01 PM

Welcome aboard p22002758.gif

 

p22002970.gif Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


p22002970.gif Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
  • List Restore Points

Click Go and post the result.

p22002970.gif Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

  • Double-click mb3-setup-1878.1878-3.3.1.2183.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:

    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.

  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.



If you already have MBAM 2.0 installed:

  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.


How to get logs:
(Export log to save as txt)


  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.



(Copy to clipboard for pasting into forum replies or tickets)

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.


p22002970.gifDownload 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit (MBAR) to your desktop.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click "Next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
  • "mbar-log-{date} (xx-xx-xx).txt"
  • "system-log.txt"


NOTE. If you see This version requires you to completely exit the Anti Malware application message right click on the Malwarebytes Anti-Malware icon in the system tray and click on Exit.

p22002970.gif Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.


If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

NOTE Do NOT wrap your logs in "quote" or "code" brackets.
Do NOT use spoilers.
Do NOT edit your reply to post additional logs. Create new reply. I'll not get any email notifications about edits so I won't know you posted something new.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 claimtheword

claimtheword
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:30 AM

Posted 20 December 2014 - 09:51 PM

Here is the result:

 Results of screen317's Security Check version 0.99.93 
   x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
Windows Defender  
avast! Antivirus  
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 AVG PC TuneUp 2015 
 AVG PC TuneUp 2015 (en-US)
 AVG PC TuneUp 2015 
 SlimCleaner    
 Adobe Flash Player  16.0.0.235 
 Mozilla Firefox (34.0.5)
 Google Chrome (39.0.2171.95)
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 Malwarebytes Anti-Exploit mbae-svc.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe  
 Malwarebytes Anti-Exploit mbae64.exe  
 Malwarebytes Anti-Exploit mbae.exe  
 AVAST Software Avast AvastSvc.exe 
 AVAST Software Avast avastui.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````

 

 



#4 claimtheword

claimtheword
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:30 AM

Posted 20 December 2014 - 09:55 PM

Farber is not compatible with my system it said, so I could not download it.



#5 claimtheword

claimtheword
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:30 AM

Posted 20 December 2014 - 09:57 PM

I am running the compatibility link now...



#6 claimtheword

claimtheword
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:30 AM

Posted 20 December 2014 - 10:01 PM

I have tried compatibility settings for Farbar and it is not the right version for my PC it says, even after choosing windows 8, running as administrator.



#7 claimtheword

claimtheword
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:30 AM

Posted 20 December 2014 - 10:11 PM

Farbar did not have all the options you listed.  The checked boxes were:  registry, processes, services, internet, driver and addition.txt.  I did not see the other choices you said to check.  Here are my results:

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-12-2014
Ran by SRL at 2014-12-20 19:08:14
Running from C:\Users\SRL\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.05.2003 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2006 - Acer Incorporated)
Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3009 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.03.2002 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{C5D8EEB2-EDBC-4375-829D-BE50547C8890}) (Version: 1.3 - Eyeo GmbH)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.03.2001.0 - Acer Incorporated)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Audio Editor And Recorder Packages (HKU\S-1-5-21-72073483-495126709-2093844012-1001\...\Audio Editor And Recorder Packages) (Version:  - ) <==== ATTENTION
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
AVG PC TuneUp 2015 (en-US) (x32 Version: 15.0.1001.238 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.238 - AVG Technologies)
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.238 - AVG Technologies) Hidden
Cloud System Booster (HKLM-x32\...\Cloud System Booster) (Version: 3.5 - Anvisoft)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.10.0.2208 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel® Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation)
Intel® Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
Malwarebytes Anti-Exploit version 1.05.1.1016 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.05.1.1016 - Malwarebytes)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MCShield ::Anti-Malware Tool:: (HKLM-x32\...\MCShield) (Version: 3.0.5.28 - MyCity)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
PCKeeper (HKLM-x32\...\{E44BBEE3-3F83-4670-9E2E-EE0556442287}) (Version: 2.2.775 - Kromtech)
PCKeeper (Version: 2.2.775 - Kromtech) Hidden
Pokki Start Menu (HKU\S-1-5-21-72073483-495126709-2093844012-1001\...\Pokki_Start_Menu) (Version: 0.269.4.112 - Pokki)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.32.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7283 - Realtek Semiconductor Corp.)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
SlimCleaner (HKLM-x32\...\{6B8D6199-EE44-4FD7-813A-6D8C62C9B384}) (Version: 4.0.30878 - SlimWare Utilities, Inc.)
SlimComputer (HKLM-x32\...\{574BF026-4487-4051-BCE5-83C4E40AAF6D}) (Version: 1.3.30878 - SlimWare Utilities, Inc.)
SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1168 - SUPERAntiSpyware.com)
Unchecky v0.3.4 (HKLM-x32\...\Unchecky) (Version: 0.3.4 - RaMMicHaeL)
WPS Office (9.1.0.4759) (HKU\S-1-5-21-72073483-495126709-2093844012-1001\...\WPS Office) (Version: 9.1.0.4759 - Kingsoft Corp.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points  =========================

07-12-2014 14:10:45 SlimDrivers Installing Drivers
11-12-2014 20:12:46 Windows Update
13-12-2014 11:27:02 Removed Skype Click to Call
13-12-2014 11:43:44 Anvi CSB 3.5
13-12-2014 23:13:46 Removed Qualcomm Atheros WLAN and Bluetooth Client Installation 켖◞Ā蠀⟈ဓ➸ဓ➘ဓ
18-12-2014 20:33:22 Windows Update
20-12-2014 14:07:20 paint.net 4.0.5

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 05:25 - 2014-12-19 20:16 - 00001993 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com

There are 4 more lines.

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {000E8EB3-2B52-46E3-956E-1A35B7F3E9FE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-11-27] (Microsoft Corporation)
Task: {1D14B07F-D2C8-43BF-B47B-519C9CD3F3F0} - System32\Tasks\WpsUpdateTask_SRL => C:\Users\SRL\AppData\Local\Kingsoft\WPS Office\9.1.0.4759\wtoolex\wpsupdate.exe [2014-11-30] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {1D6B3D28-13A3-47B7-9390-B1B0345BA3AF} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2013-09-24] (SlimWare Utilities, Inc.)
Task: {1E2A02F7-63CB-465A-BCC3-750FD27D3F72} - System32\Tasks\SlimCleaner Run => C:\Program Files (x86)\SlimCleaner\SlimCleaner.exe [2013-07-10] (SlimWare Utilities, Inc.)
Task: {3B4F8FB1-D046-4051-933E-2D5F92042481} - System32\Tasks\WpsNotifyTask_SRL => C:\Users\SRL\AppData\Local\Kingsoft\WPS Office\9.1.0.4759\wtoolex\wpsnotify.exe [2014-11-30] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {3BD8CDF2-9849-4D8C-AB0C-18D586BBCA8D} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {3F06105F-A8F9-4894-8B02-740D1BA2F09D} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2014-08-29] ()
Task: {476261D1-EDCE-4813-87B7-64BAE6C9F518} - System32\Tasks\{EE853CBF-B5C1-46BB-AF3C-D8A58F5534AD} => pcalua.exe -a C:\Users\SRL\Downloads\OGAPluginInstall.exe -d C:\Users\SRL\Downloads
Task: {59729257-E4B8-4507-8EAE-9B444BF86596} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2014-11-19] (Acer)
Task: {5AC47938-23E4-4544-983D-C5E8E2CEBB2A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-20] (Adobe Systems Incorporated)
Task: {6B1161FE-4167-4F25-AD35-17DB76AC917F} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-08] (Acer Incorporated)
Task: {6C727A2E-2836-4492-814E-7AAD397B2713} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {6CF4355C-B26B-4CE1-A9F9-4ECD535BC8B6} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)
Task: {720D7752-8FA0-47CF-AB3D-D54EF7AE238F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-19] (Google Inc.)
Task: {728AD31F-F651-4C2E-B1D9-427A619AA02D} - System32\Tasks\SlimComputer Run => C:\Program Files (x86)\SlimComputer\SlimComputer.exe [2013-07-10] (SlimWare Utilities, Inc.)
Task: {83322249-8CEB-4B54-892B-813152DA4E9A} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {95FDE270-1EEE-402B-88FB-CBDD5F9DDAA7} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {A4E2C8AB-4E11-4741-959B-9273C542DEC5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-19] (Google Inc.)
Task: {ADFC5C62-D466-4EAD-91BA-420C15A56328} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2014-11-24] (AVG Technologies)
Task: {BED0C125-2417-40BE-92F5-31A3FD7FE504} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
Task: {C95D1BC8-D084-4873-B5F1-3E91514E4B72} - System32\Tasks\Anvi AD Blocker Ultimate => C:\Program Files (x86)\Anvisoft\Anvi AD Blocker Ultimate\adblocker2.exe
Task: {CFDDFD82-CB2E-40D0-AA6D-A0AA9173BA13} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2014-08-29] ()
Task: {F74DA152-20DB-44CF-8A9F-C091DD6F28F1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-29] (AVAST Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
Task: C:\Windows\Tasks\WpsNotifyTask_SRL.job => C:\Users\SRL\AppData\Local\Kingsoft\WPS Office\9.1.0.4759\wtoolex\wpsnotify.exe
Task: C:\Windows\Tasks\WpsUpdateTask_SRL.job => C:\Users\SRL\AppData\Local\Kingsoft\WPS Office\9.1.0.4759\wtoolex\wpsupdate.exe

==================== Loaded Modules (whitelisted) =============

2014-11-30 22:10 - 2014-11-26 14:37 - 04377560 ___SH () C:\Program Files (x86)\Enhopporacres\Enhopporacres.exe
2014-12-19 13:28 - 2014-12-19 13:28 - 00160728 ____N () C:\Program Files (x86)\Enhopporacres\EnhopporacresHelper.exe
2014-08-11 15:54 - 2012-04-24 02:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-11-24 12:48 - 2014-11-24 12:48 - 00713528 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll
2014-11-24 12:49 - 2014-11-24 12:49 - 00856888 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll
2014-12-19 10:43 - 2014-12-19 10:43 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14121901\algo.dll
2014-12-20 14:07 - 2014-12-20 14:07 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14122001\algo.dll
2014-11-30 22:10 - 2014-03-07 19:56 - 00117262 ___SH () C:\Program Files (x86)\Enhopporacres\libgcc_s_dw2-1.dll
2014-11-30 22:10 - 2014-03-07 19:56 - 00970766 ___SH () C:\Program Files (x86)\Enhopporacres\libstdc++-6.dll
2014-11-29 20:50 - 2014-11-29 20:50 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "abDocsDllLoader"
HKU\S-1-5-21-72073483-495126709-2093844012-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-72073483-495126709-2093844012-1001\...\StartupApproved\Run: => "AcerPortal"
HKU\S-1-5-21-72073483-495126709-2093844012-1001\...\StartupApproved\Run: => "SoftonicAssistant"
HKU\S-1-5-21-72073483-495126709-2093844012-1001\...\StartupApproved\Run: => "CloudSystemBooster"

========================= Accounts: ==========================

Administrator (S-1-5-21-72073483-495126709-2093844012-500 - Administrator - Disabled)
Guest (S-1-5-21-72073483-495126709-2093844012-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-72073483-495126709-2093844012-1003 - Limited - Enabled)
SRL (S-1-5-21-72073483-495126709-2093844012-1001 - Administrator - Enabled) => C:\Users\SRL

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (12/20/2014 06:17:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1a74

Start Time: 01d01cbf3d134af8

Termination Time: 1614

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 7980a3fb-88b7-11e4-8272-3010b3ddbedc

Faulting package full name:

Faulting package-relative application ID:

Error: (12/20/2014 04:20:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: e2c

Start Time: 01d01cb3b3392f57

Termination Time: 76

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 21dca65f-88a7-11e4-8272-3010b3ddbedc

Faulting package full name:

Faulting package-relative application ID:

Error: (12/20/2014 03:11:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 4dc

Start Time: 01d01ca85f0e00ab

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 8fc5a52d-889d-11e4-8272-3010b3ddbedc

Faulting package full name:

Faulting package-relative application ID:

Error: (12/20/2014 02:07:19 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.

Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {3afee6ac-734c-4060-af8e-9840e2308ff2}

Error: (12/19/2014 08:55:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 158c

Start Time: 01d01c1057318d63

Termination Time: 107

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 644ef874-8804-11e4-8272-3010b3ddbedc

Faulting package full name:

Faulting package-relative application ID:

Error: (12/19/2014 08:19:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 170c

Start Time: 01d01c0bda8aabb6

Termination Time: 15

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 5bc80f38-87ff-11e4-8272-3010b3ddbedc

Faulting package full name:

Faulting package-relative application ID:

Error: (12/19/2014 01:27:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Ruthie)
Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (12/19/2014 01:26:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Ruthie)
Description: App Microsoft.BingWeather_3.0.4.249_x64__8wekyb3d8bbwe+App did not launch within its allotted time.

Error: (12/19/2014 00:19:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 188c

Start Time: 01d01bc340479fbf

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 3c7c63bf-87bc-11e4-826f-3010b3ddbedc

Faulting package full name:

Faulting package-relative application ID:

Error: (12/19/2014 11:26:27 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1828

Start Time: 01d01bc17738ae58

Termination Time: 36

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: ec6da94b-87b4-11e4-826f-3010b3ddbedc

Faulting package full name:

Faulting package-relative application ID:

System errors:
=============
Error: (12/20/2014 00:36:36 PM) (Source: DCOM) (EventID: 10010) (User: Ruthie)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (12/19/2014 08:16:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Defender Service service failed to start due to the following error:
%%577

Error: (12/19/2014 06:51:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Defender Service service failed to start due to the following error:
%%577

Error: (12/19/2014 01:29:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Defender Service service failed to start due to the following error:
%%577

Error: (12/19/2014 01:27:44 PM) (Source: DCOM) (EventID: 10010) (User: Ruthie)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (12/19/2014 01:27:44 PM) (Source: DCOM) (EventID: 10010) (User: Ruthie)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (12/19/2014 01:27:39 PM) (Source: DCOM) (EventID: 10010) (User: Ruthie)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (12/19/2014 01:27:39 PM) (Source: DCOM) (EventID: 10010) (User: Ruthie)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (12/19/2014 01:27:16 PM) (Source: DCOM) (EventID: 10010) (User: Ruthie)
Description: App.wwa

Error: (12/19/2014 01:20:10 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Microsoft Office Sessions:
=========================
Error: (12/20/2014 06:17:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.174161a7401d01cbf3d134af81614C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE7980a3fb-88b7-11e4-8272-3010b3ddbedc

Error: (12/20/2014 04:20:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17416e2c01d01cb3b3392f5776C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE21dca65f-88a7-11e4-8272-3010b3ddbedc

Error: (12/20/2014 03:11:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.174164dc01d01ca85f0e00ab4294967295C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE8fc5a52d-889d-11e4-8272-3010b3ddbedc

Error: (12/20/2014 02:07:19 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.

Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {3afee6ac-734c-4060-af8e-9840e2308ff2}

Error: (12/19/2014 08:55:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17416158c01d01c1057318d63107C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE644ef874-8804-11e4-8272-3010b3ddbedc

Error: (12/19/2014 08:19:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17416170c01d01c0bda8aabb615C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE5bc80f38-87ff-11e4-8272-3010b3ddbedc

Error: (12/19/2014 01:27:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Ruthie)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927142

Error: (12/19/2014 01:26:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Ruthie)
Description: Microsoft.BingWeather_3.0.4.249_x64__8wekyb3d8bbwe+App

Error: (12/19/2014 00:19:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17416188c01d01bc340479fbf4294967295C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE3c7c63bf-87bc-11e4-826f-3010b3ddbedc

Error: (12/19/2014 11:26:27 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17416182801d01bc17738ae5836C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEec6da94b-87b4-11e4-826f-3010b3ddbedc

CodeIntegrity Errors:
===================================
  Date: 2014-12-19 20:16:42.374
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-19 18:51:50.771
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-19 13:29:58.582
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-19 10:43:36.556
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-19 10:16:46.841
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-19 04:54:05.311
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-14 23:14:58.673
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-14 10:06:42.492
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-13 23:20:14.080
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-13 12:22:24.747
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel® Celeron® CPU N2840 @ 2.16GHz
Percentage of memory in use: 86%
Total physical RAM: 1929.7 MB
Available physical RAM: 256.99 MB
Total Pagefile: 3402.52 MB
Available Pagefile: 975.51 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:217.97 GB) (Free:185.75 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: CA4F7756)

Partition: GPT Partition Type.

==================== End Of Log ============================



#8 claimtheword

claimtheword
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:30 AM

Posted 20 December 2014 - 10:12 PM

This notepad result said Farbar on the top.

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-12-2014
Ran by SRL (administrator) on RUTHIE on 20-12-2014 19:05:27
Running from C:\Users\SRL\Desktop
Loaded Profile: SRL (Available profiles: SRL)
Platform: Windows 8.1 Connected (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
() C:\Program Files (x86)\Enhopporacres\Enhopporacres.exe
(Intel® Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
() C:\Program Files (x86)\Enhopporacres\EnhopporacresHelper.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Eyeo GmbH) C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe
() C:\Users\SRL\Desktop\SecurityCheck.exe
(Farbar) C:\Users\SRL\Desktop\FRST64 (1).exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\System32\DptfPolicyLpmServiceHelper.exe [111488 2013-09-17] (Intel Corporation)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [62208 2014-11-17] (Acer Incorporated)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [90368 2014-11-20] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-12] (AVAST Software)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2561848 2014-12-10] (Malwarebytes Corporation)
HKU\S-1-5-21-72073483-495126709-2093844012-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-09-26] (Spotify Ltd)
HKU\S-1-5-21-72073483-495126709-2093844012-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2452736 2014-11-19] (Acer)
HKU\S-1-5-21-72073483-495126709-2093844012-1001\...\Run: [CloudSystemBooster] => C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe [527544 2014-08-20] (Anvisoft)
HKU\S-1-5-21-72073483-495126709-2093844012-1001\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-72073483-495126709-2093844012-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2014-12-15] (SUPERAntiSpyware)
IFEO\abdocs.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\acerportal.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\carecenter.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\epowerui.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\ravcpl64.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\setting.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\skype.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\slimcleaner.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\spotifylauncher.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [S-1-5-21-72073483-495126709-2093844012-1001] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-72073483-495126709-2093844012-1001] => http=127.0.0.1:9880;https=127.0.0.1:9880
HKU\S-1-5-21-72073483-495126709-2093844012-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
HKU\S-1-5-21-72073483-495126709-2093844012-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF ProfilePath: C:\Users\SRL\AppData\Roaming\Mozilla\Firefox\Profiles\e5t2pupk.Ruthie
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: https://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: https://www.google.com/?trackid=sp-006
FF Keyword.URL: https://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\SRL\AppData\Roaming\Mozilla\Firefox\Profiles\2qh1gpj0.default-1418627549993\searchplugins\google-avast.xml
FF SearchPlugin: C:\Users\SRL\AppData\Roaming\Mozilla\Firefox\Profiles\e5t2pupk.Ruthie\searchplugins\google-avast.xml
FF Extension: Flashblock - C:\Users\SRL\AppData\Roaming\Mozilla\Firefox\Profiles\e5t2pupk.Ruthie\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-12-19]
FF Extension: Block site - C:\Users\SRL\AppData\Roaming\Mozilla\Firefox\Profiles\e5t2pupk.Ruthie\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2014-12-19]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\SRL\AppData\Roaming\Mozilla\Firefox\Profiles\e5t2pupk.Ruthie\Extensions\adblockpopups@jessehakanen.net.xpi [2014-12-19]
FF Extension: CensureBlock - C:\Users\SRL\AppData\Roaming\Mozilla\Firefox\Profiles\e5t2pupk.Ruthie\Extensions\censureblock@gmail.com.xpi [2014-12-19]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\SRL\AppData\Roaming\Mozilla\Firefox\Profiles\e5t2pupk.Ruthie\Extensions\elemhidehelper@adblockplus.org.xpi [2014-12-19]
FF Extension: Web Paint - C:\Users\SRL\AppData\Roaming\Mozilla\Firefox\Profiles\e5t2pupk.Ruthie\Extensions\jid1-0dhOSYKGj326og@jetpack.xpi [2014-12-20]
FF Extension: Karma Blocker - C:\Users\SRL\AppData\Roaming\Mozilla\Firefox\Profiles\e5t2pupk.Ruthie\Extensions\kabl@trac.arantius.com.xpi [2014-12-19]
FF Extension: FastestFox - C:\Users\SRL\AppData\Roaming\Mozilla\Firefox\Profiles\e5t2pupk.Ruthie\Extensions\smarterwiki@wikiatic.com.xpi [2014-12-19]
FF Extension: Adblock Plus - C:\Users\SRL\AppData\Roaming\Mozilla\Firefox\Profiles\e5t2pupk.Ruthie\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-19]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-29]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\SRL\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\SRL\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-19]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-29]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 AnviCsbSvc; C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe [42680 2014-08-20] (Anvisoft)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-29] (AVAST Software)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2709760 2014-11-16] (Acer Incorporated)
R2 DptfParticipantAcpiProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2013-09-17] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [150760 2013-09-17] (Intel Corporation)
R2 Enhopporacres; C:\Program Files (x86)\Enhopporacres\Enhopporacres.exe [4377560 2014-11-26] ()
S4 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-05-29] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel® Corporation)
S4 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [555320 2014-12-10] (Malwarebytes Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2604856 2014-11-24] (AVG Technologies)
S4 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-14] (acer)
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [111208 2014-12-19] (RaMMicHaeL)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-29] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-29] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-29] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 DptfDevAcpiProc; C:\Windows\system32\DRIVERS\DptfDevAcpiProc.sys [198808 2013-09-17] (Intel Corporation)
S3 DptfDevDisplay; C:\Windows\System32\drivers\DptfDevDisplay.sys [70752 2013-09-17] (Intel Corporation)
S3 DptfDevDram; C:\Windows\System32\drivers\DptfDevDram.sys [145640 2013-09-17] (Intel Corporation)
S3 DptfDevFan; C:\Windows\System32\drivers\DptfDevFan.sys [50640 2013-09-17] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [78504 2013-09-17] (Intel Corporation)
S3 DptfDevPch; C:\Windows\System32\drivers\DptfDevPch.sys [116752 2013-09-17] (Intel Corporation)
S3 DptfDevPower; C:\Windows\System32\drivers\DptfDevPower.sys [71808 2013-09-17] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [493240 2013-09-17] (Intel Corporation)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2014-12-10] ()
S3 fileHiders; C:\Windows\System32\DRIVERS\fileHiders.sys [32464 2014-10-23] ()
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-10] (Intel Corporation)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-10] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-20] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-12-10] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-12-13] ()
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2014-11-24] (TuneUp Software)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
S3 AthBTPort; \SystemRoot\system32\DRIVERS\btath_flt.sys [X]
S3 BTATH_A2DP; \SystemRoot\system32\drivers\btath_a2dp.sys [X]
S3 btath_avdt; \SystemRoot\system32\drivers\btath_avdt.sys [X]
S0 BTATH_BUS; System32\drivers\btath_bus.sys [X]
S3 BTATH_HCRP; \SystemRoot\System32\drivers\btath_hcrp.sys [X]
S3 BTATH_LWFLT; \SystemRoot\system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; \SystemRoot\System32\drivers\btath_rcp.sys [X]
S3 BtFilter; \SystemRoot\system32\DRIVERS\btfilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-20 19:05 - 2014-12-20 19:06 - 00019645 _____ () C:\Users\SRL\Desktop\FRST.txt
2014-12-20 18:54 - 2014-12-20 18:54 - 00113676 _____ () C:\Users\SRL\Downloads\FSS.exe
2014-12-20 18:44 - 2014-12-20 18:44 - 00852505 _____ () C:\Users\SRL\Desktop\SecurityCheck.exe
2014-12-20 18:42 - 2014-12-20 18:42 - 00000000 _____ () C:\Users\SRL\Desktop\drsfostersmith cough medicine.ma2jvmt.partial
2014-12-20 15:51 - 2014-12-20 15:51 - 02122240 _____ (Farbar) C:\Users\SRL\Downloads\FRST64.exe.u9z2ph6.partial
2014-12-20 15:51 - 2014-12-20 15:51 - 02122240 _____ (Farbar) C:\Users\SRL\Desktop\FRST64 (1).exe
2014-12-20 15:47 - 2014-12-20 15:48 - 05915456 _____ ( ) C:\Users\SRL\Downloads\adblockplusie-1.3 (1).exe
2014-12-20 15:35 - 2014-12-20 19:05 - 00000000 ____D () C:\FRST
2014-12-20 14:09 - 2014-12-20 14:09 - 00001204 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2014-12-20 14:09 - 2014-12-20 14:09 - 00001192 _____ () C:\Users\Public\Desktop\paint.net.lnk
2014-12-20 14:09 - 2014-12-20 14:09 - 00000000 ____D () C:\Program Files\paint.net
2014-12-20 14:07 - 2014-12-20 14:14 - 00000000 ____D () C:\Users\SRL\AppData\Local\paint.net
2014-12-20 11:44 - 2014-12-20 11:44 - 00000240 _____ () C:\Users\SRL\Downloads\bs_data.csv
2014-12-19 20:11 - 2014-12-19 20:11 - 00000000 ____D () C:\Program Files\Adblock Plus for IE
2014-12-19 20:09 - 2014-12-19 20:09 - 05915456 _____ ( ) C:\Users\SRL\Downloads\adblockplusie-1.3.exe
2014-12-19 12:20 - 2014-12-19 12:24 - 00002167 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-19 12:20 - 2014-12-19 12:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-19 12:17 - 2014-12-20 12:29 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-19 12:17 - 2014-12-19 12:24 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-12-19 12:17 - 2014-12-19 12:24 - 00003656 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-12-19 12:17 - 2014-12-19 12:24 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-19 12:17 - 2014-12-19 12:20 - 00000000 ____D () C:\Users\SRL\AppData\Local\Google
2014-12-19 12:17 - 2014-12-19 12:20 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-19 12:17 - 2014-12-19 12:17 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\SUPERAntiSpyware.com
2014-12-19 12:16 - 2014-12-20 11:25 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-12-19 12:16 - 2014-12-19 12:16 - 00001824 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-12-19 12:16 - 2014-12-19 12:16 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-12-19 12:16 - 2014-12-19 12:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-12-19 11:58 - 2014-10-30 14:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-12-19 11:58 - 2014-10-30 14:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-12-19 11:40 - 2014-12-19 12:22 - 00000000 ____D () C:\ProgramData\SparkTrust
2014-12-19 11:40 - 2014-12-19 11:40 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\SparkTrust
2014-12-19 11:11 - 2014-12-19 21:02 - 00000000 ____D () C:\ProgramData\Unchecky
2014-12-19 11:11 - 2014-12-19 11:11 - 00000991 _____ () C:\Users\Public\Desktop\Unchecky.lnk
2014-12-19 11:11 - 2014-12-19 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky
2014-12-19 11:11 - 2014-12-19 11:11 - 00000000 ____D () C:\Program Files (x86)\Unchecky
2014-12-15 22:31 - 2014-12-19 20:05 - 00001107 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-15 22:31 - 2014-12-19 20:05 - 00001107 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-15 22:31 - 2014-12-19 04:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-15 22:18 - 2014-12-15 22:18 - 00458920 _____ () C:\Users\SRL\Downloads\firefox-36.0a2.en-US.win32.installer-stub.exe
2014-12-15 07:35 - 2014-12-20 14:40 - 00000000 ____D () C:\ProgramData\MCShield
2014-12-15 07:35 - 2014-12-15 07:35 - 00001048 _____ () C:\Users\Public\Desktop\MCShield Real-Time Monitor.lnk
2014-12-15 07:35 - 2014-12-15 07:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
2014-12-15 07:35 - 2014-12-15 07:35 - 00000000 ____D () C:\Program Files (x86)\MCShield
2014-12-15 07:34 - 2014-12-20 16:20 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit
2014-12-15 07:34 - 2014-12-15 07:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2014-12-15 07:34 - 2014-12-15 07:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Exploit
2014-12-14 23:29 - 2014-12-14 23:29 - 00000000 ____D () C:\Users\SRL\Desktop\mbar
2014-12-14 23:16 - 2014-12-14 23:16 - 00000000 __SHD () C:\Users\SRL\AppData\Local\EmieBrowserModeList
2014-12-14 23:14 - 2014-12-19 18:51 - 00006918 _____ () C:\Windows\PFRO.log
2014-12-14 22:48 - 2014-12-20 14:30 - 00775868 _____ () C:\Windows\WindowsUpdate.log
2014-12-14 15:13 - 2014-12-14 15:13 - 00709564 _____ () C:\Users\SRL\Downloads\delfix_10.8.exe
2014-12-14 15:10 - 2014-12-14 15:10 - 02856736 _____ (MyCity) C:\Users\SRL\Downloads\MCShield-Setup.exe
2014-12-14 15:10 - 2014-12-14 15:10 - 00881704 _____ (RaMMicHaeL) C:\Users\SRL\Downloads\unchecky_setup.exe
2014-12-14 15:09 - 2014-12-14 15:09 - 00448512 _____ (OldTimer Tools) C:\Users\SRL\Downloads\TFC.exe
2014-12-14 15:07 - 2014-12-14 15:07 - 02967032 _____ (Malwarebytes ) C:\Users\SRL\Downloads\mbae-setup-1.05.1.1016.exe
2014-12-14 01:54 - 2014-12-20 18:01 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-14 01:54 - 2014-12-14 01:54 - 00001074 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-14 01:54 - 2014-12-14 01:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-14 01:53 - 2014-12-14 23:29 - 00096472 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-14 01:53 - 2014-12-14 01:53 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-14 01:53 - 2014-12-14 01:53 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-14 01:53 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-14 01:53 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-14 01:51 - 2014-12-14 01:52 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\SRL\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-13 22:59 - 2014-12-14 21:54 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\Audacity
2014-12-13 22:59 - 2014-12-13 22:59 - 00000991 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-12-13 22:59 - 2014-12-13 22:59 - 00000979 _____ () C:\Users\Public\Desktop\Audacity.lnk
2014-12-13 22:58 - 2014-12-13 22:59 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-12-13 22:57 - 2014-12-13 22:57 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\1H1Q1V0B1L1G1N1V0M1P1Q1L1T0D1P1E2Z
2014-12-13 11:43 - 2014-12-13 11:43 - 00001248 _____ () C:\Users\Public\Desktop\Cloud System Booster.lnk
2014-12-13 11:42 - 2014-12-13 11:42 - 16513448 _____ (Anvisoft) C:\Users\SRL\Downloads\csbsetup.exe
2014-12-13 11:39 - 2014-12-19 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
2014-12-13 11:39 - 2014-12-19 12:43 - 00000000 ____D () C:\Program Files (x86)\Anvisoft
2014-12-13 11:39 - 2014-12-19 12:36 - 00003276 _____ () C:\Windows\System32\Tasks\Anvi AD Blocker Ultimate
2014-12-13 11:39 - 2014-12-13 11:39 - 00000000 ____D () C:\ProgramData\Anvisoft
2014-12-13 11:38 - 2014-12-13 11:38 - 08265056 _____ (Anvisoft) C:\Users\SRL\Downloads\adbusetup.exe
2014-12-12 23:19 - 2014-12-19 10:38 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\dvdcss
2014-12-12 23:18 - 2014-12-13 23:22 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-12-11 21:15 - 2014-12-11 21:15 - 02166272 _____ () C:\Users\SRL\Desktop\adwcleaner_4.105.exe
2014-12-10 23:32 - 2014-11-21 19:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 23:32 - 2014-11-21 18:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 23:32 - 2014-11-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 23:32 - 2014-11-21 18:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-10 23:32 - 2014-11-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 23:32 - 2014-11-21 18:35 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-10 23:32 - 2014-11-21 18:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 23:32 - 2014-11-21 18:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 23:32 - 2014-11-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 23:32 - 2014-11-21 18:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 23:32 - 2014-11-21 18:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-10 23:32 - 2014-11-21 18:06 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-12-10 23:32 - 2014-11-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 23:32 - 2014-11-21 18:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 23:32 - 2014-11-21 18:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 23:32 - 2014-11-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-12-10 23:32 - 2014-11-21 17:55 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-10 23:32 - 2014-11-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-12-10 23:32 - 2014-11-21 17:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 23:32 - 2014-11-21 17:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 23:32 - 2014-11-21 17:49 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 23:32 - 2014-11-21 17:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 23:32 - 2014-11-21 17:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 23:32 - 2014-11-21 17:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 23:32 - 2014-11-21 17:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-12-10 23:32 - 2014-11-21 17:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 23:32 - 2014-11-21 17:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 23:32 - 2014-11-21 17:29 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-12-10 23:32 - 2014-11-21 17:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 23:32 - 2014-11-21 17:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-12-10 23:32 - 2014-11-21 17:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 23:32 - 2014-11-21 17:23 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 23:32 - 2014-11-21 17:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 23:32 - 2014-11-21 17:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 23:32 - 2014-11-21 17:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 23:32 - 2014-11-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 23:32 - 2014-11-21 17:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 23:32 - 2014-11-21 16:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 23:32 - 2014-11-21 16:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 23:28 - 2014-11-09 18:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll
2014-12-10 23:28 - 2014-11-09 17:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-10 23:28 - 2014-10-30 15:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-12-10 23:28 - 2014-10-30 15:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-12-10 23:04 - 2014-11-06 20:16 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 23:04 - 2014-11-06 19:26 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 23:04 - 2014-10-31 15:57 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-12-10 23:04 - 2014-10-31 15:47 - 00790528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-12-10 23:04 - 2014-10-12 18:43 - 00238912 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2014-12-10 23:04 - 2014-10-12 18:43 - 00153920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2014-12-10 23:04 - 2014-10-12 18:43 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2014-12-10 23:04 - 2014-10-12 18:43 - 00039744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2014-12-09 22:13 - 2014-12-16 21:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-09 21:42 - 2014-12-09 21:42 - 03981488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-12-07 14:09 - 2014-12-14 08:41 - 00002824 _____ () C:\Windows\System32\Tasks\SlimDrivers Startup
2014-12-07 14:08 - 2014-12-14 10:06 - 00000420 _____ () C:\Windows\Tasks\SlimDrivers Startup.job
2014-12-07 14:08 - 2014-12-13 23:20 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2014-12-07 14:05 - 2014-12-13 23:27 - 00003012 _____ () C:\Windows\System32\Tasks\SlimComputer Run
2014-12-07 14:05 - 2014-12-07 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimComputer
2014-12-07 14:04 - 2014-12-07 14:06 - 00000000 ____D () C:\Program Files (x86)\SlimComputer
2014-12-07 14:01 - 2014-12-07 14:08 - 00000000 ____D () C:\Users\SRL\AppData\Local\SlimWare Utilities Inc
2014-12-07 14:00 - 2014-12-19 21:12 - 00003008 _____ () C:\Windows\System32\Tasks\SlimCleaner Run
2014-12-07 14:00 - 2014-12-19 10:41 - 00000000 ____D () C:\Program Files (x86)\SlimCleaner
2014-12-07 14:00 - 2014-12-07 14:07 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-12-07 14:00 - 2014-12-07 14:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimCleaner
2014-12-07 12:06 - 2014-12-07 12:06 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-12-06 01:34 - 2014-12-06 01:34 - 00000000 ____D () C:\Users\SRL\AppData\Local\Cyberlink
2014-12-06 01:32 - 2014-12-06 01:32 - 00000000 ____D () C:\Users\SRL\Documents\CyberLink
2014-12-06 01:32 - 2014-12-06 01:32 - 00000000 ____D () C:\Users\Public\CyberLink
2014-12-06 01:31 - 2014-12-06 01:31 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\CyberLink
2014-12-05 22:43 - 2014-12-19 18:50 - 00000000 ____D () C:\AdwCleaner
2014-12-05 22:43 - 2014-12-07 12:16 - 00000165 _____ () C:\AdwCleanerDebug.txt
2014-12-05 18:28 - 2014-12-14 10:25 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\Foxit Software
2014-12-04 17:58 - 2014-07-24 01:44 - 16874496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-12-04 17:58 - 2014-07-24 01:16 - 12730880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-12-04 17:58 - 2014-06-13 22:03 - 02389504 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-12-04 17:57 - 2014-07-24 07:28 - 00419648 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-12-04 17:57 - 2014-07-24 07:28 - 00412992 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-12-04 17:57 - 2014-07-24 07:28 - 00143680 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-12-04 17:57 - 2014-07-24 07:20 - 00645592 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-12-04 17:57 - 2014-07-24 07:16 - 02574208 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-12-04 17:57 - 2014-07-24 07:07 - 02009920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-12-04 17:57 - 2014-07-24 07:05 - 01660048 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-12-04 17:57 - 2014-07-24 07:05 - 01519560 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-12-04 17:57 - 2014-07-24 07:05 - 01488008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-12-04 17:57 - 2014-07-24 07:05 - 01356840 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-12-04 17:57 - 2014-07-24 07:03 - 02141920 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-12-04 17:57 - 2014-07-24 07:03 - 00882136 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-12-04 17:57 - 2014-07-24 07:03 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-12-04 17:57 - 2014-07-24 07:03 - 00205512 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll
2014-12-04 17:57 - 2014-07-24 05:48 - 02410976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-12-04 17:57 - 2014-07-24 05:46 - 00477200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-12-04 17:57 - 2014-07-24 05:36 - 02145472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-12-04 17:57 - 2014-07-24 05:36 - 00707536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-12-04 17:57 - 2014-07-24 05:36 - 00355800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-12-04 17:57 - 2014-07-24 05:36 - 00180720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
2014-12-04 17:57 - 2014-07-24 03:44 - 00674816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-12-04 17:57 - 2014-07-24 03:43 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-12-04 17:57 - 2014-07-24 03:42 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-12-04 17:57 - 2014-07-24 03:05 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2014-12-04 17:57 - 2014-07-24 03:05 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-12-04 17:57 - 2014-07-24 02:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll
2014-12-04 17:57 - 2014-07-24 02:20 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2014-12-04 17:57 - 2014-07-24 02:10 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-12-04 17:57 - 2014-07-24 02:10 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-12-04 17:57 - 2014-07-24 01:52 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2014-12-04 17:57 - 2014-07-24 01:39 - 00770048 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-12-04 17:57 - 2014-07-24 01:33 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2014-12-04 17:57 - 2014-07-24 01:24 - 01817088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-12-04 17:57 - 2014-07-24 01:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2014-12-04 17:57 - 2014-07-24 01:11 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-12-04 17:57 - 2014-07-24 01:10 - 00540672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2014-12-04 17:57 - 2014-07-24 01:03 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-12-04 17:57 - 2014-07-24 01:02 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-12-04 17:57 - 2014-07-24 00:53 - 01261056 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-12-04 17:57 - 2014-07-24 00:53 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-12-04 17:57 - 2014-07-24 00:49 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-12-04 17:57 - 2014-07-24 00:39 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2014-12-04 17:57 - 2014-07-24 00:38 - 00371200 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-12-04 17:57 - 2014-07-24 00:32 - 01532416 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-12-04 17:57 - 2014-07-24 00:30 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-12-04 17:57 - 2014-07-24 00:29 - 00439296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2014-12-04 17:57 - 2014-07-24 00:23 - 01404416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2014-12-04 17:57 - 2014-07-24 00:22 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-12-04 17:57 - 2014-07-24 00:21 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-12-04 17:57 - 2014-07-24 00:21 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-12-04 17:57 - 2014-07-24 00:18 - 00795136 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-12-04 17:57 - 2014-07-24 00:16 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2014-12-04 17:57 - 2014-07-24 00:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2014-12-04 17:57 - 2014-07-24 00:10 - 00889344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-12-04 17:57 - 2014-07-24 00:10 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-12-04 17:57 - 2014-07-24 00:01 - 01992192 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-12-04 17:57 - 2014-07-23 23:50 - 01182208 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2014-12-04 17:57 - 2014-07-23 23:47 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2014-12-04 17:57 - 2014-07-23 23:44 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2014-12-04 17:57 - 2014-07-23 23:28 - 01600000 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-12-04 17:57 - 2014-07-23 20:11 - 00513544 _____ () C:\Windows\SysWOW64\locale.nls
2014-12-04 17:57 - 2014-07-23 20:11 - 00513544 _____ () C:\Windows\system32\locale.nls
2014-12-04 17:57 - 2014-07-11 21:55 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
2014-12-04 17:57 - 2014-07-04 02:29 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
2014-12-04 17:57 - 2014-07-04 01:30 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2014-12-04 17:57 - 2014-07-04 01:27 - 00474112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2014-12-04 17:57 - 2014-06-26 22:22 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-12-04 17:57 - 2014-06-25 16:32 - 01029632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-12-04 17:57 - 2014-06-18 18:13 - 00310080 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-12-04 17:57 - 2014-06-13 21:46 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-12-04 17:57 - 2014-06-05 02:18 - 01018368 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2014-12-04 17:57 - 2014-06-05 01:42 - 00889856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2014-12-04 17:57 - 2014-05-30 21:00 - 01463808 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2014-12-04 17:57 - 2014-05-28 22:23 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-12-04 17:57 - 2014-05-28 21:25 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-12-04 17:57 - 2014-05-05 20:41 - 00486744 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-12-04 17:57 - 2014-05-05 16:55 - 00391000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2014-12-04 17:57 - 2014-03-24 18:27 - 00160600 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2014-12-04 17:57 - 2014-03-24 17:20 - 00127544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2014-12-04 17:56 - 2014-07-24 07:28 - 00280384 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2014-12-04 17:56 - 2014-07-24 07:23 - 00125472 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-12-04 17:56 - 2014-07-24 07:20 - 00263400 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-12-04 17:56 - 2014-07-24 07:16 - 00211216 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2014-12-04 17:56 - 2014-07-24 07:03 - 00233888 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-04 17:56 - 2014-07-24 05:50 - 00098048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-12-04 17:56 - 2014-07-24 05:48 - 00180208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
2014-12-04 17:56 - 2014-07-24 03:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL
2014-12-04 17:56 - 2014-07-24 03:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-12-04 17:56 - 2014-07-24 03:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTT102.DLL
2014-12-04 17:56 - 2014-07-24 03:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-12-04 17:56 - 2014-07-24 03:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-12-04 17:56 - 2014-07-24 03:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-12-04 17:56 - 2014-07-24 03:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-12-04 17:56 - 2014-07-24 03:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-12-04 17:56 - 2014-07-24 03:45 - 00076800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-12-04 17:56 - 2014-07-24 03:42 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NdisImPlatform.sys
2014-12-04 17:56 - 2014-07-24 03:41 - 00118272 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2014-12-04 17:56 - 2014-07-24 03:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
2014-12-04 17:56 - 2014-07-24 02:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-12-04 17:56 - 2014-07-24 02:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTT102.DLL
2014-12-04 17:56 - 2014-07-24 02:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-12-04 17:56 - 2014-07-24 02:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL
2014-12-04 17:56 - 2014-07-24 02:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-12-04 17:56 - 2014-07-24 02:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-12-04 17:56 - 2014-07-24 02:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-12-04 17:56 - 2014-07-24 02:32 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2014-12-04 17:56 - 2014-07-24 02:18 - 01089024 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-12-04 17:56 - 2014-07-24 02:12 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2014-12-04 17:56 - 2014-07-24 02:10 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-12-04 17:56 - 2014-07-24 02:10 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasnap.dll
2014-12-04 17:56 - 2014-07-24 02:05 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-12-04 17:56 - 2014-07-24 01:42 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2014-12-04 17:56 - 2014-07-24 01:40 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
2014-12-04 17:56 - 2014-07-24 01:32 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-12-04 17:56 - 2014-07-24 01:27 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-12-04 17:56 - 2014-07-24 01:25 - 00832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2014-12-04 17:56 - 2014-07-24 01:21 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-12-04 17:56 - 2014-07-24 01:18 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll
2014-12-04 17:56 - 2014-07-24 01:14 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-12-04 17:56 - 2014-07-24 01:11 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2014-12-04 17:56 - 2014-07-24 01:04 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
2014-12-04 17:56 - 2014-07-24 01:04 - 00183808 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
2014-12-04 17:56 - 2014-07-24 00:58 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2014-12-04 17:56 - 2014-07-24 00:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-12-04 17:56 - 2014-07-24 00:48 - 00659968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2014-12-04 17:56 - 2014-07-24 00:47 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2014-12-04 17:56 - 2014-07-24 00:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll
2014-12-04 17:56 - 2014-07-24 00:36 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2014-12-04 17:56 - 2014-07-24 00:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2014-12-04 17:56 - 2014-07-24 00:18 - 01144320 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2014-12-04 17:56 - 2014-07-24 00:15 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2014-12-04 17:56 - 2014-07-24 00:15 - 00432128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2014-12-04 17:56 - 2014-07-24 00:13 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2014-12-04 17:56 - 2014-07-24 00:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-12-04 17:56 - 2014-07-24 00:05 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2014-12-04 17:56 - 2014-07-24 00:00 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-12-04 17:56 - 2014-07-23 23:58 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2014-12-04 17:56 - 2014-07-23 23:58 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2014-12-04 17:56 - 2014-07-23 23:54 - 01290752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-12-04 17:56 - 2014-07-23 23:41 - 00459264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2014-12-04 17:56 - 2014-07-11 20:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
2014-12-04 17:56 - 2014-07-04 04:59 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-12-04 17:56 - 2014-07-04 02:20 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2014-12-04 17:56 - 2014-07-04 02:06 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2014-12-04 17:56 - 2014-07-04 02:00 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-12-04 17:56 - 2014-06-25 16:29 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2014-12-04 17:56 - 2014-06-19 15:37 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-12-04 17:56 - 2014-06-07 04:46 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-12-04 17:56 - 2014-06-07 02:20 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-12-04 17:56 - 2014-06-05 06:00 - 01118040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-12-04 17:56 - 2014-05-30 20:18 - 01319936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2014-12-04 17:56 - 2014-05-25 23:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2014-12-04 17:56 - 2014-05-10 02:12 - 00387896 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2014-12-04 17:56 - 2014-05-10 00:46 - 00335680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2014-12-04 17:56 - 2014-03-24 18:27 - 00123920 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2014-12-04 17:56 - 2014-03-24 17:20 - 00128568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2014-12-04 07:11 - 2014-11-26 13:10 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-04 07:11 - 2014-11-26 13:10 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-03 08:08 - 2014-12-03 08:08 - 00002762 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-12-02 06:27 - 2014-04-13 19:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-12-01 22:51 - 2014-12-11 20:27 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-01 22:51 - 2014-11-27 16:40 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-01 22:02 - 2014-08-14 16:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2014-12-01 22:02 - 2014-07-29 17:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2014-12-01 22:02 - 2014-07-28 21:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2014-12-01 22:01 - 2014-08-15 20:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-12-01 22:01 - 2014-08-15 20:01 - 01710184 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-12-01 22:01 - 2014-08-15 19:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-12-01 22:01 - 2014-08-15 19:03 - 01467384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-12-01 22:01 - 2014-08-15 16:29 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-12-01 22:01 - 2014-08-15 16:19 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-12-01 22:01 - 2014-08-15 16:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-12-01 22:01 - 2014-08-15 16:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-12-01 22:01 - 2014-08-15 16:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-12-01 22:01 - 2014-08-15 16:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-12-01 22:01 - 2014-08-15 16:11 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-12-01 22:01 - 2014-08-15 16:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-12-01 22:01 - 2014-08-15 16:07 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-12-01 22:01 - 2014-07-24 07:28 - 00468288 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-12-01 22:00 - 2014-08-15 19:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-12-01 22:00 - 2014-08-15 17:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-12-01 22:00 - 2014-08-15 17:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2014-12-01 22:00 - 2014-08-15 16:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2014-12-01 22:00 - 2014-08-15 16:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-12-01 22:00 - 2014-08-15 16:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2014-12-01 22:00 - 2014-08-15 16:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-12-01 22:00 - 2014-08-15 16:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2014-12-01 22:00 - 2014-08-15 16:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-12-01 22:00 - 2014-08-15 16:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-12-01 22:00 - 2014-08-15 16:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2014-12-01 22:00 - 2014-08-15 16:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-12-01 22:00 - 2014-08-15 16:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-12-01 22:00 - 2014-08-15 16:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-12-01 22:00 - 2014-08-15 16:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-12-01 22:00 - 2014-08-15 16:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-12-01 22:00 - 2014-08-15 16:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-12-01 22:00 - 2014-07-24 03:42 - 01200640 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-12-01 22:00 - 2014-07-24 03:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2014-12-01 22:00 - 2014-07-24 02:09 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-12-01 22:00 - 2014-07-24 01:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-12-01 21:58 - 2014-05-29 19:03 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-12-01 21:57 - 2014-10-12 18:33 - 00116032 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-12-01 21:57 - 2014-10-10 16:58 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-12-01 21:57 - 2014-10-10 16:53 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-12-01 21:57 - 2014-10-07 23:30 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-12-01 21:57 - 2014-10-07 23:09 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-12-01 21:57 - 2014-10-07 22:27 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-12-01 21:57 - 2014-10-07 21:32 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-12-01 21:57 - 2014-10-07 21:19 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-12-01 21:57 - 2014-09-21 20:38 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-12-01 21:57 - 2014-09-21 19:06 - 00258368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-12-01 21:57 - 2014-09-18 16:16 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-12-01 21:57 - 2014-06-09 14:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-12-01 21:57 - 2014-06-09 14:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-12-01 21:56 - 2014-09-21 19:06 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-12-01 21:56 - 2014-09-21 18:49 - 00035320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-12-01 21:56 - 2014-09-02 14:08 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2014-12-01 21:56 - 2014-09-02 14:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2014-12-01 21:51 - 2014-09-26 23:13 - 00104336 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2014-12-01 21:51 - 2014-09-26 21:24 - 00088800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2014-12-01 21:51 - 2014-09-26 19:38 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-12-01 21:51 - 2014-09-26 19:30 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2014-12-01 21:51 - 2014-09-26 19:17 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-12-01 21:51 - 2014-06-19 17:48 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-12-01 21:51 - 2014-06-19 15:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-12-01 21:49 - 2014-06-12 17:15 - 00517528 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-12-01 21:49 - 2014-06-12 17:14 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-12-01 21:49 - 2014-06-12 16:10 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-12-01 21:49 - 2014-06-06 03:34 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-12-01 21:41 - 2014-08-06 18:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-12-01 21:41 - 2014-08-01 19:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-12-01 21:40 - 2014-10-09 17:58 - 00177472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-12-01 21:40 - 2014-10-09 17:58 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-12-01 21:40 - 2014-10-09 17:44 - 00563976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-12-01 21:40 - 2014-10-07 23:37 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-12-01 21:40 - 2014-10-07 23:37 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-12-01 21:40 - 2014-10-07 23:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-12-01 21:40 - 2014-10-07 23:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2014-12-01 21:40 - 2014-10-07 22:56 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-12-01 21:40 - 2014-10-07 22:51 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-12-01 21:40 - 2014-10-07 22:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-12-01 21:40 - 2014-10-07 22:18 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-12-01 21:40 - 2014-10-07 22:17 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-12-01 21:40 - 2014-10-07 21:23 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-12-01 21:40 - 2014-07-15 10:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-12-01 21:40 - 2014-07-15 00:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-12-01 21:40 - 2014-07-15 00:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-12-01 21:40 - 2014-07-15 00:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-12-01 21:39 - 2014-10-18 01:55 - 00055776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-12-01 21:39 - 2014-10-18 00:09 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-12-01 21:39 - 2014-10-18 00:09 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-12-01 21:39 - 2014-10-17 23:25 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-12-01 21:39 - 2014-10-17 22:50 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2014-12-01 21:39 - 2014-10-17 22:38 - 03557376 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-12-01 21:39 - 2014-10-17 22:27 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-12-01 21:39 - 2014-10-17 22:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-12-01 21:39 - 2014-10-17 22:23 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-12-01 21:39 - 2014-10-17 22:23 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-12-01 21:39 - 2014-10-17 22:21 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-12-01 21:39 - 2014-10-17 22:20 - 01714176 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-12-01 21:39 - 2014-10-17 22:14 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-12-01 21:39 - 2014-10-17 22:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-12-01 21:39 - 2014-10-17 22:12 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-12-01 21:39 - 2014-10-17 22:11 - 00723968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-12-01 21:39 - 2014-10-16 23:01 - 00789184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-12-01 21:39 - 2014-10-16 22:58 - 00602768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-12-01 21:39 - 2014-09-03 16:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-12-01 21:39 - 2014-09-03 16:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-12-01 21:39 - 2014-08-22 23:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-12-01 21:39 - 2014-08-22 23:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-12-01 21:39 - 2014-08-22 20:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-12-01 21:39 - 2014-08-01 16:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-12-01 21:38 - 2014-08-22 22:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-12-01 21:38 - 2014-08-22 21:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-12-01 21:37 - 2014-10-30 21:09 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-12-01 21:37 - 2014-10-30 21:06 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-12-01 21:37 - 2014-10-30 20:57 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-01 21:37 - 2014-10-30 20:54 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-12-01 21:37 - 2014-10-30 20:53 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-01 21:37 - 2014-10-30 20:52 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2014-12-01 21:37 - 2014-10-30 20:51 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-01 21:37 - 2014-10-30 20:51 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-01 21:37 - 2014-10-30 20:50 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-01 21:37 - 2014-10-30 20:40 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-12-01 21:37 - 2014-10-30 20:38 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-01 21:37 - 2014-10-30 20:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-01 21:37 - 2014-10-30 20:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-12-01 21:37 - 2014-10-30 20:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-12-01 21:37 - 2014-10-30 20:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-12-01 21:37 - 2014-10-30 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-01 21:37 - 2014-10-30 20:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-12-01 21:37 - 2014-10-30 20:19 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-12-01 21:37 - 2014-10-30 19:44 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-12-01 21:37 - 2014-10-30 19:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-12-01 21:37 - 2014-10-30 19:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-12-01 21:37 - 2014-10-30 19:27 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-12-01 21:37 - 2014-10-30 19:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-12-01 21:37 - 2014-10-30 19:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-12-01 21:37 - 2014-10-30 19:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-01 21:37 - 2014-10-30 19:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-01 21:37 - 2014-10-30 19:16 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-01 21:37 - 2014-10-30 19:15 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-01 21:37 - 2014-10-30 19:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-12-01 21:37 - 2014-10-30 19:13 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-01 21:37 - 2014-10-30 19:13 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2014-12-01 21:37 - 2014-10-30 19:12 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-01 21:37 - 2014-10-30 19:11 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-01 21:37 - 2014-10-30 19:03 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-12-01 21:37 - 2014-10-30 19:02 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-01 21:37 - 2014-10-30 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-01 21:37 - 2014-10-30 18:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-12-01 21:37 - 2014-10-30 18:56 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-12-01 21:37 - 2014-10-30 18:56 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-12-01 21:37 - 2014-10-30 18:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-01 21:37 - 2014-10-30 18:53 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-12-01 21:37 - 2014-10-30 18:48 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-12-01 21:37 - 2014-10-30 18:26 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-12-01 21:37 - 2014-10-30 18:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-12-01 21:36 - 2014-10-30 21:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-12-01 21:36 - 2014-10-30 21:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-12-01 21:36 - 2014-10-30 21:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-12-01 21:36 - 2014-10-30 21:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-12-01 21:36 - 2014-10-30 21:06 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-01 21:36 - 2014-10-30 21:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-01 21:36 - 2014-10-30 20:56 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-01 21:36 - 2014-10-30 19:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-12-01 21:36 - 2014-10-30 19:25 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-12-01 21:36 - 2014-10-22 21:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-12-01 21:36 - 2014-10-22 21:05 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-12-01 21:36 - 2014-10-06 22:28 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-12-01 21:36 - 2014-10-06 22:27 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-12-01 21:36 - 2014-10-06 22:27 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-12-01 21:36 - 2014-10-06 22:27 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-12-01 21:36 - 2014-10-06 22:27 - 00108432 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-12-01 21:36 - 2014-10-06 19:34 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-12-01 21:36 - 2014-10-06 19:34 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-12-01 21:36 - 2014-10-06 19:33 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-12-01 21:36 - 2014-10-06 19:30 - 04182016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-12-01 21:36 - 2014-10-06 17:54 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-12-01 21:36 - 2014-10-06 17:46 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-12-01 21:36 - 2014-08-22 21:18 - 02149376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-12-01 21:36 - 2014-08-22 21:03 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-12-01 21:36 - 2014-05-18 22:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2014-12-01 21:36 - 2014-05-18 22:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-12-01 21:36 - 2014-05-18 21:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-12-01 21:36 - 2014-04-29 20:43 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-12-01 21:36 - 2014-04-29 20:26 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-12-01 21:36 - 2014-04-29 19:47 - 01509888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-12-01 21:36 - 2014-02-06 03:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-01 21:35 - 2014-11-09 15:19 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-12-01 21:35 - 2014-11-09 15:19 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-12-01 21:35 - 2014-11-09 15:18 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-12-01 21:35 - 2014-11-09 15:18 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-12-01 21:35 - 2014-09-09 22:25 - 00474432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-12-01 21:35 - 2014-09-07 19:07 - 02497344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-12-01 21:35 - 2014-09-07 14:08 - 00389176 _____ () C:\Windows\system32\ApnDatabase.xml
2014-12-01 21:35 - 2014-09-04 14:21 - 01053184 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-12-01 21:35 - 2014-09-03 19:05 - 00836176 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-12-01 21:35 - 2014-09-03 18:22 - 00670384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-12-01 21:35 - 2014-08-30 16:15 - 21197152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-12-01 21:35 - 2014-08-30 14:59 - 18723112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-12-01 21:35 - 2014-08-30 13:04 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-12-01 21:35 - 2014-08-30 12:17 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-12-01 21:35 - 2014-08-27 18:55 - 07484224 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-12-01 21:35 - 2014-08-22 21:14 - 13424128 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-12-01 21:35 - 2014-08-22 21:04 - 11820544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-12-01 21:35 - 2014-08-22 20:50 - 02714112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-12-01 21:34 - 2014-09-07 19:07 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-12-01 21:34 - 2014-09-04 14:30 - 00822272 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-12-01 21:34 - 2014-09-03 17:01 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2014-12-01 21:34 - 2014-09-03 16:32 - 00334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2014-12-01 21:34 - 2014-09-03 16:10 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-12-01 21:34 - 2014-08-30 16:17 - 00148800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-12-01 21:34 - 2014-08-30 14:05 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2014-12-01 21:34 - 2014-08-30 13:58 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2014-12-01 21:34 - 2014-08-30 12:53 - 00239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
2014-12-01 21:34 - 2014-08-27 16:21 - 02480128 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-01 21:34 - 2014-08-27 16:06 - 02030592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-01 21:34 - 2014-08-01 16:51 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2014-12-01 21:34 - 2014-08-01 16:35 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2014-12-01 21:34 - 2014-07-24 03:22 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2014-12-01 21:34 - 2014-07-24 01:53 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2014-12-01 21:34 - 2014-07-24 01:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2014-12-01 21:34 - 2014-07-24 00:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2014-12-01 21:34 - 2014-07-24 00:08 - 00162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2014-12-01 21:34 - 2014-07-23 23:49 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2014-12-01 21:34 - 2014-07-23 23:43 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2014-12-01 21:34 - 2014-07-23 19:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-12-01 21:34 - 2014-07-23 19:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2014-12-01 21:33 - 2014-06-06 05:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-12-01 21:33 - 2014-06-06 04:18 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-12-01 21:33 - 2014-06-01 18:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-12-01 21:33 - 2014-05-31 02:07 - 00440664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-12-01 21:33 - 2014-05-31 02:07 - 00089944 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-12-01 21:33 - 2014-05-31 02:07 - 00027480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-12-01 21:33 - 2014-05-30 22:30 - 00037376 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-12-01 21:33 - 2014-05-30 22:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-12-01 21:33 - 2014-05-30 22:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-12-01 21:33 - 2014-05-30 20:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-12-01 21:33 - 2014-05-30 20:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-12-01 21:33 - 2014-05-30 20:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-12-01 21:33 - 2014-05-27 01:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll
2014-12-01 21:33 - 2014-05-27 01:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll
2014-12-01 21:33 - 2014-05-01 05:31 - 00055328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2014-12-01 21:33 - 2014-04-30 21:24 - 02834944 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2014-12-01 21:32 - 2014-07-11 20:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-12-01 21:17 - 2014-05-31 02:06 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2014-12-01 21:17 - 2014-05-30 18:37 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2014-12-01 21:17 - 2014-05-30 18:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-11-30 22:28 - 2014-12-14 22:30 - 00000000 ____D () C:\Users\SRL\AppData\Local\CrashDumps
2014-11-30 22:24 - 2014-12-06 00:37 - 00000698 _____ () C:\Users\SRL\AppData\Local\Reminders.stt
2014-11-30 22:24 - 2014-11-30 22:24 - 00000008 _____ () C:\Users\SRL\AppData\Local\Notes.stt
2014-11-30 22:10 - 2014-12-19 13:28 - 00000000 __SHD () C:\Program Files (x86)\Enhopporacres
2014-11-30 21:54 - 2014-11-30 21:54 - 00000000 ____D () C:\Users\SRL\abBox
2014-11-30 21:41 - 2014-12-06 00:46 - 00000000 ____D () C:\Program Files (x86)\Say the Time
2014-11-30 21:34 - 2014-12-20 18:50 - 00000394 _____ () C:\Windows\Tasks\WpsNotifyTask_SRL.job
2014-11-30 21:34 - 2014-12-20 18:40 - 00000394 _____ () C:\Windows\Tasks\WpsUpdateTask_SRL.job
2014-11-30 21:34 - 2014-11-30 21:34 - 00003334 _____ () C:\Windows\System32\Tasks\WpsUpdateTask_SRL
2014-11-30 21:34 - 2014-11-30 21:34 - 00003334 _____ () C:\Windows\System32\Tasks\WpsNotifyTask_SRL
2014-11-30 21:34 - 2014-11-30 21:34 - 00001599 _____ () C:\Users\SRL\Desktop\WPS Writer.lnk
2014-11-30 21:34 - 2014-11-30 21:34 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\office6
2014-11-30 21:34 - 2014-11-30 21:34 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office
2014-11-30 21:33 - 2014-11-30 21:33 - 00000000 ____D () C:\ProgramData\Kingsoft
2014-11-30 21:32 - 2014-12-20 12:11 - 00000000 ____D () C:\Users\SRL\AppData\Local\Kingsoft
2014-11-30 21:32 - 2014-11-30 21:35 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\kingsoft
2014-11-30 21:23 - 2014-11-30 21:23 - 00000000 ____D () C:\Users\SRL\AppData\Local\acer
2014-11-30 19:45 - 2014-11-30 19:45 - 00003124 _____ () C:\Windows\System32\Tasks\{EE853CBF-B5C1-46BB-AF3C-D8A58F5534AD}
2014-11-30 19:21 - 2014-12-20 16:13 - 00193536 ___SH () C:\Users\SRL\Desktop\Thumbs.db
2014-11-30 14:34 - 2014-12-20 18:44 - 00242176 ___SH () C:\Users\SRL\Downloads\Thumbs.db
2014-11-30 02:42 - 2014-11-30 02:42 - 00000000 ____D () C:\Users\SRL\AppData\Local\Macromedia
2014-11-30 02:20 - 2014-11-30 02:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-11-30 02:10 - 2014-11-30 02:10 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\Spotify
2014-11-30 02:10 - 2014-11-30 02:10 - 00000000 ____D () C:\Users\SRL\AppData\Local\Spotify
2014-11-30 02:05 - 2014-12-20 18:42 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-30 02:05 - 2014-12-20 14:40 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-30 02:04 - 2014-12-20 14:41 - 00000000 ____D () C:\Users\SRL\AppData\Local\Adobe
2014-11-29 21:52 - 2014-11-29 21:52 - 00000000 ____D () C:\Users\SRL\AppData\Local\Skype
2014-11-29 21:51 - 2014-12-20 18:31 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\Skype
2014-11-29 21:51 - 2014-12-13 11:28 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-11-29 21:51 - 2014-11-29 21:51 - 00002531 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-11-29 21:51 - 2014-11-29 21:51 - 00000000 ____D () C:\ProgramData\Skype
2014-11-29 21:51 - 2014-11-29 21:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-11-29 21:20 - 2014-11-29 21:20 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\WildTangent
2014-11-29 21:20 - 2014-11-29 21:20 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\LavasoftStatistics
2014-11-29 21:19 - 2014-11-29 21:19 - 00004720 _____ () C:\Windows\SysWOW64\LavasoftTcpService.ini
2014-11-29 21:19 - 2014-11-29 21:19 - 00002552 _____ () C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2014-11-29 21:19 - 2014-11-29 21:19 - 00002552 _____ () C:\Windows\system32\LavasoftTcpServiceOff.ini
2014-11-29 21:19 - 2014-11-27 10:44 - 00358736 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2014-11-29 21:19 - 2014-11-27 10:44 - 00312424 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2014-11-29 21:16 - 2014-11-29 21:16 - 00000000 ____D () C:\Users\SRL\AppData\Local\Acer Aspire R7 Tutorial
2014-11-29 21:11 - 2014-11-30 22:14 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-11-29 21:09 - 2014-11-30 21:30 - 00000000 ____D () C:\Users\Public\OEM
2014-11-29 21:06 - 2014-11-29 21:06 - 00000000 ____D () C:\Users\SRL\AppData\Local\iGware
2014-11-29 21:03 - 2014-11-29 21:03 - 00000000 ____D () C:\log
2014-11-29 21:01 - 2014-11-29 21:07 - 00000000 ____D () C:\Users\SRL\AppData\Local\Mozilla
2014-11-29 21:01 - 2014-11-29 21:06 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\Mozilla
2014-11-29 21:00 - 2014-11-29 21:00 - 00000000 ____D () C:\ProgramData\Mozilla
2014-11-29 20:54 - 2014-11-29 20:54 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\AVAST Software
2014-11-29 20:53 - 2014-11-29 20:53 - 00001984 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-11-29 20:53 - 2014-11-29 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-11-29 20:51 - 2014-11-29 20:52 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-29 20:51 - 2014-11-29 20:51 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-29 20:51 - 2014-11-29 20:50 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-11-29 20:51 - 2014-11-29 20:50 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-29 20:51 - 2014-11-29 20:50 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-11-29 20:51 - 2014-11-29 20:50 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-11-29 20:51 - 2014-11-29 20:50 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-11-29 20:51 - 2014-11-29 20:50 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-29 20:51 - 2014-11-29 20:50 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-29 20:50 - 2014-11-29 20:50 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-29 20:50 - 2014-11-29 20:50 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-29 20:46 - 2014-12-14 10:04 - 00003336 _____ () C:\Windows\System32\Tasks\AcerCloud
2014-11-29 20:45 - 2014-11-29 20:45 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-11-29 20:45 - 2014-11-29 20:45 - 00000000 ____D () C:\Program Files\AVAST Software
2014-11-29 20:42 - 2014-11-29 20:42 - 00002241 _____ () C:\Users\Public\Desktop\AVG 1-Click Maintenance.lnk
2014-11-29 20:42 - 2014-11-29 20:42 - 00002227 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk
2014-11-29 20:42 - 2014-11-29 20:42 - 00002215 _____ () C:\Users\Public\Desktop\AVG PC TuneUp 2015.lnk
2014-11-29 20:42 - 2014-11-24 12:48 - 00040248 _____ (AVG Technologies) C:\Windows\system32\TURegOpt.exe
2014-11-29 20:42 - 2014-11-24 12:48 - 00029496 _____ (AVG Technologies) C:\Windows\system32\authuitu.dll
2014-11-29 20:42 - 2014-11-24 12:48 - 00025400 _____ (AVG Technologies) C:\Windows\SysWOW64\authuitu.dll
2014-11-29 20:40 - 2014-11-29 20:40 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\AVG
2014-11-29 20:40 - 2014-11-29 20:40 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-11-29 20:37 - 2014-11-29 20:37 - 00000000 ____D () C:\Users\SRL\AppData\Local\Avg
2014-11-29 20:35 - 2014-11-30 23:16 - 00000000 ____D () C:\ProgramData\AVG
2014-11-29 20:26 - 2014-12-20 18:09 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{7ED5C047-ABDD-4ACA-9596-9798E9EAF71E}
2014-11-29 20:26 - 2014-11-29 20:26 - 00000000 __SHD () C:\Users\SRL\AppData\Local\EmieUserList
2014-11-29 20:26 - 2014-11-29 20:26 - 00000000 __SHD () C:\Users\SRL\AppData\Local\EmieSiteList
2014-11-29 20:20 - 2014-12-19 21:14 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-72073483-495126709-2093844012-1001
2014-11-29 20:19 - 2014-11-29 21:09 - 00002153 _____ () C:\Users\SRL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
2014-11-29 20:19 - 2014-11-29 20:19 - 00000000 ____D () C:\Users\Public\Pokki
2014-11-29 20:18 - 2014-11-30 11:52 - 00002324 _____ () C:\Users\SRL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2014-11-29 20:17 - 2014-11-29 20:17 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\Macromedia
2014-11-29 20:16 - 2014-12-12 23:13 - 00000000 ____D () C:\Users\SRL\AppData\Local\clear.fi
2014-11-29 20:16 - 2014-11-29 20:16 - 00001272 _____ () C:\Users\SRL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HD Audio Manager.lnk
2014-11-29 20:16 - 2014-11-29 20:16 - 00000000 ____D () C:\Users\SRL\PicStream
2014-11-29 20:16 - 2014-11-29 20:16 - 00000000 ____D () C:\Users\SRL\AppData\Local\AOP SDK
2014-11-29 20:15 - 2014-12-01 20:57 - 00000000 ____D () C:\Users\SRL\AppData\Local\Packages
2014-11-29 20:15 - 2014-11-30 21:11 - 00000000 ____D () C:\Users\SRL\AppData\Local\VirtualStore
2014-11-29 20:15 - 2014-11-29 20:15 - 00001442 _____ () C:\Users\SRL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-11-29 20:15 - 2014-11-29 20:15 - 00000144 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-11-29 20:15 - 2014-11-29 20:15 - 00000020 ___SH () C:\Users\SRL\ntuser.ini
2014-11-29 20:15 - 2014-11-29 20:15 - 00000000 ____D () C:\Windows\oem
2014-11-29 20:15 - 2014-11-29 20:15 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\Adobe
2014-11-29 20:15 - 2014-11-29 20:15 - 00000000 ____D () C:\Users\SRL\AppData\Local\OEM
2014-11-29 20:15 - 2014-11-29 20:15 - 00000000 ____D () C:\ProgramData\OEM_YAHOO
2014-11-29 20:15 - 2014-11-29 20:15 - 00000000 ____D () C:\Program Files\Accessory Store
2014-11-29 20:14 - 2014-12-05 16:00 - 00000000 ____D () C:\Users\SRL\AppData\Local\Pokki
2014-11-29 20:14 - 2014-11-30 21:54 - 00000000 ____D () C:\Users\SRL
2014-11-29 20:14 - 2014-08-11 15:40 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-29 20:14 - 2014-03-18 02:00 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-11-29 20:14 - 2014-03-18 01:49 - 00000369 _____ () C:\Users\SRL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-11-29 20:14 - 2014-03-18 01:49 - 00000369 _____ () C:\Users\SRL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-11-29 20:14 - 2013-08-22 07:36 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-29 20:14 - 2013-08-22 07:36 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-20 19:00 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\sru
2014-12-20 12:37 - 2013-08-22 07:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-12-19 20:16 - 2013-08-22 06:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-19 12:32 - 2014-03-18 01:47 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-19 11:11 - 2013-08-22 05:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-12-19 04:52 - 2013-08-22 05:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-12-17 21:08 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-12-14 10:05 - 2014-03-18 01:33 - 00000000 ____D () C:\Windows\ShellNew
2014-12-14 10:05 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-12-14 08:40 - 2014-09-26 18:54 - 00002932 _____ () C:\Windows\System32\Tasks\Power Management
2014-12-14 08:40 - 2014-09-26 18:51 - 00002906 _____ () C:\Windows\System32\Tasks\Launch Manager
2014-12-13 23:26 - 2014-08-11 15:49 - 00004564 _____ () C:\Windows\System32\Tasks\ACCAgent
2014-12-13 23:26 - 2014-08-11 15:49 - 00003814 _____ () C:\Windows\System32\Tasks\ACC
2014-12-12 16:48 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\rescache
2014-12-11 22:18 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2014-12-11 22:18 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-12-11 21:21 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-07 14:21 - 2013-08-22 06:44 - 00346768 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-06 01:31 - 2014-08-11 15:51 - 00000000 ____D () C:\ProgramData\CyberLink
2014-12-06 00:45 - 2014-03-18 01:33 - 00000000 ____D () C:\Program Files\Windows Journal
2014-12-06 00:45 - 2013-08-22 07:36 - 00000000 ___RD () C:\Windows\ToastData
2014-12-06 00:45 - 2013-08-22 07:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-12-06 00:45 - 2013-08-22 07:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-12-06 00:45 - 2013-08-22 07:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-12-06 00:45 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2014-12-06 00:45 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
2014-12-06 00:45 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\setup
2014-12-06 00:45 - 2013-08-22 05:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-12-03 23:31 - 2013-08-22 07:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-03 23:31 - 2013-08-22 07:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-03 23:31 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-12-03 23:31 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-12-03 23:30 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\WinStore
2014-12-03 23:29 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\FileManager
2014-12-03 23:29 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\Camera
2014-12-03 23:29 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-12-03 08:17 - 2014-08-11 15:50 - 00000000 ____D () C:\ProgramData\Temp
2014-12-03 08:17 - 2013-08-22 05:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2014-11-30 22:19 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-30 21:31 - 2014-08-11 15:49 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2014-11-30 21:31 - 2014-08-11 15:48 - 00000000 ____D () C:\Program Files (x86)\Acer
2014-11-30 21:24 - 2014-08-11 15:49 - 00000000 ____D () C:\ProgramData\OEM
2014-11-29 21:22 - 2014-08-11 15:55 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-29 21:20 - 2014-08-11 15:54 - 00000000 ____D () C:\ProgramData\WildTangent
2014-11-29 21:05 - 2014-08-11 16:02 - 00000000 ____D () C:\ProgramData\McAfee
2014-11-29 20:59 - 2013-08-22 07:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-11-29 20:54 - 2014-08-11 15:10 - 00000000 ____D () C:\Users\Administrator
2014-11-29 20:37 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\restore
2014-11-29 20:30 - 2014-08-11 15:59 - 00000000 ___HD () C:\OEM
2014-11-29 20:25 - 2014-08-11 15:49 - 00000000 ____D () C:\ProgramData\acer

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-19 05:04

==================== End Of Log ============================

This notepad result said Farbar on the top.

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-12-2014
Ran by SRL (administrator) on RUTHIE on 20-12-2014 19:05:27
Running from C:\Users\SRL\Desktop
Loaded Profile: SRL (Available profiles: SRL)
Platform: Windows 8.1 Connected (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
() C:\Program Files (x86)\Enhopporacres\Enhopporacres.exe
(Intel® Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
() C:\Program Files (x86)\Enhopporacres\EnhopporacresHelper.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Eyeo GmbH) C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe
() C:\Users\SRL\Desktop\SecurityCheck.exe
(Farbar) C:\Users\SRL\Desktop\FRST64 (1).exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\System32\DptfPolicyLpmServiceHelper.exe [111488 2013-09-17] (Intel Corporation)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [62208 2014-11-17] (Acer Incorporated)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [90368 2014-11-20] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-12] (AVAST Software)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2561848 2014-12-10] (Malwarebytes Corporation)
HKU\S-1-5-21-72073483-495126709-2093844012-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-09-26] (Spotify Ltd)
HKU\S-1-5-21-72073483-495126709-2093844012-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2452736 2014-11-19] (Acer)
HKU\S-1-5-21-72073483-495126709-2093844012-1001\...\Run: [CloudSystemBooster] => C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe [527544 2014-08-20] (Anvisoft)
HKU\S-1-5-21-72073483-495126709-2093844012-1001\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-72073483-495126709-2093844012-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2014-12-15] (SUPERAntiSpyware)
IFEO\abdocs.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\acerportal.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\carecenter.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\epowerui.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\ravcpl64.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\setting.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\skype.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\slimcleaner.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\spotifylauncher.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [S-1-5-21-72073483-495126709-2093844012-1001] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-72073483-495126709-2093844012-1001] => http=127.0.0.1:9880;https=127.0.0.1:9880
HKU\S-1-5-21-72073483-495126709-2093844012-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
HKU\S-1-5-21-72073483-495126709-2093844012-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF ProfilePath: C:\Users\SRL\AppData\Roaming\Mozilla\Firefox\Profiles\e5t2pupk.Ruthie
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: https://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: https://www.google.com/?trackid=sp-006
FF Keyword.URL: https://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\SRL\AppData\Roaming\Mozilla\Firefox\Profiles\2qh1gpj0.default-1418627549993\searchplugins\google-avast.xml
FF SearchPlugin: C:\Users\SRL\AppData\Roaming\Mozilla\Firefox\Profiles\e5t2pupk.Ruthie\searchplugins\google-avast.xml
FF Extension: Flashblock - C:\Users\SRL\AppData\Roaming\Mozilla\Firefox\Profiles\e5t2pupk.Ruthie\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-12-19]
FF Extension: Block site - C:\Users\SRL\AppData\Roaming\Mozilla\Firefox\Profiles\e5t2pupk.Ruthie\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2014-12-19]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\SRL\AppData\Roaming\Mozilla\Firefox\Profiles\e5t2pupk.Ruthie\Extensions\adblockpopups@jessehakanen.net.xpi [2014-12-19]
FF Extension: CensureBlock - C:\Users\SRL\AppData\Roaming\Mozilla\Firefox\Profiles\e5t2pupk.Ruthie\Extensions\censureblock@gmail.com.xpi [2014-12-19]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\SRL\AppData\Roaming\Mozilla\Firefox\Profiles\e5t2pupk.Ruthie\Extensions\elemhidehelper@adblockplus.org.xpi [2014-12-19]
FF Extension: Web Paint - C:\Users\SRL\AppData\Roaming\Mozilla\Firefox\Profiles\e5t2pupk.Ruthie\Extensions\jid1-0dhOSYKGj326og@jetpack.xpi [2014-12-20]
FF Extension: Karma Blocker - C:\Users\SRL\AppData\Roaming\Mozilla\Firefox\Profiles\e5t2pupk.Ruthie\Extensions\kabl@trac.arantius.com.xpi [2014-12-19]
FF Extension: FastestFox - C:\Users\SRL\AppData\Roaming\Mozilla\Firefox\Profiles\e5t2pupk.Ruthie\Extensions\smarterwiki@wikiatic.com.xpi [2014-12-19]
FF Extension: Adblock Plus - C:\Users\SRL\AppData\Roaming\Mozilla\Firefox\Profiles\e5t2pupk.Ruthie\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-19]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-29]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\SRL\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\SRL\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-19]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-29]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 AnviCsbSvc; C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe [42680 2014-08-20] (Anvisoft)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-29] (AVAST Software)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2709760 2014-11-16] (Acer Incorporated)
R2 DptfParticipantAcpiProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2013-09-17] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [150760 2013-09-17] (Intel Corporation)
R2 Enhopporacres; C:\Program Files (x86)\Enhopporacres\Enhopporacres.exe [4377560 2014-11-26] ()
S4 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-05-29] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel® Corporation)
S4 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [555320 2014-12-10] (Malwarebytes Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2604856 2014-11-24] (AVG Technologies)
S4 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-14] (acer)
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [111208 2014-12-19] (RaMMicHaeL)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-29] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-29] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-29] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 DptfDevAcpiProc; C:\Windows\system32\DRIVERS\DptfDevAcpiProc.sys [198808 2013-09-17] (Intel Corporation)
S3 DptfDevDisplay; C:\Windows\System32\drivers\DptfDevDisplay.sys [70752 2013-09-17] (Intel Corporation)
S3 DptfDevDram; C:\Windows\System32\drivers\DptfDevDram.sys [145640 2013-09-17] (Intel Corporation)
S3 DptfDevFan; C:\Windows\System32\drivers\DptfDevFan.sys [50640 2013-09-17] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [78504 2013-09-17] (Intel Corporation)
S3 DptfDevPch; C:\Windows\System32\drivers\DptfDevPch.sys [116752 2013-09-17] (Intel Corporation)
S3 DptfDevPower; C:\Windows\System32\drivers\DptfDevPower.sys [71808 2013-09-17] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [493240 2013-09-17] (Intel Corporation)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2014-12-10] ()
S3 fileHiders; C:\Windows\System32\DRIVERS\fileHiders.sys [32464 2014-10-23] ()
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-10] (Intel Corporation)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-10] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-20] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-12-10] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-12-13] ()
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2014-11-24] (TuneUp Software)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
S3 AthBTPort; \SystemRoot\system32\DRIVERS\btath_flt.sys [X]
S3 BTATH_A2DP; \SystemRoot\system32\drivers\btath_a2dp.sys [X]
S3 btath_avdt; \SystemRoot\system32\drivers\btath_avdt.sys [X]
S0 BTATH_BUS; System32\drivers\btath_bus.sys [X]
S3 BTATH_HCRP; \SystemRoot\System32\drivers\btath_hcrp.sys [X]
S3 BTATH_LWFLT; \SystemRoot\system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; \SystemRoot\System32\drivers\btath_rcp.sys [X]
S3 BtFilter; \SystemRoot\system32\DRIVERS\btfilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-20 19:05 - 2014-12-20 19:06 - 00019645 _____ () C:\Users\SRL\Desktop\FRST.txt
2014-12-20 18:54 - 2014-12-20 18:54 - 00113676 _____ () C:\Users\SRL\Downloads\FSS.exe
2014-12-20 18:44 - 2014-12-20 18:44 - 00852505 _____ () C:\Users\SRL\Desktop\SecurityCheck.exe
2014-12-20 18:42 - 2014-12-20 18:42 - 00000000 _____ () C:\Users\SRL\Desktop\drsfostersmith cough medicine.ma2jvmt.partial
2014-12-20 15:51 - 2014-12-20 15:51 - 02122240 _____ (Farbar) C:\Users\SRL\Downloads\FRST64.exe.u9z2ph6.partial
2014-12-20 15:51 - 2014-12-20 15:51 - 02122240 _____ (Farbar) C:\Users\SRL\Desktop\FRST64 (1).exe
2014-12-20 15:47 - 2014-12-20 15:48 - 05915456 _____ ( ) C:\Users\SRL\Downloads\adblockplusie-1.3 (1).exe
2014-12-20 15:35 - 2014-12-20 19:05 - 00000000 ____D () C:\FRST
2014-12-20 14:09 - 2014-12-20 14:09 - 00001204 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2014-12-20 14:09 - 2014-12-20 14:09 - 00001192 _____ () C:\Users\Public\Desktop\paint.net.lnk
2014-12-20 14:09 - 2014-12-20 14:09 - 00000000 ____D () C:\Program Files\paint.net
2014-12-20 14:07 - 2014-12-20 14:14 - 00000000 ____D () C:\Users\SRL\AppData\Local\paint.net
2014-12-20 11:44 - 2014-12-20 11:44 - 00000240 _____ () C:\Users\SRL\Downloads\bs_data.csv
2014-12-19 20:11 - 2014-12-19 20:11 - 00000000 ____D () C:\Program Files\Adblock Plus for IE
2014-12-19 20:09 - 2014-12-19 20:09 - 05915456 _____ ( ) C:\Users\SRL\Downloads\adblockplusie-1.3.exe
2014-12-19 12:20 - 2014-12-19 12:24 - 00002167 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-19 12:20 - 2014-12-19 12:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-19 12:17 - 2014-12-20 12:29 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-19 12:17 - 2014-12-19 12:24 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-12-19 12:17 - 2014-12-19 12:24 - 00003656 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-12-19 12:17 - 2014-12-19 12:24 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-19 12:17 - 2014-12-19 12:20 - 00000000 ____D () C:\Users\SRL\AppData\Local\Google
2014-12-19 12:17 - 2014-12-19 12:20 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-19 12:17 - 2014-12-19 12:17 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\SUPERAntiSpyware.com
2014-12-19 12:16 - 2014-12-20 11:25 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-12-19 12:16 - 2014-12-19 12:16 - 00001824 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-12-19 12:16 - 2014-12-19 12:16 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-12-19 12:16 - 2014-12-19 12:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-12-19 11:58 - 2014-10-30 14:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-12-19 11:58 - 2014-10-30 14:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-12-19 11:40 - 2014-12-19 12:22 - 00000000 ____D () C:\ProgramData\SparkTrust
2014-12-19 11:40 - 2014-12-19 11:40 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\SparkTrust
2014-12-19 11:11 - 2014-12-19 21:02 - 00000000 ____D () C:\ProgramData\Unchecky
2014-12-19 11:11 - 2014-12-19 11:11 - 00000991 _____ () C:\Users\Public\Desktop\Unchecky.lnk
2014-12-19 11:11 - 2014-12-19 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky
2014-12-19 11:11 - 2014-12-19 11:11 - 00000000 ____D () C:\Program Files (x86)\Unchecky
2014-12-15 22:31 - 2014-12-19 20:05 - 00001107 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-15 22:31 - 2014-12-19 20:05 - 00001107 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-15 22:31 - 2014-12-19 04:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-15 22:18 - 2014-12-15 22:18 - 00458920 _____ () C:\Users\SRL\Downloads\firefox-36.0a2.en-US.win32.installer-stub.exe
2014-12-15 07:35 - 2014-12-20 14:40 - 00000000 ____D () C:\ProgramData\MCShield
2014-12-15 07:35 - 2014-12-15 07:35 - 00001048 _____ () C:\Users\Public\Desktop\MCShield Real-Time Monitor.lnk
2014-12-15 07:35 - 2014-12-15 07:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
2014-12-15 07:35 - 2014-12-15 07:35 - 00000000 ____D () C:\Program Files (x86)\MCShield
2014-12-15 07:34 - 2014-12-20 16:20 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit
2014-12-15 07:34 - 2014-12-15 07:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2014-12-15 07:34 - 2014-12-15 07:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Exploit
2014-12-14 23:29 - 2014-12-14 23:29 - 00000000 ____D () C:\Users\SRL\Desktop\mbar
2014-12-14 23:16 - 2014-12-14 23:16 - 00000000 __SHD () C:\Users\SRL\AppData\Local\EmieBrowserModeList
2014-12-14 23:14 - 2014-12-19 18:51 - 00006918 _____ () C:\Windows\PFRO.log
2014-12-14 22:48 - 2014-12-20 14:30 - 00775868 _____ () C:\Windows\WindowsUpdate.log
2014-12-14 15:13 - 2014-12-14 15:13 - 00709564 _____ () C:\Users\SRL\Downloads\delfix_10.8.exe
2014-12-14 15:10 - 2014-12-14 15:10 - 02856736 _____ (MyCity) C:\Users\SRL\Downloads\MCShield-Setup.exe
2014-12-14 15:10 - 2014-12-14 15:10 - 00881704 _____ (RaMMicHaeL) C:\Users\SRL\Downloads\unchecky_setup.exe
2014-12-14 15:09 - 2014-12-14 15:09 - 00448512 _____ (OldTimer Tools) C:\Users\SRL\Downloads\TFC.exe
2014-12-14 15:07 - 2014-12-14 15:07 - 02967032 _____ (Malwarebytes ) C:\Users\SRL\Downloads\mbae-setup-1.05.1.1016.exe
2014-12-14 01:54 - 2014-12-20 18:01 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-14 01:54 - 2014-12-14 01:54 - 00001074 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-14 01:54 - 2014-12-14 01:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-14 01:53 - 2014-12-14 23:29 - 00096472 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-14 01:53 - 2014-12-14 01:53 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-14 01:53 - 2014-12-14 01:53 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-14 01:53 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-14 01:53 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-14 01:51 - 2014-12-14 01:52 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\SRL\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-13 22:59 - 2014-12-14 21:54 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\Audacity
2014-12-13 22:59 - 2014-12-13 22:59 - 00000991 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-12-13 22:59 - 2014-12-13 22:59 - 00000979 _____ () C:\Users\Public\Desktop\Audacity.lnk
2014-12-13 22:58 - 2014-12-13 22:59 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-12-13 22:57 - 2014-12-13 22:57 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\1H1Q1V0B1L1G1N1V0M1P1Q1L1T0D1P1E2Z
2014-12-13 11:43 - 2014-12-13 11:43 - 00001248 _____ () C:\Users\Public\Desktop\Cloud System Booster.lnk
2014-12-13 11:42 - 2014-12-13 11:42 - 16513448 _____ (Anvisoft) C:\Users\SRL\Downloads\csbsetup.exe
2014-12-13 11:39 - 2014-12-19 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
2014-12-13 11:39 - 2014-12-19 12:43 - 00000000 ____D () C:\Program Files (x86)\Anvisoft
2014-12-13 11:39 - 2014-12-19 12:36 - 00003276 _____ () C:\Windows\System32\Tasks\Anvi AD Blocker Ultimate
2014-12-13 11:39 - 2014-12-13 11:39 - 00000000 ____D () C:\ProgramData\Anvisoft
2014-12-13 11:38 - 2014-12-13 11:38 - 08265056 _____ (Anvisoft) C:\Users\SRL\Downloads\adbusetup.exe
2014-12-12 23:19 - 2014-12-19 10:38 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\dvdcss
2014-12-12 23:18 - 2014-12-13 23:22 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-12-11 21:15 - 2014-12-11 21:15 - 02166272 _____ () C:\Users\SRL\Desktop\adwcleaner_4.105.exe
2014-12-10 23:32 - 2014-11-21 19:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 23:32 - 2014-11-21 18:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 23:32 - 2014-11-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 23:32 - 2014-11-21 18:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-10 23:32 - 2014-11-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 23:32 - 2014-11-21 18:35 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-10 23:32 - 2014-11-21 18:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 23:32 - 2014-11-21 18:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 23:32 - 2014-11-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 23:32 - 2014-11-21 18:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 23:32 - 2014-11-21 18:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-10 23:32 - 2014-11-21 18:06 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-12-10 23:32 - 2014-11-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 23:32 - 2014-11-21 18:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 23:32 - 2014-11-21 18:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 23:32 - 2014-11-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-12-10 23:32 - 2014-11-21 17:55 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-10 23:32 - 2014-11-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-12-10 23:32 - 2014-11-21 17:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 23:32 - 2014-11-21 17:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 23:32 - 2014-11-21 17:49 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 23:32 - 2014-11-21 17:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 23:32 - 2014-11-21 17:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 23:32 - 2014-11-21 17:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 23:32 - 2014-11-21 17:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-12-10 23:32 - 2014-11-21 17:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 23:32 - 2014-11-21 17:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 23:32 - 2014-11-21 17:29 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-12-10 23:32 - 2014-11-21 17:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 23:32 - 2014-11-21 17:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-12-10 23:32 - 2014-11-21 17:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 23:32 - 2014-11-21 17:23 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 23:32 - 2014-11-21 17:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 23:32 - 2014-11-21 17:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 23:32 - 2014-11-21 17:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 23:32 - 2014-11-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 23:32 - 2014-11-21 17:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 23:32 - 2014-11-21 16:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 23:32 - 2014-11-21 16:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 23:28 - 2014-11-09 18:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll
2014-12-10 23:28 - 2014-11-09 17:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-10 23:28 - 2014-10-30 15:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-12-10 23:28 - 2014-10-30 15:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-12-10 23:04 - 2014-11-06 20:16 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 23:04 - 2014-11-06 19:26 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 23:04 - 2014-10-31 15:57 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-12-10 23:04 - 2014-10-31 15:47 - 00790528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-12-10 23:04 - 2014-10-12 18:43 - 00238912 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2014-12-10 23:04 - 2014-10-12 18:43 - 00153920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2014-12-10 23:04 - 2014-10-12 18:43 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2014-12-10 23:04 - 2014-10-12 18:43 - 00039744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2014-12-09 22:13 - 2014-12-16 21:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-09 21:42 - 2014-12-09 21:42 - 03981488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-12-07 14:09 - 2014-12-14 08:41 - 00002824 _____ () C:\Windows\System32\Tasks\SlimDrivers Startup
2014-12-07 14:08 - 2014-12-14 10:06 - 00000420 _____ () C:\Windows\Tasks\SlimDrivers Startup.job
2014-12-07 14:08 - 2014-12-13 23:20 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2014-12-07 14:05 - 2014-12-13 23:27 - 00003012 _____ () C:\Windows\System32\Tasks\SlimComputer Run
2014-12-07 14:05 - 2014-12-07 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimComputer
2014-12-07 14:04 - 2014-12-07 14:06 - 00000000 ____D () C:\Program Files (x86)\SlimComputer
2014-12-07 14:01 - 2014-12-07 14:08 - 00000000 ____D () C:\Users\SRL\AppData\Local\SlimWare Utilities Inc
2014-12-07 14:00 - 2014-12-19 21:12 - 00003008 _____ () C:\Windows\System32\Tasks\SlimCleaner Run
2014-12-07 14:00 - 2014-12-19 10:41 - 00000000 ____D () C:\Program Files (x86)\SlimCleaner
2014-12-07 14:00 - 2014-12-07 14:07 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-12-07 14:00 - 2014-12-07 14:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimCleaner
2014-12-07 12:06 - 2014-12-07 12:06 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-12-06 01:34 - 2014-12-06 01:34 - 00000000 ____D () C:\Users\SRL\AppData\Local\Cyberlink
2014-12-06 01:32 - 2014-12-06 01:32 - 00000000 ____D () C:\Users\SRL\Documents\CyberLink
2014-12-06 01:32 - 2014-12-06 01:32 - 00000000 ____D () C:\Users\Public\CyberLink
2014-12-06 01:31 - 2014-12-06 01:31 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\CyberLink
2014-12-05 22:43 - 2014-12-19 18:50 - 00000000 ____D () C:\AdwCleaner
2014-12-05 22:43 - 2014-12-07 12:16 - 00000165 _____ () C:\AdwCleanerDebug.txt
2014-12-05 18:28 - 2014-12-14 10:25 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\Foxit Software
2014-12-04 17:58 - 2014-07-24 01:44 - 16874496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-12-04 17:58 - 2014-07-24 01:16 - 12730880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-12-04 17:58 - 2014-06-13 22:03 - 02389504 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-12-04 17:57 - 2014-07-24 07:28 - 00419648 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-12-04 17:57 - 2014-07-24 07:28 - 00412992 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-12-04 17:57 - 2014-07-24 07:28 - 00143680 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-12-04 17:57 - 2014-07-24 07:20 - 00645592 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-12-04 17:57 - 2014-07-24 07:16 - 02574208 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-12-04 17:57 - 2014-07-24 07:07 - 02009920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-12-04 17:57 - 2014-07-24 07:05 - 01660048 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-12-04 17:57 - 2014-07-24 07:05 - 01519560 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-12-04 17:57 - 2014-07-24 07:05 - 01488008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-12-04 17:57 - 2014-07-24 07:05 - 01356840 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-12-04 17:57 - 2014-07-24 07:03 - 02141920 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-12-04 17:57 - 2014-07-24 07:03 - 00882136 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-12-04 17:57 - 2014-07-24 07:03 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-12-04 17:57 - 2014-07-24 07:03 - 00205512 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll
2014-12-04 17:57 - 2014-07-24 05:48 - 02410976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-12-04 17:57 - 2014-07-24 05:46 - 00477200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-12-04 17:57 - 2014-07-24 05:36 - 02145472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-12-04 17:57 - 2014-07-24 05:36 - 00707536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-12-04 17:57 - 2014-07-24 05:36 - 00355800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-12-04 17:57 - 2014-07-24 05:36 - 00180720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
2014-12-04 17:57 - 2014-07-24 03:44 - 00674816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-12-04 17:57 - 2014-07-24 03:43 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-12-04 17:57 - 2014-07-24 03:42 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-12-04 17:57 - 2014-07-24 03:05 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2014-12-04 17:57 - 2014-07-24 03:05 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-12-04 17:57 - 2014-07-24 02:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll
2014-12-04 17:57 - 2014-07-24 02:20 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2014-12-04 17:57 - 2014-07-24 02:10 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-12-04 17:57 - 2014-07-24 02:10 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-12-04 17:57 - 2014-07-24 01:52 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2014-12-04 17:57 - 2014-07-24 01:39 - 00770048 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-12-04 17:57 - 2014-07-24 01:33 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2014-12-04 17:57 - 2014-07-24 01:24 - 01817088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-12-04 17:57 - 2014-07-24 01:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2014-12-04 17:57 - 2014-07-24 01:11 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-12-04 17:57 - 2014-07-24 01:10 - 00540672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2014-12-04 17:57 - 2014-07-24 01:03 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-12-04 17:57 - 2014-07-24 01:02 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-12-04 17:57 - 2014-07-24 00:53 - 01261056 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-12-04 17:57 - 2014-07-24 00:53 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-12-04 17:57 - 2014-07-24 00:49 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-12-04 17:57 - 2014-07-24 00:39 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2014-12-04 17:57 - 2014-07-24 00:38 - 00371200 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-12-04 17:57 - 2014-07-24 00:32 - 01532416 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-12-04 17:57 - 2014-07-24 00:30 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-12-04 17:57 - 2014-07-24 00:29 - 00439296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2014-12-04 17:57 - 2014-07-24 00:23 - 01404416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2014-12-04 17:57 - 2014-07-24 00:22 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-12-04 17:57 - 2014-07-24 00:21 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-12-04 17:57 - 2014-07-24 00:21 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-12-04 17:57 - 2014-07-24 00:18 - 00795136 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-12-04 17:57 - 2014-07-24 00:16 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2014-12-04 17:57 - 2014-07-24 00:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2014-12-04 17:57 - 2014-07-24 00:10 - 00889344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-12-04 17:57 - 2014-07-24 00:10 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-12-04 17:57 - 2014-07-24 00:01 - 01992192 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-12-04 17:57 - 2014-07-23 23:50 - 01182208 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2014-12-04 17:57 - 2014-07-23 23:47 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2014-12-04 17:57 - 2014-07-23 23:44 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2014-12-04 17:57 - 2014-07-23 23:28 - 01600000 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-12-04 17:57 - 2014-07-23 20:11 - 00513544 _____ () C:\Windows\SysWOW64\locale.nls
2014-12-04 17:57 - 2014-07-23 20:11 - 00513544 _____ () C:\Windows\system32\locale.nls
2014-12-04 17:57 - 2014-07-11 21:55 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
2014-12-04 17:57 - 2014-07-04 02:29 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
2014-12-04 17:57 - 2014-07-04 01:30 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2014-12-04 17:57 - 2014-07-04 01:27 - 00474112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2014-12-04 17:57 - 2014-06-26 22:22 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-12-04 17:57 - 2014-06-25 16:32 - 01029632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-12-04 17:57 - 2014-06-18 18:13 - 00310080 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-12-04 17:57 - 2014-06-13 21:46 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-12-04 17:57 - 2014-06-05 02:18 - 01018368 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2014-12-04 17:57 - 2014-06-05 01:42 - 00889856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2014-12-04 17:57 - 2014-05-30 21:00 - 01463808 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2014-12-04 17:57 - 2014-05-28 22:23 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-12-04 17:57 - 2014-05-28 21:25 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-12-04 17:57 - 2014-05-05 20:41 - 00486744 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-12-04 17:57 - 2014-05-05 16:55 - 00391000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2014-12-04 17:57 - 2014-03-24 18:27 - 00160600 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2014-12-04 17:57 - 2014-03-24 17:20 - 00127544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2014-12-04 17:56 - 2014-07-24 07:28 - 00280384 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2014-12-04 17:56 - 2014-07-24 07:23 - 00125472 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-12-04 17:56 - 2014-07-24 07:20 - 00263400 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-12-04 17:56 - 2014-07-24 07:16 - 00211216 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2014-12-04 17:56 - 2014-07-24 07:03 - 00233888 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-04 17:56 - 2014-07-24 05:50 - 00098048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-12-04 17:56 - 2014-07-24 05:48 - 00180208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
2014-12-04 17:56 - 2014-07-24 03:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL
2014-12-04 17:56 - 2014-07-24 03:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-12-04 17:56 - 2014-07-24 03:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTT102.DLL
2014-12-04 17:56 - 2014-07-24 03:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-12-04 17:56 - 2014-07-24 03:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-12-04 17:56 - 2014-07-24 03:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-12-04 17:56 - 2014-07-24 03:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-12-04 17:56 - 2014-07-24 03:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-12-04 17:56 - 2014-07-24 03:45 - 00076800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-12-04 17:56 - 2014-07-24 03:42 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NdisImPlatform.sys
2014-12-04 17:56 - 2014-07-24 03:41 - 00118272 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2014-12-04 17:56 - 2014-07-24 03:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
2014-12-04 17:56 - 2014-07-24 02:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-12-04 17:56 - 2014-07-24 02:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTT102.DLL
2014-12-04 17:56 - 2014-07-24 02:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-12-04 17:56 - 2014-07-24 02:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL
2014-12-04 17:56 - 2014-07-24 02:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-12-04 17:56 - 2014-07-24 02:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-12-04 17:56 - 2014-07-24 02:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-12-04 17:56 - 2014-07-24 02:32 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2014-12-04 17:56 - 2014-07-24 02:18 - 01089024 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-12-04 17:56 - 2014-07-24 02:12 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2014-12-04 17:56 - 2014-07-24 02:10 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-12-04 17:56 - 2014-07-24 02:10 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasnap.dll
2014-12-04 17:56 - 2014-07-24 02:05 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-12-04 17:56 - 2014-07-24 01:42 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2014-12-04 17:56 - 2014-07-24 01:40 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
2014-12-04 17:56 - 2014-07-24 01:32 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-12-04 17:56 - 2014-07-24 01:27 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-12-04 17:56 - 2014-07-24 01:25 - 00832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2014-12-04 17:56 - 2014-07-24 01:21 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-12-04 17:56 - 2014-07-24 01:18 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll
2014-12-04 17:56 - 2014-07-24 01:14 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-12-04 17:56 - 2014-07-24 01:11 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2014-12-04 17:56 - 2014-07-24 01:04 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
2014-12-04 17:56 - 2014-07-24 01:04 - 00183808 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
2014-12-04 17:56 - 2014-07-24 00:58 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2014-12-04 17:56 - 2014-07-24 00:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-12-04 17:56 - 2014-07-24 00:48 - 00659968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2014-12-04 17:56 - 2014-07-24 00:47 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2014-12-04 17:56 - 2014-07-24 00:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll
2014-12-04 17:56 - 2014-07-24 00:36 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2014-12-04 17:56 - 2014-07-24 00:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2014-12-04 17:56 - 2014-07-24 00:18 - 01144320 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2014-12-04 17:56 - 2014-07-24 00:15 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2014-12-04 17:56 - 2014-07-24 00:15 - 00432128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2014-12-04 17:56 - 2014-07-24 00:13 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2014-12-04 17:56 - 2014-07-24 00:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-12-04 17:56 - 2014-07-24 00:05 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2014-12-04 17:56 - 2014-07-24 00:00 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-12-04 17:56 - 2014-07-23 23:58 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2014-12-04 17:56 - 2014-07-23 23:58 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2014-12-04 17:56 - 2014-07-23 23:54 - 01290752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-12-04 17:56 - 2014-07-23 23:41 - 00459264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2014-12-04 17:56 - 2014-07-11 20:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
2014-12-04 17:56 - 2014-07-04 04:59 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-12-04 17:56 - 2014-07-04 02:20 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2014-12-04 17:56 - 2014-07-04 02:06 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2014-12-04 17:56 - 2014-07-04 02:00 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-12-04 17:56 - 2014-06-25 16:29 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2014-12-04 17:56 - 2014-06-19 15:37 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-12-04 17:56 - 2014-06-07 04:46 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-12-04 17:56 - 2014-06-07 02:20 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-12-04 17:56 - 2014-06-05 06:00 - 01118040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-12-04 17:56 - 2014-05-30 20:18 - 01319936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2014-12-04 17:56 - 2014-05-25 23:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2014-12-04 17:56 - 2014-05-10 02:12 - 00387896 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2014-12-04 17:56 - 2014-05-10 00:46 - 00335680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2014-12-04 17:56 - 2014-03-24 18:27 - 00123920 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2014-12-04 17:56 - 2014-03-24 17:20 - 00128568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2014-12-04 07:11 - 2014-11-26 13:10 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-04 07:11 - 2014-11-26 13:10 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-03 08:08 - 2014-12-03 08:08 - 00002762 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-12-02 06:27 - 2014-04-13 19:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-12-01 22:51 - 2014-12-11 20:27 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-01 22:51 - 2014-11-27 16:40 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-01 22:02 - 2014-08-14 16:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2014-12-01 22:02 - 2014-07-29 17:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2014-12-01 22:02 - 2014-07-28 21:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2014-12-01 22:01 - 2014-08-15 20:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-12-01 22:01 - 2014-08-15 20:01 - 01710184 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-12-01 22:01 - 2014-08-15 19:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-12-01 22:01 - 2014-08-15 19:03 - 01467384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-12-01 22:01 - 2014-08-15 16:29 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-12-01 22:01 - 2014-08-15 16:19 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-12-01 22:01 - 2014-08-15 16:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-12-01 22:01 - 2014-08-15 16:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-12-01 22:01 - 2014-08-15 16:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-12-01 22:01 - 2014-08-15 16:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-12-01 22:01 - 2014-08-15 16:11 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-12-01 22:01 - 2014-08-15 16:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-12-01 22:01 - 2014-08-15 16:07 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-12-01 22:01 - 2014-07-24 07:28 - 00468288 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-12-01 22:00 - 2014-08-15 19:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-12-01 22:00 - 2014-08-15 17:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-12-01 22:00 - 2014-08-15 17:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2014-12-01 22:00 - 2014-08-15 16:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2014-12-01 22:00 - 2014-08-15 16:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-12-01 22:00 - 2014-08-15 16:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2014-12-01 22:00 - 2014-08-15 16:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-12-01 22:00 - 2014-08-15 16:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2014-12-01 22:00 - 2014-08-15 16:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-12-01 22:00 - 2014-08-15 16:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-12-01 22:00 - 2014-08-15 16:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2014-12-01 22:00 - 2014-08-15 16:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-12-01 22:00 - 2014-08-15 16:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-12-01 22:00 - 2014-08-15 16:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-12-01 22:00 - 2014-08-15 16:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-12-01 22:00 - 2014-08-15 16:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-12-01 22:00 - 2014-08-15 16:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-12-01 22:00 - 2014-07-24 03:42 - 01200640 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-12-01 22:00 - 2014-07-24 03:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2014-12-01 22:00 - 2014-07-24 02:09 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-12-01 22:00 - 2014-07-24 01:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-12-01 21:58 - 2014-05-29 19:03 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-12-01 21:57 - 2014-10-12 18:33 - 00116032 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-12-01 21:57 - 2014-10-10 16:58 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-12-01 21:57 - 2014-10-10 16:53 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-12-01 21:57 - 2014-10-07 23:30 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-12-01 21:57 - 2014-10-07 23:09 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-12-01 21:57 - 2014-10-07 22:27 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-12-01 21:57 - 2014-10-07 21:32 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-12-01 21:57 - 2014-10-07 21:19 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-12-01 21:57 - 2014-09-21 20:38 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-12-01 21:57 - 2014-09-21 19:06 - 00258368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-12-01 21:57 - 2014-09-18 16:16 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-12-01 21:57 - 2014-06-09 14:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-12-01 21:57 - 2014-06-09 14:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-12-01 21:56 - 2014-09-21 19:06 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-12-01 21:56 - 2014-09-21 18:49 - 00035320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-12-01 21:56 - 2014-09-02 14:08 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2014-12-01 21:56 - 2014-09-02 14:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2014-12-01 21:51 - 2014-09-26 23:13 - 00104336 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2014-12-01 21:51 - 2014-09-26 21:24 - 00088800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2014-12-01 21:51 - 2014-09-26 19:38 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-12-01 21:51 - 2014-09-26 19:30 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2014-12-01 21:51 - 2014-09-26 19:17 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-12-01 21:51 - 2014-06-19 17:48 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-12-01 21:51 - 2014-06-19 15:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-12-01 21:49 - 2014-06-12 17:15 - 00517528 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-12-01 21:49 - 2014-06-12 17:14 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-12-01 21:49 - 2014-06-12 16:10 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-12-01 21:49 - 2014-06-06 03:34 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-12-01 21:41 - 2014-08-06 18:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-12-01 21:41 - 2014-08-01 19:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-12-01 21:40 - 2014-10-09 17:58 - 00177472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-12-01 21:40 - 2014-10-09 17:58 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-12-01 21:40 - 2014-10-09 17:44 - 00563976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-12-01 21:40 - 2014-10-07 23:37 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-12-01 21:40 - 2014-10-07 23:37 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-12-01 21:40 - 2014-10-07 23:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-12-01 21:40 - 2014-10-07 23:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2014-12-01 21:40 - 2014-10-07 22:56 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-12-01 21:40 - 2014-10-07 22:51 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-12-01 21:40 - 2014-10-07 22:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-12-01 21:40 - 2014-10-07 22:18 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-12-01 21:40 - 2014-10-07 22:17 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-12-01 21:40 - 2014-10-07 21:23 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-12-01 21:40 - 2014-07-15 10:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-12-01 21:40 - 2014-07-15 00:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-12-01 21:40 - 2014-07-15 00:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-12-01 21:40 - 2014-07-15 00:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-12-01 21:39 - 2014-10-18 01:55 - 00055776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-12-01 21:39 - 2014-10-18 00:09 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-12-01 21:39 - 2014-10-18 00:09 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-12-01 21:39 - 2014-10-17 23:25 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-12-01 21:39 - 2014-10-17 22:50 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2014-12-01 21:39 - 2014-10-17 22:38 - 03557376 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-12-01 21:39 - 2014-10-17 22:27 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-12-01 21:39 - 2014-10-17 22:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-12-01 21:39 - 2014-10-17 22:23 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-12-01 21:39 - 2014-10-17 22:23 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-12-01 21:39 - 2014-10-17 22:21 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-12-01 21:39 - 2014-10-17 22:20 - 01714176 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-12-01 21:39 - 2014-10-17 22:14 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-12-01 21:39 - 2014-10-17 22:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-12-01 21:39 - 2014-10-17 22:12 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-12-01 21:39 - 2014-10-17 22:11 - 00723968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-12-01 21:39 - 2014-10-16 23:01 - 00789184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-12-01 21:39 - 2014-10-16 22:58 - 00602768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-12-01 21:39 - 2014-09-03 16:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-12-01 21:39 - 2014-09-03 16:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-12-01 21:39 - 2014-08-22 23:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-12-01 21:39 - 2014-08-22 23:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-12-01 21:39 - 2014-08-22 20:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-12-01 21:39 - 2014-08-01 16:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-12-01 21:38 - 2014-08-22 22:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-12-01 21:38 - 2014-08-22 21:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-12-01 21:37 - 2014-10-30 21:09 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-12-01 21:37 - 2014-10-30 21:06 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-12-01 21:37 - 2014-10-30 20:57 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-01 21:37 - 2014-10-30 20:54 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-12-01 21:37 - 2014-10-30 20:53 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-01 21:37 - 2014-10-30 20:52 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2014-12-01 21:37 - 2014-10-30 20:51 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-01 21:37 - 2014-10-30 20:51 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-01 21:37 - 2014-10-30 20:50 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-01 21:37 - 2014-10-30 20:40 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-12-01 21:37 - 2014-10-30 20:38 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-01 21:37 - 2014-10-30 20:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-01 21:37 - 2014-10-30 20:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-12-01 21:37 - 2014-10-30 20:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-12-01 21:37 - 2014-10-30 20:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-12-01 21:37 - 2014-10-30 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-01 21:37 - 2014-10-30 20:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-12-01 21:37 - 2014-10-30 20:19 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-12-01 21:37 - 2014-10-30 19:44 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-12-01 21:37 - 2014-10-30 19:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-12-01 21:37 - 2014-10-30 19:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-12-01 21:37 - 2014-10-30 19:27 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-12-01 21:37 - 2014-10-30 19:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-12-01 21:37 - 2014-10-30 19:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-12-01 21:37 - 2014-10-30 19:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-01 21:37 - 2014-10-30 19:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-01 21:37 - 2014-10-30 19:16 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-01 21:37 - 2014-10-30 19:15 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-01 21:37 - 2014-10-30 19:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-12-01 21:37 - 2014-10-30 19:13 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-01 21:37 - 2014-10-30 19:13 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2014-12-01 21:37 - 2014-10-30 19:12 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-01 21:37 - 2014-10-30 19:11 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-01 21:37 - 2014-10-30 19:03 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-12-01 21:37 - 2014-10-30 19:02 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-01 21:37 - 2014-10-30 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-01 21:37 - 2014-10-30 18:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-12-01 21:37 - 2014-10-30 18:56 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-12-01 21:37 - 2014-10-30 18:56 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-12-01 21:37 - 2014-10-30 18:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-01 21:37 - 2014-10-30 18:53 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-12-01 21:37 - 2014-10-30 18:48 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-12-01 21:37 - 2014-10-30 18:26 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-12-01 21:37 - 2014-10-30 18:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-12-01 21:36 - 2014-10-30 21:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-12-01 21:36 - 2014-10-30 21:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-12-01 21:36 - 2014-10-30 21:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-12-01 21:36 - 2014-10-30 21:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-12-01 21:36 - 2014-10-30 21:06 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-01 21:36 - 2014-10-30 21:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-01 21:36 - 2014-10-30 20:56 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-01 21:36 - 2014-10-30 19:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-12-01 21:36 - 2014-10-30 19:25 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-12-01 21:36 - 2014-10-22 21:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-12-01 21:36 - 2014-10-22 21:05 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-12-01 21:36 - 2014-10-06 22:28 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-12-01 21:36 - 2014-10-06 22:27 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-12-01 21:36 - 2014-10-06 22:27 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-12-01 21:36 - 2014-10-06 22:27 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-12-01 21:36 - 2014-10-06 22:27 - 00108432 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-12-01 21:36 - 2014-10-06 19:34 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-12-01 21:36 - 2014-10-06 19:34 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-12-01 21:36 - 2014-10-06 19:33 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-12-01 21:36 - 2014-10-06 19:30 - 04182016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-12-01 21:36 - 2014-10-06 17:54 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-12-01 21:36 - 2014-10-06 17:46 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-12-01 21:36 - 2014-08-22 21:18 - 02149376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-12-01 21:36 - 2014-08-22 21:03 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-12-01 21:36 - 2014-05-18 22:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2014-12-01 21:36 - 2014-05-18 22:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-12-01 21:36 - 2014-05-18 21:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-12-01 21:36 - 2014-04-29 20:43 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-12-01 21:36 - 2014-04-29 20:26 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-12-01 21:36 - 2014-04-29 19:47 - 01509888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-12-01 21:36 - 2014-02-06 03:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-01 21:35 - 2014-11-09 15:19 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-12-01 21:35 - 2014-11-09 15:19 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-12-01 21:35 - 2014-11-09 15:18 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-12-01 21:35 - 2014-11-09 15:18 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-12-01 21:35 - 2014-09-09 22:25 - 00474432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-12-01 21:35 - 2014-09-07 19:07 - 02497344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-12-01 21:35 - 2014-09-07 14:08 - 00389176 _____ () C:\Windows\system32\ApnDatabase.xml
2014-12-01 21:35 - 2014-09-04 14:21 - 01053184 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-12-01 21:35 - 2014-09-03 19:05 - 00836176 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-12-01 21:35 - 2014-09-03 18:22 - 00670384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-12-01 21:35 - 2014-08-30 16:15 - 21197152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-12-01 21:35 - 2014-08-30 14:59 - 18723112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-12-01 21:35 - 2014-08-30 13:04 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-12-01 21:35 - 2014-08-30 12:17 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-12-01 21:35 - 2014-08-27 18:55 - 07484224 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-12-01 21:35 - 2014-08-22 21:14 - 13424128 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-12-01 21:35 - 2014-08-22 21:04 - 11820544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-12-01 21:35 - 2014-08-22 20:50 - 02714112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-12-01 21:34 - 2014-09-07 19:07 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-12-01 21:34 - 2014-09-04 14:30 - 00822272 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-12-01 21:34 - 2014-09-03 17:01 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2014-12-01 21:34 - 2014-09-03 16:32 - 00334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2014-12-01 21:34 - 2014-09-03 16:10 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-12-01 21:34 - 2014-08-30 16:17 - 00148800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-12-01 21:34 - 2014-08-30 14:05 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2014-12-01 21:34 - 2014-08-30 13:58 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2014-12-01 21:34 - 2014-08-30 12:53 - 00239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
2014-12-01 21:34 - 2014-08-27 16:21 - 02480128 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-01 21:34 - 2014-08-27 16:06 - 02030592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-01 21:34 - 2014-08-01 16:51 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2014-12-01 21:34 - 2014-08-01 16:35 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2014-12-01 21:34 - 2014-07-24 03:22 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2014-12-01 21:34 - 2014-07-24 01:53 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2014-12-01 21:34 - 2014-07-24 01:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2014-12-01 21:34 - 2014-07-24 00:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2014-12-01 21:34 - 2014-07-24 00:08 - 00162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2014-12-01 21:34 - 2014-07-23 23:49 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2014-12-01 21:34 - 2014-07-23 23:43 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2014-12-01 21:34 - 2014-07-23 19:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-12-01 21:34 - 2014-07-23 19:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2014-12-01 21:33 - 2014-06-06 05:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-12-01 21:33 - 2014-06-06 04:18 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-12-01 21:33 - 2014-06-01 18:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-12-01 21:33 - 2014-05-31 02:07 - 00440664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-12-01 21:33 - 2014-05-31 02:07 - 00089944 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-12-01 21:33 - 2014-05-31 02:07 - 00027480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-12-01 21:33 - 2014-05-30 22:30 - 00037376 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-12-01 21:33 - 2014-05-30 22:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-12-01 21:33 - 2014-05-30 22:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-12-01 21:33 - 2014-05-30 20:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-12-01 21:33 - 2014-05-30 20:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-12-01 21:33 - 2014-05-30 20:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-12-01 21:33 - 2014-05-27 01:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll
2014-12-01 21:33 - 2014-05-27 01:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll
2014-12-01 21:33 - 2014-05-01 05:31 - 00055328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2014-12-01 21:33 - 2014-04-30 21:24 - 02834944 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2014-12-01 21:32 - 2014-07-11 20:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-12-01 21:17 - 2014-05-31 02:06 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2014-12-01 21:17 - 2014-05-30 18:37 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2014-12-01 21:17 - 2014-05-30 18:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-11-30 22:28 - 2014-12-14 22:30 - 00000000 ____D () C:\Users\SRL\AppData\Local\CrashDumps
2014-11-30 22:24 - 2014-12-06 00:37 - 00000698 _____ () C:\Users\SRL\AppData\Local\Reminders.stt
2014-11-30 22:24 - 2014-11-30 22:24 - 00000008 _____ () C:\Users\SRL\AppData\Local\Notes.stt
2014-11-30 22:10 - 2014-12-19 13:28 - 00000000 __SHD () C:\Program Files (x86)\Enhopporacres
2014-11-30 21:54 - 2014-11-30 21:54 - 00000000 ____D () C:\Users\SRL\abBox
2014-11-30 21:41 - 2014-12-06 00:46 - 00000000 ____D () C:\Program Files (x86)\Say the Time
2014-11-30 21:34 - 2014-12-20 18:50 - 00000394 _____ () C:\Windows\Tasks\WpsNotifyTask_SRL.job
2014-11-30 21:34 - 2014-12-20 18:40 - 00000394 _____ () C:\Windows\Tasks\WpsUpdateTask_SRL.job
2014-11-30 21:34 - 2014-11-30 21:34 - 00003334 _____ () C:\Windows\System32\Tasks\WpsUpdateTask_SRL
2014-11-30 21:34 - 2014-11-30 21:34 - 00003334 _____ () C:\Windows\System32\Tasks\WpsNotifyTask_SRL
2014-11-30 21:34 - 2014-11-30 21:34 - 00001599 _____ () C:\Users\SRL\Desktop\WPS Writer.lnk
2014-11-30 21:34 - 2014-11-30 21:34 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\office6
2014-11-30 21:34 - 2014-11-30 21:34 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office
2014-11-30 21:33 - 2014-11-30 21:33 - 00000000 ____D () C:\ProgramData\Kingsoft
2014-11-30 21:32 - 2014-12-20 12:11 - 00000000 ____D () C:\Users\SRL\AppData\Local\Kingsoft
2014-11-30 21:32 - 2014-11-30 21:35 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\kingsoft
2014-11-30 21:23 - 2014-11-30 21:23 - 00000000 ____D () C:\Users\SRL\AppData\Local\acer
2014-11-30 19:45 - 2014-11-30 19:45 - 00003124 _____ () C:\Windows\System32\Tasks\{EE853CBF-B5C1-46BB-AF3C-D8A58F5534AD}
2014-11-30 19:21 - 2014-12-20 16:13 - 00193536 ___SH () C:\Users\SRL\Desktop\Thumbs.db
2014-11-30 14:34 - 2014-12-20 18:44 - 00242176 ___SH () C:\Users\SRL\Downloads\Thumbs.db
2014-11-30 02:42 - 2014-11-30 02:42 - 00000000 ____D () C:\Users\SRL\AppData\Local\Macromedia
2014-11-30 02:20 - 2014-11-30 02:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-11-30 02:10 - 2014-11-30 02:10 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\Spotify
2014-11-30 02:10 - 2014-11-30 02:10 - 00000000 ____D () C:\Users\SRL\AppData\Local\Spotify
2014-11-30 02:05 - 2014-12-20 18:42 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-30 02:05 - 2014-12-20 14:40 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-30 02:04 - 2014-12-20 14:41 - 00000000 ____D () C:\Users\SRL\AppData\Local\Adobe
2014-11-29 21:52 - 2014-11-29 21:52 - 00000000 ____D () C:\Users\SRL\AppData\Local\Skype
2014-11-29 21:51 - 2014-12-20 18:31 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\Skype
2014-11-29 21:51 - 2014-12-13 11:28 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-11-29 21:51 - 2014-11-29 21:51 - 00002531 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-11-29 21:51 - 2014-11-29 21:51 - 00000000 ____D () C:\ProgramData\Skype
2014-11-29 21:51 - 2014-11-29 21:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-11-29 21:20 - 2014-11-29 21:20 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\WildTangent
2014-11-29 21:20 - 2014-11-29 21:20 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\LavasoftStatistics
2014-11-29 21:19 - 2014-11-29 21:19 - 00004720 _____ () C:\Windows\SysWOW64\LavasoftTcpService.ini
2014-11-29 21:19 - 2014-11-29 21:19 - 00002552 _____ () C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2014-11-29 21:19 - 2014-11-29 21:19 - 00002552 _____ () C:\Windows\system32\LavasoftTcpServiceOff.ini
2014-11-29 21:19 - 2014-11-27 10:44 - 00358736 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2014-11-29 21:19 - 2014-11-27 10:44 - 00312424 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2014-11-29 21:16 - 2014-11-29 21:16 - 00000000 ____D () C:\Users\SRL\AppData\Local\Acer Aspire R7 Tutorial
2014-11-29 21:11 - 2014-11-30 22:14 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-11-29 21:09 - 2014-11-30 21:30 - 00000000 ____D () C:\Users\Public\OEM
2014-11-29 21:06 - 2014-11-29 21:06 - 00000000 ____D () C:\Users\SRL\AppData\Local\iGware
2014-11-29 21:03 - 2014-11-29 21:03 - 00000000 ____D () C:\log
2014-11-29 21:01 - 2014-11-29 21:07 - 00000000 ____D () C:\Users\SRL\AppData\Local\Mozilla
2014-11-29 21:01 - 2014-11-29 21:06 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\Mozilla
2014-11-29 21:00 - 2014-11-29 21:00 - 00000000 ____D () C:\ProgramData\Mozilla
2014-11-29 20:54 - 2014-11-29 20:54 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\AVAST Software
2014-11-29 20:53 - 2014-11-29 20:53 - 00001984 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-11-29 20:53 - 2014-11-29 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-11-29 20:51 - 2014-11-29 20:52 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-29 20:51 - 2014-11-29 20:51 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-29 20:51 - 2014-11-29 20:50 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-11-29 20:51 - 2014-11-29 20:50 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-29 20:51 - 2014-11-29 20:50 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-11-29 20:51 - 2014-11-29 20:50 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-11-29 20:51 - 2014-11-29 20:50 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-11-29 20:51 - 2014-11-29 20:50 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-29 20:51 - 2014-11-29 20:50 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-29 20:50 - 2014-11-29 20:50 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-29 20:50 - 2014-11-29 20:50 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-29 20:46 - 2014-12-14 10:04 - 00003336 _____ () C:\Windows\System32\Tasks\AcerCloud
2014-11-29 20:45 - 2014-11-29 20:45 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-11-29 20:45 - 2014-11-29 20:45 - 00000000 ____D () C:\Program Files\AVAST Software
2014-11-29 20:42 - 2014-11-29 20:42 - 00002241 _____ () C:\Users\Public\Desktop\AVG 1-Click Maintenance.lnk
2014-11-29 20:42 - 2014-11-29 20:42 - 00002227 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk
2014-11-29 20:42 - 2014-11-29 20:42 - 00002215 _____ () C:\Users\Public\Desktop\AVG PC TuneUp 2015.lnk
2014-11-29 20:42 - 2014-11-24 12:48 - 00040248 _____ (AVG Technologies) C:\Windows\system32\TURegOpt.exe
2014-11-29 20:42 - 2014-11-24 12:48 - 00029496 _____ (AVG Technologies) C:\Windows\system32\authuitu.dll
2014-11-29 20:42 - 2014-11-24 12:48 - 00025400 _____ (AVG Technologies) C:\Windows\SysWOW64\authuitu.dll
2014-11-29 20:40 - 2014-11-29 20:40 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\AVG
2014-11-29 20:40 - 2014-11-29 20:40 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-11-29 20:37 - 2014-11-29 20:37 - 00000000 ____D () C:\Users\SRL\AppData\Local\Avg
2014-11-29 20:35 - 2014-11-30 23:16 - 00000000 ____D () C:\ProgramData\AVG
2014-11-29 20:26 - 2014-12-20 18:09 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{7ED5C047-ABDD-4ACA-9596-9798E9EAF71E}
2014-11-29 20:26 - 2014-11-29 20:26 - 00000000 __SHD () C:\Users\SRL\AppData\Local\EmieUserList
2014-11-29 20:26 - 2014-11-29 20:26 - 00000000 __SHD () C:\Users\SRL\AppData\Local\EmieSiteList
2014-11-29 20:20 - 2014-12-19 21:14 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-72073483-495126709-2093844012-1001
2014-11-29 20:19 - 2014-11-29 21:09 - 00002153 _____ () C:\Users\SRL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
2014-11-29 20:19 - 2014-11-29 20:19 - 00000000 ____D () C:\Users\Public\Pokki
2014-11-29 20:18 - 2014-11-30 11:52 - 00002324 _____ () C:\Users\SRL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2014-11-29 20:17 - 2014-11-29 20:17 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\Macromedia
2014-11-29 20:16 - 2014-12-12 23:13 - 00000000 ____D () C:\Users\SRL\AppData\Local\clear.fi
2014-11-29 20:16 - 2014-11-29 20:16 - 00001272 _____ () C:\Users\SRL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HD Audio Manager.lnk
2014-11-29 20:16 - 2014-11-29 20:16 - 00000000 ____D () C:\Users\SRL\PicStream
2014-11-29 20:16 - 2014-11-29 20:16 - 00000000 ____D () C:\Users\SRL\AppData\Local\AOP SDK
2014-11-29 20:15 - 2014-12-01 20:57 - 00000000 ____D () C:\Users\SRL\AppData\Local\Packages
2014-11-29 20:15 - 2014-11-30 21:11 - 00000000 ____D () C:\Users\SRL\AppData\Local\VirtualStore
2014-11-29 20:15 - 2014-11-29 20:15 - 00001442 _____ () C:\Users\SRL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-11-29 20:15 - 2014-11-29 20:15 - 00000144 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-11-29 20:15 - 2014-11-29 20:15 - 00000020 ___SH () C:\Users\SRL\ntuser.ini
2014-11-29 20:15 - 2014-11-29 20:15 - 00000000 ____D () C:\Windows\oem
2014-11-29 20:15 - 2014-11-29 20:15 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\Adobe
2014-11-29 20:15 - 2014-11-29 20:15 - 00000000 ____D () C:\Users\SRL\AppData\Local\OEM
2014-11-29 20:15 - 2014-11-29 20:15 - 00000000 ____D () C:\ProgramData\OEM_YAHOO
2014-11-29 20:15 - 2014-11-29 20:15 - 00000000 ____D () C:\Program Files\Accessory Store
2014-11-29 20:14 - 2014-12-05 16:00 - 00000000 ____D () C:\Users\SRL\AppData\Local\Pokki
2014-11-29 20:14 - 2014-11-30 21:54 - 00000000 ____D () C:\Users\SRL
2014-11-29 20:14 - 2014-08-11 15:40 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-29 20:14 - 2014-03-18 02:00 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-11-29 20:14 - 2014-03-18 01:49 - 00000369 _____ () C:\Users\SRL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-11-29 20:14 - 2014-03-18 01:49 - 00000369 _____ () C:\Users\SRL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-11-29 20:14 - 2013-08-22 07:36 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-29 20:14 - 2013-08-22 07:36 - 00000000 ____D () C:\Users\SRL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-20 19:00 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\sru
2014-12-20 12:37 - 2013-08-22 07:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-12-19 20:16 - 2013-08-22 06:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-19 12:32 - 2014-03-18 01:47 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-19 11:11 - 2013-08-22 05:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-12-19 04:52 - 2013-08-22 05:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-12-17 21:08 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-12-14 10:05 - 2014-03-18 01:33 - 00000000 ____D () C:\Windows\ShellNew
2014-12-14 10:05 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-12-14 08:40 - 2014-09-26 18:54 - 00002932 _____ () C:\Windows\System32\Tasks\Power Management
2014-12-14 08:40 - 2014-09-26 18:51 - 00002906 _____ () C:\Windows\System32\Tasks\Launch Manager
2014-12-13 23:26 - 2014-08-11 15:49 - 00004564 _____ () C:\Windows\System32\Tasks\ACCAgent
2014-12-13 23:26 - 2014-08-11 15:49 - 00003814 _____ () C:\Windows\System32\Tasks\ACC
2014-12-12 16:48 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\rescache
2014-12-11 22:18 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2014-12-11 22:18 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-12-11 21:21 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-07 14:21 - 2013-08-22 06:44 - 00346768 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-06 01:31 - 2014-08-11 15:51 - 00000000 ____D () C:\ProgramData\CyberLink
2014-12-06 00:45 - 2014-03-18 01:33 - 00000000 ____D () C:\Program Files\Windows Journal
2014-12-06 00:45 - 2013-08-22 07:36 - 00000000 ___RD () C:\Windows\ToastData
2014-12-06 00:45 - 2013-08-22 07:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-12-06 00:45 - 2013-08-22 07:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-12-06 00:45 - 2013-08-22 07:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-12-06 00:45 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2014-12-06 00:45 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
2014-12-06 00:45 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\setup
2014-12-06 00:45 - 2013-08-22 05:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-12-03 23:31 - 2013-08-22 07:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-03 23:31 - 2013-08-22 07:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-03 23:31 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-12-03 23:31 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-12-03 23:30 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\WinStore
2014-12-03 23:29 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\FileManager
2014-12-03 23:29 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\Camera
2014-12-03 23:29 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-12-03 08:17 - 2014-08-11 15:50 - 00000000 ____D () C:\ProgramData\Temp
2014-12-03 08:17 - 2013-08-22 05:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2014-11-30 22:19 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-30 21:31 - 2014-08-11 15:49 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2014-11-30 21:31 - 2014-08-11 15:48 - 00000000 ____D () C:\Program Files (x86)\Acer
2014-11-30 21:24 - 2014-08-11 15:49 - 00000000 ____D () C:\ProgramData\OEM
2014-11-29 21:22 - 2014-08-11 15:55 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-29 21:20 - 2014-08-11 15:54 - 00000000 ____D () C:\ProgramData\WildTangent
2014-11-29 21:05 - 2014-08-11 16:02 - 00000000 ____D () C:\ProgramData\McAfee
2014-11-29 20:59 - 2013-08-22 07:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-11-29 20:54 - 2014-08-11 15:10 - 00000000 ____D () C:\Users\Administrator
2014-11-29 20:37 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\restore
2014-11-29 20:30 - 2014-08-11 15:59 - 00000000 ___HD () C:\OEM
2014-11-29 20:25 - 2014-08-11 15:49 - 00000000 ____D () C:\ProgramData\acer

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-19 05:04

==================== End Of Log ============================



#9 claimtheword

claimtheword
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:30 AM

Posted 20 December 2014 - 10:19 PM

MiniToolBox by Farbar  Version: 30-11-2014
Ran by SRL (administrator) on 20-12-2014 at 19:17:23
Running from "C:\Users\SRL\Desktop"
Microsoft Windows 8.1 with Bing  (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is enabled.
ProxyServer: http=127.0.0.1:9880;https=127.0.0.1:9880

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================

0.0.0.0 0.0.0.0 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com
0.0.0.0 cdn.bisrv.com
0.0.0.0 cdn.cdndp.com
0.0.0.0 cdn.download.sweetpacks.com
0.0.0.0 cdn.dpdownload.com
0.0.0.0 cdn.visualbee.net

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Ethernet (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Qualcomm Atheros AR956x Wireless Network Adapter = Wi-Fi (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 4" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Ruthie
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.wa.comcast.net.

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 30-10-B3-DD-BE-DC
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 4:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Hosted Network Virtual Adapter
   Physical Address. . . . . . . . . : 52-10-B3-DD-7B-48
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 12-10-B3-DD-7B-48
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Qualcomm Atheros AR956x Wireless Network Adapter
   Physical Address. . . . . . . . . : 30-10-B3-DD-7B-48
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . : hsd1.wa.comcast.net.
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : C4-54-44-E5-58-3C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2601:8:8180:644:15b6:3fd3:a83f:385d(Preferred)
   Temporary IPv6 Address. . . . . . : 2601:8:8180:644:45ee:d10:8e88:2f8(Preferred)
   Link-local IPv6 Address . . . . . : fe80::15b6:3fd3:a83f:385d%3(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.0.0.5(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, December 19, 2014 8:16:24 PM
   Lease Expires . . . . . . . . . . : Saturday, December 27, 2014 11:24:32 AM
   Default Gateway . . . . . . . . . : fe80::ea89:2cff:fe54:cda1%3
                                       10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 63198276
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-B7-E4-1A-C4-54-44-E5-58-3C
   DNS Servers . . . . . . . . . . . : 2001:558:feed::1
                                       2001:558:feed::2
                                       75.75.75.75
                                       75.75.76.76
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.hsd1.wa.comcast.net.:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.wa.comcast.net.
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:2c5f:3fb6:bc55:887f(Preferred)
   Link-local IPv6 Address . . . . . : fe80::2c5f:3fb6:bc55:887f%10(Preferred)
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 469762048
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-B7-E4-1A-C4-54-44-E5-58-3C
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  cdns01.comcast.net
Address:  2001:558:feed::1

Name:    google.com
Addresses:  2607:f8b0:400a:807::2000
   216.58.216.174
   216.58.216.160

Pinging google.com [2607:f8b0:400a:804::1002] with 32 bytes of data:
Reply from 2607:f8b0:400a:804::1002: time=12ms
Reply from 2607:f8b0:400a:804::1002: time=13ms

Ping statistics for 2607:f8b0:400a:804::1002:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 12ms, Maximum = 13ms, Average = 12ms
Server:  cdns01.comcast.net
Address:  2001:558:feed::1

Name:    yahoo.com
Addresses:  206.190.36.45
   98.138.253.109
   98.139.183.24

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=95ms TTL=49
Reply from 98.139.183.24: bytes=32 time=94ms TTL=49

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 94ms, Maximum = 95ms, Average = 94ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 20...30 10 b3 dd be dc ......Bluetooth Device (Personal Area Network)
  7...52 10 b3 dd 7b 48 ......Microsoft Hosted Network Virtual Adapter
  6...12 10 b3 dd 7b 48 ......Microsoft Wi-Fi Direct Virtual Adapter
  5...30 10 b3 dd 7b 48 ......Qualcomm Atheros AR956x Wireless Network Adapter
  3...c4 54 44 e5 58 3c ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
  9...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 10...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1         10.0.0.5     10
         10.0.0.0    255.255.255.0         On-link          10.0.0.5    266
         10.0.0.5  255.255.255.255         On-link          10.0.0.5    266
       10.0.0.255  255.255.255.255         On-link          10.0.0.5    266
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link          10.0.0.5    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link          10.0.0.5    266
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  3    266 ::/0                     fe80::ea89:2cff:fe54:cda1
  1    306 ::1/128                  On-link
 10    306 2001::/32                On-link
 10    306 2001:0:9d38:90d7:2c5f:3fb6:bc55:887f/128
                                    On-link
  3    266 2601:8:8180:644::/64     On-link
  3    266 2601:8:8180:644:15b6:3fd3:a83f:385d/128
                                    On-link
  3    266 2601:8:8180:644:45ee:d10:8e88:2f8/128
                                    On-link
  3    266 fe80::/64                On-link
 10    306 fe80::/64                On-link
  3    266 fe80::15b6:3fd3:a83f:385d/128
                                    On-link
 10    306 fe80::2c5f:3fb6:bc55:887f/128
                                    On-link
  1    306 ff00::/8                 On-link
  3    266 ff00::/8                 On-link
 10    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [53760] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [64000] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [51200] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [84480] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30208] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/20/2014 06:17:18 PM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1a74

Start Time: 01d01cbf3d134af8

Termination Time: 1614

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 7980a3fb-88b7-11e4-8272-3010b3ddbedc

Faulting package full name:

Faulting package-relative application ID:

Error: (12/20/2014 04:20:15 PM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: e2c

Start Time: 01d01cb3b3392f57

Termination Time: 76

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 21dca65f-88a7-11e4-8272-3010b3ddbedc

Faulting package full name:

Faulting package-relative application ID:

Error: (12/20/2014 03:11:44 PM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 4dc

Start Time: 01d01ca85f0e00ab

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 8fc5a52d-889d-11e4-8272-3010b3ddbedc

Faulting package full name:

Faulting package-relative application ID:

Error: (12/20/2014 02:07:19 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.

Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {3afee6ac-734c-4060-af8e-9840e2308ff2}

Error: (12/19/2014 08:55:18 PM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 158c

Start Time: 01d01c1057318d63

Termination Time: 107

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 644ef874-8804-11e4-8272-3010b3ddbedc

Faulting package full name:

Faulting package-relative application ID:

Error: (12/19/2014 08:19:16 PM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 170c

Start Time: 01d01c0bda8aabb6

Termination Time: 15

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 5bc80f38-87ff-11e4-8272-3010b3ddbedc

Faulting package full name:

Faulting package-relative application ID:

Error: (12/19/2014 01:27:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Ruthie)
Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (12/19/2014 01:26:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Ruthie)
Description: App Microsoft.BingWeather_3.0.4.249_x64__8wekyb3d8bbwe+App did not launch within its allotted time.

Error: (12/19/2014 00:19:13 PM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 188c

Start Time: 01d01bc340479fbf

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 3c7c63bf-87bc-11e4-826f-3010b3ddbedc

Faulting package full name:

Faulting package-relative application ID:

Error: (12/19/2014 11:26:27 AM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1828

Start Time: 01d01bc17738ae58

Termination Time: 36

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: ec6da94b-87b4-11e4-826f-3010b3ddbedc

Faulting package full name:

Faulting package-relative application ID:

System errors:
=============
Error: (12/20/2014 00:36:36 PM) (Source: DCOM) (User: Ruthie)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (12/19/2014 08:16:42 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender Service service failed to start due to the following error:
%%577

Error: (12/19/2014 06:51:50 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender Service service failed to start due to the following error:
%%577

Error: (12/19/2014 01:29:58 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender Service service failed to start due to the following error:
%%577

Error: (12/19/2014 01:27:44 PM) (Source: DCOM) (User: Ruthie)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (12/19/2014 01:27:44 PM) (Source: DCOM) (User: Ruthie)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (12/19/2014 01:27:39 PM) (Source: DCOM) (User: Ruthie)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (12/19/2014 01:27:39 PM) (Source: DCOM) (User: Ruthie)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (12/19/2014 01:27:16 PM) (Source: DCOM) (User: Ruthie)
Description: App.wwa

Error: (12/19/2014 01:20:10 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Microsoft Office Sessions:
=========================
Error: (12/20/2014 06:17:18 PM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE11.0.9600.174161a7401d01cbf3d134af81614C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE7980a3fb-88b7-11e4-8272-3010b3ddbedc

Error: (12/20/2014 04:20:15 PM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE11.0.9600.17416e2c01d01cb3b3392f5776C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE21dca65f-88a7-11e4-8272-3010b3ddbedc

Error: (12/20/2014 03:11:44 PM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE11.0.9600.174164dc01d01ca85f0e00ab4294967295C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE8fc5a52d-889d-11e4-8272-3010b3ddbedc

Error: (12/20/2014 02:07:19 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.

Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {3afee6ac-734c-4060-af8e-9840e2308ff2}

Error: (12/19/2014 08:55:18 PM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE11.0.9600.17416158c01d01c1057318d63107C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE644ef874-8804-11e4-8272-3010b3ddbedc

Error: (12/19/2014 08:19:16 PM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE11.0.9600.17416170c01d01c0bda8aabb615C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE5bc80f38-87ff-11e4-8272-3010b3ddbedc

Error: (12/19/2014 01:27:22 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: Ruthie)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927142

Error: (12/19/2014 01:26:56 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: Ruthie)
Description: Microsoft.BingWeather_3.0.4.249_x64__8wekyb3d8bbwe+App

Error: (12/19/2014 00:19:13 PM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE11.0.9600.17416188c01d01bc340479fbf4294967295C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE3c7c63bf-87bc-11e4-826f-3010b3ddbedc

Error: (12/19/2014 11:26:27 AM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE11.0.9600.17416182801d01bc17738ae5836C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEec6da94b-87b4-11e4-826f-3010b3ddbedc

CodeIntegrity Errors:
===================================
  Date: 2014-12-19 20:16:42.374
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-19 18:51:50.771
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-19 13:29:58.582
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-19 10:43:36.556
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-19 10:16:46.841
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-19 04:54:05.311
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-14 23:14:58.673
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-14 10:06:42.492
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-13 23:20:14.080
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-13 12:22:24.747
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

=========================== Installed Programs ============================
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.05.2003 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2006 - Acer Incorporated)
Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3009 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.03.2002 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{C5D8EEB2-EDBC-4375-829D-BE50547C8890}) (Version: 1.3 - Eyeo GmbH)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.03.2001.0 - Acer Incorporated)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Audio Editor And Recorder Packages (HKCU\...\Audio Editor And Recorder Packages) (Version:  - )
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
AVG PC TuneUp 2015 (en-US) (x32 Version: 15.0.1001.238 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.238 - AVG Technologies)
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.238 - AVG Technologies) Hidden
Cloud System Booster (HKLM-x32\...\Cloud System Booster) (Version: 3.5 - Anvisoft)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PhotoDirector 3 (x32 Version: 3.0.1.4917 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.0.4220 - CyberLink Corp.) Hidden
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.10.0.2208 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel® Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation)
Intel® Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel® Trusted Execution Engine (Version: 1.1.1.1 - Intel Corporation) Hidden
Intel® Trusted Execution Engine Driver (Version: 1.0.0.1064 - Intel Corporation) Hidden
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
Malwarebytes Anti-Exploit version 1.05.1.1016 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.05.1.1016 - Malwarebytes)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MCShield ::Anti-Malware Tool:: (HKLM-x32\...\MCShield) (Version: 3.0.5.28 - MyCity)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
PCKeeper (HKLM-x32\...\{E44BBEE3-3F83-4670-9E2E-EE0556442287}) (Version: 2.2.775 - Kromtech)
PCKeeper (Version: 2.2.775 - Kromtech) Hidden
Pokki Start Menu (HKCU\...\Pokki_Start_Menu) (Version: 0.269.4.112 - Pokki)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.32.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7283 - Realtek Semiconductor Corp.)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
SlimCleaner (HKLM-x32\...\{6B8D6199-EE44-4FD7-813A-6D8C62C9B384}) (Version: 4.0.30878 - SlimWare Utilities, Inc.)
SlimComputer (HKLM-x32\...\{574BF026-4487-4051-BCE5-83C4E40AAF6D}) (Version: 1.3.30878 - SlimWare Utilities, Inc.)
SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1168 - SUPERAntiSpyware.com)
Unchecky v0.3.4 (HKLM-x32\...\Unchecky) (Version: 0.3.4 - RaMMicHaeL)
WPS Office (9.1.0.4759) (HKCU\...\WPS Office) (Version: 9.1.0.4759 - Kingsoft Corp.)

========================= Devices: ================================

========================= Memory info: ===================================

Percentage of memory in use: 87%
Total physical RAM: 1929.7 MB
Available physical RAM: 233.36 MB
Total Pagefile: 3402.52 MB
Available Pagefile: 967.51 MB
Total Virtual: 4095.88 MB
Available Virtual: 3984.41 MB

========================= Partitions: =====================================

1 Drive c: (Acer) (Fixed) (Total:217.97 GB) (Free:185.74 GB) NTFS

========================= Users: ========================================

User accounts for \\RUTHIE

Administrator            Guest                    SRL                     

========================= Restore Points ==================================

07-12-2014 22:10:45 SlimDrivers Installing Drivers
12-12-2014 04:12:46 Windows Update
13-12-2014 19:27:02 Removed Skype Click to Call
13-12-2014 19:43:44 Anvi CSB 3.5
14-12-2014 07:13:46 Removed Qualcomm Atheros WLAN and Bluetooth Client Installation 켖◞Ā蠀⟈ဓ➸ဓ➘ဓ
19-12-2014 04:33:22 Windows Update
20-12-2014 22:07:20 paint.net 4.0.5

**** End of log ****



#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,462 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:30 PM

Posted 20 December 2014 - 10:23 PM

You downloaded wrong tool.

Farbar Recovery Scan Tool is not allowed in this forum.

You were supposed to run Farbar Service Scanner.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#11 claimtheword

claimtheword
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:30 AM

Posted 20 December 2014 - 11:12 PM

MCShield ::Anti-Malware Tool:: http://www.mcshield.net/

>>> v 3.0.5.28 / DB: 2014.12.14.1 / Windows 8.1 <<<

12/20/2014 8:02:18 PM > Drive C: - scan started (Acer ~218 GB, NTFS HDD )...

 

=> The drive is clean.

 



#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,462 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:30 PM

Posted 20 December 2014 - 11:16 PM

I don't need that.

Please read my previous reply.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#13 claimtheword

claimtheword
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:30 AM

Posted 20 December 2014 - 11:19 PM

Rkill 2.6.9 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/20/2014 08:15:17 PM in x64 mode.
Windows Version: Windows 8.1 Connected

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Active Proxy Server Detected

 * Proxy Disabled.
 * ProxyOverride value deleted.
 * ProxyServer value deleted.
 * AutoConfigURL value deleted.
 * Proxy settings were backed up to Registry file.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Backup Registry file created at:
 C:\Users\SRL\Desktop\rkill\rkill-12-20-2014-08-15-28.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

 * AppMgmt [Missing Service]
 * PeerDistSvc [Missing Service]
 * CscService [Missing Service]

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
  0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
  0.0.0.0 media.opencandy.com
  0.0.0.0 cdn.opencandy.com
  0.0.0.0 tracking.opencandy.com
  0.0.0.0 api.opencandy.com
  0.0.0.0 installer.betterinstaller.com
  0.0.0.0 installer.filebulldog.com
  0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
  0.0.0.0 inno.bisrv.com
  0.0.0.0 nsis.bisrv.com
  0.0.0.0 cdn.file2desktop.com
  0.0.0.0 cdn.goateastcach.us
  0.0.0.0 cdn.guttastatdk.us
  0.0.0.0 cdn.inskinmedia.com
  0.0.0.0 cdn.insta.oibundles2.com
  0.0.0.0 cdn.insta.playbryte.com
  0.0.0.0 cdn.llogetfastcach.us
  0.0.0.0 cdn.montiera.com
  0.0.0.0 cdn.msdwnld.com

  20 out of 34 HOSTS entries shown.
  Please review HOSTS file for further entries.

Program finished at: 12/20/2014 08:18:16 PM
Execution time: 0 hours(s), 2 minute(s), and 59 seconds(s)



#14 claimtheword

claimtheword
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:30 AM

Posted 20 December 2014 - 11:30 PM

apologies, am downloading the Farbar servicer scan now


Farbar Service Scanner Version: 21-07-2014
Ran by SRL (administrator) on 20-12-2014 at 20:30:11
Running from "C:\Users\SRL\Downloads"
Microsoft Windows 8.1 with Bing  (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".

Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed

**** End of log ****



#15 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,462 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:30 PM

Posted 20 December 2014 - 11:52 PM

Still need MBAM and MBAR logs.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users