Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Avast webshield pop up


  • This topic is locked This topic is locked
22 replies to this topic

#1 btant1

btant1

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:12:45 AM

Posted 17 January 2015 - 12:15 PM

I keep getting a popup that says a "Malware Blocked" or avast!Webshield has blocked a harmful webpage or url .The alert gives me a URL address and if I click on "show details" it takes me to a website to upgrade my avast antivirus,which also show a very confusing url. This popup has been very annoying and will keep popping up when I'm browsing. Have been using the malwarebytes anti-malware but couldn't clean them up. It's very frustrating. Can you please help me with this problem?



BC AdBot (Login to Remove)

 


#2 ken545

ken545

    Malware Response Team


  • Malware Response Team
  • 1,685 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Space Coast of Florida
  • Local time:08:45 PM

Posted 17 January 2015 - 12:22 PM

:welcome:

 

Need to see some logs so i can determine whats going on

 

 
1QYkxTZ.jpg Please download aswMBR to your desktop.
 
  • Double click the aswMBR icon to run it.
  • Click the Scan button to start scan.
  • If you are asked to update the Avast Virus database please allow it to do so.
  • When it finishes, press the save log button, save the logfile to your desktop and post its contents in your next reply.
  •  
    I just want to see the report....Please Do Not Fix Anything
     
    ============================================================================
     
     
     
     
    Please download Farbar Recovery Scan Tool and save it to your desktop.
     
    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
     
    How to determine whether a computer is running a 32-bit version or 64-bit version of the Windows operating system
    A simple way to check your system: Start --> Computer (right click) --> Properties
     
    FRST_zps5d956a1a.jpg
     
     
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Please make sure All Users is checked
  • Just keep the defaults as in the picture checkmarked
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

  • mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



    donate.gif Please consider a donation to help me keep up my fight against malware.

     

    Just a reminder that threads will be closed if no response in 3 days


    #3 btant1

    btant1
    • Topic Starter

    • Members
    • 15 posts
    • OFFLINE
    •  
    • Local time:12:45 AM

    Posted 17 January 2015 - 01:34 PM

    Hope this is right  :oopsign:

    Attached Files



    #4 btant1

    btant1
    • Topic Starter

    • Members
    • 15 posts
    • OFFLINE
    •  
    • Local time:12:45 AM

    Posted 17 January 2015 - 01:46 PM

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-01-2015 01
    Ran by User (administrator) on HP on 17-01-2015 18:41:01
    Running from C:\Users\User\Downloads
    Loaded Profiles: User (Available profiles: User)
    Platform: Windows 8.1 (X64) OS Language: English (United Kingdom)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
    (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
    (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    () C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
    (Microsoft Corporation) C:\Windows\System32\dasHost.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
    (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
    () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
    (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Intel Corporation) C:\Windows\System32\igfxHK.exe
    (Intel Corporation) C:\Windows\System32\igfxTray.exe
    (Intel Corporation) C:\Windows\System32\igfxEM.exe
    () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
    (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
    (Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (AVAST Software) C:\Users\User\Downloads\aswMBR.exe
     
     
    ==================== Registry (Whitelisted) ==================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7573208 2014-04-22] (Realtek Semiconductor)
    HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard)
    HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard)
    HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard)
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2014-06-17] (Synaptics Incorporated)
    HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company)
    HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [506680 2014-06-19] (Hewlett-Packard Development Company, L.P.)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-09] (AVAST Software)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
    HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
    HKLM\...\Policies\Explorer: [NoFolderOptions] 0
    HKLM\...\Policies\Explorer: [NoControlPanel] 0
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk
    ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.uk.msn.com/HPNOT14/2
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT14/2
    HKU\S-1-5-21-1195921204-3405295498-33354624-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
    HKU\S-1-5-21-1195921204-3405295498-33354624-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
    HKU\S-1-5-21-1195921204-3405295498-33354624-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
    SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1195921204-3405295498-33354624-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1195921204-3405295498-33354624-1001 -> {D081BF98-9C51-4828-81F8-B87ADA7C05EA} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKU\S-1-5-21-1195921204-3405295498-33354624-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
    BHO: No Name -> {33b34b6d-252a-4647-8545-c8cfc025c625} ->  No File
    BHO: No Name -> {7323a459-1ae7-4fcd-948c-7c0a7cfb581b} ->  No File
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    BHO: No Name -> {dc9b9b0c-ddf4-47e2-9470-e6c37fc603ab} ->  No File
    BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
    BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
    BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
     
    FireFox:
    ========
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
    FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll ()
    FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll ()
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
    FF Plugin HKU\S-1-5-21-1195921204-3405295498-33354624-1001: @nsroblox.roblox.com/launcher -> C:\Users\User\AppData\Local\Roblox\Versions\version-1b62582f111742b3\\NPRobloxProxy.dll ( ROBLOX Corporation)
    FF Plugin HKU\S-1-5-21-1195921204-3405295498-33354624-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\User\AppData\Local\Roblox\Versions\version-1b62582f111742b3\\NPRobloxProxy64.dll ( ROBLOX Corporation)
    FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-26]
     
    Chrome: 
    =======
    CHR dev: Chrome dev build detected! <======= ATTENTION
    CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-26]
    CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-26]
    CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-26]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-26]
    CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-26]
    CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-26]
    CHR Extension: (Turntablefm Playlist Manager) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimhdmlhdgmboegnmecdnfbmdmhdoool [2015-01-13]
    CHR Extension: (Avast SafePrice) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-01-13]
    CHR Extension: (Sprucemarks) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fakeocdnmmmnokabaiflppclocckihoj [2015-01-17]
    CHR Extension: (Google Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-26]
    CHR Extension: (IBA Optout ) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb [2014-12-27]
    CHR Extension: (Avast Online Security) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-26]
    CHR Extension: (BrowserTexting) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\idijdgooojpepbnadlbkiagcmilndffa [2015-01-04]
    CHR Extension: (jquery injector) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\indebdooekgjhkncmgbkeopjebofdoid [2015-01-08]
    CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-26]
    CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-26]
    CHR Extension: (DiiggiCoupon) - C:\ProgramData\cllflebfehaganannjlkoidjnffncghl\ [2014-12-26]
    CHR Extension: (uniSaleS) - C:\ProgramData\icjnaaafolcjjhihffbdmjjpidfiogmg\ [2014-12-26]
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2014-12-26]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-26]
     
    ==================== Services (Whitelisted) =================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-26] (AVAST Software)
    R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [94936 2014-07-04] ()
    R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
    R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-06-03] (Hewlett-Packard Company) [File not signed]
    R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [475960 2014-06-19] (Hewlett-Packard Development Company, L.P.)
    R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-08] (Intel Corporation)
    R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315376 2014-05-15] (Intel Corporation)
    R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
    S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
    R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation)
    R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] ()
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
    R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [File not signed]
    R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
    R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-06-17] (Synaptics Incorporated)
    S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-04-02] (Microsoft Corporation)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
     
    ==================== Drivers (Whitelisted) ====================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-26] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-26] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-26] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-26] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-26] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-26] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-26] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-26] ()
    R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
    R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
    R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] ()
    R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-13] ()
    R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-13] ()
    R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-13] ()
    R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
    R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [573144 2014-06-17] (Realtek Semiconductor Corporation)
    U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [476888 2014-03-21] (Realsil Semiconductor Corporation)
    R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3463896 2014-06-21] (Realtek Semiconductor Corporation                           )
    S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2014-06-17] (Synaptics Incorporated)
    R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-06-17] (Synaptics Incorporated)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
    R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
    U3 aswMBR; \??\C:\Users\User\AppData\Local\Temp\aswMBR.sys [X]
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
     
     
    ==================== One Month Created Files and Folders ========
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2015-01-17 18:41 - 2015-01-17 18:41 - 00021999 _____ () C:\Users\User\Downloads\FRST.txt
    2015-01-17 18:40 - 2015-01-17 18:41 - 00000000 ____D () C:\FRST
    2015-01-17 18:40 - 2015-01-17 18:40 - 02125824 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
    2015-01-17 18:34 - 2015-01-17 18:34 - 00002175 _____ () C:\Users\User\Downloads\aswMBR.txt
    2015-01-17 18:31 - 2015-01-17 18:31 - 00002175 _____ () C:\Users\User\Desktop\aswMBR.txt
    2015-01-17 18:31 - 2015-01-17 18:31 - 00000512 _____ () C:\Users\User\Desktop\MBR.dat
    2015-01-17 18:20 - 2015-01-17 18:20 - 05198336 _____ (AVAST Software) C:\Users\User\Downloads\aswMBR.exe
    2015-01-17 16:31 - 2015-01-17 16:31 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-01-17 16:31 - 2015-01-17 16:31 - 00001121 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2015-01-17 16:31 - 2015-01-17 16:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-01-17 16:30 - 2015-01-17 16:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-01-17 16:30 - 2015-01-17 16:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2015-01-17 16:30 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2015-01-17 16:30 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2015-01-17 16:30 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2015-01-17 16:29 - 2015-01-17 16:30 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.4.1028.exe
    2015-01-17 15:46 - 2015-01-17 15:46 - 00000002 _____ () C:\runcheck.txt
    2015-01-17 15:45 - 2015-01-17 15:45 - 01295360 _____ () C:\Users\User\Downloads\zoek.exe
    2015-01-17 15:45 - 2015-01-17 15:45 - 00000000 ____D () C:\zoek_backup
    2015-01-17 15:44 - 2015-01-17 16:40 - 00000000 ____D () C:\ProgramData\CoupEExtension
    2015-01-14 07:59 - 2015-01-14 07:59 - 00000359 _____ () C:\Users\User\Documents\Favourites - Shortcut.lnk
    2015-01-13 20:36 - 2015-01-17 16:40 - 00000000 ____D () C:\ProgramData\BitSAver
    2015-01-13 20:05 - 2014-12-19 06:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
    2015-01-13 20:05 - 2014-12-12 02:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
    2015-01-13 20:05 - 2014-12-12 00:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
    2015-01-13 20:05 - 2014-12-09 01:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
    2015-01-13 20:05 - 2014-12-08 19:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
    2015-01-13 20:05 - 2014-12-08 19:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
    2015-01-13 20:05 - 2014-12-08 19:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
    2015-01-13 20:05 - 2014-12-08 19:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
    2015-01-13 20:05 - 2014-12-08 19:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
    2015-01-13 20:05 - 2014-12-08 19:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
    2015-01-13 20:05 - 2014-12-08 19:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
    2015-01-13 20:05 - 2014-12-08 19:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
    2015-01-13 20:05 - 2014-12-06 03:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
    2015-01-13 20:05 - 2014-12-06 01:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
    2015-01-13 20:05 - 2014-12-06 01:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
    2015-01-13 20:05 - 2014-10-29 04:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
    2015-01-13 20:05 - 2014-10-29 04:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
    2015-01-13 20:05 - 2014-10-29 03:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
    2015-01-13 20:05 - 2014-10-29 03:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
    2015-01-13 20:05 - 2014-10-29 03:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
    2015-01-13 20:05 - 2014-10-29 03:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
    2015-01-13 20:05 - 2014-10-29 03:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
    2015-01-13 20:05 - 2014-10-29 03:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
    2015-01-13 20:05 - 2014-10-29 03:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
    2015-01-13 20:05 - 2014-10-29 03:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
    2015-01-13 20:05 - 2014-10-29 03:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
    2015-01-13 20:05 - 2014-10-29 02:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
    2015-01-13 20:05 - 2014-10-29 01:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
    2015-01-13 20:05 - 2014-10-29 01:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
    2015-01-13 20:05 - 2014-10-29 01:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
    2015-01-13 20:05 - 2014-10-29 01:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
    2015-01-10 16:25 - 2015-01-15 16:25 - 00000334 _____ () C:\Windows\Tasks\HPCeeScheduleForUser.job
    2015-01-10 14:01 - 2015-01-10 14:01 - 00000000 ____D () C:\Users\User\AppData\Local\iLivid
    2015-01-09 15:42 - 2015-01-15 16:16 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
    2015-01-09 15:42 - 2015-01-09 15:53 - 00000000 ____D () C:\Users\User\AppData\Local\Roblox
    2015-01-08 19:02 - 2015-01-08 19:02 - 00000000 ____D () C:\ProgramData\cllflebfehaganannjlkoidjnffncghl
    2015-01-08 18:43 - 2015-01-08 19:51 - 00000000 ____D () C:\ProgramData\SaveNueWeaAAppz
    2015-01-08 18:42 - 2015-01-08 19:51 - 00000000 ____D () C:\ProgramData\Fun2uSaave
    2015-01-08 18:14 - 2015-01-08 18:15 - 00000000 ____D () C:\Users\User\Desktop\movies
    2015-01-04 18:20 - 2015-01-17 15:45 - 00000000 ____D () C:\ProgramData\45e698a01f9234ee
    2015-01-04 18:20 - 2015-01-08 19:51 - 00000000 ____D () C:\ProgramData\FeiNdBeesatDeeeaL
    2014-12-27 16:52 - 2015-01-17 16:11 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
    2014-12-27 16:52 - 2015-01-17 16:11 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
    2014-12-27 14:04 - 2014-12-27 14:04 - 00002282 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2014-12-27 13:56 - 2014-12-27 13:56 - 00053440 _____ () C:\Users\User\Downloads\Magical Foods Mod 2.1.zip
    2014-12-27 13:38 - 2015-01-17 15:55 - 00000000 ____D () C:\Program Files (x86)\YoutubeAdBlockee
    2014-12-27 13:38 - 2015-01-17 15:55 - 00000000 ____D () C:\Program Files (x86)\uniisaLess
    2014-12-27 13:38 - 2014-12-27 13:38 - 00000000 ____D () C:\Program Files (x86)\IBA Optout
    2014-12-27 13:37 - 2014-12-27 13:37 - 00000000 ____D () C:\ProgramData\icjnaaafolcjjhihffbdmjjpidfiogmg
    2014-12-27 13:37 - 2014-12-27 13:37 - 00000000 ____D () C:\ProgramData\5036881046752343278
    2014-12-27 13:37 - 2014-12-27 13:37 - 00000000 ____D () C:\Program Files (x86)\uniSaleS
    2014-12-27 13:34 - 2014-12-27 13:34 - 00169316 _____ () C:\Users\User\Downloads\164blokkitv1.zip
    2014-12-27 13:22 - 2014-12-27 13:22 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2014-12-27 13:22 - 2014-12-27 13:22 - 00000000 ____D () C:\ProgramData\Sun
    2014-12-27 13:22 - 2014-12-27 13:22 - 00000000 ____D () C:\ProgramData\Oracle
    2014-12-27 13:22 - 2014-12-27 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2014-12-27 13:22 - 2014-12-27 13:22 - 00000000 ____D () C:\Program Files (x86)\Java
    2014-12-27 13:21 - 2014-12-27 13:21 - 00638888 _____ (Oracle Corporation) C:\Users\User\Downloads\chromeinstall-8u25.exe
    2014-12-27 13:21 - 2014-07-24 15:28 - 00419648 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
    2014-12-27 13:21 - 2014-07-24 15:28 - 00412992 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
    2014-12-27 13:21 - 2014-07-24 15:28 - 00143680 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
    2014-12-27 13:21 - 2014-07-24 15:20 - 00645592 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
    2014-12-27 13:21 - 2014-07-24 15:16 - 02574208 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
    2014-12-27 13:21 - 2014-07-24 15:07 - 02009920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
    2014-12-27 13:21 - 2014-07-24 15:05 - 01660048 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2014-12-27 13:21 - 2014-07-24 15:05 - 01519560 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
    2014-12-27 13:21 - 2014-07-24 15:05 - 01488008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
    2014-12-27 13:21 - 2014-07-24 15:05 - 01356840 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
    2014-12-27 13:21 - 2014-07-24 15:03 - 02141920 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
    2014-12-27 13:21 - 2014-07-24 15:03 - 00882136 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
    2014-12-27 13:21 - 2014-07-24 15:03 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
    2014-12-27 13:21 - 2014-07-24 15:03 - 00205512 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll
    2014-12-27 13:21 - 2014-07-24 13:48 - 02410976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
    2014-12-27 13:21 - 2014-07-24 13:46 - 00477200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
    2014-12-27 13:21 - 2014-07-24 13:36 - 02145472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
    2014-12-27 13:21 - 2014-07-24 13:36 - 00707536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
    2014-12-27 13:21 - 2014-07-24 13:36 - 00355800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
    2014-12-27 13:21 - 2014-07-24 13:36 - 00180720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
    2014-12-27 13:21 - 2014-07-24 11:44 - 00674816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
    2014-12-27 13:21 - 2014-07-24 11:43 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
    2014-12-27 13:21 - 2014-07-24 11:42 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
    2014-12-27 13:21 - 2014-07-24 11:05 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
    2014-12-27 13:21 - 2014-07-24 11:05 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
    2014-12-27 13:21 - 2014-07-24 10:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll
    2014-12-27 13:21 - 2014-07-24 10:20 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
    2014-12-27 13:21 - 2014-07-24 10:10 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
    2014-12-27 13:21 - 2014-07-24 10:10 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
    2014-12-27 13:21 - 2014-07-24 09:52 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
    2014-12-27 13:21 - 2014-07-24 09:44 - 16874496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
    2014-12-27 13:21 - 2014-07-24 09:39 - 00770048 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
    2014-12-27 13:21 - 2014-07-24 09:33 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
    2014-12-27 13:21 - 2014-07-24 09:24 - 01817088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
    2014-12-27 13:21 - 2014-07-24 09:16 - 12730880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
    2014-12-27 13:21 - 2014-07-24 09:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
    2014-12-27 13:21 - 2014-07-24 09:11 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
    2014-12-27 13:21 - 2014-07-24 09:10 - 00540672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
    2014-12-27 13:21 - 2014-07-24 09:03 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
    2014-12-27 13:21 - 2014-07-24 08:53 - 01261056 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
    2014-12-27 13:21 - 2014-07-24 08:53 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
    2014-12-27 13:21 - 2014-07-24 08:49 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
    2014-12-27 13:21 - 2014-07-24 08:39 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
    2014-12-27 13:21 - 2014-07-24 08:38 - 00371200 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
    2014-12-27 13:21 - 2014-07-24 08:32 - 01532416 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
    2014-12-27 13:21 - 2014-07-24 08:30 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
    2014-12-27 13:21 - 2014-07-24 08:29 - 00439296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
    2014-12-27 13:21 - 2014-07-24 08:23 - 01404416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
    2014-12-27 13:21 - 2014-07-24 08:22 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
    2014-12-27 13:21 - 2014-07-24 08:21 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
    2014-12-27 13:21 - 2014-07-24 08:21 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
    2014-12-27 13:21 - 2014-07-24 08:19 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
    2014-12-27 13:21 - 2014-07-24 08:18 - 00795136 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
    2014-12-27 13:21 - 2014-07-24 08:16 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
    2014-12-27 13:21 - 2014-07-24 08:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
    2014-12-27 13:21 - 2014-07-24 08:15 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2014-12-27 13:21 - 2014-07-24 08:10 - 00889344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
    2014-12-27 13:21 - 2014-07-24 08:10 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
    2014-12-27 13:21 - 2014-07-24 08:02 - 03465216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2014-12-27 13:21 - 2014-07-24 08:01 - 01992192 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
    2014-12-27 13:21 - 2014-07-24 07:50 - 01182208 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
    2014-12-27 13:21 - 2014-07-24 07:47 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
    2014-12-27 13:21 - 2014-07-24 07:44 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
    2014-12-27 13:21 - 2014-07-24 07:28 - 01600000 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
    2014-12-27 13:21 - 2014-07-24 04:11 - 00513544 _____ () C:\Windows\SysWOW64\locale.nls
    2014-12-27 13:21 - 2014-07-24 04:11 - 00513544 _____ () C:\Windows\system32\locale.nls
    2014-12-27 13:21 - 2014-07-12 05:55 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
    2014-12-27 13:21 - 2014-07-04 10:29 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
    2014-12-27 13:21 - 2014-07-04 09:30 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
    2014-12-27 13:21 - 2014-07-04 09:27 - 00474112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
    2014-12-27 13:21 - 2014-06-27 06:22 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
    2014-12-27 13:21 - 2014-06-26 00:32 - 01029632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
    2014-12-27 13:21 - 2014-06-19 02:13 - 00310080 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
    2014-12-27 13:21 - 2014-06-14 06:03 - 02389504 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
    2014-12-27 13:21 - 2014-06-14 05:46 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
    2014-12-27 13:21 - 2014-06-05 10:18 - 01018368 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
    2014-12-27 13:21 - 2014-06-05 09:42 - 00889856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
    2014-12-27 13:21 - 2014-05-31 05:00 - 01463808 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
    2014-12-27 13:21 - 2014-05-29 06:23 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
    2014-12-27 13:21 - 2014-05-29 05:25 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
    2014-12-27 13:21 - 2014-05-06 04:41 - 00486744 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
    2014-12-27 13:21 - 2014-05-06 00:55 - 00391000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
    2014-12-27 13:21 - 2014-03-25 02:27 - 00160600 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
    2014-12-27 13:21 - 2014-03-25 01:20 - 00127544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
    2014-12-27 13:20 - 2014-07-24 15:28 - 00280384 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
    2014-12-27 13:20 - 2014-07-24 15:25 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2014-12-27 13:20 - 2014-07-24 15:23 - 00125472 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
    2014-12-27 13:20 - 2014-07-24 15:20 - 00263400 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
    2014-12-27 13:20 - 2014-07-24 15:16 - 00211216 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
    2014-12-27 13:20 - 2014-07-24 15:03 - 00233888 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
    2014-12-27 13:20 - 2014-07-24 13:50 - 00098048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
    2014-12-27 13:20 - 2014-07-24 13:48 - 00180208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
    2014-12-27 13:20 - 2014-07-24 11:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL
    2014-12-27 13:20 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
    2014-12-27 13:20 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTT102.DLL
    2014-12-27 13:20 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
    2014-12-27 13:20 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
    2014-12-27 13:20 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
    2014-12-27 13:20 - 2014-07-24 11:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
    2014-12-27 13:20 - 2014-07-24 11:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
    2014-12-27 13:20 - 2014-07-24 11:45 - 00076800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
    2014-12-27 13:20 - 2014-07-24 11:42 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NdisImPlatform.sys
    2014-12-27 13:20 - 2014-07-24 11:41 - 00118272 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
    2014-12-27 13:20 - 2014-07-24 11:33 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2014-12-27 13:20 - 2014-07-24 11:33 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2014-12-27 13:20 - 2014-07-24 11:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
    2014-12-27 13:20 - 2014-07-24 10:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
    2014-12-27 13:20 - 2014-07-24 10:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTT102.DLL
    2014-12-27 13:20 - 2014-07-24 10:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
    2014-12-27 13:20 - 2014-07-24 10:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL
    2014-12-27 13:20 - 2014-07-24 10:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
    2014-12-27 13:20 - 2014-07-24 10:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
    2014-12-27 13:20 - 2014-07-24 10:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
    2014-12-27 13:20 - 2014-07-24 10:33 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
    2014-12-27 13:20 - 2014-07-24 10:32 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
    2014-12-27 13:20 - 2014-07-24 10:18 - 01089024 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
    2014-12-27 13:20 - 2014-07-24 10:12 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
    2014-12-27 13:20 - 2014-07-24 10:10 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
    2014-12-27 13:20 - 2014-07-24 10:10 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasnap.dll
    2014-12-27 13:20 - 2014-07-24 10:05 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
    2014-12-27 13:20 - 2014-07-24 09:42 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
    2014-12-27 13:20 - 2014-07-24 09:40 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
    2014-12-27 13:20 - 2014-07-24 09:32 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
    2014-12-27 13:20 - 2014-07-24 09:27 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
    2014-12-27 13:20 - 2014-07-24 09:25 - 00832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
    2014-12-27 13:20 - 2014-07-24 09:21 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
    2014-12-27 13:20 - 2014-07-24 09:18 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll
    2014-12-27 13:20 - 2014-07-24 09:14 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
    2014-12-27 13:20 - 2014-07-24 09:11 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
    2014-12-27 13:20 - 2014-07-24 09:04 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
    2014-12-27 13:20 - 2014-07-24 09:04 - 00183808 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
    2014-12-27 13:20 - 2014-07-24 08:58 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
    2014-12-27 13:20 - 2014-07-24 08:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
    2014-12-27 13:20 - 2014-07-24 08:48 - 00659968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
    2014-12-27 13:20 - 2014-07-24 08:47 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
    2014-12-27 13:20 - 2014-07-24 08:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll
    2014-12-27 13:20 - 2014-07-24 08:36 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
    2014-12-27 13:20 - 2014-07-24 08:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
    2014-12-27 13:20 - 2014-07-24 08:18 - 01144320 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
    2014-12-27 13:20 - 2014-07-24 08:18 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2014-12-27 13:20 - 2014-07-24 08:15 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
    2014-12-27 13:20 - 2014-07-24 08:15 - 00432128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
    2014-12-27 13:20 - 2014-07-24 08:13 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
    2014-12-27 13:20 - 2014-07-24 08:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
    2014-12-27 13:20 - 2014-07-24 08:07 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2014-12-27 13:20 - 2014-07-24 08:06 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2014-12-27 13:20 - 2014-07-24 08:05 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
    2014-12-27 13:20 - 2014-07-24 08:04 - 00667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2014-12-27 13:20 - 2014-07-24 08:00 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
    2014-12-27 13:20 - 2014-07-24 07:58 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
    2014-12-27 13:20 - 2014-07-24 07:58 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
    2014-12-27 13:20 - 2014-07-24 07:54 - 01290752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
    2014-12-27 13:20 - 2014-07-24 07:41 - 00459264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
    2014-12-27 13:20 - 2014-07-12 04:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
    2014-12-27 13:20 - 2014-07-04 12:59 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
    2014-12-27 13:20 - 2014-07-04 10:20 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
    2014-12-27 13:20 - 2014-07-04 10:06 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
    2014-12-27 13:20 - 2014-07-04 10:00 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
    2014-12-27 13:20 - 2014-06-26 00:29 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
    2014-12-27 13:20 - 2014-06-19 23:37 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
    2014-12-27 13:20 - 2014-06-07 12:46 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
    2014-12-27 13:20 - 2014-06-07 10:20 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
    2014-12-27 13:20 - 2014-06-05 14:00 - 01118040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
    2014-12-27 13:20 - 2014-05-31 04:18 - 01319936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
    2014-12-27 13:20 - 2014-05-26 07:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
    2014-12-27 13:20 - 2014-05-10 10:12 - 00387896 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
    2014-12-27 13:20 - 2014-05-10 08:46 - 00335680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
    2014-12-27 13:20 - 2014-03-25 02:27 - 00123920 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
    2014-12-27 13:20 - 2014-03-25 01:20 - 00128568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
    2014-12-27 13:19 - 2014-12-27 13:19 - 03077905 _____ () C:\Users\User\Downloads\forge-1.7.10-10.13.2.1230-installer.jar
    2014-12-26 20:28 - 2014-12-26 20:28 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieBrowserModeList
    2014-12-26 20:25 - 2015-01-06 00:08 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2014-12-26 20:25 - 2015-01-06 00:08 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2014-12-26 19:54 - 2014-12-26 19:54 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2014-12-26 19:54 - 2014-12-26 19:54 - 00000000 ____D () C:\Windows\system32\appraiser
    2014-12-26 17:05 - 2015-01-14 08:12 - 00000000 ____D () C:\Windows\system32\MRT
    2014-12-26 17:05 - 2015-01-14 08:07 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2014-12-26 16:55 - 2014-04-14 03:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
    2014-12-26 14:48 - 2014-12-26 14:48 - 00000000 ____D () C:\Users\User\Documents\Avatar
    2014-12-26 14:48 - 2014-12-26 14:48 - 00000000 ____D () C:\Users\User\AppData\Roaming\CyberLink
    2014-12-26 13:06 - 2014-11-10 02:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll
    2014-12-26 13:06 - 2014-11-10 01:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
    2014-12-26 13:05 - 2014-12-03 23:37 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-12-26 13:05 - 2014-12-03 23:09 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2014-12-26 13:05 - 2014-12-02 23:09 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-12-26 13:05 - 2014-12-02 23:09 - 00740864 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2014-12-26 13:05 - 2014-12-02 23:09 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2014-12-26 13:05 - 2014-12-02 23:09 - 00396288 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2014-12-26 13:05 - 2014-12-02 23:09 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2014-12-26 13:05 - 2014-09-22 04:38 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
    2014-12-26 13:05 - 2014-09-22 03:06 - 00258368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
    2014-12-26 13:05 - 2014-09-22 03:06 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
    2014-12-26 13:05 - 2014-09-22 02:49 - 00035320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
    2014-12-26 13:05 - 2014-09-19 00:16 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
    2014-12-26 13:05 - 2014-09-02 22:08 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
    2014-12-26 13:05 - 2014-09-02 22:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
    2014-12-26 13:05 - 2014-07-10 04:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\lockscreencn.dll
    2014-12-26 13:04 - 2014-10-31 23:57 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
    2014-12-26 13:04 - 2014-10-31 23:47 - 00790528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
    2014-12-26 13:04 - 2014-10-30 23:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2014-12-26 13:04 - 2014-10-30 23:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2014-12-26 13:04 - 2014-10-13 02:33 - 00116032 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
    2014-12-26 13:04 - 2014-10-11 00:58 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
    2014-12-26 13:04 - 2014-10-11 00:53 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
    2014-12-26 13:04 - 2014-10-08 07:30 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
    2014-12-26 13:04 - 2014-10-08 07:09 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
    2014-12-26 13:04 - 2014-10-08 06:27 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
    2014-12-26 13:04 - 2014-10-08 05:32 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
    2014-12-26 13:04 - 2014-10-08 05:19 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
    2014-12-26 13:01 - 2014-08-15 00:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
    2014-12-26 13:01 - 2014-07-30 01:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
    2014-12-26 13:01 - 2014-07-29 05:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
    2014-12-26 12:04 - 2015-01-17 16:42 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
    2014-12-26 11:56 - 2014-11-22 03:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-12-26 11:56 - 2014-11-22 02:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-12-26 11:56 - 2014-11-22 02:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-12-26 11:56 - 2014-11-22 02:35 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2014-12-26 11:56 - 2014-11-22 02:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-12-26 11:56 - 2014-11-22 02:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-12-26 11:56 - 2014-11-22 02:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-12-26 11:56 - 2014-11-22 02:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2014-12-26 11:56 - 2014-11-22 02:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2014-12-26 11:56 - 2014-11-22 02:06 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
    2014-12-26 11:56 - 2014-11-22 02:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-12-26 11:56 - 2014-11-22 02:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-12-26 11:56 - 2014-11-22 01:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
    2014-12-26 11:56 - 2014-11-22 01:55 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2014-12-26 11:56 - 2014-11-22 01:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2014-12-26 11:56 - 2014-11-22 01:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-12-26 11:56 - 2014-11-22 01:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-12-26 11:56 - 2014-11-22 01:49 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-12-26 11:56 - 2014-11-22 01:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-12-26 11:56 - 2014-11-22 01:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-12-26 11:56 - 2014-11-22 01:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2014-12-26 11:56 - 2014-11-22 01:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
    2014-12-26 11:56 - 2014-11-22 01:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2014-12-26 11:56 - 2014-11-22 01:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-12-26 11:56 - 2014-11-22 01:29 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
    2014-12-26 11:56 - 2014-11-22 01:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-12-26 11:56 - 2014-11-22 01:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2014-12-26 11:56 - 2014-11-22 01:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-12-26 11:56 - 2014-11-22 01:23 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2014-12-26 11:56 - 2014-11-22 01:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-12-26 11:56 - 2014-11-22 01:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-12-26 11:56 - 2014-11-22 01:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-12-26 11:56 - 2014-11-22 01:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-12-26 11:56 - 2014-11-22 01:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-12-26 11:56 - 2014-11-22 00:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-12-26 11:56 - 2014-11-22 00:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2014-12-26 11:56 - 2014-10-31 05:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-12-26 11:56 - 2014-10-31 04:53 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-12-26 11:56 - 2014-10-31 04:52 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
    2014-12-26 11:56 - 2014-10-31 04:51 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-12-26 11:56 - 2014-10-31 04:51 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-12-26 11:56 - 2014-10-31 04:50 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-12-26 11:56 - 2014-10-31 04:38 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-12-26 11:56 - 2014-10-31 04:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-12-26 11:56 - 2014-10-31 04:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2014-12-26 11:56 - 2014-10-31 04:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-12-26 11:56 - 2014-10-31 03:44 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
    2014-12-26 11:56 - 2014-10-31 03:13 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-12-26 11:56 - 2014-10-31 03:13 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
    2014-12-26 11:56 - 2014-10-31 03:12 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-12-26 11:56 - 2014-10-31 03:11 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-12-26 11:56 - 2014-10-31 03:02 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2014-12-26 11:56 - 2014-10-31 02:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2014-12-26 11:56 - 2014-10-31 02:56 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2014-12-26 11:56 - 2014-10-31 02:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-12-26 11:56 - 2014-10-31 02:26 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
    2014-12-26 11:55 - 2014-11-22 02:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2014-12-26 11:55 - 2014-11-22 02:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-12-26 11:55 - 2014-11-22 02:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2014-12-26 11:55 - 2014-10-31 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
    2014-12-26 11:55 - 2014-10-31 05:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
    2014-12-26 11:55 - 2014-10-31 05:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
    2014-12-26 11:55 - 2014-10-31 05:09 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
    2014-12-26 11:55 - 2014-10-31 05:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
    2014-12-26 11:55 - 2014-10-31 05:06 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2014-12-26 11:55 - 2014-10-31 05:06 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-12-26 11:55 - 2014-10-31 04:57 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-12-26 11:55 - 2014-10-31 04:56 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-12-26 11:55 - 2014-10-31 04:54 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
    2014-12-26 11:55 - 2014-10-31 04:40 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
    2014-12-26 11:55 - 2014-10-31 04:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
    2014-12-26 11:55 - 2014-10-31 04:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
    2014-12-26 11:55 - 2014-10-31 04:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
    2014-12-26 11:55 - 2014-10-31 04:19 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2014-12-26 11:55 - 2014-10-31 03:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
    2014-12-26 11:55 - 2014-10-31 03:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
    2014-12-26 11:55 - 2014-10-31 03:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
    2014-12-26 11:55 - 2014-10-31 03:27 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
    2014-12-26 11:55 - 2014-10-31 03:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
    2014-12-26 11:55 - 2014-10-31 03:25 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
    2014-12-26 11:55 - 2014-10-31 03:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2014-12-26 11:55 - 2014-10-31 03:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-12-26 11:55 - 2014-10-31 03:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-12-26 11:55 - 2014-10-31 03:16 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-12-26 11:55 - 2014-10-31 03:15 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-12-26 11:55 - 2014-10-31 03:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
    2014-12-26 11:55 - 2014-10-31 03:03 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
    2014-12-26 11:55 - 2014-10-31 02:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
    2014-12-26 11:55 - 2014-10-31 02:56 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
    2014-12-26 11:55 - 2014-10-31 02:53 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
    2014-12-26 11:55 - 2014-10-31 02:48 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2014-12-26 11:55 - 2014-10-31 02:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
    2014-12-26 11:54 - 2014-05-30 03:03 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
    2014-12-26 11:53 - 2014-10-30 22:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
    2014-12-26 11:53 - 2014-10-30 22:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
    2014-12-26 11:37 - 2014-09-27 07:13 - 00104336 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
    2014-12-26 11:37 - 2014-09-27 05:24 - 00088800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
    2014-12-26 11:37 - 2014-09-27 03:38 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2014-12-26 11:37 - 2014-09-27 03:30 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
    2014-12-26 11:37 - 2014-09-27 03:17 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2014-12-26 11:37 - 2014-06-13 01:15 - 00517528 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
    2014-12-26 11:37 - 2014-06-13 01:14 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
    2014-12-26 11:37 - 2014-06-13 00:10 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
    2014-12-26 11:37 - 2014-06-06 11:34 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
    2014-12-26 11:36 - 2014-06-20 01:48 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2014-12-26 11:36 - 2014-06-19 23:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
    2014-12-26 11:35 - 2014-10-10 01:58 - 00177472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2014-12-26 11:35 - 2014-10-10 01:58 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
    2014-12-26 11:35 - 2014-10-10 01:44 - 00563976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2014-12-26 11:35 - 2014-10-08 07:37 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2014-12-26 11:35 - 2014-10-08 07:37 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2014-12-26 11:35 - 2014-10-08 07:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
    2014-12-26 11:35 - 2014-10-08 07:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
    2014-12-26 11:35 - 2014-10-08 06:56 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
    2014-12-26 11:35 - 2014-10-08 06:51 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2014-12-26 11:35 - 2014-10-08 06:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2014-12-26 11:35 - 2014-10-08 06:18 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
    2014-12-26 11:35 - 2014-10-08 06:17 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2014-12-26 11:35 - 2014-10-08 05:23 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
    2014-12-26 11:35 - 2014-08-07 02:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2014-12-26 11:35 - 2014-08-02 03:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2014-12-26 11:35 - 2014-07-15 18:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
    2014-12-26 11:35 - 2014-07-15 08:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
    2014-12-26 11:34 - 2014-11-07 04:16 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2014-12-26 11:34 - 2014-11-07 03:26 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2014-12-26 11:34 - 2014-10-23 05:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
    2014-12-26 11:34 - 2014-10-23 05:05 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
    2014-12-26 11:34 - 2014-10-17 07:01 - 00789184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
    2014-12-26 11:34 - 2014-10-17 06:58 - 00602768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
    2014-12-26 11:34 - 2014-10-13 02:43 - 00238912 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
    2014-12-26 11:34 - 2014-10-13 02:43 - 00153920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
    2014-12-26 11:34 - 2014-10-13 02:43 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
    2014-12-26 11:34 - 2014-10-13 02:43 - 00039744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
    2014-12-26 11:34 - 2014-10-07 03:30 - 04182016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2014-12-26 11:34 - 2014-09-04 00:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
    2014-12-26 11:34 - 2014-09-04 00:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
    2014-12-26 11:34 - 2014-08-23 07:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
    2014-12-26 11:34 - 2014-08-23 07:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
    2014-12-26 11:34 - 2014-08-23 06:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
    2014-12-26 11:34 - 2014-08-23 05:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
    2014-12-26 11:34 - 2014-08-23 05:18 - 02149376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
    2014-12-26 11:34 - 2014-08-23 05:03 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
    2014-12-26 11:34 - 2014-08-23 04:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
    2014-12-26 11:34 - 2014-08-16 04:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
    2014-12-26 11:34 - 2014-08-16 04:01 - 01710184 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2014-12-26 11:34 - 2014-08-16 03:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2014-12-26 11:34 - 2014-08-16 03:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
    2014-12-26 11:34 - 2014-08-16 03:03 - 01467384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2014-12-26 11:34 - 2014-08-16 01:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2014-12-26 11:34 - 2014-08-16 01:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
    2014-12-26 11:34 - 2014-08-16 00:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
    2014-12-26 11:34 - 2014-08-16 00:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
    2014-12-26 11:34 - 2014-08-16 00:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
    2014-12-26 11:34 - 2014-08-16 00:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
    2014-12-26 11:34 - 2014-08-16 00:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
    2014-12-26 11:34 - 2014-08-16 00:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
    2014-12-26 11:34 - 2014-08-16 00:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
    2014-12-26 11:34 - 2014-08-16 00:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
    2014-12-26 11:34 - 2014-08-16 00:29 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2014-12-26 11:34 - 2014-08-16 00:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
    2014-12-26 11:34 - 2014-08-16 00:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
    2014-12-26 11:34 - 2014-08-16 00:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
    2014-12-26 11:34 - 2014-08-16 00:19 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2014-12-26 11:34 - 2014-08-16 00:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
    2014-12-26 11:34 - 2014-08-16 00:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
    2014-12-26 11:34 - 2014-08-16 00:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
    2014-12-26 11:34 - 2014-08-16 00:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
    2014-12-26 11:34 - 2014-08-16 00:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
    2014-12-26 11:34 - 2014-08-16 00:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
    2014-12-26 11:34 - 2014-08-16 00:11 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
    2014-12-26 11:34 - 2014-08-16 00:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
    2014-12-26 11:34 - 2014-08-16 00:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2014-12-26 11:34 - 2014-08-16 00:07 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
    2014-12-26 11:34 - 2014-08-02 00:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
    2014-12-26 11:34 - 2014-07-24 15:28 - 00468288 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
    2014-12-26 11:34 - 2014-07-24 11:42 - 01200640 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
    2014-12-26 11:34 - 2014-07-24 11:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
    2014-12-26 11:34 - 2014-07-24 10:09 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
    2014-12-26 11:34 - 2014-07-24 09:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
    2014-12-26 11:34 - 2014-07-15 08:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
    2014-12-26 11:34 - 2014-07-15 08:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
    2014-12-26 11:34 - 2014-06-09 22:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
    2014-12-26 11:34 - 2014-06-09 22:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
    2014-12-26 11:34 - 2014-05-19 06:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
    2014-12-26 11:34 - 2014-05-19 06:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
    2014-12-26 11:34 - 2014-05-19 05:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
    2014-12-26 11:33 - 2014-06-06 13:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
    2014-12-26 11:33 - 2014-06-06 12:18 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
    2014-12-26 11:33 - 2014-06-02 02:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
    2014-12-26 11:33 - 2014-05-31 10:07 - 00440664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
    2014-12-26 11:33 - 2014-05-31 10:07 - 00089944 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
    2014-12-26 11:33 - 2014-05-31 10:07 - 00027480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
    2014-12-26 11:33 - 2014-05-31 06:30 - 00037376 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
    2014-12-26 11:33 - 2014-05-31 06:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
    2014-12-26 11:33 - 2014-05-31 06:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
    2014-12-26 11:33 - 2014-05-31 04:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
    2014-12-26 11:33 - 2014-05-31 04:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
    2014-12-26 11:33 - 2014-05-31 04:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
    2014-12-26 11:33 - 2014-05-27 09:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll
    2014-12-26 11:33 - 2014-05-27 09:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll
    2014-12-26 11:32 - 2014-11-09 23:19 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2014-12-26 11:32 - 2014-11-09 23:19 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2014-12-26 11:32 - 2014-11-09 23:18 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
    2014-12-26 11:32 - 2014-11-09 23:18 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
    2014-12-26 11:32 - 2014-09-10 06:25 - 00474432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
    2014-12-26 11:32 - 2014-09-08 03:07 - 02497344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
    2014-12-26 11:32 - 2014-09-08 03:07 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
    2014-12-26 11:32 - 2014-09-07 22:08 - 00389176 _____ () C:\Windows\system32\ApnDatabase.xml
    2014-12-26 11:32 - 2014-09-04 22:30 - 00822272 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
    2014-12-26 11:32 - 2014-09-04 22:21 - 01053184 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
    2014-12-26 11:32 - 2014-09-04 03:05 - 00836176 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
    2014-12-26 11:32 - 2014-09-04 02:22 - 00670384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
    2014-12-26 11:32 - 2014-09-04 01:01 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
    2014-12-26 11:32 - 2014-09-04 00:32 - 00334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
    2014-12-26 11:32 - 2014-09-04 00:10 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
    2014-12-26 11:32 - 2014-08-31 00:17 - 00148800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
    2014-12-26 11:32 - 2014-08-31 00:15 - 21197152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2014-12-26 11:32 - 2014-08-30 22:59 - 18723112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2014-12-26 11:32 - 2014-08-30 22:05 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
    2014-12-26 11:32 - 2014-08-30 21:58 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
    2014-12-26 11:32 - 2014-08-30 21:04 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
    2014-12-26 11:32 - 2014-08-30 20:53 - 00239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
    2014-12-26 11:32 - 2014-08-30 20:17 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
    2014-12-26 11:32 - 2014-08-28 02:55 - 07484224 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2014-12-26 11:32 - 2014-08-28 00:21 - 02480128 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
    2014-12-26 11:32 - 2014-08-28 00:06 - 02030592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
    2014-12-26 11:32 - 2014-08-23 05:14 - 13424128 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
    2014-12-26 11:32 - 2014-08-23 05:04 - 11820544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
    2014-12-26 11:32 - 2014-08-23 04:50 - 02714112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
    2014-12-26 11:32 - 2014-08-02 00:51 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
    2014-12-26 11:32 - 2014-08-02 00:35 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
    2014-12-26 11:32 - 2014-07-24 11:22 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
    2014-12-26 11:32 - 2014-07-24 09:53 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
    2014-12-26 11:32 - 2014-07-24 09:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
    2014-12-26 11:32 - 2014-07-24 08:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
    2014-12-26 11:32 - 2014-07-24 08:08 - 00162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
    2014-12-26 11:32 - 2014-07-24 07:49 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
    2014-12-26 11:32 - 2014-07-24 07:43 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
    2014-12-26 11:32 - 2014-07-24 03:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
    2014-12-26 11:32 - 2014-07-24 03:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
    2014-12-26 11:32 - 2014-07-12 04:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
    2014-12-26 11:31 - 2014-12-26 11:31 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
    2014-12-26 11:11 - 2014-05-31 10:06 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
    2014-12-26 11:11 - 2014-05-31 02:37 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
    2014-12-26 11:11 - 2014-05-31 02:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
    2014-12-26 11:11 - 2014-04-11 05:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
    2014-12-26 10:53 - 2015-01-01 18:46 - 00000000 ____D () C:\Users\User\AppData\Roaming\.minecraft
    2014-12-26 10:53 - 2014-12-26 10:53 - 00000000 ____D () C:\Users\User\AppData\Roaming\java
    2014-12-26 10:46 - 2014-12-26 10:47 - 00000000 ____D () C:\Program Files (x86)\Minecraft
    2014-12-26 10:46 - 2014-12-26 10:46 - 02314240 _____ () C:\Users\User\Downloads\MinecraftInstaller.msi
    2014-12-26 10:46 - 2014-12-26 10:46 - 00000980 _____ () C:\Users\Public\Desktop\Minecraft.lnk
    2014-12-26 10:46 - 2014-12-26 10:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
    2014-12-26 10:42 - 2014-12-26 10:42 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
    2014-12-26 10:42 - 2014-12-26 10:42 - 00001987 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
    2014-12-26 10:42 - 2014-12-26 10:42 - 00000000 ____D () C:\Users\User\AppData\Roaming\AVAST Software
    2014-12-26 10:42 - 2014-12-26 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
    2014-12-26 10:42 - 2014-12-26 10:42 - 00000000 ____D () C:\Program Files\Google
    2014-12-26 10:41 - 2014-12-26 10:46 - 00003910 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2014-12-26 10:41 - 2014-12-26 10:46 - 00003674 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2014-12-26 10:41 - 2014-12-26 10:46 - 00000938 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-12-26 10:41 - 2014-12-26 10:46 - 00000934 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-12-26 10:41 - 2014-12-26 10:42 - 00000000 ____D () C:\Users\User\AppData\Local\Google
    2014-12-26 10:41 - 2014-12-26 10:42 - 00000000 ____D () C:\ProgramData\Google
    2014-12-26 10:41 - 2014-12-26 10:42 - 00000000 ____D () C:\Program Files (x86)\Google
    2014-12-26 10:41 - 2014-12-26 10:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2014-12-26 10:40 - 2014-12-26 10:42 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
    2014-12-26 10:40 - 2014-12-26 10:40 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
    2014-12-26 10:40 - 2014-12-26 10:40 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
    2014-12-26 10:40 - 2014-12-26 10:40 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
    2014-12-26 10:40 - 2014-12-26 10:40 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
    2014-12-26 10:40 - 2014-12-26 10:40 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
    2014-12-26 10:40 - 2014-12-26 10:40 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
    2014-12-26 10:40 - 2014-12-26 10:40 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
    2014-12-26 10:40 - 2014-12-26 10:40 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
    2014-12-26 10:40 - 2014-12-26 10:40 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
    2014-12-26 10:39 - 2014-12-26 10:39 - 00000000 ____D () C:\ProgramData\AVAST Software
    2014-12-26 10:39 - 2014-12-26 10:39 - 00000000 ____D () C:\Program Files\AVAST Software
    2014-12-26 10:38 - 2014-12-26 10:38 - 05006864 _____ (AVAST Software) C:\Users\User\Downloads\avast_free_antivirus_setup_online.exe
    2014-12-26 10:37 - 2015-01-17 15:08 - 00003898 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{033A36FC-E3AB-4A05-B9BE-16FDD20877E9}
    2014-12-26 10:37 - 2014-12-26 10:37 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieUserList
    2014-12-26 10:37 - 2014-12-26 10:37 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieSiteList
    2014-12-26 10:36 - 2014-12-26 10:36 - 00000000 ____D () C:\Users\User\AppData\Roaming\Macromedia
    2014-12-26 10:31 - 2014-12-26 10:31 - 00000000 ____D () C:\Users\User\AppData\Roaming\hpqlog
    2014-12-23 13:17 - 2015-01-17 18:23 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1195921204-3405295498-33354624-1001
    2014-12-23 13:15 - 2014-12-26 11:01 - 00000000 ____D () C:\Users\User\AppData\Roaming\Hewlett-Packard
    2014-12-23 13:14 - 2015-01-17 18:19 - 00000000 ____D () C:\Users\User\Documents\Youcam
    2014-12-23 13:14 - 2014-12-26 14:47 - 00000000 ____D () C:\Users\User\AppData\Local\CyberLink
    2014-12-23 13:13 - 2015-01-10 16:25 - 00000000 ____D () C:\Users\User\AppData\Local\Hewlett-Packard
    2014-12-23 13:12 - 2014-12-23 13:12 - 00001449 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2014-12-23 13:12 - 2014-12-23 13:12 - 00000184 _____ () C:\Windows\insFileSpec
    2014-12-23 13:12 - 2014-12-23 13:12 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
    2014-12-23 13:12 - 2014-12-23 13:12 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe
    2014-12-23 13:12 - 2014-12-23 13:12 - 00000000 ____D () C:\Users\User\AppData\Local\VirtualStore
    2014-12-23 13:12 - 2014-11-21 23:57 - 00001332 _____ () C:\Users\Public\Desktop\HP Smart Friend.lnk
    2014-12-23 13:12 - 2014-11-21 23:50 - 00002241 _____ () C:\Users\Public\Desktop\Snapfish Photos.lnk
    2014-12-23 13:12 - 2014-11-21 23:37 - 00001306 _____ () C:\Users\Public\Desktop\TripAdvisor.lnk
    2014-12-23 13:12 - 2014-08-26 01:27 - 00002262 _____ () C:\Users\Public\Desktop\Get Dropbox Offer.lnk
    2014-12-23 13:11 - 2015-01-17 18:38 - 01318563 _____ () C:\Windows\WindowsUpdate.log
    2014-12-23 13:11 - 2014-12-26 11:01 - 00000000 ____D () C:\Users\User\AppData\Local\Packages
    2014-12-23 13:11 - 2014-12-23 13:11 - 00000180 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
    2014-12-23 13:11 - 2014-12-23 13:11 - 00000020 ___SH () C:\Users\User\ntuser.ini
    2014-12-23 13:11 - 2014-12-23 13:11 - 00000000 ____D () C:\Users\User\AppData\Roaming\Synaptics
    2014-12-23 13:11 - 2014-08-26 09:49 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
    2014-12-23 13:11 - 2014-08-26 01:19 - 00000000 ___HD () C:\Users\User\Documents\hp.system.package.metadata
    2014-12-23 13:11 - 2014-03-18 10:06 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
    2014-12-23 13:11 - 2014-03-18 09:54 - 00000369 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
    2014-12-23 13:11 - 2014-03-18 09:54 - 00000369 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
    2014-12-23 13:11 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2014-12-23 13:11 - 2013-08-22 15:36 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
     
    ==================== One Month Modified Files and Folders =======
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2015-01-17 18:22 - 2014-03-18 09:53 - 00958356 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-01-17 18:17 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sru
    2015-01-17 16:41 - 2013-08-22 14:46 - 00028607 _____ () C:\Windows\setupact.log
    2015-01-17 16:41 - 2013-08-22 14:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-01-17 16:40 - 2014-03-18 09:44 - 00015020 _____ () C:\Windows\PFRO.log
    2015-01-17 16:40 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\Help
    2015-01-17 16:40 - 2013-08-22 13:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
    2015-01-17 16:25 - 2014-11-21 23:53 - 00000000 ____D () C:\ProgramData\McAfee
    2015-01-17 15:21 - 2014-08-26 01:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
    2015-01-17 15:21 - 2013-08-22 15:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
    2015-01-17 15:13 - 2013-08-22 13:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
    2015-01-14 08:12 - 2013-08-22 15:20 - 00000000 ____D () C:\Windows\CbsTemp
    2015-01-11 09:36 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\AppReadiness
    2015-01-10 09:58 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\LiveKernelReports
    2015-01-09 12:07 - 2013-08-22 14:44 - 00354104 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-12-30 01:14 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\rescache
    2014-12-29 19:42 - 2014-03-18 09:38 - 00000000 ____D () C:\Program Files\Windows Journal
    2014-12-29 19:42 - 2013-08-22 15:36 - 00000000 ___RD () C:\Windows\ToastData
    2014-12-29 19:42 - 2013-08-22 15:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
    2014-12-29 19:42 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
    2014-12-29 19:42 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
    2014-12-29 19:42 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
    2014-12-29 19:42 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
    2014-12-29 19:42 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
    2014-12-29 19:42 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\setup
    2014-12-29 19:42 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\en-GB
    2014-12-29 19:42 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\system32\oobe
    2014-12-27 16:52 - 2014-08-26 01:19 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\WinStore
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\MediaViewer
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\FileManager
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\Camera
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\AppCompat
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Defender
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
    2014-12-26 14:48 - 2014-11-21 23:51 - 00000000 ____D () C:\Users\Public\CyberLink
    2014-12-26 14:48 - 2014-11-21 23:43 - 00000000 ____D () C:\ProgramData\CyberLink
    2014-12-26 11:02 - 2014-08-26 01:28 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
    2014-12-26 10:39 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\restore
    2014-12-23 13:21 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Recovery
    2014-12-23 13:11 - 2014-04-04 23:45 - 00000000 ___HD () C:\SYSTEM.SAV
    2014-12-23 13:06 - 2014-04-02 23:51 - 00000000 ____D () C:\Windows\Panther
     
    Some content of TEMP:
    ====================
    C:\Users\User\AppData\Local\Temp\7za.exe
    C:\Users\User\AppData\Local\Temp\hijackthis.exe
    C:\Users\User\AppData\Local\Temp\NirCmd.exe
    C:\Users\User\AppData\Local\Temp\PEVZ.EXE
    C:\Users\User\AppData\Local\Temp\remove.exe
    C:\Users\User\AppData\Local\Temp\sed.exe
    C:\Users\User\AppData\Local\Temp\shortcut.exe
    C:\Users\User\AppData\Local\Temp\swreg.exe
    C:\Users\User\AppData\Local\Temp\swxcacls.exe
    C:\Users\User\AppData\Local\Temp\wget.exe
    C:\Users\User\AppData\Local\Temp\zoek-delete.exe
     
     
    ==================== Bamital & volsnap Check =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
     
     
    LastRegBack: 2015-01-06 16:44
     
    ==================== End Of Log ============================


    #5 btant1

    btant1
    • Topic Starter

    • Members
    • 15 posts
    • OFFLINE
    •  
    • Local time:12:45 AM

    Posted 17 January 2015 - 01:48 PM

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-01-2015 01
    Ran by User at 2015-01-17 18:41:55
    Running from C:\Users\User\Downloads
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
    Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
    Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
    Bejeweled 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Building the Great Wall of China Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
    Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
    Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
    Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
    CoupEExtension (HKLM-x32\...\{6933C2BA-C67D-42C7-8C77-1FF4B364AF54}) (Version:  - "") <==== ATTENTION
    Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden
    CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.7.4023 - CyberLink Corp.)
    Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.1.5406 - CyberLink Corp.)
    Cyberlink PhotoDirector (Version: 5.0.1.5406 - CyberLink Corp.) Hidden
    CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.7.4016 - CyberLink Corp.)
    CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.1.3121 - CyberLink Corp.)
    CyberLink PowerDirector 12 (Version: 12.0.1.3121 - CyberLink Corp.) Hidden
    CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4.4223 - CyberLink Corp.)
    CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.4.4218 - CyberLink Corp.)
    DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
    Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
    Evernote v. 5.3 (HKLM-x32\...\{E461B1AC-BC3C-11E3-B5B8-00163E98E7D6}) (Version: 5.3.0.3360 - Evernote Corp.)
    Farm Frenzy (x32 Version: 3.0.2.59 - WildTangent) Hidden
    Foxit PhantomPDF (HKLM-x32\...\{00CD7D62-056A-4F0F-9143-44522D44E6DD}) (Version: 6.0.32.507 - Foxit Corporation)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
    Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
    Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
    Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
    HP 3D DriveGuard (HKLM-x32\...\{13133E99-B0D5-4143-B832-AAD55C62A41C}) (Version: 6.0.19.1 - Hewlett-Packard Company)
    HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company)
    HP Documentation (HKLM-x32\...\{082B1425-0F24-43FA-9B64-E8F617B0AD3B}) (Version: 1.1.0.0 - Hewlett-Packard)
    HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
    HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
    HP Support Assistant (HKLM-x32\...\{7FE016CC-DAA9-4E21-BD2F-98390D1E6F3F}) (Version: 7.6.23.8 - Hewlett-Packard Company)
    HP System Event Utility (HKLM-x32\...\{E20B0C89-ACCF-4EBB-909D-2E5BD4A9C024}) (Version: 1.1.11 - Hewlett-Packard Company)
    HP Utility Center (HKLM\...\{DCD5C599-5CCC-4E37-8938-FBB548D780C6}) (Version: 2.5.3 - Hewlett-Packard Company)
    HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
    Inst5675 (Version: 8.01.11 - Softex Inc.) Hidden
    Inst5676 (Version: 8.01.11 - Softex Inc.) Hidden
    Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
    Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
    Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
    Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.9.1000 - Intel Corporation)
    Intel® Smart Connect Technology (HKLM\...\{51AC86D3-C431-48AD-9195-0D6C930D07CD}) (Version: 4.2.41.2710 - Intel Corporation)
    Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
    Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
    Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
    Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
    Minecraft (HKLM-x32\...\{02BAAFC5-4E16-42E6-A9F6-8DDE0B7ED3B8}) (Version: 1.0.0.0 - Mojang)
    Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.51 - WildTangent) Hidden
    Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
    Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
    REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.17 - REALTEK Semiconductor Corp.)
    Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.49 - Realtek Semiconductor Corp.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.32.508.2014 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7231 - Realtek Semiconductor Corp.)
    REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.33 - REALTEK Semiconductor Corp.)
    ROBLOX Player for User (HKU\S-1-5-21-1195921204-3405295498-33354624-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.7.16 - Synaptics Incorporated)
    Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
    uniisaLess (HKLM-x32\...\{4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E}) (Version:  - )
    Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
    Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
    WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
    WildTangent Games App for HP (x32 Version: 4.0.11.9 - WildTangent) Hidden
    Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden
     
    ==================== Custom CLSID (selected items): ==========================
     
    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
     
    CustomCLSID: HKU\S-1-5-21-1195921204-3405295498-33354624-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
    CustomCLSID: HKU\S-1-5-21-1195921204-3405295498-33354624-1001_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\User\AppData\Local\Roblox\Versions\version-1b62582f111742b3\RobloxProxy64.dll (ROBLOX Corporation)
     
    ==================== Restore Points  =========================
     
    26-12-2014 10:39:20 avast! antivirus system restore point
    14-01-2015 08:06:08 Windows Update
     
    ==================== Hosts content: ==========================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
     
    ==================== Scheduled Tasks (whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
     
    Task: {06C3F4BB-DF98-4CE9-AD1F-DF107896AB12} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
    Task: {37A4B22F-94F5-40E3-88DB-F1FC14D44747} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-26] (Google Inc.)
    Task: {40D70423-D602-439D-8E4E-728C9EC7E609} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-06-03] (Hewlett-Packard Company)
    Task: {6206B5AB-65BB-483A-98E4-0DB0CF0314B3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-01-14] (Microsoft Corporation)
    Task: {631325E1-7639-4753-9EB2-D44CC9ED7EAB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-26] (Google Inc.)
    Task: {749102D2-7D46-4F95-BC84-AB37533FD1C3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-06-03] (Hewlett-Packard Company)
    Task: {9EE8F73F-7CC2-4EB4-849B-4B4B8FCC3196} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2014-05-19] (Hewlett-Packard Development Company, L.P.)
    Task: {9FC1CF05-41A7-4960-83DC-D11DCA19BF5E} - System32\Tasks\HPCeeScheduleForUser => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
    Task: {D4B78460-3D6A-4C4D-8AAB-8C6E5AC23D07} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-26] (AVAST Software)
    Task: {E24B0B08-F797-4A55-8CC2-953EDC79BA6F} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-06-18] (CyberLink Corp.)
    Task: {E6B631BB-D749-4FAF-88C4-AB20471FC1E3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
    Task: {F4A9A78D-4963-4BFE-92E6-C5EE4FCBDA50} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\HPCeeScheduleForUser.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
     
    ==================== Loaded Modules (whitelisted) =============
     
    2014-03-28 12:31 - 2014-03-28 12:31 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
    2014-03-28 12:27 - 2014-03-28 12:27 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
    2014-03-28 12:27 - 2014-03-28 12:27 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
    2014-03-28 12:27 - 2014-03-28 12:27 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
    2014-03-28 12:48 - 2014-03-28 12:48 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
    2014-03-28 12:48 - 2014-03-28 12:48 - 00712080 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
    2014-11-21 23:31 - 2014-07-04 11:24 - 00094936 ____N () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
    2013-12-04 08:44 - 2013-12-04 08:44 - 00200168 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
    2013-12-04 08:44 - 2013-12-04 08:44 - 00054760 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll
    2013-12-04 08:44 - 2013-12-04 08:44 - 00034792 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTNetMon.dll
    2014-11-22 00:00 - 2014-04-14 18:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
    2014-03-28 12:36 - 2014-03-28 12:36 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
    2015-01-17 15:08 - 2015-01-17 15:08 - 02911744 _____ () C:\Program Files\AVAST Software\Avast\defs\15011700\algo.dll
    2014-11-21 23:22 - 2013-12-10 15:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
    2014-12-26 10:41 - 2014-12-06 01:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
    2014-12-26 10:41 - 2014-12-06 01:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
    2014-12-26 10:41 - 2014-12-06 01:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
    2014-12-26 10:41 - 2014-12-06 01:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
    2014-12-26 10:40 - 2014-12-26 10:40 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
     
    ==================== Alternate Data Streams (whitelisted) =========
     
    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
     
     
    ==================== Safe Mode (whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
     
    ==================== EXE Association (whitelisted) =============
     
    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
     
     
    ==================== MSCONFIG/TASK MANAGER disabled items =========
     
    (Currently there is no automatic fix for this section.)
     
     
    ========================= Accounts: ==========================
     
    Administrator (S-1-5-21-1195921204-3405295498-33354624-500 - Administrator - Disabled)
    Guest (S-1-5-21-1195921204-3405295498-33354624-501 - Limited - Disabled)
    User (S-1-5-21-1195921204-3405295498-33354624-1001 - Administrator - Enabled) => C:\Users\User
     
    ==================== Faulty Device Manager Devices =============
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (01/17/2015 06:17:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 5652328
     
    Error: (01/17/2015 06:17:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 5652328
     
    Error: (01/17/2015 06:17:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second
     
    Error: (01/17/2015 04:42:02 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: igfxTray.exe, version: 6.15.10.3574, time stamp: 0x535821b3
    Faulting module name: combase.dll, version: 6.3.9600.17031, time stamp: 0x53087867
    Exception code: 0xc0000005
    Fault offset: 0x0000000000005fc4
    Faulting process ID: 0xc8c
    Faulting application start time: 0xigfxTray.exe0
    Faulting application path: igfxTray.exe1
    Faulting module path: igfxTray.exe2
    Report ID: igfxTray.exe3
    Faulting package full name: igfxTray.exe4
    Faulting package-relative application ID: igfxTray.exe5
     
    Error: (01/17/2015 03:35:24 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
    Description: 80070005
     
    Error: (01/17/2015 03:16:18 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: opbhobrokerdsktop.exe, version: 8.0.1.11, time stamp: 0x5335c3d5
    Faulting module name: combase.dll, version: 6.3.9600.17031, time stamp: 0x53087867
    Exception code: 0xc0000005
    Fault offset: 0x000000000000f5dd
    Faulting process ID: 0x23bc
    Faulting application start time: 0xopbhobrokerdsktop.exe0
    Faulting application path: opbhobrokerdsktop.exe1
    Faulting module path: opbhobrokerdsktop.exe2
    Report ID: opbhobrokerdsktop.exe3
    Faulting package full name: opbhobrokerdsktop.exe4
    Faulting package-relative application ID: opbhobrokerdsktop.exe5
     
    Error: (01/15/2015 08:30:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 1437
     
    Error: (01/15/2015 08:30:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 1437
     
    Error: (01/15/2015 08:30:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second
     
    Error: (01/15/2015 08:21:19 PM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "PDR.X,type="win32",version="1.0.0.0"1".
    Dependent Assembly PDR.X,type="win32",version="1.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.
     
     
    System errors:
    =============
    Error: (01/17/2015 03:37:16 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
     
    Error: (01/17/2015 03:37:16 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
     
    Error: (01/17/2015 03:37:16 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
     
    Error: (01/17/2015 03:21:14 PM) (Source: DCOM) (EventID: 10010) (User: hp)
    Description: {209500FC-6B45-4693-8871-6296C4843751}
     
    Error: (01/17/2015 03:20:44 PM) (Source: DCOM) (EventID: 10010) (User: hp)
    Description: {209500FC-6B45-4693-8871-6296C4843751}
     
    Error: (01/17/2015 03:14:00 PM) (Source: DCOM) (EventID: 10010) (User: hp)
    Description: {209500FC-6B45-4693-8871-6296C4843751}
     
    Error: (01/17/2015 03:08:08 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
     
    Error: (01/17/2015 03:08:08 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
     
    Error: (01/17/2015 03:08:08 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
     
    Error: (01/15/2015 06:24:24 PM) (Source: DCOM) (EventID: 10010) (User: hp)
    Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
     
     
    Microsoft Office Sessions:
    =========================
    Error: (01/17/2015 06:17:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 5652328
     
    Error: (01/17/2015 06:17:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 5652328
     
    Error: (01/17/2015 06:17:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second
     
    Error: (01/17/2015 04:42:02 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: igfxTray.exe6.15.10.3574535821b3combase.dll6.3.9600.1703153087867c00000050000000000005fc4c8c01d032748065b086C:\Windows\system32\igfxTray.exeC:\Windows\SYSTEM32\combase.dllc28da308-9e67-11e4-8265-7429af8adef4
     
    Error: (01/17/2015 03:35:24 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
    Description: 80070005
     
    Error: (01/17/2015 03:16:18 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: opbhobrokerdsktop.exe8.0.1.115335c3d5combase.dll6.3.9600.1703153087867c0000005000000000000f5dd23bc01d03266e0e78657C:\Program Files\Hewlett-Packard\SimplePass\opbhobrokerdsktop.exeC:\Windows\SYSTEM32\combase.dllc89d37aa-9e5b-11e4-8263-7429af8adef4
     
    Error: (01/15/2015 08:30:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 1437
     
    Error: (01/15/2015 08:30:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 1437
     
    Error: (01/15/2015 08:30:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second
     
    Error: (01/15/2015 08:21:19 PM) (Source: SideBySide) (EventID: 33) (User: )
    Description: PDR.X,type="win32",version="1.0.0.0"c:\program files\cyberlink\photodirector\Kernel\CES\CES_AudioCacheAgent.exe.Manifest
     
     
    ==================== Memory info =========================== 
     
    Processor: Intel® Core™ i5-4288U CPU @ 2.60GHz
    Percentage of memory in use: 25%
    Total physical RAM: 8122.15 MB
    Available physical RAM: 6013.64 MB
    Total Pagefile: 9402.15 MB
    Available Pagefile: 7115.13 MB
    Total Virtual: 131072 MB
    Available Virtual: 131071.8 MB
     
    ==================== Drives ================================
     
    Drive c: (Windows) (Fixed) (Total:1375.16 GB) (Free:1328.26 GB) NTFS
    Drive d: (RECOVERY) (Fixed) (Total:21.09 GB) (Free:2.35 GB) NTFS ==>[System with boot components (obtained from reading drive)]
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (Size: 1397.3 GB) (Disk ID: 39ED847C)
     
    Partition: GPT Partition Type.
     
    ==================== End Of Log ============================


    #6 ken545

    ken545

      Malware Response Team


    • Malware Response Team
    • 1,685 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:The Space Coast of Florida
    • Local time:08:45 PM

    Posted 17 January 2015 - 01:54 PM

    I need to see the Additions log as well, it should be on your Downloads folder.  The instructions state very clearly to download this program to your desktop, it will run better there in lieu of another folder, go to your downloads folder and find FRST64, right click on it and select CUT, come back to your desktop and right click on a blank space and select PASTE

     

    Sorry, we crossed posts but go ahead and lets get FRST64 on your desktop

     

     

     
    -AdwCleaner-by Xplode
     
    Click on this link to download : ADWCleaner
    Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.
     
    Do not click on any links in the top Advertisment.
     
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  •  
     
    ===============================================================================
     
     
    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  •  
     
     
    ===============================================================================
     
    Download Malwarebytes' Anti-Malware  to your desktop. 
     
  • Windows XP : Double click on the icon to run it.
  • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  •  
    MBAM203_zps0a230260.jpg
     
  • On the Dashboard click on Update Now
  • Go to the Setting Tab
  • Under Setting go to Detection and Protection
  • Under PUP and PUM make sure both are set to show Treat Detections as Malware
  • Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked<------------
  • Then on the Dashboard click on Scan
  • Make sure to select THREAT SCAN
  • Then click on Scan
  • When the scan is finished click on VIEW DETAILED LOG
  • When it opens click on COPY TO CLIPBOARD
  • Then paste the log back into this thread for review
  • Exit Malwarebytes

  • Edited by ken545, 17 January 2015 - 01:55 PM.

    mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



    donate.gif Please consider a donation to help me keep up my fight against malware.

     

    Just a reminder that threads will be closed if no response in 3 days


    #7 btant1

    btant1
    • Topic Starter

    • Members
    • 15 posts
    • OFFLINE
    •  
    • Local time:12:45 AM

    Posted 17 January 2015 - 02:00 PM

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-01-2015 01
    Ran by User (administrator) on HP on 17-01-2015 18:57:03
    Running from C:\Users\User\Desktop
    Loaded Profiles: User (Available profiles: User)
    Platform: Windows 8.1 (X64) OS Language: English (United Kingdom)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
    (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
    (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    () C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
    (Microsoft Corporation) C:\Windows\System32\dasHost.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
    (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
    () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
    (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Intel Corporation) C:\Windows\System32\igfxHK.exe
    (Intel Corporation) C:\Windows\System32\igfxTray.exe
    (Intel Corporation) C:\Windows\System32\igfxEM.exe
    () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
    (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
    (Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (AVAST Software) C:\Users\User\Downloads\aswMBR.exe
     
     
    ==================== Registry (Whitelisted) ==================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7573208 2014-04-22] (Realtek Semiconductor)
    HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard)
    HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard)
    HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard)
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2014-06-17] (Synaptics Incorporated)
    HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company)
    HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [506680 2014-06-19] (Hewlett-Packard Development Company, L.P.)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-09] (AVAST Software)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
    HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
    HKLM\...\Policies\Explorer: [NoFolderOptions] 0
    HKLM\...\Policies\Explorer: [NoControlPanel] 0
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk
    ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.uk.msn.com/HPNOT14/2
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT14/2
    HKU\S-1-5-21-1195921204-3405295498-33354624-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
    HKU\S-1-5-21-1195921204-3405295498-33354624-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
    HKU\S-1-5-21-1195921204-3405295498-33354624-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
    SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1195921204-3405295498-33354624-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1195921204-3405295498-33354624-1001 -> {D081BF98-9C51-4828-81F8-B87ADA7C05EA} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKU\S-1-5-21-1195921204-3405295498-33354624-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
    BHO: No Name -> {33b34b6d-252a-4647-8545-c8cfc025c625} ->  No File
    BHO: No Name -> {7323a459-1ae7-4fcd-948c-7c0a7cfb581b} ->  No File
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    BHO: No Name -> {dc9b9b0c-ddf4-47e2-9470-e6c37fc603ab} ->  No File
    BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
    BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
    BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
     
    FireFox:
    ========
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
    FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll ()
    FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll ()
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
    FF Plugin HKU\S-1-5-21-1195921204-3405295498-33354624-1001: @nsroblox.roblox.com/launcher -> C:\Users\User\AppData\Local\Roblox\Versions\version-1b62582f111742b3\\NPRobloxProxy.dll ( ROBLOX Corporation)
    FF Plugin HKU\S-1-5-21-1195921204-3405295498-33354624-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\User\AppData\Local\Roblox\Versions\version-1b62582f111742b3\\NPRobloxProxy64.dll ( ROBLOX Corporation)
    FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-26]
     
    Chrome: 
    =======
    CHR dev: Chrome dev build detected! <======= ATTENTION
    CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-26]
    CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-26]
    CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-26]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-26]
    CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-26]
    CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-26]
    CHR Extension: (Turntablefm Playlist Manager) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimhdmlhdgmboegnmecdnfbmdmhdoool [2015-01-13]
    CHR Extension: (Avast SafePrice) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-01-13]
    CHR Extension: (Sprucemarks) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fakeocdnmmmnokabaiflppclocckihoj [2015-01-17]
    CHR Extension: (Google Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-26]
    CHR Extension: (IBA Optout ) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb [2014-12-27]
    CHR Extension: (Avast Online Security) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-26]
    CHR Extension: (BrowserTexting) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\idijdgooojpepbnadlbkiagcmilndffa [2015-01-04]
    CHR Extension: (jquery injector) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\indebdooekgjhkncmgbkeopjebofdoid [2015-01-08]
    CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-26]
    CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-26]
    CHR Extension: (DiiggiCoupon) - C:\ProgramData\cllflebfehaganannjlkoidjnffncghl\ [2014-12-26]
    CHR Extension: (uniSaleS) - C:\ProgramData\icjnaaafolcjjhihffbdmjjpidfiogmg\ [2014-12-26]
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2014-12-26]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-26]
     
    ==================== Services (Whitelisted) =================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-26] (AVAST Software)
    R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [94936 2014-07-04] ()
    R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
    R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-06-03] (Hewlett-Packard Company) [File not signed]
    R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [475960 2014-06-19] (Hewlett-Packard Development Company, L.P.)
    R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-08] (Intel Corporation)
    R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315376 2014-05-15] (Intel Corporation)
    R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
    S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
    R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation)
    R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] ()
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
    R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [File not signed]
    R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
    R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-06-17] (Synaptics Incorporated)
    S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-04-02] (Microsoft Corporation)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
     
    ==================== Drivers (Whitelisted) ====================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-26] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-26] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-26] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-26] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-26] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-26] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-26] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-26] ()
    R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
    R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
    R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] ()
    R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-13] ()
    R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-13] ()
    R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-13] ()
    R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
    R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [573144 2014-06-17] (Realtek Semiconductor Corporation)
    U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [476888 2014-03-21] (Realsil Semiconductor Corporation)
    R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3463896 2014-06-21] (Realtek Semiconductor Corporation                           )
    S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2014-06-17] (Synaptics Incorporated)
    R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-06-17] (Synaptics Incorporated)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
    R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
    U3 aswMBR; \??\C:\Users\User\AppData\Local\Temp\aswMBR.sys [X]
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
     
     
    ==================== One Month Created Files and Folders ========
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2015-01-17 18:57 - 2015-01-17 18:57 - 00021997 _____ () C:\Users\User\Desktop\FRST.txt
    2015-01-17 18:41 - 2015-01-17 18:42 - 00094414 _____ () C:\Users\User\Downloads\FRST.txt
    2015-01-17 18:41 - 2015-01-17 18:42 - 00025433 _____ () C:\Users\User\Downloads\Addition.txt
    2015-01-17 18:40 - 2015-01-17 18:57 - 00000000 ____D () C:\FRST
    2015-01-17 18:40 - 2015-01-17 18:40 - 02125824 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
    2015-01-17 18:34 - 2015-01-17 18:34 - 00002175 _____ () C:\Users\User\Downloads\aswMBR.txt
    2015-01-17 18:31 - 2015-01-17 18:31 - 00002175 _____ () C:\Users\User\Desktop\aswMBR.txt
    2015-01-17 18:31 - 2015-01-17 18:31 - 00000512 _____ () C:\Users\User\Desktop\MBR.dat
    2015-01-17 18:20 - 2015-01-17 18:20 - 05198336 _____ (AVAST Software) C:\Users\User\Downloads\aswMBR.exe
    2015-01-17 16:31 - 2015-01-17 16:31 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-01-17 16:31 - 2015-01-17 16:31 - 00001121 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2015-01-17 16:31 - 2015-01-17 16:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-01-17 16:30 - 2015-01-17 16:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-01-17 16:30 - 2015-01-17 16:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2015-01-17 16:30 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2015-01-17 16:30 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2015-01-17 16:30 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2015-01-17 16:29 - 2015-01-17 16:30 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.4.1028.exe
    2015-01-17 15:46 - 2015-01-17 15:46 - 00000002 _____ () C:\runcheck.txt
    2015-01-17 15:45 - 2015-01-17 15:45 - 01295360 _____ () C:\Users\User\Downloads\zoek.exe
    2015-01-17 15:45 - 2015-01-17 15:45 - 00000000 ____D () C:\zoek_backup
    2015-01-17 15:44 - 2015-01-17 16:40 - 00000000 ____D () C:\ProgramData\CoupEExtension
    2015-01-14 07:59 - 2015-01-14 07:59 - 00000359 _____ () C:\Users\User\Documents\Favourites - Shortcut.lnk
    2015-01-13 20:36 - 2015-01-17 16:40 - 00000000 ____D () C:\ProgramData\BitSAver
    2015-01-13 20:05 - 2014-12-19 06:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
    2015-01-13 20:05 - 2014-12-12 02:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
    2015-01-13 20:05 - 2014-12-12 00:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
    2015-01-13 20:05 - 2014-12-09 01:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
    2015-01-13 20:05 - 2014-12-08 19:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
    2015-01-13 20:05 - 2014-12-08 19:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
    2015-01-13 20:05 - 2014-12-08 19:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
    2015-01-13 20:05 - 2014-12-08 19:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
    2015-01-13 20:05 - 2014-12-08 19:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
    2015-01-13 20:05 - 2014-12-08 19:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
    2015-01-13 20:05 - 2014-12-08 19:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
    2015-01-13 20:05 - 2014-12-08 19:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
    2015-01-13 20:05 - 2014-12-06 03:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
    2015-01-13 20:05 - 2014-12-06 01:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
    2015-01-13 20:05 - 2014-12-06 01:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
    2015-01-13 20:05 - 2014-10-29 04:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
    2015-01-13 20:05 - 2014-10-29 04:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
    2015-01-13 20:05 - 2014-10-29 03:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
    2015-01-13 20:05 - 2014-10-29 03:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
    2015-01-13 20:05 - 2014-10-29 03:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
    2015-01-13 20:05 - 2014-10-29 03:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
    2015-01-13 20:05 - 2014-10-29 03:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
    2015-01-13 20:05 - 2014-10-29 03:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
    2015-01-13 20:05 - 2014-10-29 03:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
    2015-01-13 20:05 - 2014-10-29 03:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
    2015-01-13 20:05 - 2014-10-29 03:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
    2015-01-13 20:05 - 2014-10-29 02:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
    2015-01-13 20:05 - 2014-10-29 01:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
    2015-01-13 20:05 - 2014-10-29 01:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
    2015-01-13 20:05 - 2014-10-29 01:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
    2015-01-13 20:05 - 2014-10-29 01:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
    2015-01-10 16:25 - 2015-01-15 16:25 - 00000334 _____ () C:\Windows\Tasks\HPCeeScheduleForUser.job
    2015-01-10 14:01 - 2015-01-10 14:01 - 00000000 ____D () C:\Users\User\AppData\Local\iLivid
    2015-01-09 15:42 - 2015-01-15 16:16 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
    2015-01-09 15:42 - 2015-01-09 15:53 - 00000000 ____D () C:\Users\User\AppData\Local\Roblox
    2015-01-08 19:02 - 2015-01-08 19:02 - 00000000 ____D () C:\ProgramData\cllflebfehaganannjlkoidjnffncghl
    2015-01-08 18:43 - 2015-01-08 19:51 - 00000000 ____D () C:\ProgramData\SaveNueWeaAAppz
    2015-01-08 18:42 - 2015-01-08 19:51 - 00000000 ____D () C:\ProgramData\Fun2uSaave
    2015-01-08 18:14 - 2015-01-08 18:15 - 00000000 ____D () C:\Users\User\Desktop\movies
    2015-01-04 18:20 - 2015-01-17 15:45 - 00000000 ____D () C:\ProgramData\45e698a01f9234ee
    2015-01-04 18:20 - 2015-01-08 19:51 - 00000000 ____D () C:\ProgramData\FeiNdBeesatDeeeaL
    2014-12-27 16:52 - 2015-01-17 16:11 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
    2014-12-27 16:52 - 2015-01-17 16:11 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
    2014-12-27 14:04 - 2014-12-27 14:04 - 00002282 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2014-12-27 13:56 - 2014-12-27 13:56 - 00053440 _____ () C:\Users\User\Downloads\Magical Foods Mod 2.1.zip
    2014-12-27 13:38 - 2015-01-17 15:55 - 00000000 ____D () C:\Program Files (x86)\YoutubeAdBlockee
    2014-12-27 13:38 - 2015-01-17 15:55 - 00000000 ____D () C:\Program Files (x86)\uniisaLess
    2014-12-27 13:38 - 2014-12-27 13:38 - 00000000 ____D () C:\Program Files (x86)\IBA Optout
    2014-12-27 13:37 - 2014-12-27 13:37 - 00000000 ____D () C:\ProgramData\icjnaaafolcjjhihffbdmjjpidfiogmg
    2014-12-27 13:37 - 2014-12-27 13:37 - 00000000 ____D () C:\ProgramData\5036881046752343278
    2014-12-27 13:37 - 2014-12-27 13:37 - 00000000 ____D () C:\Program Files (x86)\uniSaleS
    2014-12-27 13:34 - 2014-12-27 13:34 - 00169316 _____ () C:\Users\User\Downloads\164blokkitv1.zip
    2014-12-27 13:22 - 2014-12-27 13:22 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2014-12-27 13:22 - 2014-12-27 13:22 - 00000000 ____D () C:\ProgramData\Sun
    2014-12-27 13:22 - 2014-12-27 13:22 - 00000000 ____D () C:\ProgramData\Oracle
    2014-12-27 13:22 - 2014-12-27 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2014-12-27 13:22 - 2014-12-27 13:22 - 00000000 ____D () C:\Program Files (x86)\Java
    2014-12-27 13:21 - 2014-12-27 13:21 - 00638888 _____ (Oracle Corporation) C:\Users\User\Downloads\chromeinstall-8u25.exe
    2014-12-27 13:21 - 2014-07-24 15:28 - 00419648 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
    2014-12-27 13:21 - 2014-07-24 15:28 - 00412992 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
    2014-12-27 13:21 - 2014-07-24 15:28 - 00143680 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
    2014-12-27 13:21 - 2014-07-24 15:20 - 00645592 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
    2014-12-27 13:21 - 2014-07-24 15:16 - 02574208 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
    2014-12-27 13:21 - 2014-07-24 15:07 - 02009920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
    2014-12-27 13:21 - 2014-07-24 15:05 - 01660048 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2014-12-27 13:21 - 2014-07-24 15:05 - 01519560 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
    2014-12-27 13:21 - 2014-07-24 15:05 - 01488008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
    2014-12-27 13:21 - 2014-07-24 15:05 - 01356840 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
    2014-12-27 13:21 - 2014-07-24 15:03 - 02141920 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
    2014-12-27 13:21 - 2014-07-24 15:03 - 00882136 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
    2014-12-27 13:21 - 2014-07-24 15:03 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
    2014-12-27 13:21 - 2014-07-24 15:03 - 00205512 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll
    2014-12-27 13:21 - 2014-07-24 13:48 - 02410976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
    2014-12-27 13:21 - 2014-07-24 13:46 - 00477200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
    2014-12-27 13:21 - 2014-07-24 13:36 - 02145472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
    2014-12-27 13:21 - 2014-07-24 13:36 - 00707536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
    2014-12-27 13:21 - 2014-07-24 13:36 - 00355800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
    2014-12-27 13:21 - 2014-07-24 13:36 - 00180720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
    2014-12-27 13:21 - 2014-07-24 11:44 - 00674816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
    2014-12-27 13:21 - 2014-07-24 11:43 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
    2014-12-27 13:21 - 2014-07-24 11:42 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
    2014-12-27 13:21 - 2014-07-24 11:05 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
    2014-12-27 13:21 - 2014-07-24 11:05 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
    2014-12-27 13:21 - 2014-07-24 10:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll
    2014-12-27 13:21 - 2014-07-24 10:20 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
    2014-12-27 13:21 - 2014-07-24 10:10 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
    2014-12-27 13:21 - 2014-07-24 10:10 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
    2014-12-27 13:21 - 2014-07-24 09:52 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
    2014-12-27 13:21 - 2014-07-24 09:44 - 16874496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
    2014-12-27 13:21 - 2014-07-24 09:39 - 00770048 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
    2014-12-27 13:21 - 2014-07-24 09:33 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
    2014-12-27 13:21 - 2014-07-24 09:24 - 01817088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
    2014-12-27 13:21 - 2014-07-24 09:16 - 12730880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
    2014-12-27 13:21 - 2014-07-24 09:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
    2014-12-27 13:21 - 2014-07-24 09:11 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
    2014-12-27 13:21 - 2014-07-24 09:10 - 00540672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
    2014-12-27 13:21 - 2014-07-24 09:03 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
    2014-12-27 13:21 - 2014-07-24 08:53 - 01261056 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
    2014-12-27 13:21 - 2014-07-24 08:53 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
    2014-12-27 13:21 - 2014-07-24 08:49 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
    2014-12-27 13:21 - 2014-07-24 08:39 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
    2014-12-27 13:21 - 2014-07-24 08:38 - 00371200 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
    2014-12-27 13:21 - 2014-07-24 08:32 - 01532416 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
    2014-12-27 13:21 - 2014-07-24 08:30 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
    2014-12-27 13:21 - 2014-07-24 08:29 - 00439296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
    2014-12-27 13:21 - 2014-07-24 08:23 - 01404416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
    2014-12-27 13:21 - 2014-07-24 08:22 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
    2014-12-27 13:21 - 2014-07-24 08:21 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
    2014-12-27 13:21 - 2014-07-24 08:21 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
    2014-12-27 13:21 - 2014-07-24 08:19 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
    2014-12-27 13:21 - 2014-07-24 08:18 - 00795136 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
    2014-12-27 13:21 - 2014-07-24 08:16 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
    2014-12-27 13:21 - 2014-07-24 08:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
    2014-12-27 13:21 - 2014-07-24 08:15 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2014-12-27 13:21 - 2014-07-24 08:10 - 00889344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
    2014-12-27 13:21 - 2014-07-24 08:10 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
    2014-12-27 13:21 - 2014-07-24 08:02 - 03465216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2014-12-27 13:21 - 2014-07-24 08:01 - 01992192 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
    2014-12-27 13:21 - 2014-07-24 07:50 - 01182208 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
    2014-12-27 13:21 - 2014-07-24 07:47 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
    2014-12-27 13:21 - 2014-07-24 07:44 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
    2014-12-27 13:21 - 2014-07-24 07:28 - 01600000 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
    2014-12-27 13:21 - 2014-07-24 04:11 - 00513544 _____ () C:\Windows\SysWOW64\locale.nls
    2014-12-27 13:21 - 2014-07-24 04:11 - 00513544 _____ () C:\Windows\system32\locale.nls
    2014-12-27 13:21 - 2014-07-12 05:55 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
    2014-12-27 13:21 - 2014-07-04 10:29 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
    2014-12-27 13:21 - 2014-07-04 09:30 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
    2014-12-27 13:21 - 2014-07-04 09:27 - 00474112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
    2014-12-27 13:21 - 2014-06-27 06:22 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
    2014-12-27 13:21 - 2014-06-26 00:32 - 01029632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
    2014-12-27 13:21 - 2014-06-19 02:13 - 00310080 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
    2014-12-27 13:21 - 2014-06-14 06:03 - 02389504 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
    2014-12-27 13:21 - 2014-06-14 05:46 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
    2014-12-27 13:21 - 2014-06-05 10:18 - 01018368 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
    2014-12-27 13:21 - 2014-06-05 09:42 - 00889856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
    2014-12-27 13:21 - 2014-05-31 05:00 - 01463808 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
    2014-12-27 13:21 - 2014-05-29 06:23 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
    2014-12-27 13:21 - 2014-05-29 05:25 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
    2014-12-27 13:21 - 2014-05-06 04:41 - 00486744 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
    2014-12-27 13:21 - 2014-05-06 00:55 - 00391000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
    2014-12-27 13:21 - 2014-03-25 02:27 - 00160600 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
    2014-12-27 13:21 - 2014-03-25 01:20 - 00127544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
    2014-12-27 13:20 - 2014-07-24 15:28 - 00280384 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
    2014-12-27 13:20 - 2014-07-24 15:25 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2014-12-27 13:20 - 2014-07-24 15:23 - 00125472 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
    2014-12-27 13:20 - 2014-07-24 15:20 - 00263400 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
    2014-12-27 13:20 - 2014-07-24 15:16 - 00211216 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
    2014-12-27 13:20 - 2014-07-24 15:03 - 00233888 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
    2014-12-27 13:20 - 2014-07-24 13:50 - 00098048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
    2014-12-27 13:20 - 2014-07-24 13:48 - 00180208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
    2014-12-27 13:20 - 2014-07-24 11:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL
    2014-12-27 13:20 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
    2014-12-27 13:20 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTT102.DLL
    2014-12-27 13:20 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
    2014-12-27 13:20 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
    2014-12-27 13:20 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
    2014-12-27 13:20 - 2014-07-24 11:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
    2014-12-27 13:20 - 2014-07-24 11:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
    2014-12-27 13:20 - 2014-07-24 11:45 - 00076800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
    2014-12-27 13:20 - 2014-07-24 11:42 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NdisImPlatform.sys
    2014-12-27 13:20 - 2014-07-24 11:41 - 00118272 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
    2014-12-27 13:20 - 2014-07-24 11:33 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2014-12-27 13:20 - 2014-07-24 11:33 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2014-12-27 13:20 - 2014-07-24 11:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
    2014-12-27 13:20 - 2014-07-24 10:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
    2014-12-27 13:20 - 2014-07-24 10:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTT102.DLL
    2014-12-27 13:20 - 2014-07-24 10:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
    2014-12-27 13:20 - 2014-07-24 10:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL
    2014-12-27 13:20 - 2014-07-24 10:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
    2014-12-27 13:20 - 2014-07-24 10:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
    2014-12-27 13:20 - 2014-07-24 10:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
    2014-12-27 13:20 - 2014-07-24 10:33 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
    2014-12-27 13:20 - 2014-07-24 10:32 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
    2014-12-27 13:20 - 2014-07-24 10:18 - 01089024 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
    2014-12-27 13:20 - 2014-07-24 10:12 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
    2014-12-27 13:20 - 2014-07-24 10:10 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
    2014-12-27 13:20 - 2014-07-24 10:10 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasnap.dll
    2014-12-27 13:20 - 2014-07-24 10:05 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
    2014-12-27 13:20 - 2014-07-24 09:42 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
    2014-12-27 13:20 - 2014-07-24 09:40 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
    2014-12-27 13:20 - 2014-07-24 09:32 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
    2014-12-27 13:20 - 2014-07-24 09:27 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
    2014-12-27 13:20 - 2014-07-24 09:25 - 00832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
    2014-12-27 13:20 - 2014-07-24 09:21 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
    2014-12-27 13:20 - 2014-07-24 09:18 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll
    2014-12-27 13:20 - 2014-07-24 09:14 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
    2014-12-27 13:20 - 2014-07-24 09:11 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
    2014-12-27 13:20 - 2014-07-24 09:04 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
    2014-12-27 13:20 - 2014-07-24 09:04 - 00183808 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
    2014-12-27 13:20 - 2014-07-24 08:58 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
    2014-12-27 13:20 - 2014-07-24 08:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
    2014-12-27 13:20 - 2014-07-24 08:48 - 00659968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
    2014-12-27 13:20 - 2014-07-24 08:47 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
    2014-12-27 13:20 - 2014-07-24 08:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll
    2014-12-27 13:20 - 2014-07-24 08:36 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
    2014-12-27 13:20 - 2014-07-24 08:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
    2014-12-27 13:20 - 2014-07-24 08:18 - 01144320 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
    2014-12-27 13:20 - 2014-07-24 08:18 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2014-12-27 13:20 - 2014-07-24 08:15 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
    2014-12-27 13:20 - 2014-07-24 08:15 - 00432128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
    2014-12-27 13:20 - 2014-07-24 08:13 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
    2014-12-27 13:20 - 2014-07-24 08:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
    2014-12-27 13:20 - 2014-07-24 08:07 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2014-12-27 13:20 - 2014-07-24 08:06 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2014-12-27 13:20 - 2014-07-24 08:05 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
    2014-12-27 13:20 - 2014-07-24 08:04 - 00667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2014-12-27 13:20 - 2014-07-24 08:00 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
    2014-12-27 13:20 - 2014-07-24 07:58 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
    2014-12-27 13:20 - 2014-07-24 07:58 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
    2014-12-27 13:20 - 2014-07-24 07:54 - 01290752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
    2014-12-27 13:20 - 2014-07-24 07:41 - 00459264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
    2014-12-27 13:20 - 2014-07-12 04:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
    2014-12-27 13:20 - 2014-07-04 12:59 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
    2014-12-27 13:20 - 2014-07-04 10:20 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
    2014-12-27 13:20 - 2014-07-04 10:06 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
    2014-12-27 13:20 - 2014-07-04 10:00 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
    2014-12-27 13:20 - 2014-06-26 00:29 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
    2014-12-27 13:20 - 2014-06-19 23:37 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
    2014-12-27 13:20 - 2014-06-07 12:46 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
    2014-12-27 13:20 - 2014-06-07 10:20 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
    2014-12-27 13:20 - 2014-06-05 14:00 - 01118040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
    2014-12-27 13:20 - 2014-05-31 04:18 - 01319936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
    2014-12-27 13:20 - 2014-05-26 07:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
    2014-12-27 13:20 - 2014-05-10 10:12 - 00387896 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
    2014-12-27 13:20 - 2014-05-10 08:46 - 00335680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
    2014-12-27 13:20 - 2014-03-25 02:27 - 00123920 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
    2014-12-27 13:20 - 2014-03-25 01:20 - 00128568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
    2014-12-27 13:19 - 2014-12-27 13:19 - 03077905 _____ () C:\Users\User\Downloads\forge-1.7.10-10.13.2.1230-installer.jar
    2014-12-26 20:28 - 2014-12-26 20:28 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieBrowserModeList
    2014-12-26 20:25 - 2015-01-06 00:08 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2014-12-26 20:25 - 2015-01-06 00:08 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2014-12-26 19:54 - 2014-12-26 19:54 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2014-12-26 19:54 - 2014-12-26 19:54 - 00000000 ____D () C:\Windows\system32\appraiser
    2014-12-26 17:05 - 2015-01-14 08:12 - 00000000 ____D () C:\Windows\system32\MRT
    2014-12-26 17:05 - 2015-01-14 08:07 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2014-12-26 16:55 - 2014-04-14 03:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
    2014-12-26 14:48 - 2014-12-26 14:48 - 00000000 ____D () C:\Users\User\Documents\Avatar
    2014-12-26 14:48 - 2014-12-26 14:48 - 00000000 ____D () C:\Users\User\AppData\Roaming\CyberLink
    2014-12-26 13:06 - 2014-11-10 02:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll
    2014-12-26 13:06 - 2014-11-10 01:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
    2014-12-26 13:05 - 2014-12-03 23:37 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-12-26 13:05 - 2014-12-03 23:09 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2014-12-26 13:05 - 2014-12-02 23:09 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-12-26 13:05 - 2014-12-02 23:09 - 00740864 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2014-12-26 13:05 - 2014-12-02 23:09 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2014-12-26 13:05 - 2014-12-02 23:09 - 00396288 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2014-12-26 13:05 - 2014-12-02 23:09 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2014-12-26 13:05 - 2014-09-22 04:38 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
    2014-12-26 13:05 - 2014-09-22 03:06 - 00258368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
    2014-12-26 13:05 - 2014-09-22 03:06 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
    2014-12-26 13:05 - 2014-09-22 02:49 - 00035320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
    2014-12-26 13:05 - 2014-09-19 00:16 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
    2014-12-26 13:05 - 2014-09-02 22:08 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
    2014-12-26 13:05 - 2014-09-02 22:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
    2014-12-26 13:05 - 2014-07-10 04:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\lockscreencn.dll
    2014-12-26 13:04 - 2014-10-31 23:57 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
    2014-12-26 13:04 - 2014-10-31 23:47 - 00790528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
    2014-12-26 13:04 - 2014-10-30 23:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2014-12-26 13:04 - 2014-10-30 23:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2014-12-26 13:04 - 2014-10-13 02:33 - 00116032 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
    2014-12-26 13:04 - 2014-10-11 00:58 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
    2014-12-26 13:04 - 2014-10-11 00:53 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
    2014-12-26 13:04 - 2014-10-08 07:30 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
    2014-12-26 13:04 - 2014-10-08 07:09 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
    2014-12-26 13:04 - 2014-10-08 06:27 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
    2014-12-26 13:04 - 2014-10-08 05:32 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
    2014-12-26 13:04 - 2014-10-08 05:19 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
    2014-12-26 13:01 - 2014-08-15 00:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
    2014-12-26 13:01 - 2014-07-30 01:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
    2014-12-26 13:01 - 2014-07-29 05:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
    2014-12-26 12:04 - 2015-01-17 16:42 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
    2014-12-26 11:56 - 2014-11-22 03:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-12-26 11:56 - 2014-11-22 02:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-12-26 11:56 - 2014-11-22 02:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-12-26 11:56 - 2014-11-22 02:35 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2014-12-26 11:56 - 2014-11-22 02:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-12-26 11:56 - 2014-11-22 02:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-12-26 11:56 - 2014-11-22 02:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-12-26 11:56 - 2014-11-22 02:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2014-12-26 11:56 - 2014-11-22 02:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2014-12-26 11:56 - 2014-11-22 02:06 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
    2014-12-26 11:56 - 2014-11-22 02:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-12-26 11:56 - 2014-11-22 02:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-12-26 11:56 - 2014-11-22 01:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
    2014-12-26 11:56 - 2014-11-22 01:55 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2014-12-26 11:56 - 2014-11-22 01:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2014-12-26 11:56 - 2014-11-22 01:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-12-26 11:56 - 2014-11-22 01:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-12-26 11:56 - 2014-11-22 01:49 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-12-26 11:56 - 2014-11-22 01:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-12-26 11:56 - 2014-11-22 01:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-12-26 11:56 - 2014-11-22 01:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2014-12-26 11:56 - 2014-11-22 01:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
    2014-12-26 11:56 - 2014-11-22 01:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2014-12-26 11:56 - 2014-11-22 01:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-12-26 11:56 - 2014-11-22 01:29 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
    2014-12-26 11:56 - 2014-11-22 01:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-12-26 11:56 - 2014-11-22 01:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2014-12-26 11:56 - 2014-11-22 01:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-12-26 11:56 - 2014-11-22 01:23 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2014-12-26 11:56 - 2014-11-22 01:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-12-26 11:56 - 2014-11-22 01:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-12-26 11:56 - 2014-11-22 01:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-12-26 11:56 - 2014-11-22 01:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-12-26 11:56 - 2014-11-22 01:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-12-26 11:56 - 2014-11-22 00:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-12-26 11:56 - 2014-11-22 00:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2014-12-26 11:56 - 2014-10-31 05:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-12-26 11:56 - 2014-10-31 04:53 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-12-26 11:56 - 2014-10-31 04:52 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
    2014-12-26 11:56 - 2014-10-31 04:51 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-12-26 11:56 - 2014-10-31 04:51 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-12-26 11:56 - 2014-10-31 04:50 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-12-26 11:56 - 2014-10-31 04:38 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-12-26 11:56 - 2014-10-31 04:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-12-26 11:56 - 2014-10-31 04:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2014-12-26 11:56 - 2014-10-31 04:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-12-26 11:56 - 2014-10-31 03:44 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
    2014-12-26 11:56 - 2014-10-31 03:13 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-12-26 11:56 - 2014-10-31 03:13 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
    2014-12-26 11:56 - 2014-10-31 03:12 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-12-26 11:56 - 2014-10-31 03:11 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-12-26 11:56 - 2014-10-31 03:02 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2014-12-26 11:56 - 2014-10-31 02:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2014-12-26 11:56 - 2014-10-31 02:56 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2014-12-26 11:56 - 2014-10-31 02:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-12-26 11:56 - 2014-10-31 02:26 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
    2014-12-26 11:55 - 2014-11-22 02:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2014-12-26 11:55 - 2014-11-22 02:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-12-26 11:55 - 2014-11-22 02:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2014-12-26 11:55 - 2014-10-31 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
    2014-12-26 11:55 - 2014-10-31 05:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
    2014-12-26 11:55 - 2014-10-31 05:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
    2014-12-26 11:55 - 2014-10-31 05:09 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
    2014-12-26 11:55 - 2014-10-31 05:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
    2014-12-26 11:55 - 2014-10-31 05:06 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2014-12-26 11:55 - 2014-10-31 05:06 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-12-26 11:55 - 2014-10-31 04:57 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-12-26 11:55 - 2014-10-31 04:56 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-12-26 11:55 - 2014-10-31 04:54 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
    2014-12-26 11:55 - 2014-10-31 04:40 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
    2014-12-26 11:55 - 2014-10-31 04:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
    2014-12-26 11:55 - 2014-10-31 04:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
    2014-12-26 11:55 - 2014-10-31 04:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
    2014-12-26 11:55 - 2014-10-31 04:19 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2014-12-26 11:55 - 2014-10-31 03:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
    2014-12-26 11:55 - 2014-10-31 03:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
    2014-12-26 11:55 - 2014-10-31 03:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
    2014-12-26 11:55 - 2014-10-31 03:27 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
    2014-12-26 11:55 - 2014-10-31 03:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
    2014-12-26 11:55 - 2014-10-31 03:25 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
    2014-12-26 11:55 - 2014-10-31 03:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2014-12-26 11:55 - 2014-10-31 03:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-12-26 11:55 - 2014-10-31 03:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-12-26 11:55 - 2014-10-31 03:16 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-12-26 11:55 - 2014-10-31 03:15 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-12-26 11:55 - 2014-10-31 03:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
    2014-12-26 11:55 - 2014-10-31 03:03 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
    2014-12-26 11:55 - 2014-10-31 02:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
    2014-12-26 11:55 - 2014-10-31 02:56 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
    2014-12-26 11:55 - 2014-10-31 02:53 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
    2014-12-26 11:55 - 2014-10-31 02:48 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2014-12-26 11:55 - 2014-10-31 02:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
    2014-12-26 11:54 - 2014-05-30 03:03 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
    2014-12-26 11:53 - 2014-10-30 22:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
    2014-12-26 11:53 - 2014-10-30 22:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
    2014-12-26 11:37 - 2014-09-27 07:13 - 00104336 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
    2014-12-26 11:37 - 2014-09-27 05:24 - 00088800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
    2014-12-26 11:37 - 2014-09-27 03:38 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2014-12-26 11:37 - 2014-09-27 03:30 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
    2014-12-26 11:37 - 2014-09-27 03:17 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2014-12-26 11:37 - 2014-06-13 01:15 - 00517528 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
    2014-12-26 11:37 - 2014-06-13 01:14 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
    2014-12-26 11:37 - 2014-06-13 00:10 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
    2014-12-26 11:37 - 2014-06-06 11:34 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
    2014-12-26 11:36 - 2014-06-20 01:48 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2014-12-26 11:36 - 2014-06-19 23:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
    2014-12-26 11:35 - 2014-10-10 01:58 - 00177472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2014-12-26 11:35 - 2014-10-10 01:58 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
    2014-12-26 11:35 - 2014-10-10 01:44 - 00563976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2014-12-26 11:35 - 2014-10-08 07:37 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2014-12-26 11:35 - 2014-10-08 07:37 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2014-12-26 11:35 - 2014-10-08 07:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
    2014-12-26 11:35 - 2014-10-08 07:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
    2014-12-26 11:35 - 2014-10-08 06:56 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
    2014-12-26 11:35 - 2014-10-08 06:51 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2014-12-26 11:35 - 2014-10-08 06:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2014-12-26 11:35 - 2014-10-08 06:18 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
    2014-12-26 11:35 - 2014-10-08 06:17 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2014-12-26 11:35 - 2014-10-08 05:23 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
    2014-12-26 11:35 - 2014-08-07 02:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2014-12-26 11:35 - 2014-08-02 03:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2014-12-26 11:35 - 2014-07-15 18:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
    2014-12-26 11:35 - 2014-07-15 08:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
    2014-12-26 11:34 - 2014-11-07 04:16 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2014-12-26 11:34 - 2014-11-07 03:26 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2014-12-26 11:34 - 2014-10-23 05:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
    2014-12-26 11:34 - 2014-10-23 05:05 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
    2014-12-26 11:34 - 2014-10-17 07:01 - 00789184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
    2014-12-26 11:34 - 2014-10-17 06:58 - 00602768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
    2014-12-26 11:34 - 2014-10-13 02:43 - 00238912 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
    2014-12-26 11:34 - 2014-10-13 02:43 - 00153920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
    2014-12-26 11:34 - 2014-10-13 02:43 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
    2014-12-26 11:34 - 2014-10-13 02:43 - 00039744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
    2014-12-26 11:34 - 2014-10-07 03:30 - 04182016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2014-12-26 11:34 - 2014-09-04 00:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
    2014-12-26 11:34 - 2014-09-04 00:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
    2014-12-26 11:34 - 2014-08-23 07:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
    2014-12-26 11:34 - 2014-08-23 07:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
    2014-12-26 11:34 - 2014-08-23 06:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
    2014-12-26 11:34 - 2014-08-23 05:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
    2014-12-26 11:34 - 2014-08-23 05:18 - 02149376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
    2014-12-26 11:34 - 2014-08-23 05:03 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
    2014-12-26 11:34 - 2014-08-23 04:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
    2014-12-26 11:34 - 2014-08-16 04:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
    2014-12-26 11:34 - 2014-08-16 04:01 - 01710184 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2014-12-26 11:34 - 2014-08-16 03:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2014-12-26 11:34 - 2014-08-16 03:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
    2014-12-26 11:34 - 2014-08-16 03:03 - 01467384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2014-12-26 11:34 - 2014-08-16 01:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2014-12-26 11:34 - 2014-08-16 01:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
    2014-12-26 11:34 - 2014-08-16 00:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
    2014-12-26 11:34 - 2014-08-16 00:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
    2014-12-26 11:34 - 2014-08-16 00:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
    2014-12-26 11:34 - 2014-08-16 00:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
    2014-12-26 11:34 - 2014-08-16 00:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
    2014-12-26 11:34 - 2014-08-16 00:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
    2014-12-26 11:34 - 2014-08-16 00:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
    2014-12-26 11:34 - 2014-08-16 00:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
    2014-12-26 11:34 - 2014-08-16 00:29 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2014-12-26 11:34 - 2014-08-16 00:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
    2014-12-26 11:34 - 2014-08-16 00:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
    2014-12-26 11:34 - 2014-08-16 00:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
    2014-12-26 11:34 - 2014-08-16 00:19 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2014-12-26 11:34 - 2014-08-16 00:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
    2014-12-26 11:34 - 2014-08-16 00:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
    2014-12-26 11:34 - 2014-08-16 00:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
    2014-12-26 11:34 - 2014-08-16 00:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
    2014-12-26 11:34 - 2014-08-16 00:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
    2014-12-26 11:34 - 2014-08-16 00:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
    2014-12-26 11:34 - 2014-08-16 00:11 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
    2014-12-26 11:34 - 2014-08-16 00:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
    2014-12-26 11:34 - 2014-08-16 00:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2014-12-26 11:34 - 2014-08-16 00:07 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
    2014-12-26 11:34 - 2014-08-02 00:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
    2014-12-26 11:34 - 2014-07-24 15:28 - 00468288 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
    2014-12-26 11:34 - 2014-07-24 11:42 - 01200640 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
    2014-12-26 11:34 - 2014-07-24 11:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
    2014-12-26 11:34 - 2014-07-24 10:09 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
    2014-12-26 11:34 - 2014-07-24 09:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
    2014-12-26 11:34 - 2014-07-15 08:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
    2014-12-26 11:34 - 2014-07-15 08:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
    2014-12-26 11:34 - 2014-06-09 22:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
    2014-12-26 11:34 - 2014-06-09 22:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
    2014-12-26 11:34 - 2014-05-19 06:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
    2014-12-26 11:34 - 2014-05-19 06:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
    2014-12-26 11:34 - 2014-05-19 05:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
    2014-12-26 11:33 - 2014-06-06 13:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
    2014-12-26 11:33 - 2014-06-06 12:18 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
    2014-12-26 11:33 - 2014-06-02 02:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
    2014-12-26 11:33 - 2014-05-31 10:07 - 00440664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
    2014-12-26 11:33 - 2014-05-31 10:07 - 00089944 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
    2014-12-26 11:33 - 2014-05-31 10:07 - 00027480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
    2014-12-26 11:33 - 2014-05-31 06:30 - 00037376 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
    2014-12-26 11:33 - 2014-05-31 06:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
    2014-12-26 11:33 - 2014-05-31 06:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
    2014-12-26 11:33 - 2014-05-31 04:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
    2014-12-26 11:33 - 2014-05-31 04:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
    2014-12-26 11:33 - 2014-05-31 04:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
    2014-12-26 11:33 - 2014-05-27 09:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll
    2014-12-26 11:33 - 2014-05-27 09:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll
    2014-12-26 11:32 - 2014-11-09 23:19 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2014-12-26 11:32 - 2014-11-09 23:19 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2014-12-26 11:32 - 2014-11-09 23:18 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
    2014-12-26 11:32 - 2014-11-09 23:18 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
    2014-12-26 11:32 - 2014-09-10 06:25 - 00474432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
    2014-12-26 11:32 - 2014-09-08 03:07 - 02497344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
    2014-12-26 11:32 - 2014-09-08 03:07 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
    2014-12-26 11:32 - 2014-09-07 22:08 - 00389176 _____ () C:\Windows\system32\ApnDatabase.xml
    2014-12-26 11:32 - 2014-09-04 22:30 - 00822272 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
    2014-12-26 11:32 - 2014-09-04 22:21 - 01053184 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
    2014-12-26 11:32 - 2014-09-04 03:05 - 00836176 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
    2014-12-26 11:32 - 2014-09-04 02:22 - 00670384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
    2014-12-26 11:32 - 2014-09-04 01:01 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
    2014-12-26 11:32 - 2014-09-04 00:32 - 00334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
    2014-12-26 11:32 - 2014-09-04 00:10 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
    2014-12-26 11:32 - 2014-08-31 00:17 - 00148800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
    2014-12-26 11:32 - 2014-08-31 00:15 - 21197152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2014-12-26 11:32 - 2014-08-30 22:59 - 18723112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2014-12-26 11:32 - 2014-08-30 22:05 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
    2014-12-26 11:32 - 2014-08-30 21:58 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
    2014-12-26 11:32 - 2014-08-30 21:04 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
    2014-12-26 11:32 - 2014-08-30 20:53 - 00239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
    2014-12-26 11:32 - 2014-08-30 20:17 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
    2014-12-26 11:32 - 2014-08-28 02:55 - 07484224 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2014-12-26 11:32 - 2014-08-28 00:21 - 02480128 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
    2014-12-26 11:32 - 2014-08-28 00:06 - 02030592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
    2014-12-26 11:32 - 2014-08-23 05:14 - 13424128 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
    2014-12-26 11:32 - 2014-08-23 05:04 - 11820544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
    2014-12-26 11:32 - 2014-08-23 04:50 - 02714112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
    2014-12-26 11:32 - 2014-08-02 00:51 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
    2014-12-26 11:32 - 2014-08-02 00:35 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
    2014-12-26 11:32 - 2014-07-24 11:22 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
    2014-12-26 11:32 - 2014-07-24 09:53 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
    2014-12-26 11:32 - 2014-07-24 09:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
    2014-12-26 11:32 - 2014-07-24 08:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
    2014-12-26 11:32 - 2014-07-24 08:08 - 00162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
    2014-12-26 11:32 - 2014-07-24 07:49 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
    2014-12-26 11:32 - 2014-07-24 07:43 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
    2014-12-26 11:32 - 2014-07-24 03:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
    2014-12-26 11:32 - 2014-07-24 03:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
    2014-12-26 11:32 - 2014-07-12 04:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
    2014-12-26 11:31 - 2014-12-26 11:31 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
    2014-12-26 11:11 - 2014-05-31 10:06 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
    2014-12-26 11:11 - 2014-05-31 02:37 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
    2014-12-26 11:11 - 2014-05-31 02:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
    2014-12-26 11:11 - 2014-04-11 05:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
    2014-12-26 10:53 - 2015-01-01 18:46 - 00000000 ____D () C:\Users\User\AppData\Roaming\.minecraft
    2014-12-26 10:53 - 2014-12-26 10:53 - 00000000 ____D () C:\Users\User\AppData\Roaming\java
    2014-12-26 10:46 - 2014-12-26 10:47 - 00000000 ____D () C:\Program Files (x86)\Minecraft
    2014-12-26 10:46 - 2014-12-26 10:46 - 02314240 _____ () C:\Users\User\Downloads\MinecraftInstaller.msi
    2014-12-26 10:46 - 2014-12-26 10:46 - 00000980 _____ () C:\Users\Public\Desktop\Minecraft.lnk
    2014-12-26 10:46 - 2014-12-26 10:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
    2014-12-26 10:42 - 2014-12-26 10:42 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
    2014-12-26 10:42 - 2014-12-26 10:42 - 00001987 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
    2014-12-26 10:42 - 2014-12-26 10:42 - 00000000 ____D () C:\Users\User\AppData\Roaming\AVAST Software
    2014-12-26 10:42 - 2014-12-26 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
    2014-12-26 10:42 - 2014-12-26 10:42 - 00000000 ____D () C:\Program Files\Google
    2014-12-26 10:41 - 2014-12-26 10:46 - 00003910 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2014-12-26 10:41 - 2014-12-26 10:46 - 00003674 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2014-12-26 10:41 - 2014-12-26 10:46 - 00000938 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-12-26 10:41 - 2014-12-26 10:46 - 00000934 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-12-26 10:41 - 2014-12-26 10:42 - 00000000 ____D () C:\Users\User\AppData\Local\Google
    2014-12-26 10:41 - 2014-12-26 10:42 - 00000000 ____D () C:\ProgramData\Google
    2014-12-26 10:41 - 2014-12-26 10:42 - 00000000 ____D () C:\Program Files (x86)\Google
    2014-12-26 10:41 - 2014-12-26 10:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2014-12-26 10:40 - 2014-12-26 10:42 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
    2014-12-26 10:40 - 2014-12-26 10:40 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
    2014-12-26 10:40 - 2014-12-26 10:40 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
    2014-12-26 10:40 - 2014-12-26 10:40 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
    2014-12-26 10:40 - 2014-12-26 10:40 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
    2014-12-26 10:40 - 2014-12-26 10:40 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
    2014-12-26 10:40 - 2014-12-26 10:40 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
    2014-12-26 10:40 - 2014-12-26 10:40 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
    2014-12-26 10:40 - 2014-12-26 10:40 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
    2014-12-26 10:40 - 2014-12-26 10:40 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
    2014-12-26 10:39 - 2014-12-26 10:39 - 00000000 ____D () C:\ProgramData\AVAST Software
    2014-12-26 10:39 - 2014-12-26 10:39 - 00000000 ____D () C:\Program Files\AVAST Software
    2014-12-26 10:38 - 2014-12-26 10:38 - 05006864 _____ (AVAST Software) C:\Users\User\Downloads\avast_free_antivirus_setup_online.exe
    2014-12-26 10:37 - 2015-01-17 15:08 - 00003898 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{033A36FC-E3AB-4A05-B9BE-16FDD20877E9}
    2014-12-26 10:37 - 2014-12-26 10:37 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieUserList
    2014-12-26 10:37 - 2014-12-26 10:37 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieSiteList
    2014-12-26 10:36 - 2014-12-26 10:36 - 00000000 ____D () C:\Users\User\AppData\Roaming\Macromedia
    2014-12-26 10:31 - 2014-12-26 10:31 - 00000000 ____D () C:\Users\User\AppData\Roaming\hpqlog
    2014-12-23 13:17 - 2015-01-17 18:23 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1195921204-3405295498-33354624-1001
    2014-12-23 13:15 - 2014-12-26 11:01 - 00000000 ____D () C:\Users\User\AppData\Roaming\Hewlett-Packard
    2014-12-23 13:14 - 2015-01-17 18:19 - 00000000 ____D () C:\Users\User\Documents\Youcam
    2014-12-23 13:14 - 2014-12-26 14:47 - 00000000 ____D () C:\Users\User\AppData\Local\CyberLink
    2014-12-23 13:13 - 2015-01-10 16:25 - 00000000 ____D () C:\Users\User\AppData\Local\Hewlett-Packard
    2014-12-23 13:12 - 2014-12-23 13:12 - 00001449 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2014-12-23 13:12 - 2014-12-23 13:12 - 00000184 _____ () C:\Windows\insFileSpec
    2014-12-23 13:12 - 2014-12-23 13:12 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
    2014-12-23 13:12 - 2014-12-23 13:12 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe
    2014-12-23 13:12 - 2014-12-23 13:12 - 00000000 ____D () C:\Users\User\AppData\Local\VirtualStore
    2014-12-23 13:12 - 2014-11-21 23:57 - 00001332 _____ () C:\Users\Public\Desktop\HP Smart Friend.lnk
    2014-12-23 13:12 - 2014-11-21 23:50 - 00002241 _____ () C:\Users\Public\Desktop\Snapfish Photos.lnk
    2014-12-23 13:12 - 2014-11-21 23:37 - 00001306 _____ () C:\Users\Public\Desktop\TripAdvisor.lnk
    2014-12-23 13:12 - 2014-08-26 01:27 - 00002262 _____ () C:\Users\Public\Desktop\Get Dropbox Offer.lnk
    2014-12-23 13:11 - 2015-01-17 18:55 - 01432333 _____ () C:\Windows\WindowsUpdate.log
    2014-12-23 13:11 - 2014-12-26 11:01 - 00000000 ____D () C:\Users\User\AppData\Local\Packages
    2014-12-23 13:11 - 2014-12-23 13:11 - 00000180 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
    2014-12-23 13:11 - 2014-12-23 13:11 - 00000020 ___SH () C:\Users\User\ntuser.ini
    2014-12-23 13:11 - 2014-12-23 13:11 - 00000000 ____D () C:\Users\User\AppData\Roaming\Synaptics
    2014-12-23 13:11 - 2014-08-26 09:49 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
    2014-12-23 13:11 - 2014-08-26 01:19 - 00000000 ___HD () C:\Users\User\Documents\hp.system.package.metadata
    2014-12-23 13:11 - 2014-03-18 10:06 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
    2014-12-23 13:11 - 2014-03-18 09:54 - 00000369 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
    2014-12-23 13:11 - 2014-03-18 09:54 - 00000369 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
    2014-12-23 13:11 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2014-12-23 13:11 - 2013-08-22 15:36 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
     
    ==================== One Month Modified Files and Folders =======
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2015-01-17 18:55 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\AppReadiness
    2015-01-17 18:22 - 2014-03-18 09:53 - 00958356 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-01-17 18:17 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sru
    2015-01-17 16:41 - 2013-08-22 14:46 - 00028607 _____ () C:\Windows\setupact.log
    2015-01-17 16:41 - 2013-08-22 14:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-01-17 16:40 - 2014-03-18 09:44 - 00015020 _____ () C:\Windows\PFRO.log
    2015-01-17 16:40 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\Help
    2015-01-17 16:40 - 2013-08-22 13:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
    2015-01-17 16:25 - 2014-11-21 23:53 - 00000000 ____D () C:\ProgramData\McAfee
    2015-01-17 15:21 - 2014-08-26 01:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
    2015-01-17 15:21 - 2013-08-22 15:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
    2015-01-17 15:13 - 2013-08-22 13:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
    2015-01-14 08:12 - 2013-08-22 15:20 - 00000000 ____D () C:\Windows\CbsTemp
    2015-01-10 09:58 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\LiveKernelReports
    2015-01-09 12:07 - 2013-08-22 14:44 - 00354104 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-12-30 01:14 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\rescache
    2014-12-29 19:42 - 2014-03-18 09:38 - 00000000 ____D () C:\Program Files\Windows Journal
    2014-12-29 19:42 - 2013-08-22 15:36 - 00000000 ___RD () C:\Windows\ToastData
    2014-12-29 19:42 - 2013-08-22 15:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
    2014-12-29 19:42 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
    2014-12-29 19:42 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
    2014-12-29 19:42 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
    2014-12-29 19:42 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
    2014-12-29 19:42 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
    2014-12-29 19:42 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\setup
    2014-12-29 19:42 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\en-GB
    2014-12-29 19:42 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\system32\oobe
    2014-12-27 16:52 - 2014-08-26 01:19 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\WinStore
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\MediaViewer
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\FileManager
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\Camera
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\AppCompat
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Defender
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
    2014-12-26 14:48 - 2014-11-21 23:51 - 00000000 ____D () C:\Users\Public\CyberLink
    2014-12-26 14:48 - 2014-11-21 23:43 - 00000000 ____D () C:\ProgramData\CyberLink
    2014-12-26 11:02 - 2014-08-26 01:28 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
    2014-12-26 10:39 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\restore
    2014-12-23 13:21 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Recovery
    2014-12-23 13:11 - 2014-04-04 23:45 - 00000000 ___HD () C:\SYSTEM.SAV
    2014-12-23 13:06 - 2014-04-02 23:51 - 00000000 ____D () C:\Windows\Panther
     
    Some content of TEMP:
    ====================
    C:\Users\User\AppData\Local\Temp\7za.exe
    C:\Users\User\AppData\Local\Temp\hijackthis.exe
    C:\Users\User\AppData\Local\Temp\NirCmd.exe
    C:\Users\User\AppData\Local\Temp\PEVZ.EXE
    C:\Users\User\AppData\Local\Temp\remove.exe
    C:\Users\User\AppData\Local\Temp\sed.exe
    C:\Users\User\AppData\Local\Temp\shortcut.exe
    C:\Users\User\AppData\Local\Temp\swreg.exe
    C:\Users\User\AppData\Local\Temp\swxcacls.exe
    C:\Users\User\AppData\Local\Temp\wget.exe
    C:\Users\User\AppData\Local\Temp\zoek-delete.exe
     
     
    ==================== Bamital & volsnap Check =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
     
     
    LastRegBack: 2015-01-06 16:44
     
    ==================== End Of Log ============================
     
     
     


    #8 btant1

    btant1
    • Topic Starter

    • Members
    • 15 posts
    • OFFLINE
    •  
    • Local time:12:45 AM

    Posted 17 January 2015 - 02:02 PM

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-01-2015 01
    Ran by User at 2015-01-17 18:57:27
    Running from C:\Users\User\Desktop
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
    Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
    Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
    Bejeweled 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Building the Great Wall of China Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
    Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
    Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
    Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
    CoupEExtension (HKLM-x32\...\{6933C2BA-C67D-42C7-8C77-1FF4B364AF54}) (Version:  - "") <==== ATTENTION
    Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden
    CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.7.4023 - CyberLink Corp.)
    Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.1.5406 - CyberLink Corp.)
    Cyberlink PhotoDirector (Version: 5.0.1.5406 - CyberLink Corp.) Hidden
    CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.7.4016 - CyberLink Corp.)
    CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.1.3121 - CyberLink Corp.)
    CyberLink PowerDirector 12 (Version: 12.0.1.3121 - CyberLink Corp.) Hidden
    CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4.4223 - CyberLink Corp.)
    CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.4.4218 - CyberLink Corp.)
    DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
    Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
    Evernote v. 5.3 (HKLM-x32\...\{E461B1AC-BC3C-11E3-B5B8-00163E98E7D6}) (Version: 5.3.0.3360 - Evernote Corp.)
    Farm Frenzy (x32 Version: 3.0.2.59 - WildTangent) Hidden
    Foxit PhantomPDF (HKLM-x32\...\{00CD7D62-056A-4F0F-9143-44522D44E6DD}) (Version: 6.0.32.507 - Foxit Corporation)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
    Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
    Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
    Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
    HP 3D DriveGuard (HKLM-x32\...\{13133E99-B0D5-4143-B832-AAD55C62A41C}) (Version: 6.0.19.1 - Hewlett-Packard Company)
    HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company)
    HP Documentation (HKLM-x32\...\{082B1425-0F24-43FA-9B64-E8F617B0AD3B}) (Version: 1.1.0.0 - Hewlett-Packard)
    HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
    HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
    HP Support Assistant (HKLM-x32\...\{7FE016CC-DAA9-4E21-BD2F-98390D1E6F3F}) (Version: 7.6.23.8 - Hewlett-Packard Company)
    HP System Event Utility (HKLM-x32\...\{E20B0C89-ACCF-4EBB-909D-2E5BD4A9C024}) (Version: 1.1.11 - Hewlett-Packard Company)
    HP Utility Center (HKLM\...\{DCD5C599-5CCC-4E37-8938-FBB548D780C6}) (Version: 2.5.3 - Hewlett-Packard Company)
    HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
    Inst5675 (Version: 8.01.11 - Softex Inc.) Hidden
    Inst5676 (Version: 8.01.11 - Softex Inc.) Hidden
    Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
    Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
    Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
    Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.9.1000 - Intel Corporation)
    Intel® Smart Connect Technology (HKLM\...\{51AC86D3-C431-48AD-9195-0D6C930D07CD}) (Version: 4.2.41.2710 - Intel Corporation)
    Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
    Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
    Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
    Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
    Minecraft (HKLM-x32\...\{02BAAFC5-4E16-42E6-A9F6-8DDE0B7ED3B8}) (Version: 1.0.0.0 - Mojang)
    Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.51 - WildTangent) Hidden
    Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
    Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
    REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.17 - REALTEK Semiconductor Corp.)
    Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.49 - Realtek Semiconductor Corp.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.32.508.2014 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7231 - Realtek Semiconductor Corp.)
    REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.33 - REALTEK Semiconductor Corp.)
    ROBLOX Player for User (HKU\S-1-5-21-1195921204-3405295498-33354624-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.7.16 - Synaptics Incorporated)
    Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
    uniisaLess (HKLM-x32\...\{4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E}) (Version:  - )
    Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
    Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
    WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
    WildTangent Games App for HP (x32 Version: 4.0.11.9 - WildTangent) Hidden
    Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden
     
    ==================== Custom CLSID (selected items): ==========================
     
    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
     
    CustomCLSID: HKU\S-1-5-21-1195921204-3405295498-33354624-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
    CustomCLSID: HKU\S-1-5-21-1195921204-3405295498-33354624-1001_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\User\AppData\Local\Roblox\Versions\version-1b62582f111742b3\RobloxProxy64.dll (ROBLOX Corporation)
     
    ==================== Restore Points  =========================
     
    26-12-2014 10:39:20 avast! antivirus system restore point
    14-01-2015 08:06:08 Windows Update
     
    ==================== Hosts content: ==========================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
     
    ==================== Scheduled Tasks (whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
     
    Task: {06C3F4BB-DF98-4CE9-AD1F-DF107896AB12} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
    Task: {37A4B22F-94F5-40E3-88DB-F1FC14D44747} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-26] (Google Inc.)
    Task: {40D70423-D602-439D-8E4E-728C9EC7E609} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-06-03] (Hewlett-Packard Company)
    Task: {6206B5AB-65BB-483A-98E4-0DB0CF0314B3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-01-14] (Microsoft Corporation)
    Task: {631325E1-7639-4753-9EB2-D44CC9ED7EAB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-26] (Google Inc.)
    Task: {749102D2-7D46-4F95-BC84-AB37533FD1C3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-06-03] (Hewlett-Packard Company)
    Task: {9EE8F73F-7CC2-4EB4-849B-4B4B8FCC3196} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2014-05-19] (Hewlett-Packard Development Company, L.P.)
    Task: {9FC1CF05-41A7-4960-83DC-D11DCA19BF5E} - System32\Tasks\HPCeeScheduleForUser => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
    Task: {D4B78460-3D6A-4C4D-8AAB-8C6E5AC23D07} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-26] (AVAST Software)
    Task: {E24B0B08-F797-4A55-8CC2-953EDC79BA6F} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-06-18] (CyberLink Corp.)
    Task: {E6B631BB-D749-4FAF-88C4-AB20471FC1E3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
    Task: {F4A9A78D-4963-4BFE-92E6-C5EE4FCBDA50} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\HPCeeScheduleForUser.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
     
    ==================== Loaded Modules (whitelisted) =============
     
    2014-03-28 12:31 - 2014-03-28 12:31 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
    2014-03-28 12:27 - 2014-03-28 12:27 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
    2014-03-28 12:27 - 2014-03-28 12:27 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
    2014-03-28 12:27 - 2014-03-28 12:27 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
    2014-03-28 12:48 - 2014-03-28 12:48 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
    2014-03-28 12:48 - 2014-03-28 12:48 - 00712080 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
    2014-11-21 23:31 - 2014-07-04 11:24 - 00094936 ____N () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
    2013-12-04 08:44 - 2013-12-04 08:44 - 00200168 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
    2013-12-04 08:44 - 2013-12-04 08:44 - 00054760 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll
    2013-12-04 08:44 - 2013-12-04 08:44 - 00034792 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTNetMon.dll
    2014-11-22 00:00 - 2014-04-14 18:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
    2014-03-28 12:36 - 2014-03-28 12:36 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
    2015-01-17 15:08 - 2015-01-17 15:08 - 02911744 _____ () C:\Program Files\AVAST Software\Avast\defs\15011700\algo.dll
    2014-11-21 23:22 - 2013-12-10 15:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
    2014-12-26 10:41 - 2014-12-06 01:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
    2014-12-26 10:41 - 2014-12-06 01:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
    2014-12-26 10:41 - 2014-12-06 01:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
    2014-12-26 10:41 - 2014-12-06 01:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
    2014-12-26 10:40 - 2014-12-26 10:40 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
     
    ==================== Alternate Data Streams (whitelisted) =========
     
    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
     
     
    ==================== Safe Mode (whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
     
    ==================== EXE Association (whitelisted) =============
     
    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
     
     
    ==================== MSCONFIG/TASK MANAGER disabled items =========
     
    (Currently there is no automatic fix for this section.)
     
     
    ========================= Accounts: ==========================
     
    Administrator (S-1-5-21-1195921204-3405295498-33354624-500 - Administrator - Disabled)
    Guest (S-1-5-21-1195921204-3405295498-33354624-501 - Limited - Disabled)
    User (S-1-5-21-1195921204-3405295498-33354624-1001 - Administrator - Enabled) => C:\Users\User
     
    ==================== Faulty Device Manager Devices =============
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (01/17/2015 06:17:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 5652328
     
    Error: (01/17/2015 06:17:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 5652328
     
    Error: (01/17/2015 06:17:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second
     
    Error: (01/17/2015 04:42:02 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: igfxTray.exe, version: 6.15.10.3574, time stamp: 0x535821b3
    Faulting module name: combase.dll, version: 6.3.9600.17031, time stamp: 0x53087867
    Exception code: 0xc0000005
    Fault offset: 0x0000000000005fc4
    Faulting process ID: 0xc8c
    Faulting application start time: 0xigfxTray.exe0
    Faulting application path: igfxTray.exe1
    Faulting module path: igfxTray.exe2
    Report ID: igfxTray.exe3
    Faulting package full name: igfxTray.exe4
    Faulting package-relative application ID: igfxTray.exe5
     
    Error: (01/17/2015 03:35:24 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
    Description: 80070005
     
    Error: (01/17/2015 03:16:18 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: opbhobrokerdsktop.exe, version: 8.0.1.11, time stamp: 0x5335c3d5
    Faulting module name: combase.dll, version: 6.3.9600.17031, time stamp: 0x53087867
    Exception code: 0xc0000005
    Fault offset: 0x000000000000f5dd
    Faulting process ID: 0x23bc
    Faulting application start time: 0xopbhobrokerdsktop.exe0
    Faulting application path: opbhobrokerdsktop.exe1
    Faulting module path: opbhobrokerdsktop.exe2
    Report ID: opbhobrokerdsktop.exe3
    Faulting package full name: opbhobrokerdsktop.exe4
    Faulting package-relative application ID: opbhobrokerdsktop.exe5
     
    Error: (01/15/2015 08:30:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 1437
     
    Error: (01/15/2015 08:30:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 1437
     
    Error: (01/15/2015 08:30:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second
     
    Error: (01/15/2015 08:21:19 PM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "PDR.X,type="win32",version="1.0.0.0"1".
    Dependent Assembly PDR.X,type="win32",version="1.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.
     
     
    System errors:
    =============
    Error: (01/17/2015 03:37:16 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
     
    Error: (01/17/2015 03:37:16 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
     
    Error: (01/17/2015 03:37:16 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
     
    Error: (01/17/2015 03:21:14 PM) (Source: DCOM) (EventID: 10010) (User: hp)
    Description: {209500FC-6B45-4693-8871-6296C4843751}
     
    Error: (01/17/2015 03:20:44 PM) (Source: DCOM) (EventID: 10010) (User: hp)
    Description: {209500FC-6B45-4693-8871-6296C4843751}
     
    Error: (01/17/2015 03:14:00 PM) (Source: DCOM) (EventID: 10010) (User: hp)
    Description: {209500FC-6B45-4693-8871-6296C4843751}
     
    Error: (01/17/2015 03:08:08 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
     
    Error: (01/17/2015 03:08:08 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
     
    Error: (01/17/2015 03:08:08 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
     
    Error: (01/15/2015 06:24:24 PM) (Source: DCOM) (EventID: 10010) (User: hp)
    Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
     
     
    Microsoft Office Sessions:
    =========================
    Error: (01/17/2015 06:17:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 5652328
     
    Error: (01/17/2015 06:17:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 5652328
     
    Error: (01/17/2015 06:17:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second
     
    Error: (01/17/2015 04:42:02 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: igfxTray.exe6.15.10.3574535821b3combase.dll6.3.9600.1703153087867c00000050000000000005fc4c8c01d032748065b086C:\Windows\system32\igfxTray.exeC:\Windows\SYSTEM32\combase.dllc28da308-9e67-11e4-8265-7429af8adef4
     
    Error: (01/17/2015 03:35:24 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
    Description: 80070005
     
    Error: (01/17/2015 03:16:18 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: opbhobrokerdsktop.exe8.0.1.115335c3d5combase.dll6.3.9600.1703153087867c0000005000000000000f5dd23bc01d03266e0e78657C:\Program Files\Hewlett-Packard\SimplePass\opbhobrokerdsktop.exeC:\Windows\SYSTEM32\combase.dllc89d37aa-9e5b-11e4-8263-7429af8adef4
     
    Error: (01/15/2015 08:30:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 1437
     
    Error: (01/15/2015 08:30:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 1437
     
    Error: (01/15/2015 08:30:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second
     
    Error: (01/15/2015 08:21:19 PM) (Source: SideBySide) (EventID: 33) (User: )
    Description: PDR.X,type="win32",version="1.0.0.0"c:\program files\cyberlink\photodirector\Kernel\CES\CES_AudioCacheAgent.exe.Manifest
     
     
    ==================== Memory info =========================== 
     
    Processor: Intel® Core™ i5-4288U CPU @ 2.60GHz
    Percentage of memory in use: 26%
    Total physical RAM: 8122.15 MB
    Available physical RAM: 5985.85 MB
    Total Pagefile: 9402.15 MB
    Available Pagefile: 7081.02 MB
    Total Virtual: 131072 MB
    Available Virtual: 131071.84 MB
     
    ==================== Drives ================================
     
    Drive c: (Windows) (Fixed) (Total:1375.16 GB) (Free:1328.22 GB) NTFS
    Drive d: (RECOVERY) (Fixed) (Total:21.09 GB) (Free:2.35 GB) NTFS ==>[System with boot components (obtained from reading drive)]
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (Size: 1397.3 GB) (Disk ID: 39ED847C)
     
    Partition: GPT Partition Type.
     
    ==================== End Of Log ============================


    #9 ken545

    ken545

      Malware Response Team


    • Malware Response Team
    • 1,685 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:The Space Coast of Florida
    • Local time:08:45 PM

    Posted 17 January 2015 - 02:36 PM

    We crossed post, go ahead back to my Post # 6 and run those tools and post the reports


    mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



    donate.gif Please consider a donation to help me keep up my fight against malware.

     

    Just a reminder that threads will be closed if no response in 3 days


    #10 btant1

    btant1
    • Topic Starter

    • Members
    • 15 posts
    • OFFLINE
    •  
    • Local time:12:45 AM

    Posted 17 January 2015 - 02:36 PM

    # AdwCleaner v4.108 - Report created 17/01/2015 at 19:31:49
    # Updated 17/01/2015 by Xplode
    # Database : 2015-01-13.2 [Live]
    # Operating System : Windows 8.1  (64 bits)
    # Username : User - HP
    # Running from : C:\Users\User\Desktop\AdwCleaner.exe
    # Option : Clean
     
    ***** [ Services ] *****
     
     
    ***** [ Files / Folders ] *****
     
    Folder Deleted : C:\ProgramData\BitSAver
    Folder Deleted : C:\ProgramData\CoupEExtension
    Folder Deleted : C:\ProgramData\FeiNdBeesatDeeeaL
    Folder Deleted : C:\ProgramData\Fun2uSaave
    Folder Deleted : C:\ProgramData\SaveNueWeaAAppz
    Folder Deleted : C:\ProgramData\45e698a01f9234ee
    Folder Deleted : C:\ProgramData\5036881046752343278
    Folder Deleted : C:\Users\User\AppData\Local\iLivid
    Folder Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
    File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
    File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal
     
    ***** [ Scheduled Tasks ] *****
     
     
    ***** [ Shortcuts ] *****
     
     
    ***** [ Registry ] *****
     
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
    Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
    Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
    Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
    Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
    Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
    Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
    Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6933C2BA-C67D-42C7-8C77-1FF4B364AF54}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ams1.ib.adnxs.com
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\dont-starve.en.softonic.com
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ib.adnxs.com
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\searchoholic.info
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\sweet-players.net
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\websearch.searchoholic.info
     
    ***** [ Browsers ] *****
     
    -\\ Internet Explorer v11.0.9600.17416
     
     
    -\\ Google Chrome v39.0.2171.95
     
    [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
    [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.searchoholic.info/?l=1&q={searchTerms}&pid=21518&r=2014/12/27&hid=4793793250222813731&lg=EN&cc=GB&unqvl=72
    [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.searchoholic.info/?l=1&q={searchTerms}&pid=21518&r=2014/12/27&hid=4793793250222813731&lg=EN&cc=GB&unqvl=72
    [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
     
    *************************
     
    AdwCleaner[R0].txt - [3922 octets] - [17/01/2015 19:28:44]
    AdwCleaner[S0].txt - [3909 octets] - [17/01/2015 19:31:49]
     
    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3969 octets] ##########
     


    #11 btant1

    btant1
    • Topic Starter

    • Members
    • 15 posts
    • OFFLINE
    •  
    • Local time:12:45 AM

    Posted 17 January 2015 - 02:49 PM

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.4.1 (12.28.2014:1)
    OS: Windows 8.1 x64
    Ran by User on 17/01/2015 at 19:37:26.82
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
     
     
     
    ~~~ Services
     
     
     
    ~~~ Registryarrow-10x10.png Values
     
    Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Softwarearrow-10x10.png\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
     
     
     
    ~~~ Registry Keys
     
     
     
    ~~~ Files
     
     
     
    ~~~ Folders
     
     
     
    ~~~ Event Viewer Logs were cleared
     
     
     
     
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scanarrow-10x10.png was completed on 17/01/2015 at 19:41:15.86
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     


    #12 btant1

    btant1
    • Topic Starter

    • Members
    • 15 posts
    • OFFLINE
    •  
    • Local time:12:45 AM

    Posted 17 January 2015 - 03:03 PM

    Malwarebytesarrow-10x10.png Anti-Malware
    www.malwarebytes.org
     
    Scanarrow-10x10.png Date: 17/01/2015
    Scan Time: 19:50:40
    Logfile: log.txt
    Administrator: Yes
     
    Version: 2.00.4.1028
    Malware Database: v2015.01.17.04
    Rootkit Database: v2015.01.14.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled
     
    OS: Windows 8.1
    CPU: x64
    File System: NTFS
    User: User
     
    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 327024
    Time Elapsed: 6 min, 43 sec
     
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled
     
    Processes: 0
    (No malicious items detected)
     
    Modules: 0
    (No malicious items detected)
     
    Registryarrow-10x10.png Keys: 0
    (No malicious items detected)
     
    Registry Values: 0
    (No malicious items detected)
     
    Registry Data: 0
    (No malicious items detected)
     
    Folders: 0
    (No malicious items detected)
     
    Files: 0
    (No malicious items detected)
     
    Physical Sectors: 0
    (No malicious items detected)
     
     
    (end)


    #13 ken545

    ken545

      Malware Response Team


    • Malware Response Team
    • 1,685 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:The Space Coast of Florida
    • Local time:08:45 PM

    Posted 17 January 2015 - 03:16 PM

    :thumbsup2:

     

    Go ahead and run a new scan with FRST, be sure to Checkmark Additions and post both new logs please


    mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



    donate.gif Please consider a donation to help me keep up my fight against malware.

     

    Just a reminder that threads will be closed if no response in 3 days


    #14 btant1

    btant1
    • Topic Starter

    • Members
    • 15 posts
    • OFFLINE
    •  
    • Local time:12:45 AM

    Posted 17 January 2015 - 03:28 PM

    Here you are

     

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-01-2015 01
    Ran by User (administrator) on HP on 17-01-2015 20:19:15
    Running from C:\Users\User\Desktop
    Loaded Profiles: User (Available profiles: User)
    Platform: Windows 8.1 (X64) OS Language: English (United Kingdom)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
    (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
    (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    () C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
    (Microsoft Corporation) C:\Windows\System32\dasHost.exe
    (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
    () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Intel Corporation) C:\Windows\System32\igfxHK.exe
    (Intel Corporation) C:\Windows\System32\igfxEM.exe
    () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
    (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
    (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
    (Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
    (CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
    (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
     
     
    ==================== Registry (Whitelisted) ==================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7573208 2014-04-22] (Realtek Semiconductor)
    HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard)
    HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard)
    HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard)
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2014-06-17] (Synaptics Incorporated)
    HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company)
    HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [506680 2014-06-19] (Hewlett-Packard Development Company, L.P.)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-09] (AVAST Software)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
    HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
    HKLM\...\Policies\Explorer: [NoFolderOptions] 0
    HKLM\...\Policies\Explorer: [NoControlPanel] 0
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk
    ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.uk.msn.com/HPNOT14/2
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT14/2
    HKU\S-1-5-21-1195921204-3405295498-33354624-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
    HKU\S-1-5-21-1195921204-3405295498-33354624-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
    HKU\S-1-5-21-1195921204-3405295498-33354624-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
    SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-21-1195921204-3405295498-33354624-1001 -> {D081BF98-9C51-4828-81F8-B87ADA7C05EA} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKU\S-1-5-21-1195921204-3405295498-33354624-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
    BHO: No Name -> {33b34b6d-252a-4647-8545-c8cfc025c625} ->  No File
    BHO: No Name -> {7323a459-1ae7-4fcd-948c-7c0a7cfb581b} ->  No File
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    BHO: No Name -> {dc9b9b0c-ddf4-47e2-9470-e6c37fc603ab} ->  No File
    BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
    BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
    BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
     
    FireFox:
    ========
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
    FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll ()
    FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll ()
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
    FF Plugin HKU\S-1-5-21-1195921204-3405295498-33354624-1001: @nsroblox.roblox.com/launcher -> C:\Users\User\AppData\Local\Roblox\Versions\version-1b62582f111742b3\\NPRobloxProxy.dll ( ROBLOX Corporation)
    FF Plugin HKU\S-1-5-21-1195921204-3405295498-33354624-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\User\AppData\Local\Roblox\Versions\version-1b62582f111742b3\\NPRobloxProxy64.dll ( ROBLOX Corporation)
    FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-26]
     
    Chrome: 
    =======
    CHR dev: Chrome dev build detected! <======= ATTENTION
    CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-26]
    CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-26]
    CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-26]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-26]
    CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-26]
    CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-26]
    CHR Extension: (Turntablefm Playlist Manager) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimhdmlhdgmboegnmecdnfbmdmhdoool [2015-01-13]
    CHR Extension: (Sprucemarks) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fakeocdnmmmnokabaiflppclocckihoj [2015-01-17]
    CHR Extension: (Google Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-26]
    CHR Extension: (IBA Optout ) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb [2014-12-27]
    CHR Extension: (Avast Online Security) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-26]
    CHR Extension: (BrowserTexting) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\idijdgooojpepbnadlbkiagcmilndffa [2015-01-04]
    CHR Extension: (jquery injector) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\indebdooekgjhkncmgbkeopjebofdoid [2015-01-08]
    CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-26]
    CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-26]
    CHR Extension: (DiiggiCoupon) - C:\ProgramData\cllflebfehaganannjlkoidjnffncghl\ [2014-12-26]
    CHR Extension: (uniSaleS) - C:\ProgramData\icjnaaafolcjjhihffbdmjjpidfiogmg\ [2014-12-26]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-26]
     
    ==================== Services (Whitelisted) =================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-26] (AVAST Software)
    R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [94936 2014-07-04] ()
    R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
    R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-06-03] (Hewlett-Packard Company) [File not signed]
    R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [475960 2014-06-19] (Hewlett-Packard Development Company, L.P.)
    R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-08] (Intel Corporation)
    R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315376 2014-05-15] (Intel Corporation)
    R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
    S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
    R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation)
    R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] ()
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
    R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [File not signed]
    R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
    R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-06-17] (Synaptics Incorporated)
    S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-04-02] (Microsoft Corporation)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
     
    ==================== Drivers (Whitelisted) ====================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-26] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-26] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-26] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-26] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-26] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-26] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-26] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-26] ()
    R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
    R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
    R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] ()
    R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-13] ()
    R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-13] ()
    R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-13] ()
    R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
    R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [573144 2014-06-17] (Realtek Semiconductor Corporation)
    U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [476888 2014-03-21] (Realsil Semiconductor Corporation)
    R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3463896 2014-06-21] (Realtek Semiconductor Corporation                           )
    S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2014-06-17] (Synaptics Incorporated)
    R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-06-17] (Synaptics Incorporated)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
    R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
     
     
    ==================== One Month Created Files and Folders ========
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2015-01-17 20:05 - 2015-01-17 20:05 - 00001875 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk
    2015-01-17 19:41 - 2015-01-17 19:41 - 00000747 _____ () C:\Users\User\Desktop\JRT.txt
    2015-01-17 19:37 - 2015-01-17 19:37 - 00000000 ____D () C:\Windows\ERUNT
    2015-01-17 19:28 - 2015-01-17 19:31 - 00000000 ____D () C:\AdwCleaner
    2015-01-17 19:27 - 2015-01-17 19:27 - 02186752 _____ () C:\Users\User\Desktop\AdwCleaner.exe
    2015-01-17 19:27 - 2015-01-17 19:27 - 01707939 _____ (Thisisu) C:\Users\User\Desktop\JRT.exe
    2015-01-17 18:57 - 2015-01-17 20:19 - 00020754 _____ () C:\Users\User\Desktop\FRST.txt
    2015-01-17 18:57 - 2015-01-17 18:57 - 00025432 _____ () C:\Users\User\Desktop\Addition.txt
    2015-01-17 18:41 - 2015-01-17 18:42 - 00094414 _____ () C:\Users\User\Downloads\FRST.txt
    2015-01-17 18:41 - 2015-01-17 18:42 - 00025433 _____ () C:\Users\User\Downloads\Addition.txt
    2015-01-17 18:40 - 2015-01-17 20:19 - 00000000 ____D () C:\FRST
    2015-01-17 18:40 - 2015-01-17 18:40 - 02125824 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
    2015-01-17 18:34 - 2015-01-17 18:34 - 00002175 _____ () C:\Users\User\Downloads\aswMBR.txt
    2015-01-17 18:31 - 2015-01-17 18:31 - 00002175 _____ () C:\Users\User\Desktop\aswMBR.txt
    2015-01-17 18:31 - 2015-01-17 18:31 - 00000512 _____ () C:\Users\User\Desktop\MBR.dat
    2015-01-17 18:20 - 2015-01-17 18:20 - 05198336 _____ (AVAST Software) C:\Users\User\Downloads\aswMBR.exe
    2015-01-17 16:31 - 2015-01-17 19:50 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-01-17 16:31 - 2015-01-17 16:31 - 00001121 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2015-01-17 16:31 - 2015-01-17 16:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-01-17 16:30 - 2015-01-17 16:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-01-17 16:30 - 2015-01-17 16:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2015-01-17 16:30 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2015-01-17 16:30 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2015-01-17 16:30 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2015-01-17 16:29 - 2015-01-17 16:30 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.4.1028.exe
    2015-01-17 15:46 - 2015-01-17 15:46 - 00000002 _____ () C:\runcheck.txt
    2015-01-17 15:45 - 2015-01-17 15:45 - 01295360 _____ () C:\Users\User\Downloads\zoek.exe
    2015-01-17 15:45 - 2015-01-17 15:45 - 00000000 ____D () C:\zoek_backup
    2015-01-14 07:59 - 2015-01-14 07:59 - 00000359 _____ () C:\Users\User\Documents\Favourites - Shortcut.lnk
    2015-01-13 20:05 - 2014-12-19 06:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
    2015-01-13 20:05 - 2014-12-12 02:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
    2015-01-13 20:05 - 2014-12-12 00:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
    2015-01-13 20:05 - 2014-12-09 01:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
    2015-01-13 20:05 - 2014-12-08 19:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
    2015-01-13 20:05 - 2014-12-08 19:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
    2015-01-13 20:05 - 2014-12-08 19:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
    2015-01-13 20:05 - 2014-12-08 19:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
    2015-01-13 20:05 - 2014-12-08 19:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
    2015-01-13 20:05 - 2014-12-08 19:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
    2015-01-13 20:05 - 2014-12-08 19:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
    2015-01-13 20:05 - 2014-12-08 19:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
    2015-01-13 20:05 - 2014-12-06 03:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
    2015-01-13 20:05 - 2014-12-06 01:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
    2015-01-13 20:05 - 2014-12-06 01:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
    2015-01-13 20:05 - 2014-10-29 04:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
    2015-01-13 20:05 - 2014-10-29 04:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
    2015-01-13 20:05 - 2014-10-29 03:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
    2015-01-13 20:05 - 2014-10-29 03:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
    2015-01-13 20:05 - 2014-10-29 03:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
    2015-01-13 20:05 - 2014-10-29 03:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
    2015-01-13 20:05 - 2014-10-29 03:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
    2015-01-13 20:05 - 2014-10-29 03:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
    2015-01-13 20:05 - 2014-10-29 03:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
    2015-01-13 20:05 - 2014-10-29 03:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
    2015-01-13 20:05 - 2014-10-29 03:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
    2015-01-13 20:05 - 2014-10-29 02:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
    2015-01-13 20:05 - 2014-10-29 01:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
    2015-01-13 20:05 - 2014-10-29 01:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
    2015-01-13 20:05 - 2014-10-29 01:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
    2015-01-13 20:05 - 2014-10-29 01:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
    2015-01-10 16:25 - 2015-01-15 16:25 - 00000334 _____ () C:\Windows\Tasks\HPCeeScheduleForUser.job
    2015-01-09 15:42 - 2015-01-15 16:16 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
    2015-01-09 15:42 - 2015-01-09 15:53 - 00000000 ____D () C:\Users\User\AppData\Local\Roblox
    2015-01-08 19:02 - 2015-01-08 19:02 - 00000000 ____D () C:\ProgramData\cllflebfehaganannjlkoidjnffncghl
    2015-01-08 18:14 - 2015-01-08 18:15 - 00000000 ____D () C:\Users\User\Desktop\movies
    2014-12-27 16:52 - 2015-01-17 16:11 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
    2014-12-27 16:52 - 2015-01-17 16:11 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
    2014-12-27 14:04 - 2014-12-27 14:04 - 00002282 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2014-12-27 13:56 - 2014-12-27 13:56 - 00053440 _____ () C:\Users\User\Downloads\Magical Foods Mod 2.1.zip
    2014-12-27 13:38 - 2015-01-17 15:55 - 00000000 ____D () C:\Program Files (x86)\YoutubeAdBlockee
    2014-12-27 13:38 - 2015-01-17 15:55 - 00000000 ____D () C:\Program Files (x86)\uniisaLess
    2014-12-27 13:38 - 2014-12-27 13:38 - 00000000 ____D () C:\Program Files (x86)\IBA Optout
    2014-12-27 13:37 - 2014-12-27 13:37 - 00000000 ____D () C:\ProgramData\icjnaaafolcjjhihffbdmjjpidfiogmg
    2014-12-27 13:37 - 2014-12-27 13:37 - 00000000 ____D () C:\Program Files (x86)\uniSaleS
    2014-12-27 13:34 - 2014-12-27 13:34 - 00169316 _____ () C:\Users\User\Downloads\164blokkitv1.zip
    2014-12-27 13:22 - 2014-12-27 13:22 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2014-12-27 13:22 - 2014-12-27 13:22 - 00000000 ____D () C:\ProgramData\Sun
    2014-12-27 13:22 - 2014-12-27 13:22 - 00000000 ____D () C:\ProgramData\Oracle
    2014-12-27 13:22 - 2014-12-27 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2014-12-27 13:22 - 2014-12-27 13:22 - 00000000 ____D () C:\Program Files (x86)\Java
    2014-12-27 13:21 - 2014-12-27 13:21 - 00638888 _____ (Oracle Corporation) C:\Users\User\Downloads\chromeinstall-8u25.exe
    2014-12-27 13:21 - 2014-07-24 15:28 - 00419648 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
    2014-12-27 13:21 - 2014-07-24 15:28 - 00412992 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
    2014-12-27 13:21 - 2014-07-24 15:28 - 00143680 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
    2014-12-27 13:21 - 2014-07-24 15:20 - 00645592 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
    2014-12-27 13:21 - 2014-07-24 15:16 - 02574208 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
    2014-12-27 13:21 - 2014-07-24 15:07 - 02009920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
    2014-12-27 13:21 - 2014-07-24 15:05 - 01660048 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2014-12-27 13:21 - 2014-07-24 15:05 - 01519560 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
    2014-12-27 13:21 - 2014-07-24 15:05 - 01488008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
    2014-12-27 13:21 - 2014-07-24 15:05 - 01356840 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
    2014-12-27 13:21 - 2014-07-24 15:03 - 02141920 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
    2014-12-27 13:21 - 2014-07-24 15:03 - 00882136 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
    2014-12-27 13:21 - 2014-07-24 15:03 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
    2014-12-27 13:21 - 2014-07-24 15:03 - 00205512 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll
    2014-12-27 13:21 - 2014-07-24 13:48 - 02410976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
    2014-12-27 13:21 - 2014-07-24 13:46 - 00477200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
    2014-12-27 13:21 - 2014-07-24 13:36 - 02145472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
    2014-12-27 13:21 - 2014-07-24 13:36 - 00707536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
    2014-12-27 13:21 - 2014-07-24 13:36 - 00355800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
    2014-12-27 13:21 - 2014-07-24 13:36 - 00180720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
    2014-12-27 13:21 - 2014-07-24 11:44 - 00674816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
    2014-12-27 13:21 - 2014-07-24 11:43 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
    2014-12-27 13:21 - 2014-07-24 11:42 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
    2014-12-27 13:21 - 2014-07-24 11:05 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
    2014-12-27 13:21 - 2014-07-24 11:05 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
    2014-12-27 13:21 - 2014-07-24 10:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll
    2014-12-27 13:21 - 2014-07-24 10:20 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
    2014-12-27 13:21 - 2014-07-24 10:10 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
    2014-12-27 13:21 - 2014-07-24 10:10 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
    2014-12-27 13:21 - 2014-07-24 09:52 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
    2014-12-27 13:21 - 2014-07-24 09:44 - 16874496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
    2014-12-27 13:21 - 2014-07-24 09:39 - 00770048 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
    2014-12-27 13:21 - 2014-07-24 09:33 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
    2014-12-27 13:21 - 2014-07-24 09:24 - 01817088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
    2014-12-27 13:21 - 2014-07-24 09:16 - 12730880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
    2014-12-27 13:21 - 2014-07-24 09:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
    2014-12-27 13:21 - 2014-07-24 09:11 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
    2014-12-27 13:21 - 2014-07-24 09:10 - 00540672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
    2014-12-27 13:21 - 2014-07-24 09:03 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
    2014-12-27 13:21 - 2014-07-24 08:53 - 01261056 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
    2014-12-27 13:21 - 2014-07-24 08:53 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
    2014-12-27 13:21 - 2014-07-24 08:49 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
    2014-12-27 13:21 - 2014-07-24 08:39 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
    2014-12-27 13:21 - 2014-07-24 08:38 - 00371200 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
    2014-12-27 13:21 - 2014-07-24 08:32 - 01532416 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
    2014-12-27 13:21 - 2014-07-24 08:30 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
    2014-12-27 13:21 - 2014-07-24 08:29 - 00439296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
    2014-12-27 13:21 - 2014-07-24 08:23 - 01404416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
    2014-12-27 13:21 - 2014-07-24 08:22 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
    2014-12-27 13:21 - 2014-07-24 08:21 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
    2014-12-27 13:21 - 2014-07-24 08:21 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
    2014-12-27 13:21 - 2014-07-24 08:19 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
    2014-12-27 13:21 - 2014-07-24 08:18 - 00795136 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
    2014-12-27 13:21 - 2014-07-24 08:16 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
    2014-12-27 13:21 - 2014-07-24 08:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
    2014-12-27 13:21 - 2014-07-24 08:15 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2014-12-27 13:21 - 2014-07-24 08:10 - 00889344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
    2014-12-27 13:21 - 2014-07-24 08:10 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
    2014-12-27 13:21 - 2014-07-24 08:02 - 03465216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2014-12-27 13:21 - 2014-07-24 08:01 - 01992192 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
    2014-12-27 13:21 - 2014-07-24 07:50 - 01182208 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
    2014-12-27 13:21 - 2014-07-24 07:47 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
    2014-12-27 13:21 - 2014-07-24 07:44 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
    2014-12-27 13:21 - 2014-07-24 07:28 - 01600000 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
    2014-12-27 13:21 - 2014-07-24 04:11 - 00513544 _____ () C:\Windows\SysWOW64\locale.nls
    2014-12-27 13:21 - 2014-07-24 04:11 - 00513544 _____ () C:\Windows\system32\locale.nls
    2014-12-27 13:21 - 2014-07-12 05:55 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
    2014-12-27 13:21 - 2014-07-04 10:29 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
    2014-12-27 13:21 - 2014-07-04 09:30 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
    2014-12-27 13:21 - 2014-07-04 09:27 - 00474112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
    2014-12-27 13:21 - 2014-06-27 06:22 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
    2014-12-27 13:21 - 2014-06-26 00:32 - 01029632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
    2014-12-27 13:21 - 2014-06-19 02:13 - 00310080 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
    2014-12-27 13:21 - 2014-06-14 06:03 - 02389504 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
    2014-12-27 13:21 - 2014-06-14 05:46 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
    2014-12-27 13:21 - 2014-06-05 10:18 - 01018368 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
    2014-12-27 13:21 - 2014-06-05 09:42 - 00889856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
    2014-12-27 13:21 - 2014-05-31 05:00 - 01463808 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
    2014-12-27 13:21 - 2014-05-29 06:23 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
    2014-12-27 13:21 - 2014-05-29 05:25 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
    2014-12-27 13:21 - 2014-05-06 04:41 - 00486744 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
    2014-12-27 13:21 - 2014-05-06 00:55 - 00391000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
    2014-12-27 13:21 - 2014-03-25 02:27 - 00160600 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
    2014-12-27 13:21 - 2014-03-25 01:20 - 00127544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
    2014-12-27 13:20 - 2014-07-24 15:28 - 00280384 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
    2014-12-27 13:20 - 2014-07-24 15:25 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2014-12-27 13:20 - 2014-07-24 15:23 - 00125472 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
    2014-12-27 13:20 - 2014-07-24 15:20 - 00263400 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
    2014-12-27 13:20 - 2014-07-24 15:16 - 00211216 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
    2014-12-27 13:20 - 2014-07-24 15:03 - 00233888 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
    2014-12-27 13:20 - 2014-07-24 13:50 - 00098048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
    2014-12-27 13:20 - 2014-07-24 13:48 - 00180208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
    2014-12-27 13:20 - 2014-07-24 11:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL
    2014-12-27 13:20 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
    2014-12-27 13:20 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTT102.DLL
    2014-12-27 13:20 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
    2014-12-27 13:20 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
    2014-12-27 13:20 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
    2014-12-27 13:20 - 2014-07-24 11:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
    2014-12-27 13:20 - 2014-07-24 11:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
    2014-12-27 13:20 - 2014-07-24 11:45 - 00076800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
    2014-12-27 13:20 - 2014-07-24 11:42 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NdisImPlatform.sys
    2014-12-27 13:20 - 2014-07-24 11:41 - 00118272 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
    2014-12-27 13:20 - 2014-07-24 11:33 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2014-12-27 13:20 - 2014-07-24 11:33 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2014-12-27 13:20 - 2014-07-24 11:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
    2014-12-27 13:20 - 2014-07-24 10:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
    2014-12-27 13:20 - 2014-07-24 10:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTT102.DLL
    2014-12-27 13:20 - 2014-07-24 10:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
    2014-12-27 13:20 - 2014-07-24 10:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL
    2014-12-27 13:20 - 2014-07-24 10:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
    2014-12-27 13:20 - 2014-07-24 10:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
    2014-12-27 13:20 - 2014-07-24 10:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
    2014-12-27 13:20 - 2014-07-24 10:33 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
    2014-12-27 13:20 - 2014-07-24 10:32 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
    2014-12-27 13:20 - 2014-07-24 10:18 - 01089024 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
    2014-12-27 13:20 - 2014-07-24 10:12 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
    2014-12-27 13:20 - 2014-07-24 10:10 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
    2014-12-27 13:20 - 2014-07-24 10:10 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasnap.dll
    2014-12-27 13:20 - 2014-07-24 10:05 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
    2014-12-27 13:20 - 2014-07-24 09:42 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
    2014-12-27 13:20 - 2014-07-24 09:40 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
    2014-12-27 13:20 - 2014-07-24 09:32 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
    2014-12-27 13:20 - 2014-07-24 09:27 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
    2014-12-27 13:20 - 2014-07-24 09:25 - 00832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
    2014-12-27 13:20 - 2014-07-24 09:21 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
    2014-12-27 13:20 - 2014-07-24 09:18 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll
    2014-12-27 13:20 - 2014-07-24 09:14 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
    2014-12-27 13:20 - 2014-07-24 09:11 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
    2014-12-27 13:20 - 2014-07-24 09:04 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
    2014-12-27 13:20 - 2014-07-24 09:04 - 00183808 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
    2014-12-27 13:20 - 2014-07-24 08:58 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
    2014-12-27 13:20 - 2014-07-24 08:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
    2014-12-27 13:20 - 2014-07-24 08:48 - 00659968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
    2014-12-27 13:20 - 2014-07-24 08:47 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
    2014-12-27 13:20 - 2014-07-24 08:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll
    2014-12-27 13:20 - 2014-07-24 08:36 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
    2014-12-27 13:20 - 2014-07-24 08:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
    2014-12-27 13:20 - 2014-07-24 08:18 - 01144320 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
    2014-12-27 13:20 - 2014-07-24 08:18 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2014-12-27 13:20 - 2014-07-24 08:15 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
    2014-12-27 13:20 - 2014-07-24 08:15 - 00432128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
    2014-12-27 13:20 - 2014-07-24 08:13 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
    2014-12-27 13:20 - 2014-07-24 08:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
    2014-12-27 13:20 - 2014-07-24 08:07 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2014-12-27 13:20 - 2014-07-24 08:06 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2014-12-27 13:20 - 2014-07-24 08:05 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
    2014-12-27 13:20 - 2014-07-24 08:04 - 00667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2014-12-27 13:20 - 2014-07-24 08:00 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
    2014-12-27 13:20 - 2014-07-24 07:58 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
    2014-12-27 13:20 - 2014-07-24 07:58 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
    2014-12-27 13:20 - 2014-07-24 07:54 - 01290752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
    2014-12-27 13:20 - 2014-07-24 07:41 - 00459264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
    2014-12-27 13:20 - 2014-07-12 04:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
    2014-12-27 13:20 - 2014-07-04 12:59 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
    2014-12-27 13:20 - 2014-07-04 10:20 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
    2014-12-27 13:20 - 2014-07-04 10:06 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
    2014-12-27 13:20 - 2014-07-04 10:00 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
    2014-12-27 13:20 - 2014-06-26 00:29 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
    2014-12-27 13:20 - 2014-06-19 23:37 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
    2014-12-27 13:20 - 2014-06-07 12:46 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
    2014-12-27 13:20 - 2014-06-07 10:20 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
    2014-12-27 13:20 - 2014-06-05 14:00 - 01118040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
    2014-12-27 13:20 - 2014-05-31 04:18 - 01319936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
    2014-12-27 13:20 - 2014-05-26 07:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
    2014-12-27 13:20 - 2014-05-10 10:12 - 00387896 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
    2014-12-27 13:20 - 2014-05-10 08:46 - 00335680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
    2014-12-27 13:20 - 2014-03-25 02:27 - 00123920 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
    2014-12-27 13:20 - 2014-03-25 01:20 - 00128568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
    2014-12-27 13:19 - 2014-12-27 13:19 - 03077905 _____ () C:\Users\User\Downloads\forge-1.7.10-10.13.2.1230-installer.jar
    2014-12-26 20:28 - 2014-12-26 20:28 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieBrowserModeList
    2014-12-26 20:25 - 2015-01-06 00:08 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2014-12-26 20:25 - 2015-01-06 00:08 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2014-12-26 19:54 - 2014-12-26 19:54 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2014-12-26 19:54 - 2014-12-26 19:54 - 00000000 ____D () C:\Windows\system32\appraiser
    2014-12-26 17:05 - 2015-01-14 08:12 - 00000000 ____D () C:\Windows\system32\MRT
    2014-12-26 17:05 - 2015-01-14 08:07 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2014-12-26 16:55 - 2014-04-14 03:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
    2014-12-26 14:48 - 2014-12-26 14:48 - 00000000 ____D () C:\Users\User\Documents\Avatar
    2014-12-26 14:48 - 2014-12-26 14:48 - 00000000 ____D () C:\Users\User\AppData\Roaming\CyberLink
    2014-12-26 13:06 - 2014-11-10 02:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll
    2014-12-26 13:06 - 2014-11-10 01:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
    2014-12-26 13:05 - 2014-12-03 23:37 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-12-26 13:05 - 2014-12-03 23:09 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2014-12-26 13:05 - 2014-12-02 23:09 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-12-26 13:05 - 2014-12-02 23:09 - 00740864 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2014-12-26 13:05 - 2014-12-02 23:09 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2014-12-26 13:05 - 2014-12-02 23:09 - 00396288 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2014-12-26 13:05 - 2014-12-02 23:09 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2014-12-26 13:05 - 2014-09-22 04:38 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
    2014-12-26 13:05 - 2014-09-22 03:06 - 00258368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
    2014-12-26 13:05 - 2014-09-22 03:06 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
    2014-12-26 13:05 - 2014-09-22 02:49 - 00035320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
    2014-12-26 13:05 - 2014-09-19 00:16 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
    2014-12-26 13:05 - 2014-09-02 22:08 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
    2014-12-26 13:05 - 2014-09-02 22:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
    2014-12-26 13:05 - 2014-07-10 04:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\lockscreencn.dll
    2014-12-26 13:04 - 2014-10-31 23:57 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
    2014-12-26 13:04 - 2014-10-31 23:47 - 00790528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
    2014-12-26 13:04 - 2014-10-30 23:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2014-12-26 13:04 - 2014-10-30 23:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2014-12-26 13:04 - 2014-10-13 02:33 - 00116032 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
    2014-12-26 13:04 - 2014-10-11 00:58 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
    2014-12-26 13:04 - 2014-10-11 00:53 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
    2014-12-26 13:04 - 2014-10-08 07:30 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
    2014-12-26 13:04 - 2014-10-08 07:09 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
    2014-12-26 13:04 - 2014-10-08 06:27 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
    2014-12-26 13:04 - 2014-10-08 05:32 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
    2014-12-26 13:04 - 2014-10-08 05:19 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
    2014-12-26 13:01 - 2014-08-15 00:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
    2014-12-26 13:01 - 2014-07-30 01:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
    2014-12-26 13:01 - 2014-07-29 05:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
    2014-12-26 12:04 - 2015-01-17 16:42 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
    2014-12-26 11:56 - 2014-11-22 03:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-12-26 11:56 - 2014-11-22 02:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-12-26 11:56 - 2014-11-22 02:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-12-26 11:56 - 2014-11-22 02:35 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2014-12-26 11:56 - 2014-11-22 02:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-12-26 11:56 - 2014-11-22 02:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-12-26 11:56 - 2014-11-22 02:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-12-26 11:56 - 2014-11-22 02:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2014-12-26 11:56 - 2014-11-22 02:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2014-12-26 11:56 - 2014-11-22 02:06 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
    2014-12-26 11:56 - 2014-11-22 02:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-12-26 11:56 - 2014-11-22 02:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-12-26 11:56 - 2014-11-22 01:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
    2014-12-26 11:56 - 2014-11-22 01:55 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2014-12-26 11:56 - 2014-11-22 01:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2014-12-26 11:56 - 2014-11-22 01:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-12-26 11:56 - 2014-11-22 01:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-12-26 11:56 - 2014-11-22 01:49 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-12-26 11:56 - 2014-11-22 01:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-12-26 11:56 - 2014-11-22 01:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-12-26 11:56 - 2014-11-22 01:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2014-12-26 11:56 - 2014-11-22 01:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
    2014-12-26 11:56 - 2014-11-22 01:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2014-12-26 11:56 - 2014-11-22 01:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-12-26 11:56 - 2014-11-22 01:29 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
    2014-12-26 11:56 - 2014-11-22 01:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-12-26 11:56 - 2014-11-22 01:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2014-12-26 11:56 - 2014-11-22 01:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-12-26 11:56 - 2014-11-22 01:23 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2014-12-26 11:56 - 2014-11-22 01:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-12-26 11:56 - 2014-11-22 01:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-12-26 11:56 - 2014-11-22 01:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-12-26 11:56 - 2014-11-22 01:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-12-26 11:56 - 2014-11-22 01:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-12-26 11:56 - 2014-11-22 00:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-12-26 11:56 - 2014-11-22 00:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2014-12-26 11:56 - 2014-10-31 05:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-12-26 11:56 - 2014-10-31 04:53 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-12-26 11:56 - 2014-10-31 04:52 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
    2014-12-26 11:56 - 2014-10-31 04:51 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-12-26 11:56 - 2014-10-31 04:51 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-12-26 11:56 - 2014-10-31 04:50 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-12-26 11:56 - 2014-10-31 04:38 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-12-26 11:56 - 2014-10-31 04:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-12-26 11:56 - 2014-10-31 04:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2014-12-26 11:56 - 2014-10-31 04:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-12-26 11:56 - 2014-10-31 03:44 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
    2014-12-26 11:56 - 2014-10-31 03:13 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-12-26 11:56 - 2014-10-31 03:13 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
    2014-12-26 11:56 - 2014-10-31 03:12 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-12-26 11:56 - 2014-10-31 03:11 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-12-26 11:56 - 2014-10-31 03:02 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2014-12-26 11:56 - 2014-10-31 02:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2014-12-26 11:56 - 2014-10-31 02:56 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2014-12-26 11:56 - 2014-10-31 02:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-12-26 11:56 - 2014-10-31 02:26 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
    2014-12-26 11:55 - 2014-11-22 02:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2014-12-26 11:55 - 2014-11-22 02:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-12-26 11:55 - 2014-11-22 02:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2014-12-26 11:55 - 2014-10-31 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
    2014-12-26 11:55 - 2014-10-31 05:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
    2014-12-26 11:55 - 2014-10-31 05:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
    2014-12-26 11:55 - 2014-10-31 05:09 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
    2014-12-26 11:55 - 2014-10-31 05:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
    2014-12-26 11:55 - 2014-10-31 05:06 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2014-12-26 11:55 - 2014-10-31 05:06 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-12-26 11:55 - 2014-10-31 04:57 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-12-26 11:55 - 2014-10-31 04:56 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-12-26 11:55 - 2014-10-31 04:54 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
    2014-12-26 11:55 - 2014-10-31 04:40 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
    2014-12-26 11:55 - 2014-10-31 04:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
    2014-12-26 11:55 - 2014-10-31 04:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
    2014-12-26 11:55 - 2014-10-31 04:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
    2014-12-26 11:55 - 2014-10-31 04:19 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2014-12-26 11:55 - 2014-10-31 03:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
    2014-12-26 11:55 - 2014-10-31 03:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
    2014-12-26 11:55 - 2014-10-31 03:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
    2014-12-26 11:55 - 2014-10-31 03:27 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
    2014-12-26 11:55 - 2014-10-31 03:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
    2014-12-26 11:55 - 2014-10-31 03:25 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
    2014-12-26 11:55 - 2014-10-31 03:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2014-12-26 11:55 - 2014-10-31 03:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-12-26 11:55 - 2014-10-31 03:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-12-26 11:55 - 2014-10-31 03:16 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-12-26 11:55 - 2014-10-31 03:15 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-12-26 11:55 - 2014-10-31 03:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
    2014-12-26 11:55 - 2014-10-31 03:03 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
    2014-12-26 11:55 - 2014-10-31 02:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
    2014-12-26 11:55 - 2014-10-31 02:56 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
    2014-12-26 11:55 - 2014-10-31 02:53 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
    2014-12-26 11:55 - 2014-10-31 02:48 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2014-12-26 11:55 - 2014-10-31 02:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
    2014-12-26 11:54 - 2014-05-30 03:03 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
    2014-12-26 11:53 - 2014-10-30 22:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
    2014-12-26 11:53 - 2014-10-30 22:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
    2014-12-26 11:37 - 2014-09-27 07:13 - 00104336 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
    2014-12-26 11:37 - 2014-09-27 05:24 - 00088800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
    2014-12-26 11:37 - 2014-09-27 03:38 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2014-12-26 11:37 - 2014-09-27 03:30 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
    2014-12-26 11:37 - 2014-09-27 03:17 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2014-12-26 11:37 - 2014-06-13 01:15 - 00517528 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
    2014-12-26 11:37 - 2014-06-13 01:14 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
    2014-12-26 11:37 - 2014-06-13 00:10 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
    2014-12-26 11:37 - 2014-06-06 11:34 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
    2014-12-26 11:36 - 2014-06-20 01:48 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2014-12-26 11:36 - 2014-06-19 23:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
    2014-12-26 11:35 - 2014-10-10 01:58 - 00177472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2014-12-26 11:35 - 2014-10-10 01:58 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
    2014-12-26 11:35 - 2014-10-10 01:44 - 00563976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2014-12-26 11:35 - 2014-10-08 07:37 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2014-12-26 11:35 - 2014-10-08 07:37 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2014-12-26 11:35 - 2014-10-08 07:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
    2014-12-26 11:35 - 2014-10-08 07:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
    2014-12-26 11:35 - 2014-10-08 06:56 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
    2014-12-26 11:35 - 2014-10-08 06:51 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2014-12-26 11:35 - 2014-10-08 06:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2014-12-26 11:35 - 2014-10-08 06:18 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
    2014-12-26 11:35 - 2014-10-08 06:17 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2014-12-26 11:35 - 2014-10-08 05:23 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
    2014-12-26 11:35 - 2014-08-07 02:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2014-12-26 11:35 - 2014-08-02 03:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2014-12-26 11:35 - 2014-07-15 18:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
    2014-12-26 11:35 - 2014-07-15 08:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
    2014-12-26 11:34 - 2014-11-07 04:16 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2014-12-26 11:34 - 2014-11-07 03:26 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2014-12-26 11:34 - 2014-10-23 05:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
    2014-12-26 11:34 - 2014-10-23 05:05 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
    2014-12-26 11:34 - 2014-10-17 07:01 - 00789184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
    2014-12-26 11:34 - 2014-10-17 06:58 - 00602768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
    2014-12-26 11:34 - 2014-10-13 02:43 - 00238912 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
    2014-12-26 11:34 - 2014-10-13 02:43 - 00153920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
    2014-12-26 11:34 - 2014-10-13 02:43 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
    2014-12-26 11:34 - 2014-10-13 02:43 - 00039744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
    2014-12-26 11:34 - 2014-10-07 03:30 - 04182016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2014-12-26 11:34 - 2014-09-04 00:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
    2014-12-26 11:34 - 2014-09-04 00:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
    2014-12-26 11:34 - 2014-08-23 07:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
    2014-12-26 11:34 - 2014-08-23 07:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
    2014-12-26 11:34 - 2014-08-23 06:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
    2014-12-26 11:34 - 2014-08-23 05:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
    2014-12-26 11:34 - 2014-08-23 05:18 - 02149376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
    2014-12-26 11:34 - 2014-08-23 05:03 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
    2014-12-26 11:34 - 2014-08-23 04:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
    2014-12-26 11:34 - 2014-08-16 04:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
    2014-12-26 11:34 - 2014-08-16 04:01 - 01710184 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2014-12-26 11:34 - 2014-08-16 03:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2014-12-26 11:34 - 2014-08-16 03:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
    2014-12-26 11:34 - 2014-08-16 03:03 - 01467384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2014-12-26 11:34 - 2014-08-16 01:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2014-12-26 11:34 - 2014-08-16 01:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
    2014-12-26 11:34 - 2014-08-16 00:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
    2014-12-26 11:34 - 2014-08-16 00:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
    2014-12-26 11:34 - 2014-08-16 00:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
    2014-12-26 11:34 - 2014-08-16 00:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
    2014-12-26 11:34 - 2014-08-16 00:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
    2014-12-26 11:34 - 2014-08-16 00:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
    2014-12-26 11:34 - 2014-08-16 00:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
    2014-12-26 11:34 - 2014-08-16 00:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
    2014-12-26 11:34 - 2014-08-16 00:29 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2014-12-26 11:34 - 2014-08-16 00:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
    2014-12-26 11:34 - 2014-08-16 00:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
    2014-12-26 11:34 - 2014-08-16 00:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
    2014-12-26 11:34 - 2014-08-16 00:19 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2014-12-26 11:34 - 2014-08-16 00:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
    2014-12-26 11:34 - 2014-08-16 00:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
    2014-12-26 11:34 - 2014-08-16 00:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
    2014-12-26 11:34 - 2014-08-16 00:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
    2014-12-26 11:34 - 2014-08-16 00:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
    2014-12-26 11:34 - 2014-08-16 00:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
    2014-12-26 11:34 - 2014-08-16 00:11 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
    2014-12-26 11:34 - 2014-08-16 00:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
    2014-12-26 11:34 - 2014-08-16 00:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2014-12-26 11:34 - 2014-08-16 00:07 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
    2014-12-26 11:34 - 2014-08-02 00:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
    2014-12-26 11:34 - 2014-07-24 15:28 - 00468288 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
    2014-12-26 11:34 - 2014-07-24 11:42 - 01200640 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
    2014-12-26 11:34 - 2014-07-24 11:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
    2014-12-26 11:34 - 2014-07-24 10:09 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
    2014-12-26 11:34 - 2014-07-24 09:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
    2014-12-26 11:34 - 2014-07-15 08:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
    2014-12-26 11:34 - 2014-07-15 08:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
    2014-12-26 11:34 - 2014-06-09 22:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
    2014-12-26 11:34 - 2014-06-09 22:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
    2014-12-26 11:34 - 2014-05-19 06:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
    2014-12-26 11:34 - 2014-05-19 06:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
    2014-12-26 11:34 - 2014-05-19 05:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
    2014-12-26 11:33 - 2014-06-06 13:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
    2014-12-26 11:33 - 2014-06-06 12:18 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
    2014-12-26 11:33 - 2014-06-02 02:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
    2014-12-26 11:33 - 2014-05-31 10:07 - 00440664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
    2014-12-26 11:33 - 2014-05-31 10:07 - 00089944 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
    2014-12-26 11:33 - 2014-05-31 10:07 - 00027480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
    2014-12-26 11:33 - 2014-05-31 06:30 - 00037376 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
    2014-12-26 11:33 - 2014-05-31 06:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
    2014-12-26 11:33 - 2014-05-31 06:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
    2014-12-26 11:33 - 2014-05-31 04:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
    2014-12-26 11:33 - 2014-05-31 04:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
    2014-12-26 11:33 - 2014-05-31 04:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
    2014-12-26 11:33 - 2014-05-27 09:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll
    2014-12-26 11:33 - 2014-05-27 09:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll
    2014-12-26 11:32 - 2014-11-09 23:19 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2014-12-26 11:32 - 2014-11-09 23:19 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2014-12-26 11:32 - 2014-11-09 23:18 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
    2014-12-26 11:32 - 2014-11-09 23:18 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
    2014-12-26 11:32 - 2014-09-10 06:25 - 00474432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
    2014-12-26 11:32 - 2014-09-08 03:07 - 02497344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
    2014-12-26 11:32 - 2014-09-08 03:07 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
    2014-12-26 11:32 - 2014-09-07 22:08 - 00389176 _____ () C:\Windows\system32\ApnDatabase.xml
    2014-12-26 11:32 - 2014-09-04 22:30 - 00822272 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
    2014-12-26 11:32 - 2014-09-04 22:21 - 01053184 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
    2014-12-26 11:32 - 2014-09-04 03:05 - 00836176 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
    2014-12-26 11:32 - 2014-09-04 02:22 - 00670384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
    2014-12-26 11:32 - 2014-09-04 01:01 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
    2014-12-26 11:32 - 2014-09-04 00:32 - 00334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
    2014-12-26 11:32 - 2014-09-04 00:10 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
    2014-12-26 11:32 - 2014-08-31 00:17 - 00148800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
    2014-12-26 11:32 - 2014-08-31 00:15 - 21197152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2014-12-26 11:32 - 2014-08-30 22:59 - 18723112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2014-12-26 11:32 - 2014-08-30 22:05 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
    2014-12-26 11:32 - 2014-08-30 21:58 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
    2014-12-26 11:32 - 2014-08-30 21:04 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
    2014-12-26 11:32 - 2014-08-30 20:53 - 00239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
    2014-12-26 11:32 - 2014-08-30 20:17 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
    2014-12-26 11:32 - 2014-08-28 02:55 - 07484224 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2014-12-26 11:32 - 2014-08-28 00:21 - 02480128 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
    2014-12-26 11:32 - 2014-08-28 00:06 - 02030592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
    2014-12-26 11:32 - 2014-08-23 05:14 - 13424128 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
    2014-12-26 11:32 - 2014-08-23 05:04 - 11820544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
    2014-12-26 11:32 - 2014-08-23 04:50 - 02714112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
    2014-12-26 11:32 - 2014-08-02 00:51 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
    2014-12-26 11:32 - 2014-08-02 00:35 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
    2014-12-26 11:32 - 2014-07-24 11:22 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
    2014-12-26 11:32 - 2014-07-24 09:53 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
    2014-12-26 11:32 - 2014-07-24 09:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
    2014-12-26 11:32 - 2014-07-24 08:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
    2014-12-26 11:32 - 2014-07-24 08:08 - 00162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
    2014-12-26 11:32 - 2014-07-24 07:49 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
    2014-12-26 11:32 - 2014-07-24 07:43 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
    2014-12-26 11:32 - 2014-07-24 03:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
    2014-12-26 11:32 - 2014-07-24 03:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
    2014-12-26 11:32 - 2014-07-12 04:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
    2014-12-26 11:31 - 2014-12-26 11:31 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
    2014-12-26 11:11 - 2014-05-31 10:06 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
    2014-12-26 11:11 - 2014-05-31 02:37 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
    2014-12-26 11:11 - 2014-05-31 02:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
    2014-12-26 11:11 - 2014-04-11 05:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
    2014-12-26 10:53 - 2015-01-01 18:46 - 00000000 ____D () C:\Users\User\AppData\Roaming\.minecraft
    2014-12-26 10:53 - 2014-12-26 10:53 - 00000000 ____D () C:\Users\User\AppData\Roaming\java
    2014-12-26 10:46 - 2014-12-26 10:47 - 00000000 ____D () C:\Program Files (x86)\Minecraft
    2014-12-26 10:46 - 2014-12-26 10:46 - 02314240 _____ () C:\Users\User\Downloads\MinecraftInstaller.msi
    2014-12-26 10:46 - 2014-12-26 10:46 - 00000980 _____ () C:\Users\Public\Desktop\Minecraft.lnk
    2014-12-26 10:46 - 2014-12-26 10:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
    2014-12-26 10:42 - 2014-12-26 10:42 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
    2014-12-26 10:42 - 2014-12-26 10:42 - 00001987 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
    2014-12-26 10:42 - 2014-12-26 10:42 - 00000000 ____D () C:\Users\User\AppData\Roaming\AVAST Software
    2014-12-26 10:42 - 2014-12-26 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
    2014-12-26 10:42 - 2014-12-26 10:42 - 00000000 ____D () C:\Program Files\Google
    2014-12-26 10:41 - 2014-12-26 10:46 - 00003910 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2014-12-26 10:41 - 2014-12-26 10:46 - 00003674 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2014-12-26 10:41 - 2014-12-26 10:46 - 00000938 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-12-26 10:41 - 2014-12-26 10:46 - 00000934 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-12-26 10:41 - 2014-12-26 10:42 - 00000000 ____D () C:\Users\User\AppData\Local\Google
    2014-12-26 10:41 - 2014-12-26 10:42 - 00000000 ____D () C:\ProgramData\Google
    2014-12-26 10:41 - 2014-12-26 10:42 - 00000000 ____D () C:\Program Files (x86)\Google
    2014-12-26 10:41 - 2014-12-26 10:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2014-12-26 10:40 - 2014-12-26 10:42 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
    2014-12-26 10:40 - 2014-12-26 10:40 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
    2014-12-26 10:40 - 2014-12-26 10:40 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
    2014-12-26 10:40 - 2014-12-26 10:40 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
    2014-12-26 10:40 - 2014-12-26 10:40 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
    2014-12-26 10:40 - 2014-12-26 10:40 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
    2014-12-26 10:40 - 2014-12-26 10:40 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
    2014-12-26 10:40 - 2014-12-26 10:40 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
    2014-12-26 10:40 - 2014-12-26 10:40 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
    2014-12-26 10:40 - 2014-12-26 10:40 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
    2014-12-26 10:39 - 2014-12-26 10:39 - 00000000 ____D () C:\ProgramData\AVAST Software
    2014-12-26 10:39 - 2014-12-26 10:39 - 00000000 ____D () C:\Program Files\AVAST Software
    2014-12-26 10:38 - 2014-12-26 10:38 - 05006864 _____ (AVAST Software) C:\Users\User\Downloads\avast_free_antivirus_setup_online.exe
    2014-12-26 10:37 - 2015-01-17 15:08 - 00003898 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{033A36FC-E3AB-4A05-B9BE-16FDD20877E9}
    2014-12-26 10:37 - 2014-12-26 10:37 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieUserList
    2014-12-26 10:37 - 2014-12-26 10:37 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieSiteList
    2014-12-26 10:36 - 2014-12-26 10:36 - 00000000 ____D () C:\Users\User\AppData\Roaming\Macromedia
    2014-12-26 10:31 - 2014-12-26 10:31 - 00000000 ____D () C:\Users\User\AppData\Roaming\hpqlog
    2014-12-23 13:17 - 2015-01-17 20:13 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1195921204-3405295498-33354624-1001
    2014-12-23 13:15 - 2014-12-26 11:01 - 00000000 ____D () C:\Users\User\AppData\Roaming\Hewlett-Packard
    2014-12-23 13:14 - 2015-01-17 19:35 - 00000000 ____D () C:\Users\User\Documents\Youcam
    2014-12-23 13:14 - 2014-12-26 14:47 - 00000000 ____D () C:\Users\User\AppData\Local\CyberLink
    2014-12-23 13:13 - 2015-01-10 16:25 - 00000000 ____D () C:\Users\User\AppData\Local\Hewlett-Packard
    2014-12-23 13:12 - 2014-12-23 13:12 - 00001449 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2014-12-23 13:12 - 2014-12-23 13:12 - 00000184 _____ () C:\Windows\insFileSpec
    2014-12-23 13:12 - 2014-12-23 13:12 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
    2014-12-23 13:12 - 2014-12-23 13:12 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe
    2014-12-23 13:12 - 2014-12-23 13:12 - 00000000 ____D () C:\Users\User\AppData\Local\VirtualStore
    2014-12-23 13:12 - 2014-11-21 23:57 - 00001332 _____ () C:\Users\Public\Desktop\HP Smart Friend.lnk
    2014-12-23 13:12 - 2014-11-21 23:50 - 00002241 _____ () C:\Users\Public\Desktop\Snapfish Photos.lnk
    2014-12-23 13:12 - 2014-11-21 23:37 - 00001306 _____ () C:\Users\Public\Desktop\TripAdvisor.lnk
    2014-12-23 13:12 - 2014-08-26 01:27 - 00002262 _____ () C:\Users\Public\Desktop\Get Dropbox Offer.lnk
    2014-12-23 13:11 - 2015-01-17 20:12 - 01480932 _____ () C:\Windows\WindowsUpdate.log
    2014-12-23 13:11 - 2014-12-26 11:01 - 00000000 ____D () C:\Users\User\AppData\Local\Packages
    2014-12-23 13:11 - 2014-12-23 13:11 - 00000180 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
    2014-12-23 13:11 - 2014-12-23 13:11 - 00000020 ___SH () C:\Users\User\ntuser.ini
    2014-12-23 13:11 - 2014-12-23 13:11 - 00000000 ____D () C:\Users\User\AppData\Roaming\Synaptics
    2014-12-23 13:11 - 2014-08-26 09:49 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
    2014-12-23 13:11 - 2014-08-26 01:19 - 00000000 ___HD () C:\Users\User\Documents\hp.system.package.metadata
    2014-12-23 13:11 - 2014-03-18 10:06 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
    2014-12-23 13:11 - 2014-03-18 09:54 - 00000369 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
    2014-12-23 13:11 - 2014-03-18 09:54 - 00000369 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
    2014-12-23 13:11 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2014-12-23 13:11 - 2013-08-22 15:36 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
     
    ==================== One Month Modified Files and Folders =======
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2015-01-17 20:00 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sru
    2015-01-17 19:39 - 2014-03-18 09:53 - 00958356 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-01-17 19:33 - 2013-08-22 14:46 - 00028864 _____ () C:\Windows\setupact.log
    2015-01-17 19:33 - 2013-08-22 14:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-01-17 19:32 - 2014-03-18 09:44 - 00015582 _____ () C:\Windows\PFRO.log
    2015-01-17 19:32 - 2013-08-22 13:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
    2015-01-17 19:26 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\AppReadiness
    2015-01-17 16:40 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\Help
    2015-01-17 16:25 - 2014-11-21 23:53 - 00000000 ____D () C:\ProgramData\McAfee
    2015-01-17 15:21 - 2014-08-26 01:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
    2015-01-17 15:21 - 2013-08-22 15:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
    2015-01-17 15:13 - 2013-08-22 13:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
    2015-01-14 08:12 - 2013-08-22 15:20 - 00000000 ____D () C:\Windows\CbsTemp
    2015-01-10 09:58 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\LiveKernelReports
    2015-01-09 12:07 - 2013-08-22 14:44 - 00354104 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-12-30 01:14 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\rescache
    2014-12-29 19:42 - 2014-03-18 09:38 - 00000000 ____D () C:\Program Files\Windows Journal
    2014-12-29 19:42 - 2013-08-22 15:36 - 00000000 ___RD () C:\Windows\ToastData
    2014-12-29 19:42 - 2013-08-22 15:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
    2014-12-29 19:42 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
    2014-12-29 19:42 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
    2014-12-29 19:42 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
    2014-12-29 19:42 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
    2014-12-29 19:42 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
    2014-12-29 19:42 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\setup
    2014-12-29 19:42 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\en-GB
    2014-12-29 19:42 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\system32\oobe
    2014-12-27 16:52 - 2014-08-26 01:19 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\WinStore
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\MediaViewer
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\FileManager
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\Camera
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\AppCompat
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Defender
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
    2014-12-26 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
    2014-12-26 14:48 - 2014-11-21 23:51 - 00000000 ____D () C:\Users\Public\CyberLink
    2014-12-26 14:48 - 2014-11-21 23:43 - 00000000 ____D () C:\ProgramData\CyberLink
    2014-12-26 11:02 - 2014-08-26 01:28 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
    2014-12-26 10:39 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\restore
    2014-12-23 13:21 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Recovery
    2014-12-23 13:11 - 2014-04-04 23:45 - 00000000 ___HD () C:\SYSTEM.SAV
    2014-12-23 13:06 - 2014-04-02 23:51 - 00000000 ____D () C:\Windows\Panther
     
    Some content of TEMP:
    ====================
    C:\Users\User\AppData\Local\Temp\7za.exe
    C:\Users\User\AppData\Local\Temp\hijackthis.exe
    C:\Users\User\AppData\Local\Temp\NirCmd.exe
    C:\Users\User\AppData\Local\Temp\PEVZ.EXE
    C:\Users\User\AppData\Local\Temp\Quarantine.exe
    C:\Users\User\AppData\Local\Temp\remove.exe
    C:\Users\User\AppData\Local\Temp\sed.exe
    C:\Users\User\AppData\Local\Temp\shortcut.exe
    C:\Users\User\AppData\Local\Temp\sqlite3.dll
    C:\Users\User\AppData\Local\Temp\swreg.exe
    C:\Users\User\AppData\Local\Temp\swxcacls.exe
    C:\Users\User\AppData\Local\Temp\wget.exe
    C:\Users\User\AppData\Local\Temp\zoek-delete.exe
     
     
    ==================== Bamital & volsnap Check =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
     
     
    LastRegBack: 2015-01-06 16:44
     
    ==================== End Of Log ============================
     
     
     
     
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-01-2015 01
    Ran by User at 2015-01-17 20:19:40
    Running from C:\Users\User\Desktop
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
    Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
    Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
    Bejeweled 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Building the Great Wall of China Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
    Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
    Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
    Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
    Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden
    CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.7.4023 - CyberLink Corp.)
    Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.1.5406 - CyberLink Corp.)
    Cyberlink PhotoDirector (Version: 5.0.1.5406 - CyberLink Corp.) Hidden
    CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.7.4016 - CyberLink Corp.)
    CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.1.3121 - CyberLink Corp.)
    CyberLink PowerDirector 12 (Version: 12.0.1.3121 - CyberLink Corp.) Hidden
    CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4.4223 - CyberLink Corp.)
    CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.4.4218 - CyberLink Corp.)
    DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
    Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
    Evernote v. 5.3 (HKLM-x32\...\{E461B1AC-BC3C-11E3-B5B8-00163E98E7D6}) (Version: 5.3.0.3360 - Evernote Corp.)
    Farm Frenzy (x32 Version: 3.0.2.59 - WildTangent) Hidden
    Foxit PhantomPDF (HKLM-x32\...\{00CD7D62-056A-4F0F-9143-44522D44E6DD}) (Version: 6.0.32.507 - Foxit Corporation)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
    Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
    Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
    Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
    HP 3D DriveGuard (HKLM-x32\...\{13133E99-B0D5-4143-B832-AAD55C62A41C}) (Version: 6.0.19.1 - Hewlett-Packard Company)
    HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company)
    HP Documentation (HKLM-x32\...\{082B1425-0F24-43FA-9B64-E8F617B0AD3B}) (Version: 1.1.0.0 - Hewlett-Packard)
    HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
    HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
    HP Support Assistant (HKLM-x32\...\{7FE016CC-DAA9-4E21-BD2F-98390D1E6F3F}) (Version: 7.6.23.8 - Hewlett-Packard Company)
    HP System Event Utility (HKLM-x32\...\{E20B0C89-ACCF-4EBB-909D-2E5BD4A9C024}) (Version: 1.1.11 - Hewlett-Packard Company)
    HP Utility Center (HKLM\...\{DCD5C599-5CCC-4E37-8938-FBB548D780C6}) (Version: 2.5.3 - Hewlett-Packard Company)
    HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
    Inst5675 (Version: 8.01.11 - Softex Inc.) Hidden
    Inst5676 (Version: 8.01.11 - Softex Inc.) Hidden
    Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
    Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
    Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
    Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.9.1000 - Intel Corporation)
    Intel® Smart Connect Technology (HKLM\...\{51AC86D3-C431-48AD-9195-0D6C930D07CD}) (Version: 4.2.41.2710 - Intel Corporation)
    Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
    Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
    Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
    Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
    Minecraft (HKLM-x32\...\{02BAAFC5-4E16-42E6-A9F6-8DDE0B7ED3B8}) (Version: 1.0.0.0 - Mojang)
    Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.51 - WildTangent) Hidden
    Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
    Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
    REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.17 - REALTEK Semiconductor Corp.)
    Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.49 - Realtek Semiconductor Corp.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.32.508.2014 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7231 - Realtek Semiconductor Corp.)
    REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.33 - REALTEK Semiconductor Corp.)
    ROBLOX Player for User (HKU\S-1-5-21-1195921204-3405295498-33354624-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.7.16 - Synaptics Incorporated)
    Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
    Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
    WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
    WildTangent Games App for HP (x32 Version: 4.0.11.9 - WildTangent) Hidden
    Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden
     
    ==================== Custom CLSID (selected items): ==========================
     
    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
     
    CustomCLSID: HKU\S-1-5-21-1195921204-3405295498-33354624-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
    CustomCLSID: HKU\S-1-5-21-1195921204-3405295498-33354624-1001_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\User\AppData\Local\Roblox\Versions\version-1b62582f111742b3\RobloxProxy64.dll (ROBLOX Corporation)
     
    ==================== Restore Points  =========================
     
    26-12-2014 10:39:20 avast! antivirus system restore point
    14-01-2015 08:06:08 Windows Update
     
    ==================== Hosts content: ==========================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
     
    ==================== Scheduled Tasks (whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
     
    Task: {06C3F4BB-DF98-4CE9-AD1F-DF107896AB12} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
    Task: {27A117B2-4FD1-41BB-8B9A-09166A8E12BF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-01-14] (Microsoft Corporation)
    Task: {37A4B22F-94F5-40E3-88DB-F1FC14D44747} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-26] (Google Inc.)
    Task: {40D70423-D602-439D-8E4E-728C9EC7E609} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-06-03] (Hewlett-Packard Company)
    Task: {631325E1-7639-4753-9EB2-D44CC9ED7EAB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-26] (Google Inc.)
    Task: {749102D2-7D46-4F95-BC84-AB37533FD1C3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-06-03] (Hewlett-Packard Company)
    Task: {9EE8F73F-7CC2-4EB4-849B-4B4B8FCC3196} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2014-05-19] (Hewlett-Packard Development Company, L.P.)
    Task: {9FC1CF05-41A7-4960-83DC-D11DCA19BF5E} - System32\Tasks\HPCeeScheduleForUser => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
    Task: {D4B78460-3D6A-4C4D-8AAB-8C6E5AC23D07} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-26] (AVAST Software)
    Task: {E24B0B08-F797-4A55-8CC2-953EDC79BA6F} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-06-18] (CyberLink Corp.)
    Task: {E6B631BB-D749-4FAF-88C4-AB20471FC1E3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
    Task: {F4A9A78D-4963-4BFE-92E6-C5EE4FCBDA50} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\HPCeeScheduleForUser.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
     
    ==================== Loaded Modules (whitelisted) =============
     
    2014-03-28 12:31 - 2014-03-28 12:31 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
    2014-03-28 12:27 - 2014-03-28 12:27 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
    2014-03-28 12:27 - 2014-03-28 12:27 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
    2014-03-28 12:27 - 2014-03-28 12:27 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
    2014-03-28 12:48 - 2014-03-28 12:48 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
    2014-03-28 12:48 - 2014-03-28 12:48 - 00712080 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
    2014-11-21 23:31 - 2014-07-04 11:24 - 00094936 ____N () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
    2013-12-04 08:44 - 2013-12-04 08:44 - 00200168 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
    2013-12-04 08:44 - 2013-12-04 08:44 - 00054760 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll
    2013-12-04 08:44 - 2013-12-04 08:44 - 00034792 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTNetMon.dll
    2014-11-22 00:00 - 2014-04-14 18:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
    2014-03-28 12:36 - 2014-03-28 12:36 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
    2015-01-17 19:08 - 2015-01-17 19:08 - 02911744 _____ () C:\Program Files\AVAST Software\Avast\defs\15011701\algo.dll
    2014-12-26 10:40 - 2014-12-26 10:40 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2014-11-21 23:22 - 2013-12-10 15:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
     
    ==================== Alternate Data Streams (whitelisted) =========
     
    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
     
     
    ==================== Safe Mode (whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
     
    ==================== EXE Association (whitelisted) =============
     
    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
     
     
    ==================== MSCONFIG/TASK MANAGER disabled items =========
     
    (Currently there is no automatic fix for this section.)
     
     
    ========================= Accounts: ==========================
     
    Administrator (S-1-5-21-1195921204-3405295498-33354624-500 - Administrator - Disabled)
    Guest (S-1-5-21-1195921204-3405295498-33354624-501 - Limited - Disabled)
    User (S-1-5-21-1195921204-3405295498-33354624-1001 - Administrator - Enabled) => C:\Users\User
     
    ==================== Faulty Device Manager Devices =============
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (01/17/2015 08:15:15 PM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "PDR.X,type="win32",version="1.0.0.0"1".
    Dependent Assembly PDR.X,type="win32",version="1.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.
     
    Error: (01/17/2015 08:15:15 PM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "PDR.X,type="win32",version="1.0.0.0"1".
    Dependent Assembly PDR.X,type="win32",version="1.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.
     
    Error: (01/17/2015 08:06:49 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
    Description: There was an error with the Windows Location Provider database
     
     
    System errors:
    =============
    Error: (01/17/2015 08:14:57 PM) (Source: DCOM) (EventID: 10010) (User: hp)
    Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
     
    Error: (01/17/2015 08:08:23 PM) (Source: DCOM) (EventID: 10010) (User: hp)
    Description: {9AA46009-3CE0-458A-A354-715610A075E6}
     
    Error: (01/17/2015 08:07:53 PM) (Source: DCOM) (EventID: 10010) (User: hp)
    Description: {9AA46009-3CE0-458A-A354-715610A075E6}
     
    Error: (01/17/2015 08:07:23 PM) (Source: DCOM) (EventID: 10010) (User: hp)
    Description: {9AA46009-3CE0-458A-A354-715610A075E6}
     
    Error: (01/17/2015 08:06:53 PM) (Source: DCOM) (EventID: 10010) (User: hp)
    Description: {9AA46009-3CE0-458A-A354-715610A075E6}
     
    Error: (01/17/2015 08:06:23 PM) (Source: DCOM) (EventID: 10010) (User: hp)
    Description: {9AA46009-3CE0-458A-A354-715610A075E6}
     
     
    Microsoft Office Sessions:
    =========================
    Error: (01/17/2015 08:15:15 PM) (Source: SideBySide) (EventID: 33) (User: )
    Description: PDR.X,type="win32",version="1.0.0.0"c:\program files\cyberlink\photodirector\Kernel\CES\CES_AudioCacheAgent.exe.Manifest
     
    Error: (01/17/2015 08:15:15 PM) (Source: SideBySide) (EventID: 33) (User: )
    Description: PDR.X,type="win32",version="1.0.0.0"c:\program files\cyberlink\photodirector\Kernel\CES\CES_CacheAgent.exe.Manifest
     
    Error: (01/17/2015 08:06:49 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
    Description: -2147024883
     
     
    ==================== Memory info =========================== 
     
    Processor: Intel® Core™ i5-4288U CPU @ 2.60GHz
    Percentage of memory in use: 21%
    Total physical RAM: 8122.15 MB
    Available physical RAM: 6369.1 MB
    Total Pagefile: 9402.15 MB
    Available Pagefile: 7609.77 MB
    Total Virtual: 131072 MB
    Available Virtual: 131071.84 MB
     
    ==================== Drives ================================
     
    Drive c: (Windows) (Fixed) (Total:1375.16 GB) (Free:1327.88 GB) NTFS
    Drive d: (RECOVERY) (Fixed) (Total:21.09 GB) (Free:2.35 GB) NTFS ==>[System with boot components (obtained from reading drive)]
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (Size: 1397.3 GB) (Disk ID: 39ED847C)
     
    Partition: GPT Partition Type.
     
    ==================== End Of Log ============================

    Attached Files


    Edited by ken545, 17 January 2015 - 03:31 PM.


    #15 ken545

    ken545

      Malware Response Team


    • Malware Response Team
    • 1,685 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:The Space Coast of Florida
    • Local time:08:45 PM

    Posted 17 January 2015 - 03:50 PM

    Good, you moved FRST64 to your desktop, I am attaching a Fixlist file, download it to your desktop as well or the fix wont work, after you download it open up FRST64 and click on FIX, it will reboot our system and you will have a Fixlog file on your desktop, post it please

     

     

    Attached Files


    mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



    donate.gif Please consider a donation to help me keep up my fight against malware.

     

    Just a reminder that threads will be closed if no response in 3 days





    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users