Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware problems on 2 PC's


  • Please log in to reply
7 replies to this topic

#1 diggermel

diggermel

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brisbane, Australia
  • Local time:03:17 AM

Posted 20 January 2015 - 07:00 PM

Hi,

I have 2 PC's which are infected with malware and would really appreciate some help.

 

System 1: Desktop box, Gigabyte MBO, GA-H97-HD3, 4690 Intel CPU, 8 GB RAM,

2 TB Seagate HDD, Windows 7 Pro

 

System 2: Hewlett Packard laptop HP250

 

I have tried to use Farbar, GMER etc etc all without success, and have at least learnt a lot about

malware and the 2 PC's, but I would just LOVE to rid of the monster.

 

Can someone with more knowledge of these things help please ?

 

Regards 

 

DIGGERMEL



BC AdBot (Login to Remove)

 


m

#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,249 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:17 PM

Posted 21 January 2015 - 09:30 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

We do not service two computers on the same topic.
Run these tool on one of the infected computer and post the logs for my review.


Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).
  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.
POST THE LOG FOR MY REVIEW.

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.
To attach a file select the "More Reply Option" and follow the instructions.

How is the computer running?
Wait for further instructions.
---

p.s.
Start a new topic for the other computer and post the same logs.
If you give me the URL of this new topic in your next reply I will expedite the matter.

#3 diggermel

diggermel
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brisbane, Australia
  • Local time:03:17 AM

Posted 21 January 2015 - 05:16 PM

Hi Nasdaq,

 

THANK YOU !!

 

When I tried the MWB link, the malware showed pic 1 attached, so I opened an https view of the home page,

and added the php'section of the link, and that got me the download page ok.

Nothing showed up in the MWB scan however. 

 

MWB Log posted as follows

==========================================================

 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
 
Protection, 22/01/2015 5:22:48 AM, SYSTEM, DJG-HP, Protection, Malware Protection, Starting, 
Protection, 22/01/2015 5:22:48 AM, SYSTEM, DJG-HP, Protection, Malware Protection, Started, 
Protection, 22/01/2015 5:22:48 AM, SYSTEM, DJG-HP, Protection, Malicious Website Protection, Starting, 
Protection, 22/01/2015 5:23:12 AM, SYSTEM, DJG-HP, Protection, Malicious Website Protection, Started, 
Update, 22/01/2015 5:23:32 AM, SYSTEM, DJG-HP, Manual, Rootkit Database, 2014.11.18.1, 2015.1.14.1, 
Update, 22/01/2015 5:23:32 AM, SYSTEM, DJG-HP, Manual, Remediation Database, 2013.10.16.1, 2014.12.6.1, 
Update, 22/01/2015 5:24:33 AM, SYSTEM, DJG-HP, Manual, Malware Database, 2014.11.20.6, 2015.1.21.9, 
Protection, 22/01/2015 5:24:33 AM, SYSTEM, DJG-HP, Protection, Refresh, Starting, 
Protection, 22/01/2015 5:24:33 AM, SYSTEM, DJG-HP, Protection, Malicious Website Protection, Stopping, 
Protection, 22/01/2015 5:24:33 AM, SYSTEM, DJG-HP, Protection, Malicious Website Protection, Stopped, 
Protection, 22/01/2015 5:24:36 AM, SYSTEM, DJG-HP, Protection, Refresh, Success, 
Protection, 22/01/2015 5:24:36 AM, SYSTEM, DJG-HP, Protection, Malicious Website Protection, Starting, 
Protection, 22/01/2015 5:24:37 AM, SYSTEM, DJG-HP, Protection, Malicious Website Protection, Started, 
Scan, 22/01/2015 5:40:29 AM, SYSTEM, DJG-HP, Manual, Start:22/01/2015 5:27:33 AM, Duration:12 min 56 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections, 
 
(end)
========================================================================================
 
Adware Cleaner log follows
 
========================================================================================
 
# AdwCleaner v4.108 - Report created 22/01/2015 at 06:16:51
# Updated 17/01/2015 by Xplode
# Database : 2015-01-18.1 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : DJG - DJG-HP
# Running from : C:\Users\DJG\Downloads\adwcleaner_4.108.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Program Files (x86)\Check Point Software Technologies LTD
Folder Deleted : C:\Users\DJG\AppData\Roaming\Check Point Software Technologies LTD
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{987D9269-F8A1-408F-BF62-4397D2F5363E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0722BEB-FDA1-4AA1-A2A8-15A74A5B3F70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F1963E76-845B-474C-8C7F-D69A96D8AA34}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E00DE9B9-B128-4C39-B732-B5D85013FA48}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17496
 
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
 
-\\ Google Chrome v39.0.2171.99
 
[C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.zonealarm.com/search?src=sp&tbid=HFA5&Lan=EN&q={searchTerms}&gu=c9611c6be64a4958b43a8fd1d61888ad&tu=10G9y00Hy2D33N0&sku=&tstsId=&ver=&
 
*************************
 
AdwCleaner[R0].txt - [735 octets] - [19/01/2015 18:42:10]
AdwCleaner[R1].txt - [3111 octets] - [22/01/2015 06:10:23]
AdwCleaner[S0].txt - [2950 octets] - [22/01/2015 06:16:51]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3010 octets] ##########
 
Now for the Farbar scans.
======================================================================
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by DJG (administrator) on DJG-HP on 22-01-2015 06:43:56
Running from C:\Users\DJG\Desktop
Loaded Profiles: DJG (Available profiles: DJG)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-08-13] (Check Point Software Technologies Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-698509535-3964860249-3740868791-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-698509535-3964860249-3740868791-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-au/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWOW64\skype4com.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-16]
CHR Extension: (Google Docs) - C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-16]
CHR Extension: (Google Drive) - C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-16]
CHR Extension: (YouTube) - C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-16]
CHR Extension: (Google Search) - C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-16]
CHR Extension: (Google Sheets) - C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-16]
CHR Extension: (Google Wallet) - C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-16]
CHR Extension: (Gmail) - C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-16]
CHR HKU\S-1-5-21-698509535-3964860249-3740868791-1000\...\Chrome\Extension: [kgdcapepedmpopjkmdbjnmmmfgllnfek] - C:\Users\DJG\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarm.crx [Not Found]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1579880 2013-12-17] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [145656 2013-12-17] (IVT Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-14] (Hewlett-Packard Company) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-09] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-02-13] (Realtek Semiconductor)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3596752 2014-08-13] (Check Point Software Technologies Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-06-05] (Microsoft Corporation)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [96272 2014-08-13] (Check Point Software Technologies, Ltd.)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [33968 2012-12-20] (IVT Corporation)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-16] (IVT Corporation)
S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [54064 2013-04-27] (Ralink Corporation)
S3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [50272 2013-12-17] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-27] (CyberLink)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-01-20] ()
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-11-07] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-22] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\drivers\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 rtbth; C:\Windows\System32\DRIVERS\rtbth.sys [1204424 2013-12-03] (Ralink Technology, Corp.)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [29936 2013-12-13] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\drivers\Smb_driver_Intel.sys [31472 2013-12-13] (Synaptics Incorporated)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [37624 2015-01-19] ()
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450456 2014-08-13] (Check Point Software Technologies Ltd.)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [33968 2012-12-20] (IVT Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-22 06:43 - 2015-01-22 06:44 - 00010372 _____ () C:\Users\DJG\Desktop\FRST.txt
2015-01-22 06:31 - 2015-01-22 06:32 - 02126848 _____ (Farbar) C:\Users\DJG\Desktop\FRST64.exe
2015-01-22 06:06 - 2015-01-22 06:07 - 02186752 _____ () C:\Users\DJG\Downloads\adwcleaner_4.108.exe
2015-01-22 05:57 - 2015-01-22 06:20 - 00000000 ____D () C:\Users\DJG\Documents\bleep
2015-01-22 05:43 - 2015-01-22 05:44 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\DJG\Downloads\mbam-setup-2.0.4.1028 (1).exe
2015-01-22 05:23 - 2015-01-22 06:19 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-22 05:22 - 2015-01-22 05:22 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-22 05:22 - 2015-01-22 05:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-22 05:22 - 2015-01-22 05:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-22 05:22 - 2015-01-22 05:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-22 05:22 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-22 05:22 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-22 05:22 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-22 05:19 - 2015-01-22 05:19 - 00000410 _____ () C:\Windows\BRWMARK.INI
2015-01-22 05:19 - 2015-01-22 05:19 - 00000000 ____D () C:\ProgramData\Brother
2015-01-22 05:12 - 2015-01-22 05:16 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\DJG\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-21 22:47 - 2015-01-21 22:47 - 00000000 _____ () C:\Users\DJG\New Text Document.txt
2015-01-21 22:41 - 2015-01-21 22:41 - 00000000 ____D () C:\Users\DJG\FRST-OlderVersion
2015-01-21 21:59 - 2014-12-12 03:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-21 21:14 - 2015-01-21 21:14 - 00000000 ____D () C:\Users\DJG\AppData\Roaming\ESET
2015-01-21 21:14 - 2015-01-21 21:14 - 00000000 ____D () C:\Users\DJG\AppData\Local\ESET
2015-01-21 21:12 - 2015-01-21 21:12 - 00000000 ____D () C:\Program Files\ESET
2015-01-21 20:29 - 2015-01-21 20:30 - 01132704 _____ (ESET spol. s r.o.) C:\Users\DJG\Downloads\eset_av_remover.exe
2015-01-21 20:26 - 2015-01-21 20:26 - 01660616 _____ (ESET) C:\Users\DJG\Downloads\eset_smart_security_live_installer_.exe
2015-01-21 09:22 - 2014-08-29 12:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-01-21 09:22 - 2014-05-08 19:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-01-21 09:21 - 2014-09-05 12:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-01-21 09:21 - 2014-09-05 11:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-01-21 06:44 - 2013-10-02 12:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-01-21 06:44 - 2013-10-02 12:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-01-21 06:44 - 2013-10-02 12:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-01-21 06:44 - 2013-10-02 11:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-01-21 06:44 - 2013-10-02 11:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-01-21 06:44 - 2013-10-02 11:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-01-21 06:44 - 2013-10-02 11:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-01-21 06:44 - 2013-10-02 10:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-01-21 06:44 - 2013-10-02 10:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-01-21 06:44 - 2013-10-02 10:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2015-01-21 06:44 - 2013-10-02 10:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-01-21 06:44 - 2013-10-02 09:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-01-21 06:44 - 2013-10-02 09:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-01-21 06:44 - 2013-10-02 09:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-01-21 06:44 - 2013-10-02 08:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-01-21 06:35 - 2012-08-24 00:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-01-21 06:35 - 2012-08-24 00:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-01-21 06:35 - 2012-08-24 00:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2015-01-21 06:35 - 2012-08-23 21:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2015-01-21 06:35 - 2012-08-23 20:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2015-01-21 06:34 - 2015-01-21 06:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01009.Wdf
2015-01-21 06:27 - 2015-01-21 06:30 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-21 06:27 - 2014-12-31 13:12 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-21 06:26 - 2014-12-13 15:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-01-21 06:26 - 2014-12-13 13:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-01-21 06:18 - 2015-01-21 06:18 - 00002132 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk
2015-01-21 06:18 - 2015-01-21 06:18 - 00002120 _____ () C:\Users\Public\Desktop\Belarc Advisor.lnk
2015-01-21 06:18 - 2015-01-21 06:18 - 00000000 ____D () C:\Program Files (x86)\Belarc
2015-01-21 06:17 - 2015-01-21 06:17 - 03644864 _____ () C:\Users\DJG\Downloads\advisorinstaller.exe
2015-01-20 20:02 - 2015-01-20 20:02 - 00001055 _____ () C:\Users\Public\Desktop\Registry Reviver.lnk
2015-01-20 20:02 - 2015-01-20 20:02 - 00000000 ____D () C:\ProgramData\ReviverSoft
2015-01-20 20:02 - 2015-01-20 20:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft
2015-01-20 20:02 - 2015-01-20 20:02 - 00000000 ____D () C:\Program Files\ReviverSoft
2015-01-20 20:01 - 2015-01-20 20:01 - 04161536 _____ (ReviverSoft LLC) C:\Users\DJG\Downloads\RegistryReviverInstaller.exe
2015-01-20 15:43 - 2015-01-20 15:43 - 00000000 ____D () C:\Users\DJG\AppData\Roaming\Intel Corporation
2015-01-20 15:15 - 2015-01-20 15:15 - 00028672 _____ () C:\SAVEDBCD
2015-01-20 15:15 - 2015-01-20 15:15 - 00025600 ___SH () C:\SAVEDBCD.LOG
2015-01-20 12:55 - 2014-07-09 08:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2015-01-20 12:55 - 2014-07-09 08:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2015-01-20 12:54 - 2014-10-25 11:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-01-20 12:54 - 2014-10-25 11:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-01-20 12:54 - 2014-07-09 12:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-01-20 12:54 - 2014-07-09 12:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-01-20 12:54 - 2014-07-09 12:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-01-20 12:54 - 2014-07-09 12:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-01-20 12:54 - 2014-07-09 12:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-01-20 12:54 - 2014-07-09 11:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-01-20 12:54 - 2014-07-09 11:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-01-20 12:54 - 2014-07-09 11:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-01-20 12:54 - 2014-07-09 11:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-01-20 12:54 - 2014-07-09 11:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-01-20 07:15 - 2015-01-20 07:15 - 00043664 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2015-01-19 22:46 - 2015-01-19 22:46 - 00000000 ____D () C:\Program Files\HitmanPro
2015-01-19 22:39 - 2015-01-19 22:43 - 11225840 _____ (SurfRight B.V.) C:\Users\DJG\Downloads\HitmanPro_x64 (1).exe
2015-01-19 21:54 - 2015-01-19 21:54 - 00431395 _____ () C:\Windows\system32\Drivers\vsconfig.xml
2015-01-19 21:54 - 2015-01-19 21:54 - 00000762 _____ () C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2015-01-19 21:54 - 2015-01-19 21:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2015-01-19 21:51 - 2015-01-19 21:54 - 00000000 ____D () C:\Program Files (x86)\CheckPoint
2015-01-19 21:51 - 2015-01-19 21:52 - 03401864 _____ (Check Point Software Technologies Ltd.) C:\Users\DJG\Downloads\zafwSetupWeb_133_209_000 (1).exe
2015-01-19 21:51 - 2015-01-19 21:51 - 00000000 ____D () C:\ProgramData\CheckPoint
2015-01-19 21:51 - 2015-01-19 21:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-19 21:50 - 2015-01-19 21:50 - 03401864 _____ (Check Point Software Technologies Ltd.) C:\Users\DJG\Downloads\zafwSetupWeb_133_209_000.exe
2015-01-19 20:54 - 2015-01-22 06:37 - 00817698 _____ () C:\Windows\WindowsUpdate.log
2015-01-19 20:51 - 2015-01-22 06:18 - 00516548 _____ () C:\Windows\PFRO.log
2015-01-19 20:51 - 2015-01-22 06:18 - 00002282 _____ () C:\Windows\setupact.log
2015-01-19 20:51 - 2015-01-19 20:51 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-19 18:44 - 2015-01-21 22:37 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-01-19 18:42 - 2015-01-22 06:17 - 00000000 ____D () C:\AdwCleaner
2015-01-19 18:41 - 2014-08-26 21:15 - 00002290 _____ () C:\Users\DJG\network.bat
2015-01-19 18:33 - 2015-01-19 18:35 - 132469808 _____ (AVAST Software) C:\Users\DJG\Downloads\avast_free_antivirus_setup.exe
2015-01-19 17:59 - 2015-01-19 17:59 - 00000000 ____D () C:\Windows\ERUNT
2015-01-19 17:25 - 2015-01-19 17:25 - 00003126 _____ () C:\Windows\System32\Tasks\JetCleanLoginCheckUpdate
2015-01-19 17:25 - 2015-01-19 17:25 - 00000000 ____D () C:\Users\DJG\AppData\Roaming\BlueSprig
2015-01-19 17:24 - 2015-01-19 20:50 - 00000600 _____ () C:\Users\DJG\AppData\Roaming\winscp.rnd
2015-01-19 17:23 - 2015-01-19 22:50 - 00002738 _____ () C:\Windows\system32\.crusader
2015-01-19 17:19 - 2015-01-19 17:23 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-01-19 17:03 - 2015-01-19 22:52 - 00000000 ____D () C:\Users\DJG\AppData\Local\CrashDumps
2015-01-19 16:56 - 2015-01-19 20:50 - 00000000 ____D () C:\CSV
2015-01-19 16:55 - 2015-01-19 20:50 - 00000000 ____D () C:\remote-service
2015-01-19 15:20 - 2015-01-19 15:23 - 11225840 _____ (SurfRight B.V.) C:\Users\DJG\Downloads\HitmanPro_x64.exe
2015-01-19 15:20 - 2015-01-19 15:20 - 00000000 ____D () C:\Diag-Advisor
2015-01-19 15:19 - 2015-01-19 15:20 - 04651952 _____ () C:\Users\DJG\Downloads\support diagnostic.exe
2015-01-19 14:52 - 2015-01-19 14:52 - 00000000 __SHD () C:\Users\DJG\AppData\Local\EmieBrowserModeList
2015-01-19 07:08 - 2015-01-19 07:08 - 00000384 _____ () C:\Windows\SysWOW64\win_hcleaner.ini
2015-01-19 07:05 - 2015-01-19 07:05 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-01-18 16:35 - 2015-01-18 16:35 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-01-17 05:08 - 2015-01-17 05:08 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-01-17 05:08 - 2015-01-17 05:08 - 00000000 ____D () C:\Windows\system32\appraiser
2015-01-17 03:35 - 2014-10-18 12:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-01-17 03:35 - 2014-10-18 11:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-01-17 03:35 - 2014-07-07 12:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-01-17 03:35 - 2014-07-07 12:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-01-17 03:35 - 2014-07-07 12:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-01-17 03:35 - 2014-07-07 12:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-01-17 03:35 - 2014-07-07 11:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-01-17 03:35 - 2014-07-07 11:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-01-17 03:35 - 2014-07-07 11:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-01-17 03:35 - 2014-07-07 11:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-01-17 03:28 - 2012-07-26 13:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2015-01-17 03:28 - 2012-07-26 13:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-01-17 03:28 - 2012-07-26 13:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-01-17 03:28 - 2012-07-26 13:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-01-17 03:28 - 2012-07-26 13:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2015-01-17 03:28 - 2012-07-26 12:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-01-17 03:28 - 2012-07-26 12:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-01-17 03:28 - 2012-06-03 00:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2015-01-17 03:04 - 2014-06-27 12:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-01-17 03:04 - 2014-06-27 11:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-01-17 03:01 - 2014-07-01 08:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-01-17 03:01 - 2014-07-01 08:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-01-17 03:01 - 2014-03-10 07:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-01-17 03:01 - 2014-03-10 07:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-01-17 03:01 - 2014-03-10 07:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-01-17 03:01 - 2014-03-10 07:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-01-17 03:00 - 2014-06-06 16:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-01-17 03:00 - 2014-06-06 16:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-01-16 11:09 - 2015-01-16 11:30 - 313886720 _____ () C:\Users\DJG\Downloads\kav_rescue_10.iso
2015-01-16 08:43 - 2015-01-16 08:43 - 00007606 _____ () C:\Users\DJG\Downloads\hijackthis.log
2015-01-16 08:42 - 2015-01-19 19:48 - 00388608 _____ (Trend Micro Inc.) C:\Users\DJG\Downloads\HijackThis.exe
2015-01-16 08:37 - 2011-04-09 16:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-01-16 08:37 - 2011-04-09 15:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-01-16 07:13 - 2015-01-16 07:13 - 00040196 _____ () C:\Users\DJG\Downloads\EPeek.txt
2015-01-16 07:11 - 2015-01-16 07:11 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-16 07:11 - 2015-01-16 07:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-16 07:10 - 2015-01-22 06:19 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-16 07:10 - 2015-01-22 06:15 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-16 07:10 - 2015-01-16 07:11 - 00000000 ____D () C:\Users\DJG\AppData\Local\Google
2015-01-16 07:10 - 2015-01-16 07:11 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-16 07:10 - 2015-01-16 07:10 - 00003888 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-16 07:10 - 2015-01-16 07:10 - 00003636 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-16 07:09 - 2015-01-16 07:10 - 00000000 ____D () C:\Users\DJG\AppData\Local\Deployment
2015-01-16 07:09 - 2015-01-16 07:09 - 00000000 ____D () C:\Users\DJG\AppData\Local\Apps\2.0
2015-01-16 07:06 - 2014-12-19 13:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-16 07:05 - 2014-12-04 12:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-01-16 07:05 - 2014-12-04 12:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-01-16 07:05 - 2014-12-04 12:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-01-16 07:05 - 2014-12-04 12:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-01-16 07:05 - 2014-12-04 12:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-01-16 07:05 - 2014-12-04 12:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-01-16 07:05 - 2014-12-04 12:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-01-16 07:05 - 2014-12-02 09:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-01-16 07:05 - 2014-09-19 19:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-01-16 07:05 - 2014-09-19 19:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-01-16 07:05 - 2014-09-19 19:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-01-16 07:05 - 2014-09-19 19:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-01-16 07:05 - 2014-09-19 19:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-01-16 07:05 - 2014-09-19 19:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-01-16 07:05 - 2014-09-19 19:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-01-16 07:05 - 2014-09-19 19:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-01-16 07:05 - 2014-09-19 19:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-01-16 07:05 - 2014-09-19 19:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-01-16 07:05 - 2014-09-19 19:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-01-16 07:05 - 2014-09-19 19:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-01-16 07:05 - 2014-08-01 21:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-01-16 07:05 - 2014-08-01 21:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-01-16 07:05 - 2014-04-25 12:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-01-16 07:05 - 2014-04-25 12:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-01-16 07:04 - 2014-12-19 11:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-16 07:04 - 2014-12-06 14:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-16 07:04 - 2014-12-06 13:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-16 07:04 - 2014-12-06 13:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-16 07:04 - 2014-11-27 11:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-01-16 07:04 - 2014-11-27 11:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-01-16 07:04 - 2014-11-22 13:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-01-16 07:04 - 2014-11-22 13:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-01-16 07:04 - 2014-11-22 13:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-01-16 07:04 - 2014-11-22 12:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-01-16 07:04 - 2014-11-22 12:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-01-16 07:04 - 2014-11-22 12:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-01-16 07:04 - 2014-11-22 12:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-01-16 07:04 - 2014-11-22 12:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-01-16 07:04 - 2014-11-22 12:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-01-16 07:04 - 2014-11-22 12:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-01-16 07:04 - 2014-11-22 12:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-01-16 07:04 - 2014-11-22 12:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-01-16 07:04 - 2014-11-22 12:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-01-16 07:04 - 2014-11-22 12:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-01-16 07:04 - 2014-11-22 12:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-01-16 07:04 - 2014-11-22 12:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-01-16 07:04 - 2014-11-22 12:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-01-16 07:04 - 2014-11-22 12:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-01-16 07:04 - 2014-11-22 12:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-01-16 07:04 - 2014-11-22 12:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-01-16 07:04 - 2014-11-22 12:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-01-16 07:04 - 2014-11-22 12:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-01-16 07:04 - 2014-11-22 12:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-01-16 07:04 - 2014-11-22 12:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-01-16 07:04 - 2014-11-22 12:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-01-16 07:04 - 2014-11-22 12:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-01-16 07:04 - 2014-11-22 12:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-01-16 07:04 - 2014-11-22 11:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-01-16 07:04 - 2014-11-22 11:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-01-16 07:04 - 2014-11-22 11:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-01-16 07:04 - 2014-11-22 11:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-01-16 07:04 - 2014-11-22 11:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-01-16 07:04 - 2014-11-22 11:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-01-16 07:04 - 2014-11-22 11:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-01-16 07:04 - 2014-11-22 11:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-01-16 07:04 - 2014-11-22 11:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-01-16 07:04 - 2014-11-22 11:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-01-16 07:04 - 2014-11-22 11:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-01-16 07:04 - 2014-11-22 11:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-01-16 07:04 - 2014-11-22 11:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-01-16 07:04 - 2014-11-22 11:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-01-16 07:04 - 2014-11-22 11:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-01-16 07:04 - 2014-11-22 11:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-01-16 07:04 - 2014-11-22 11:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-01-16 07:04 - 2014-11-22 11:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-01-16 07:04 - 2014-11-22 11:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-01-16 07:04 - 2014-11-22 11:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-01-16 07:04 - 2014-11-22 11:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-01-16 07:04 - 2014-11-22 11:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-01-16 07:04 - 2014-11-22 11:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-01-16 07:04 - 2014-11-22 10:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-01-16 07:04 - 2014-11-22 10:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-01-16 07:04 - 2014-11-11 13:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-01-16 07:04 - 2014-11-11 12:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-01-16 07:04 - 2014-11-11 11:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-01-16 07:04 - 2014-10-30 12:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-01-16 07:04 - 2014-10-30 11:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-01-16 07:04 - 2014-10-14 12:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-01-16 07:04 - 2014-10-14 12:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-01-16 07:04 - 2014-10-14 12:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-01-16 07:04 - 2014-10-14 11:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-01-16 07:04 - 2014-10-14 11:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-01-16 07:04 - 2014-08-21 16:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-01-16 07:04 - 2014-08-21 16:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-01-16 07:04 - 2014-08-21 16:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-01-16 07:04 - 2014-08-21 16:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-01-16 07:04 - 2014-06-24 13:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-01-16 07:04 - 2014-06-24 12:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-01-16 07:04 - 2014-06-19 08:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-01-16 07:04 - 2014-06-19 08:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-01-16 07:04 - 2014-06-19 08:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-01-16 07:04 - 2014-06-19 08:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-01-16 07:04 - 2014-06-19 08:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-01-16 07:04 - 2014-06-19 08:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-01-16 07:04 - 2014-06-18 12:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-01-16 07:04 - 2014-06-18 11:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-01-16 07:04 - 2014-06-06 20:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-01-16 07:04 - 2014-06-06 19:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-01-16 07:04 - 2014-05-30 16:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-01-16 07:04 - 2014-04-05 12:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-01-16 07:04 - 2014-04-05 12:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-01-16 07:04 - 2014-03-27 00:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-01-16 07:04 - 2014-03-27 00:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-01-16 07:04 - 2014-03-27 00:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-01-16 07:04 - 2014-03-27 00:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-01-16 07:01 - 2014-11-11 13:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-01-16 07:01 - 2014-11-11 13:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-01-16 07:01 - 2014-11-11 12:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-01-16 07:01 - 2014-11-11 12:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-01-16 07:01 - 2014-10-14 12:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-01-16 07:01 - 2014-10-14 12:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-01-16 07:01 - 2014-10-14 11:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-01-16 07:01 - 2014-10-14 11:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-01-16 07:01 - 2014-09-25 12:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-01-16 07:01 - 2014-09-25 11:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-01-16 07:01 - 2014-08-12 12:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-01-16 07:01 - 2014-08-12 11:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-01-16 07:01 - 2014-06-12 17:52 - 00986560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-01-16 07:01 - 2014-04-12 12:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-01-16 07:01 - 2014-04-12 12:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-01-16 07:01 - 2014-04-12 12:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-01-16 07:01 - 2014-04-12 12:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-01-16 07:01 - 2014-04-12 12:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-01-16 07:01 - 2014-03-04 19:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-01-16 07:01 - 2014-03-04 19:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-01-16 07:01 - 2014-03-04 19:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-01-16 07:01 - 2014-03-04 19:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-01-16 07:01 - 2014-03-04 19:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-01-16 07:01 - 2014-03-04 19:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-01-16 07:01 - 2014-03-04 19:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-01-16 07:01 - 2014-03-04 19:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-01-16 07:01 - 2014-03-04 19:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2015-01-16 07:01 - 2014-03-04 19:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2015-01-16 07:01 - 2014-03-04 19:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2015-01-16 07:01 - 2014-03-04 19:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2015-01-16 07:01 - 2014-03-04 19:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2015-01-16 07:01 - 2014-03-04 19:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2015-01-16 07:01 - 2014-03-04 19:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2015-01-16 07:01 - 2014-03-04 19:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-01-16 07:00 - 2014-12-12 15:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-16 07:00 - 2014-12-12 15:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-16 07:00 - 2014-12-12 15:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-16 07:00 - 2014-12-12 15:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-16 07:00 - 2014-12-12 15:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-16 07:00 - 2014-12-12 15:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-16 07:00 - 2014-12-12 15:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-16 07:00 - 2014-11-08 13:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-01-16 07:00 - 2014-11-08 12:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-01-16 07:00 - 2014-10-14 12:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-01-16 07:00 - 2014-10-14 11:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-01-16 07:00 - 2014-10-10 10:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-01-16 07:00 - 2014-10-03 12:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-01-16 07:00 - 2014-10-03 12:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-16 07:00 - 2014-10-03 12:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-01-16 07:00 - 2014-10-03 12:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-01-16 07:00 - 2014-10-03 12:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-01-16 07:00 - 2014-10-03 12:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-16 07:00 - 2014-10-03 12:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-16 07:00 - 2014-10-03 12:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-16 07:00 - 2014-10-03 12:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-16 07:00 - 2014-10-03 12:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-01-16 07:00 - 2014-10-03 11:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-01-16 07:00 - 2014-10-03 11:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-01-16 07:00 - 2014-10-03 11:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-01-16 07:00 - 2014-10-03 11:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-01-16 07:00 - 2014-10-03 11:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-01-16 07:00 - 2014-10-03 11:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-01-16 07:00 - 2014-10-03 11:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-01-16 07:00 - 2014-10-03 11:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-01-16 07:00 - 2014-09-04 15:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-01-16 07:00 - 2014-09-04 15:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-01-16 07:00 - 2014-07-17 12:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-01-16 07:00 - 2014-07-17 12:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-01-16 07:00 - 2014-07-17 12:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-01-16 07:00 - 2014-07-17 11:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-01-16 07:00 - 2014-07-17 11:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-01-16 07:00 - 2014-07-17 11:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-01-16 07:00 - 2014-06-25 12:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-01-16 07:00 - 2014-06-25 11:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-01-16 07:00 - 2014-06-03 20:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-01-16 07:00 - 2014-06-03 20:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-01-16 07:00 - 2014-06-03 20:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-01-16 07:00 - 2014-06-03 19:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-01-16 07:00 - 2014-06-03 19:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-01-16 07:00 - 2014-03-04 19:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-01-16 07:00 - 2014-03-04 19:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-01-16 07:00 - 2014-03-04 19:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-01-16 07:00 - 2014-03-04 19:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-01-16 07:00 - 2014-03-04 19:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-01-16 07:00 - 2014-03-04 19:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-01-16 07:00 - 2014-03-04 19:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-01-16 07:00 - 2014-03-04 19:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-01-16 07:00 - 2014-03-04 19:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-01-16 07:00 - 2014-03-04 18:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-01-16 07:00 - 2014-03-04 18:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-01-16 07:00 - 2013-07-20 20:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-01-16 07:00 - 2013-07-20 20:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-01-16 06:56 - 2014-10-18 12:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-01-16 06:56 - 2014-10-18 11:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-01-16 06:56 - 2014-08-23 12:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-01-16 06:56 - 2014-08-23 11:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-01-16 06:56 - 2014-07-14 12:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-01-16 06:56 - 2014-07-14 11:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-01-16 06:53 - 2015-01-16 06:53 - 00772160 _____ (Reimage®) C:\Users\DJG\Downloads\ReimageRepair.exe
2015-01-16 00:14 - 2015-01-16 00:14 - 00000000 ____D () C:\Users\Public\CyberLink
2015-01-15 23:47 - 2015-01-15 23:47 - 00000000 ____D () C:\Users\DJG\AppData\Roaming\hpqlog
2015-01-15 23:47 - 2015-01-15 23:47 - 00000000 ____D () C:\Users\DJG\AppData\Local\Hewlett-Packard
2015-01-15 23:33 - 2015-01-15 23:33 - 00000000 ____D () C:\Users\DJG\Downloads\New folder
2015-01-15 23:31 - 2015-01-15 23:31 - 00000778 _____ () C:\Users\DJG\Desktop\SeaToolsforWindowsSetup - Shortcut.lnk
2015-01-15 23:09 - 2015-01-15 23:29 - 26771088 _____ () C:\Users\DJG\Downloads\SeaToolsforWindowsSetup.exe
2015-01-15 16:33 - 2015-01-15 16:33 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
2015-01-15 16:26 - 2015-01-15 16:26 - 00000000 ____D () C:\ProgramData\Synaptics
2015-01-15 16:19 - 2015-01-15 16:19 - 00003160 _____ () C:\Windows\System32\Tasks\CLVDLauncher
2015-01-15 16:19 - 2015-01-15 16:19 - 00003160 _____ () C:\Windows\System32\Tasks\CLMLSvc_P2G8
2015-01-15 16:19 - 2015-01-15 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2015-01-15 16:19 - 2011-12-27 15:37 - 00090608 _____ (CyberLink) C:\Windows\system32\Drivers\CLVirtualDrive.sys
2015-01-15 16:18 - 2015-01-15 16:18 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2015-01-15 16:18 - 2013-03-05 16:22 - 00040896 _____ (CyberLink Corporation) C:\Windows\system32\Drivers\clwvd.sys
2015-01-15 16:17 - 2015-01-15 16:27 - 00000000 ____D () C:\ProgramData\CyberLink
2015-01-15 16:17 - 2015-01-15 16:19 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-01-15 16:17 - 2015-01-15 16:19 - 00000000 ____D () C:\ProgramData\Temp
2015-01-15 16:17 - 2015-01-15 16:19 - 00000000 ____D () C:\ProgramData\install_clap
2015-01-15 16:17 - 2015-01-15 16:19 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2015-01-15 16:17 - 2015-01-15 16:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-01-15 16:15 - 2015-01-15 16:15 - 00000000 ____D () C:\Windows\System32\Tasks\Hewlett-Packard
2015-01-15 16:14 - 2015-01-15 16:14 - 00000000 ____D () C:\ProgramData\{C19CA186-4F06-4E22-A1E6-6BAB4723A0DE}
2015-01-15 16:10 - 2015-01-17 01:46 - 00000061 _____ () C:\Windows\SysWOW64\LOCALDEVICE.INI
2015-01-15 16:10 - 2015-01-17 01:36 - 00003620 _____ () C:\Windows\SysWOW64\LOCALSERVICE.INI
2015-01-15 16:08 - 2015-01-15 16:08 - 00000000 ____D () C:\Windows\system32\Drivers\tr-TR
2015-01-15 16:08 - 2015-01-15 16:08 - 00000000 ____D () C:\Windows\system32\Drivers\th-TH
2015-01-15 16:08 - 2015-01-15 16:08 - 00000000 ____D () C:\Windows\system32\Drivers\ro-RO
2015-01-15 16:08 - 2015-01-15 16:08 - 00000000 ____D () C:\Windows\system32\Drivers\he-IL
2015-01-15 16:08 - 2015-01-15 16:08 - 00000000 ____D () C:\Windows\system32\Drivers\ar-SA
2015-01-15 16:08 - 2015-01-15 16:08 - 00000000 ____D () C:\ProgramData\Apple
2015-01-15 16:08 - 2015-01-15 16:08 - 00000000 ____D () C:\Program Files\Bonjour
2015-01-15 16:08 - 2015-01-15 16:08 - 00000000 ____D () C:\Program Files (x86)\Windows Virtual PC
2015-01-15 16:08 - 2015-01-15 16:08 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-01-15 16:08 - 2015-01-15 11:56 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC
2015-01-15 16:08 - 2013-08-10 16:44 - 00226816 _____ (Hewlett-Packard) C:\Windows\system32\hpbprtmonui.dll
2015-01-15 16:08 - 2013-08-10 16:43 - 00424960 _____ (Hewlett-Packard) C:\Windows\system32\hpbrprtmon.dll
2015-01-15 16:08 - 2013-08-10 16:42 - 00404992 _____ (Hewlett-Packard) C:\Windows\system32\hpbprtmon.dll
2015-01-15 16:06 - 2015-01-15 16:07 - 00000000 ___HD () C:\Program Files (x86)\Temp
2015-01-15 16:06 - 2015-01-15 16:06 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-01-15 16:06 - 2015-01-15 16:06 - 00000000 ____D () C:\Windows\system32\SRSLabs
2015-01-15 16:06 - 2015-01-15 16:06 - 00000000 ____D () C:\Program Files\Realtek
2015-01-15 16:06 - 2014-02-13 10:10 - 50406400 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-01-15 16:06 - 2014-02-13 10:10 - 03853016 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-01-15 16:06 - 2014-02-13 10:10 - 02825432 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 02787032 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 01958616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-01-15 16:06 - 2014-02-13 10:10 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 01022680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00733637 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-01-15 16:06 - 2014-02-13 10:10 - 00624344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00529624 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-01-15 16:06 - 2014-02-13 10:09 - 02080472 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-01-15 16:01 - 2015-01-15 16:01 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2015-01-15 16:01 - 2010-11-20 23:34 - 00360832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcvmm.sys
2015-01-15 16:01 - 2010-11-20 23:34 - 00194944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpchbus.sys
2015-01-15 16:01 - 2010-11-20 23:27 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\vpchbuspipe.dll
2015-01-15 16:01 - 2010-11-20 23:25 - 04514816 _____ (Microsoft Corporation) C:\Windows\system32\vpc.exe
2015-01-15 16:01 - 2010-11-20 23:25 - 02264064 _____ (Microsoft Corporation) C:\Windows\system32\VPCWizard.exe
2015-01-15 16:01 - 2010-11-20 23:25 - 01369600 _____ (Microsoft Corporation) C:\Windows\system32\VPCSettings.exe
2015-01-15 16:01 - 2010-11-20 21:37 - 01210368 _____ (Microsoft Corporation) C:\Windows\system32\VMWindow.exe
2015-01-15 16:01 - 2010-11-20 21:37 - 00936448 _____ (Microsoft Corporation) C:\Windows\system32\vmsal.exe
2015-01-15 16:01 - 2010-11-20 21:35 - 00562176 _____ (Microsoft Corporation) C:\Windows\system32\VMCPropertyHandler.dll
2015-01-15 16:01 - 2010-11-20 21:35 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcusb.sys
2015-01-15 16:01 - 2010-11-20 21:35 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcnfltr.sys
2015-01-15 16:01 - 2010-11-20 20:52 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vmsal.exe
2015-01-15 16:00 - 2015-01-15 16:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-01-15 16:00 - 2015-01-15 16:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-01-15 16:00 - 2015-01-15 16:00 - 00000000 ____D () C:\Windows\SysWOW64\sda
2015-01-15 16:00 - 2015-01-15 16:00 - 00000000 ____D () C:\Program Files\Synaptics
2015-01-15 16:00 - 2014-02-25 04:12 - 00041984 _____ (Intel Corporation) C:\Windows\system32\Drivers\USB3Ver.dll
2015-01-15 16:00 - 2014-01-04 10:08 - 00291544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsP2Stor.sys
2015-01-15 15:59 - 2015-01-15 16:20 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2015-01-15 15:59 - 2015-01-15 16:06 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-01-15 15:59 - 2015-01-15 15:59 - 00000000 ____D () C:\Windows\Hewlett-Packard
2015-01-15 15:59 - 2014-03-29 10:00 - 00918232 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2015-01-15 15:59 - 2014-03-29 10:00 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2015-01-15 15:59 - 2014-03-29 10:00 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-01-15 15:58 - 2015-01-15 15:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_BtL2caScoIf_01009.Wdf
2015-01-15 15:57 - 2015-01-15 15:58 - 00000032 _____ () C:\Windows\0
2015-01-15 15:57 - 2015-01-15 15:57 - 00000000 ____D () C:\Program Files (x86)\Ralink Corporation
2015-01-15 15:57 - 2015-01-15 15:57 - 00000000 _____ () C:\Windows\system32\0
2015-01-15 15:56 - 2015-01-21 06:40 - 00769752 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-15 15:55 - 2015-01-15 15:55 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-01-15 15:55 - 2015-01-15 15:55 - 00000000 ____D () C:\ProgramData\Intel
2015-01-15 15:55 - 2015-01-15 15:55 - 00000000 ____D () C:\Program Files\Intel
2015-01-15 15:55 - 2013-11-22 06:41 - 00064000 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2015-01-15 15:55 - 2013-11-22 06:41 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2015-01-15 15:54 - 2015-01-15 16:26 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2015-01-15 15:54 - 2015-01-15 16:19 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-15 15:54 - 2015-01-15 15:54 - 00002709 _____ () C:\Windows\system32\RaCoInst.log
2015-01-15 15:54 - 2015-01-15 15:54 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-01-15 15:54 - 2015-01-15 15:54 - 00000000 ____D () C:\ProgramData\Ralink Driver
2015-01-15 15:54 - 2013-12-10 09:26 - 00016344 _____ (Intel Corporation) C:\Windows\system32\Drivers\IntelMEFWVer.dll
2015-01-15 15:54 - 2013-11-26 18:25 - 02439368 _____ (Ralink Technology, Corp.) C:\Windows\system32\Drivers\netr28x.sys
2015-01-15 15:54 - 2013-10-09 12:58 - 00013973 _____ () C:\Windows\system32\RaCoInst.dat
2015-01-15 15:54 - 2013-07-04 03:46 - 00331568 _____ (Ralink Technology, Inc.) C:\Windows\system32\RaCoInstx.dll
2015-01-15 15:53 - 2015-01-15 16:00 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-01-15 15:53 - 2015-01-15 15:54 - 00000000 ____D () C:\Intel
2015-01-15 15:53 - 2015-01-15 15:53 - 00000000 __RSH () C:\Windows\SysWOW64\Drivers\103C_HP_bNB_250 G3 Notebook PC_Y5336AN_0U_QCND4419TL1_E751428-374_4A_I2211_SHP_V86.39_BF.23_T140919_W748-1_L409_M4033_J500_7Intel_8651_92.40_#150114_N_(J8K62PA#ABG)_XMOBILE_CN10_Z_20970100000405F00000634181.MRK
2015-01-15 15:53 - 2015-01-15 15:53 - 00000000 __RSH () C:\Windows\system32\Drivers\103C_HP_bNB_250 G3 Notebook PC_Y5336AN_0U_QCND4419TL1_E751428-374_4A_I2211_SHP_V86.39_BF.23_T140919_W748-1_L409_M4033_J500_7Intel_8651_92.40_#150114_N_(J8K62PA#ABG)_XMOBILE_CN10_Z_20970100000405F00000634181.MRK
2015-01-15 15:53 - 2013-08-22 09:16 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2015-01-15 15:50 - 2015-01-15 15:50 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-01-15 15:49 - 2015-01-15 15:49 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-01-15 15:28 - 2015-01-15 15:28 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2015-01-15 15:28 - 2015-01-15 15:28 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-01-15 15:28 - 2015-01-15 15:28 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-01-15 15:28 - 2015-01-15 15:28 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-01-15 15:28 - 2015-01-15 15:28 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-01-15 15:28 - 2015-01-15 15:28 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-01-15 15:28 - 2015-01-15 15:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-01-15 15:26 - 2015-01-19 18:28 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-01-15 15:26 - 2015-01-15 15:46 - 00000000 ____D () C:\Windows\CSC
2015-01-15 15:26 - 2009-06-11 06:30 - 00053551 _____ () C:\Windows\Professional.xml
2015-01-15 12:46 - 2015-01-21 22:44 - 00098519 _____ () C:\Users\DJG\FRST.txt
2015-01-15 12:46 - 2015-01-21 22:44 - 00019704 _____ () C:\Users\DJG\Addition.txt
2015-01-15 12:46 - 2015-01-21 22:44 - 00019537 _____ () C:\Users\DJG\Shortcut.txt
2015-01-15 12:45 - 2015-01-22 06:43 - 00000000 ____D () C:\FRST
2015-01-15 12:26 - 2015-01-12 18:07 - 18467928 _____ () C:\Users\DJG\Desktop\RogueKillerX64.exe
2015-01-15 12:06 - 2015-01-19 22:05 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-01-15 12:06 - 2015-01-15 12:06 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-01-15 12:00 - 2015-01-15 12:00 - 00000000 ____D () C:\Users\DJG\AppData\Roaming\Hewlett-Packard
2015-01-15 11:59 - 2015-01-15 11:59 - 00000000 __SHD () C:\Users\DJG\AppData\Local\EmieUserList
2015-01-15 11:59 - 2015-01-15 11:59 - 00000000 __SHD () C:\Users\DJG\AppData\Local\EmieSiteList
2015-01-15 11:58 - 2015-01-19 18:40 - 00058016 _____ () C:\Users\DJG\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-15 11:58 - 2015-01-19 18:40 - 00000000 ____D () C:\Users\DJG\Documents\Youcam
2015-01-15 11:58 - 2015-01-15 11:58 - 00000000 ____D () C:\Users\DJG\AppData\Local\CyberLink
2015-01-15 11:57 - 2015-01-18 16:34 - 00000000 ___RD () C:\Users\DJG\Virtual Machines
2015-01-15 11:57 - 2015-01-16 08:43 - 00000000 ____D () C:\Users\DJG\AppData\Local\VirtualStore
2015-01-15 11:57 - 2015-01-15 11:57 - 00001413 _____ () C:\Users\DJG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-15 11:57 - 2015-01-15 11:57 - 00000000 ____D () C:\Users\DJG\Documents\Bluetooth
2015-01-15 11:57 - 2015-01-15 11:57 - 00000000 ____D () C:\Users\DJG\AppData\Roaming\Synaptics
2015-01-15 11:57 - 2015-01-15 11:57 - 00000000 ____D () C:\Users\DJG\AppData\Roaming\Adobe
2015-01-15 11:57 - 2015-01-15 11:57 - 00000000 ____D () C:\Users\DJG\AppData\Local\bluesoleil
2015-01-15 11:56 - 2015-01-22 06:36 - 00000000 ____D () C:\Users\DJG
2015-01-15 11:56 - 2015-01-15 11:56 - 00000020 ___SH () C:\Users\DJG\ntuser.ini
2015-01-15 11:56 - 2015-01-15 11:56 - 00000000 ____D () C:\Users\DJG\AppData\Local\Power2Go8
2015-01-15 11:56 - 2014-05-15 02:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-01-15 11:56 - 2014-05-15 02:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-01-15 11:56 - 2014-05-15 02:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-01-15 11:56 - 2014-05-15 02:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-01-15 11:56 - 2014-05-15 02:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-01-15 11:56 - 2014-05-15 02:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-01-15 11:56 - 2014-05-15 02:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-01-15 11:56 - 2014-05-15 02:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-01-15 11:56 - 2014-05-15 02:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-01-15 11:56 - 2014-05-15 02:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-01-15 11:56 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-01-15 11:56 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-01-15 11:56 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-01-15 11:56 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-01-15 11:56 - 2009-07-14 14:54 - 00000000 ___RD () C:\Users\DJG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-15 11:56 - 2009-07-14 14:49 - 00000000 ___RD () C:\Users\DJG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-22 06:23 - 2009-07-14 15:13 - 00784286 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-22 06:23 - 2009-07-14 14:45 - 00034208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-22 06:23 - 2009-07-14 14:45 - 00034208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-22 06:18 - 2013-12-17 09:36 - 00001077 _____ () C:\Windows\SysWOW64\bscs.ini
2015-01-22 06:18 - 2009-07-14 15:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-21 11:57 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\rescache
2015-01-21 06:47 - 2009-07-14 13:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-21 06:46 - 2009-07-14 14:45 - 00267672 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-21 06:45 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-01-19 23:02 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-19 21:53 - 2009-07-14 13:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-19 17:04 - 2009-07-14 12:34 - 00000439 _____ () C:\Windows\win.ini
2015-01-17 05:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-01-17 05:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-01-17 05:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\AppCompat
2015-01-17 05:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-16 06:48 - 2009-07-14 15:32 - 00000000 ____D () C:\Windows\system32\restore
2015-01-15 16:40 - 2007-01-02 11:25 - 00000000 ____D () C:\Windows\Panther
2015-01-15 16:37 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\sysprep
2015-01-15 16:26 - 2009-07-14 14:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-01-15 16:16 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\Help
2015-01-15 16:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2015-01-15 16:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\th-TH
2015-01-15 16:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO
2015-01-15 16:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2015-01-15 16:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2015-01-15 16:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-01-15 16:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\th-TH
2015-01-15 16:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\ro-RO
2015-01-15 16:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\he-IL
2015-01-15 16:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2015-01-15 15:30 - 2014-06-05 14:18 - 00000012 _____ () C:\Windows\CSUP.txt
2015-01-15 15:26 - 2009-07-14 15:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-15 15:26 - 2009-07-14 15:32 - 00000000 ____D () C:\Program Files\DVD Maker
2015-01-15 15:26 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\security
2015-01-15 15:24 - 2009-07-14 15:38 - 00029696 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2015-01-15 15:24 - 2009-07-14 15:32 - 00032768 _____ () C:\Windows\system32\config\BCD-Template
2015-01-15 11:57 - 2011-02-11 05:23 - 00000000 ___HD () C:\SYSTEM.SAV
2015-01-15 11:57 - 2011-02-11 05:23 - 00000000 ____D () C:\SWSetup
2015-01-15 11:57 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\Recovery
2015-01-15 11:57 - 2007-01-02 11:32 - 00000000 __SHD () C:\Recovery
2015-01-08 09:55 - 2010-11-21 13:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
 
==================== Files in the root of some directories =======
2015-01-19 17:24 - 2015-01-19 20:50 - 0000600 _____ () C:\Users\DJG\AppData\Roaming\winscp.rnd
 
Files to move or delete:
====================
C:\Users\DJG\network.bat
 
 
Some content of TEMP:
====================
C:\Users\DJG\AppData\Local\Temp\dllnt_dump.dll
C:\Users\DJG\AppData\Local\Temp\InstHelper.exe
C:\Users\DJG\AppData\Local\Temp\Quarantine.exe
C:\Users\DJG\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-01-15 08:22
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by DJG at 2015-01-22 06:44:26
Running from C:\Users\DJG\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3228 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.2.3302 - CyberLink Corp.)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E1ACF120-CD69-47F0-B202-9A4B95C436D8}) (Version: 5.1.5 - Hewlett-Packard)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.234 - SurfRight B.V.)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{DB97D0DE-0AA1-413C-8398-92C7FA3F4A67}) (Version: 4.6.13.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.24.1790 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3368 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.9.1000 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Ralink Bluetooth Stack (HKLM\...\{1754C64C-CE72-BC8C-94D7-B3DE464B299C}) (Version: 11.0.749.0 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.37.0 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.83.328.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7164 - Realtek Semiconductor Corp.)
Registry Reviver (HKLM\...\Registry Reviver) (Version: 4.0.0.44 - ReviverSoft LLC)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.4.0 - Synaptics Incorporated)
ZoneAlarm Firewall (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 13.3.209.000 - Check Point)
ZoneAlarm Security (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security Toolbar  (HKLM-x32\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)
ZoneAlarm Security Toolbar  (HKU\S-1-5-21-698509535-3964860249-3740868791-1000\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
19-01-2015 16:49:11 Bomgar Support Customer Client Restore Point
19-01-2015 17:22:12 Checkpoint by HitmanPro
19-01-2015 17:23:13 Checkpoint by HitmanPro
19-01-2015 18:44:48 avast! antivirus system restore point
19-01-2015 22:49:40 Checkpoint by HitmanPro
21-01-2015 06:02:05 Windows Update
21-01-2015 06:26:57 Windows Update
21-01-2015 06:34:01 Windows Update
21-01-2015 20:30:57 avast! antivirus system restore point
21-01-2015 21:43:51 Windows Update
21-01-2015 23:08:04 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-01-19 20:04 - 2015-01-19 20:04 - 00000834 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0D48B210-3A03-4D5C-8250-2766919CE991} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-13] (CyberLink Corp.)
Task: {1E726EA3-ECC5-4DF7-BBD7-7EEE71BBEB76} - System32\Tasks\JetCleanLoginCheckUpdate => C:\remote-service\jetclean\AutoUpdate.exe
Task: {2C2D6B74-3D12-43C4-BF01-6EB0C38EAF7F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-11-30] (Hewlett-Packard Company)
Task: {3B364673-9512-458B-978D-314FC67C3364} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05] (CyberLink)
Task: {3BD539E0-6574-4D97-94A6-2B98F7352F7B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-16] (Google Inc.)
Task: {95A77475-5FB8-44AF-A372-57739D391671} - \Reimage Reminder No Task File <==== ATTENTION
Task: {A2D0C11B-6A1E-421D-AAD5-E669DDB5202E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-16] (Google Inc.)
Task: {C7905132-E9A1-40B6-8650-6532A7468B9A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-14] (Hewlett-Packard Company)
Task: {E0F29E95-9144-4F6A-969D-18BA3965428D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-14] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-12-17 09:45 - 2013-12-17 09:45 - 00016632 _____ () C:\Windows\system32\BsHelpCSps.dll
2013-12-17 09:46 - 2013-12-17 09:46 - 00029432 _____ () C:\Windows\system32\BsTrace.dll
2013-12-17 09:45 - 2013-12-17 09:45 - 00371448 _____ () C:\Windows\system32\BsExtendFunc.dll
2013-12-17 09:44 - 2013-12-17 09:44 - 00031480 _____ () C:\Windows\SysWOW64\BsHelpCSps.dll
2015-01-15 16:19 - 2013-08-05 17:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-06 09:48 - 2013-08-06 09:48 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-01-16 07:11 - 2015-01-09 10:35 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libglesv2.dll
2015-01-16 07:11 - 2015-01-09 10:35 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libegl.dll
2015-01-16 07:11 - 2015-01-09 10:35 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\pdf.dll
2015-01-16 07:11 - 2015-01-09 10:35 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: BtTray => "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe"
MSCONFIG\startupreg: HP Quick Launch => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
MSCONFIG\startupreg: HPOSD => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe"
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: YouCam Service => "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-698509535-3964860249-3740868791-500 - Administrator - Disabled)
DJG (S-1-5-21-698509535-3964860249-3740868791-1000 - Administrator - Enabled) => C:\Users\DJG
Guest (S-1-5-21-698509535-3964860249-3740868791-501 - Limited - Disabled)
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary avast! VM Monitor.
 
System Error:
The system cannot find the file specified.
.
 
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSP.
 
System Error:
The system cannot find the file specified.
.
 
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSnx.
 
System Error:
The system cannot find the file specified.
.
 
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary avast! Revert.
 
System Error:
The system cannot find the file specified.
.
 
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswRdr.
 
System Error:
The system cannot find the file specified.
.
 
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswMonFlt.
 
System Error:
The system cannot find the file specified.
.
 
Error: (01/21/2015 03:36:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5024
 
Error: (01/21/2015 03:36:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5024
 
Error: (01/21/2015 03:36:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/21/2015 03:36:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4025
 
 
System errors:
=============
Error: (01/21/2015 09:48:25 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070308: Security Update for Windows 7 for x64-based Systems (KB2965788).
 
Error: (01/21/2015 09:48:19 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070308: Update for Windows 7 for x64-based Systems (KB2923545).
 
Error: (01/21/2015 09:48:03 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070308: Security Update for Windows 7 for x64-based Systems (KB2984981).
 
Error: (01/21/2015 09:47:56 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070308: Security Update for Windows 7 for x64-based Systems (KB3020388).
 
Error: (01/21/2015 09:12:26 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The ESET Service service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (01/20/2015 07:15:38 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The HitmanPro 3.7 Crusader (Boot) service terminated with service-specific error %%0.
 
Error: (01/19/2015 11:03:23 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error: 
%%5
 
Error: (01/19/2015 10:53:23 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error: 
%%5
 
Error: (01/19/2015 08:52:58 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: 
%%1056
 
Error: (01/19/2015 08:52:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
 
Microsoft Office Sessions:
=========================
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary avast! VM Monitor.
 
System Error:
The system cannot find the file specified.
 
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSP.
 
System Error:
The system cannot find the file specified.
 
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSnx.
 
System Error:
The system cannot find the file specified.
 
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary avast! Revert.
 
System Error:
The system cannot find the file specified.
 
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswRdr.
 
System Error:
The system cannot find the file specified.
 
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswMonFlt.
 
System Error:
The system cannot find the file specified.
 
Error: (01/21/2015 03:36:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5024
 
Error: (01/21/2015 03:36:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5024
 
Error: (01/21/2015 03:36:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/21/2015 03:36:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4025
 

===========================================================================

 

I hope I got this all right ?

Looking forward to your comments.

 

MANY thanks again.

 

 

DIGGERMEL

 

 

 



#4 diggermel

diggermel
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brisbane, Australia
  • Local time:03:17 AM

Posted 21 January 2015 - 05:17 PM

Hi Nasdaq,

 

THANK YOU !!

 

When I tried the MWB link, the malware showed pic 1 attached, so I opened an https view of the home page,

and added the php'section of the link, and that got me the download page ok.

Nothing showed up in the MWB scan however. 

 

MWB Log posted as follows

==========================================================

 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
 
Protection, 22/01/2015 5:22:48 AM, SYSTEM, DJG-HP, Protection, Malware Protection, Starting, 
Protection, 22/01/2015 5:22:48 AM, SYSTEM, DJG-HP, Protection, Malware Protection, Started, 
Protection, 22/01/2015 5:22:48 AM, SYSTEM, DJG-HP, Protection, Malicious Website Protection, Starting, 
Protection, 22/01/2015 5:23:12 AM, SYSTEM, DJG-HP, Protection, Malicious Website Protection, Started, 
Update, 22/01/2015 5:23:32 AM, SYSTEM, DJG-HP, Manual, Rootkit Database, 2014.11.18.1, 2015.1.14.1, 
Update, 22/01/2015 5:23:32 AM, SYSTEM, DJG-HP, Manual, Remediation Database, 2013.10.16.1, 2014.12.6.1, 
Update, 22/01/2015 5:24:33 AM, SYSTEM, DJG-HP, Manual, Malware Database, 2014.11.20.6, 2015.1.21.9, 
Protection, 22/01/2015 5:24:33 AM, SYSTEM, DJG-HP, Protection, Refresh, Starting, 
Protection, 22/01/2015 5:24:33 AM, SYSTEM, DJG-HP, Protection, Malicious Website Protection, Stopping, 
Protection, 22/01/2015 5:24:33 AM, SYSTEM, DJG-HP, Protection, Malicious Website Protection, Stopped, 
Protection, 22/01/2015 5:24:36 AM, SYSTEM, DJG-HP, Protection, Refresh, Success, 
Protection, 22/01/2015 5:24:36 AM, SYSTEM, DJG-HP, Protection, Malicious Website Protection, Starting, 
Protection, 22/01/2015 5:24:37 AM, SYSTEM, DJG-HP, Protection, Malicious Website Protection, Started, 
Scan, 22/01/2015 5:40:29 AM, SYSTEM, DJG-HP, Manual, Start:22/01/2015 5:27:33 AM, Duration:12 min 56 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections, 
 
(end)
========================================================================================
 
Adware Cleaner log follows
 
========================================================================================
 
# AdwCleaner v4.108 - Report created 22/01/2015 at 06:16:51
# Updated 17/01/2015 by Xplode
# Database : 2015-01-18.1 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : DJG - DJG-HP
# Running from : C:\Users\DJG\Downloads\adwcleaner_4.108.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Program Files (x86)\Check Point Software Technologies LTD
Folder Deleted : C:\Users\DJG\AppData\Roaming\Check Point Software Technologies LTD
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{987D9269-F8A1-408F-BF62-4397D2F5363E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0722BEB-FDA1-4AA1-A2A8-15A74A5B3F70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F1963E76-845B-474C-8C7F-D69A96D8AA34}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E00DE9B9-B128-4C39-B732-B5D85013FA48}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17496
 
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
 
-\\ Google Chrome v39.0.2171.99
 
[C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.zonealarm.com/search?src=sp&tbid=HFA5&Lan=EN&q={searchTerms}&gu=c9611c6be64a4958b43a8fd1d61888ad&tu=10G9y00Hy2D33N0&sku=&tstsId=&ver=&
 
*************************
 
AdwCleaner[R0].txt - [735 octets] - [19/01/2015 18:42:10]
AdwCleaner[R1].txt - [3111 octets] - [22/01/2015 06:10:23]
AdwCleaner[S0].txt - [2950 octets] - [22/01/2015 06:16:51]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3010 octets] ##########
 
Now for the Farbar scans.
======================================================================
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by DJG (administrator) on DJG-HP on 22-01-2015 06:43:56
Running from C:\Users\DJG\Desktop
Loaded Profiles: DJG (Available profiles: DJG)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-08-13] (Check Point Software Technologies Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-698509535-3964860249-3740868791-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-698509535-3964860249-3740868791-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-au/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWOW64\skype4com.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-16]
CHR Extension: (Google Docs) - C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-16]
CHR Extension: (Google Drive) - C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-16]
CHR Extension: (YouTube) - C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-16]
CHR Extension: (Google Search) - C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-16]
CHR Extension: (Google Sheets) - C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-16]
CHR Extension: (Google Wallet) - C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-16]
CHR Extension: (Gmail) - C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-16]
CHR HKU\S-1-5-21-698509535-3964860249-3740868791-1000\...\Chrome\Extension: [kgdcapepedmpopjkmdbjnmmmfgllnfek] - C:\Users\DJG\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarm.crx [Not Found]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1579880 2013-12-17] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [145656 2013-12-17] (IVT Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-14] (Hewlett-Packard Company) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-09] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-02-13] (Realtek Semiconductor)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3596752 2014-08-13] (Check Point Software Technologies Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-06-05] (Microsoft Corporation)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [96272 2014-08-13] (Check Point Software Technologies, Ltd.)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [33968 2012-12-20] (IVT Corporation)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-16] (IVT Corporation)
S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [54064 2013-04-27] (Ralink Corporation)
S3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [50272 2013-12-17] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-27] (CyberLink)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-01-20] ()
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-11-07] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-22] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\drivers\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 rtbth; C:\Windows\System32\DRIVERS\rtbth.sys [1204424 2013-12-03] (Ralink Technology, Corp.)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [29936 2013-12-13] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\drivers\Smb_driver_Intel.sys [31472 2013-12-13] (Synaptics Incorporated)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [37624 2015-01-19] ()
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450456 2014-08-13] (Check Point Software Technologies Ltd.)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [33968 2012-12-20] (IVT Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-22 06:43 - 2015-01-22 06:44 - 00010372 _____ () C:\Users\DJG\Desktop\FRST.txt
2015-01-22 06:31 - 2015-01-22 06:32 - 02126848 _____ (Farbar) C:\Users\DJG\Desktop\FRST64.exe
2015-01-22 06:06 - 2015-01-22 06:07 - 02186752 _____ () C:\Users\DJG\Downloads\adwcleaner_4.108.exe
2015-01-22 05:57 - 2015-01-22 06:20 - 00000000 ____D () C:\Users\DJG\Documents\bleep
2015-01-22 05:43 - 2015-01-22 05:44 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\DJG\Downloads\mbam-setup-2.0.4.1028 (1).exe
2015-01-22 05:23 - 2015-01-22 06:19 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-22 05:22 - 2015-01-22 05:22 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-22 05:22 - 2015-01-22 05:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-22 05:22 - 2015-01-22 05:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-22 05:22 - 2015-01-22 05:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-22 05:22 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-22 05:22 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-22 05:22 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-22 05:19 - 2015-01-22 05:19 - 00000410 _____ () C:\Windows\BRWMARK.INI
2015-01-22 05:19 - 2015-01-22 05:19 - 00000000 ____D () C:\ProgramData\Brother
2015-01-22 05:12 - 2015-01-22 05:16 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\DJG\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-21 22:47 - 2015-01-21 22:47 - 00000000 _____ () C:\Users\DJG\New Text Document.txt
2015-01-21 22:41 - 2015-01-21 22:41 - 00000000 ____D () C:\Users\DJG\FRST-OlderVersion
2015-01-21 21:59 - 2014-12-12 03:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-21 21:14 - 2015-01-21 21:14 - 00000000 ____D () C:\Users\DJG\AppData\Roaming\ESET
2015-01-21 21:14 - 2015-01-21 21:14 - 00000000 ____D () C:\Users\DJG\AppData\Local\ESET
2015-01-21 21:12 - 2015-01-21 21:12 - 00000000 ____D () C:\Program Files\ESET
2015-01-21 20:29 - 2015-01-21 20:30 - 01132704 _____ (ESET spol. s r.o.) C:\Users\DJG\Downloads\eset_av_remover.exe
2015-01-21 20:26 - 2015-01-21 20:26 - 01660616 _____ (ESET) C:\Users\DJG\Downloads\eset_smart_security_live_installer_.exe
2015-01-21 09:22 - 2014-08-29 12:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-01-21 09:22 - 2014-05-08 19:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-01-21 09:21 - 2014-09-05 12:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-01-21 09:21 - 2014-09-05 11:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-01-21 06:44 - 2013-10-02 12:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-01-21 06:44 - 2013-10-02 12:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-01-21 06:44 - 2013-10-02 12:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-01-21 06:44 - 2013-10-02 11:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-01-21 06:44 - 2013-10-02 11:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-01-21 06:44 - 2013-10-02 11:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-01-21 06:44 - 2013-10-02 11:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-01-21 06:44 - 2013-10-02 10:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-01-21 06:44 - 2013-10-02 10:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-01-21 06:44 - 2013-10-02 10:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2015-01-21 06:44 - 2013-10-02 10:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-01-21 06:44 - 2013-10-02 09:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-01-21 06:44 - 2013-10-02 09:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-01-21 06:44 - 2013-10-02 09:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-01-21 06:44 - 2013-10-02 08:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-01-21 06:35 - 2012-08-24 00:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-01-21 06:35 - 2012-08-24 00:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-01-21 06:35 - 2012-08-24 00:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2015-01-21 06:35 - 2012-08-23 21:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2015-01-21 06:35 - 2012-08-23 20:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2015-01-21 06:34 - 2015-01-21 06:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01009.Wdf
2015-01-21 06:27 - 2015-01-21 06:30 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-21 06:27 - 2014-12-31 13:12 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-21 06:26 - 2014-12-13 15:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-01-21 06:26 - 2014-12-13 13:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-01-21 06:18 - 2015-01-21 06:18 - 00002132 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk
2015-01-21 06:18 - 2015-01-21 06:18 - 00002120 _____ () C:\Users\Public\Desktop\Belarc Advisor.lnk
2015-01-21 06:18 - 2015-01-21 06:18 - 00000000 ____D () C:\Program Files (x86)\Belarc
2015-01-21 06:17 - 2015-01-21 06:17 - 03644864 _____ () C:\Users\DJG\Downloads\advisorinstaller.exe
2015-01-20 20:02 - 2015-01-20 20:02 - 00001055 _____ () C:\Users\Public\Desktop\Registry Reviver.lnk
2015-01-20 20:02 - 2015-01-20 20:02 - 00000000 ____D () C:\ProgramData\ReviverSoft
2015-01-20 20:02 - 2015-01-20 20:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft
2015-01-20 20:02 - 2015-01-20 20:02 - 00000000 ____D () C:\Program Files\ReviverSoft
2015-01-20 20:01 - 2015-01-20 20:01 - 04161536 _____ (ReviverSoft LLC) C:\Users\DJG\Downloads\RegistryReviverInstaller.exe
2015-01-20 15:43 - 2015-01-20 15:43 - 00000000 ____D () C:\Users\DJG\AppData\Roaming\Intel Corporation
2015-01-20 15:15 - 2015-01-20 15:15 - 00028672 _____ () C:\SAVEDBCD
2015-01-20 15:15 - 2015-01-20 15:15 - 00025600 ___SH () C:\SAVEDBCD.LOG
2015-01-20 12:55 - 2014-07-09 08:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2015-01-20 12:55 - 2014-07-09 08:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2015-01-20 12:54 - 2014-10-25 11:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-01-20 12:54 - 2014-10-25 11:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-01-20 12:54 - 2014-07-09 12:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-01-20 12:54 - 2014-07-09 12:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-01-20 12:54 - 2014-07-09 12:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-01-20 12:54 - 2014-07-09 12:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-01-20 12:54 - 2014-07-09 12:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-01-20 12:54 - 2014-07-09 11:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-01-20 12:54 - 2014-07-09 11:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-01-20 12:54 - 2014-07-09 11:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-01-20 12:54 - 2014-07-09 11:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-01-20 12:54 - 2014-07-09 11:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-01-20 07:15 - 2015-01-20 07:15 - 00043664 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2015-01-19 22:46 - 2015-01-19 22:46 - 00000000 ____D () C:\Program Files\HitmanPro
2015-01-19 22:39 - 2015-01-19 22:43 - 11225840 _____ (SurfRight B.V.) C:\Users\DJG\Downloads\HitmanPro_x64 (1).exe
2015-01-19 21:54 - 2015-01-19 21:54 - 00431395 _____ () C:\Windows\system32\Drivers\vsconfig.xml
2015-01-19 21:54 - 2015-01-19 21:54 - 00000762 _____ () C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2015-01-19 21:54 - 2015-01-19 21:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2015-01-19 21:51 - 2015-01-19 21:54 - 00000000 ____D () C:\Program Files (x86)\CheckPoint
2015-01-19 21:51 - 2015-01-19 21:52 - 03401864 _____ (Check Point Software Technologies Ltd.) C:\Users\DJG\Downloads\zafwSetupWeb_133_209_000 (1).exe
2015-01-19 21:51 - 2015-01-19 21:51 - 00000000 ____D () C:\ProgramData\CheckPoint
2015-01-19 21:51 - 2015-01-19 21:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-19 21:50 - 2015-01-19 21:50 - 03401864 _____ (Check Point Software Technologies Ltd.) C:\Users\DJG\Downloads\zafwSetupWeb_133_209_000.exe
2015-01-19 20:54 - 2015-01-22 06:37 - 00817698 _____ () C:\Windows\WindowsUpdate.log
2015-01-19 20:51 - 2015-01-22 06:18 - 00516548 _____ () C:\Windows\PFRO.log
2015-01-19 20:51 - 2015-01-22 06:18 - 00002282 _____ () C:\Windows\setupact.log
2015-01-19 20:51 - 2015-01-19 20:51 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-19 18:44 - 2015-01-21 22:37 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-01-19 18:42 - 2015-01-22 06:17 - 00000000 ____D () C:\AdwCleaner
2015-01-19 18:41 - 2014-08-26 21:15 - 00002290 _____ () C:\Users\DJG\network.bat
2015-01-19 18:33 - 2015-01-19 18:35 - 132469808 _____ (AVAST Software) C:\Users\DJG\Downloads\avast_free_antivirus_setup.exe
2015-01-19 17:59 - 2015-01-19 17:59 - 00000000 ____D () C:\Windows\ERUNT
2015-01-19 17:25 - 2015-01-19 17:25 - 00003126 _____ () C:\Windows\System32\Tasks\JetCleanLoginCheckUpdate
2015-01-19 17:25 - 2015-01-19 17:25 - 00000000 ____D () C:\Users\DJG\AppData\Roaming\BlueSprig
2015-01-19 17:24 - 2015-01-19 20:50 - 00000600 _____ () C:\Users\DJG\AppData\Roaming\winscp.rnd
2015-01-19 17:23 - 2015-01-19 22:50 - 00002738 _____ () C:\Windows\system32\.crusader
2015-01-19 17:19 - 2015-01-19 17:23 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-01-19 17:03 - 2015-01-19 22:52 - 00000000 ____D () C:\Users\DJG\AppData\Local\CrashDumps
2015-01-19 16:56 - 2015-01-19 20:50 - 00000000 ____D () C:\CSV
2015-01-19 16:55 - 2015-01-19 20:50 - 00000000 ____D () C:\remote-service
2015-01-19 15:20 - 2015-01-19 15:23 - 11225840 _____ (SurfRight B.V.) C:\Users\DJG\Downloads\HitmanPro_x64.exe
2015-01-19 15:20 - 2015-01-19 15:20 - 00000000 ____D () C:\Diag-Advisor
2015-01-19 15:19 - 2015-01-19 15:20 - 04651952 _____ () C:\Users\DJG\Downloads\support diagnostic.exe
2015-01-19 14:52 - 2015-01-19 14:52 - 00000000 __SHD () C:\Users\DJG\AppData\Local\EmieBrowserModeList
2015-01-19 07:08 - 2015-01-19 07:08 - 00000384 _____ () C:\Windows\SysWOW64\win_hcleaner.ini
2015-01-19 07:05 - 2015-01-19 07:05 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-01-18 16:35 - 2015-01-18 16:35 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-01-17 05:08 - 2015-01-17 05:08 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-01-17 05:08 - 2015-01-17 05:08 - 00000000 ____D () C:\Windows\system32\appraiser
2015-01-17 03:35 - 2014-10-18 12:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-01-17 03:35 - 2014-10-18 11:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-01-17 03:35 - 2014-07-07 12:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-01-17 03:35 - 2014-07-07 12:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-01-17 03:35 - 2014-07-07 12:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-01-17 03:35 - 2014-07-07 12:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-01-17 03:35 - 2014-07-07 11:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-01-17 03:35 - 2014-07-07 11:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-01-17 03:35 - 2014-07-07 11:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-01-17 03:35 - 2014-07-07 11:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-01-17 03:28 - 2012-07-26 13:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2015-01-17 03:28 - 2012-07-26 13:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-01-17 03:28 - 2012-07-26 13:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-01-17 03:28 - 2012-07-26 13:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-01-17 03:28 - 2012-07-26 13:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2015-01-17 03:28 - 2012-07-26 12:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-01-17 03:28 - 2012-07-26 12:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-01-17 03:28 - 2012-06-03 00:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2015-01-17 03:04 - 2014-06-27 12:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-01-17 03:04 - 2014-06-27 11:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-01-17 03:01 - 2014-07-01 08:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-01-17 03:01 - 2014-07-01 08:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-01-17 03:01 - 2014-03-10 07:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-01-17 03:01 - 2014-03-10 07:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-01-17 03:01 - 2014-03-10 07:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-01-17 03:01 - 2014-03-10 07:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-01-17 03:00 - 2014-06-06 16:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-01-17 03:00 - 2014-06-06 16:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-01-16 11:09 - 2015-01-16 11:30 - 313886720 _____ () C:\Users\DJG\Downloads\kav_rescue_10.iso
2015-01-16 08:43 - 2015-01-16 08:43 - 00007606 _____ () C:\Users\DJG\Downloads\hijackthis.log
2015-01-16 08:42 - 2015-01-19 19:48 - 00388608 _____ (Trend Micro Inc.) C:\Users\DJG\Downloads\HijackThis.exe
2015-01-16 08:37 - 2011-04-09 16:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-01-16 08:37 - 2011-04-09 15:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-01-16 07:13 - 2015-01-16 07:13 - 00040196 _____ () C:\Users\DJG\Downloads\EPeek.txt
2015-01-16 07:11 - 2015-01-16 07:11 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-16 07:11 - 2015-01-16 07:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-16 07:10 - 2015-01-22 06:19 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-16 07:10 - 2015-01-22 06:15 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-16 07:10 - 2015-01-16 07:11 - 00000000 ____D () C:\Users\DJG\AppData\Local\Google
2015-01-16 07:10 - 2015-01-16 07:11 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-16 07:10 - 2015-01-16 07:10 - 00003888 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-16 07:10 - 2015-01-16 07:10 - 00003636 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-16 07:09 - 2015-01-16 07:10 - 00000000 ____D () C:\Users\DJG\AppData\Local\Deployment
2015-01-16 07:09 - 2015-01-16 07:09 - 00000000 ____D () C:\Users\DJG\AppData\Local\Apps\2.0
2015-01-16 07:06 - 2014-12-19 13:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-16 07:05 - 2014-12-04 12:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-01-16 07:05 - 2014-12-04 12:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-01-16 07:05 - 2014-12-04 12:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-01-16 07:05 - 2014-12-04 12:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-01-16 07:05 - 2014-12-04 12:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-01-16 07:05 - 2014-12-04 12:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-01-16 07:05 - 2014-12-04 12:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-01-16 07:05 - 2014-12-02 09:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-01-16 07:05 - 2014-09-19 19:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-01-16 07:05 - 2014-09-19 19:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-01-16 07:05 - 2014-09-19 19:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-01-16 07:05 - 2014-09-19 19:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-01-16 07:05 - 2014-09-19 19:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-01-16 07:05 - 2014-09-19 19:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-01-16 07:05 - 2014-09-19 19:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-01-16 07:05 - 2014-09-19 19:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-01-16 07:05 - 2014-09-19 19:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-01-16 07:05 - 2014-09-19 19:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-01-16 07:05 - 2014-09-19 19:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-01-16 07:05 - 2014-09-19 19:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-01-16 07:05 - 2014-08-01 21:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-01-16 07:05 - 2014-08-01 21:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-01-16 07:05 - 2014-04-25 12:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-01-16 07:05 - 2014-04-25 12:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-01-16 07:04 - 2014-12-19 11:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-16 07:04 - 2014-12-06 14:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-16 07:04 - 2014-12-06 13:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-16 07:04 - 2014-12-06 13:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-16 07:04 - 2014-11-27 11:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-01-16 07:04 - 2014-11-27 11:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-01-16 07:04 - 2014-11-22 13:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-01-16 07:04 - 2014-11-22 13:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-01-16 07:04 - 2014-11-22 13:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-01-16 07:04 - 2014-11-22 12:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-01-16 07:04 - 2014-11-22 12:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-01-16 07:04 - 2014-11-22 12:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-01-16 07:04 - 2014-11-22 12:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-01-16 07:04 - 2014-11-22 12:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-01-16 07:04 - 2014-11-22 12:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-01-16 07:04 - 2014-11-22 12:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-01-16 07:04 - 2014-11-22 12:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-01-16 07:04 - 2014-11-22 12:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-01-16 07:04 - 2014-11-22 12:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-01-16 07:04 - 2014-11-22 12:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-01-16 07:04 - 2014-11-22 12:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-01-16 07:04 - 2014-11-22 12:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-01-16 07:04 - 2014-11-22 12:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-01-16 07:04 - 2014-11-22 12:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-01-16 07:04 - 2014-11-22 12:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-01-16 07:04 - 2014-11-22 12:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-01-16 07:04 - 2014-11-22 12:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-01-16 07:04 - 2014-11-22 12:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-01-16 07:04 - 2014-11-22 12:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-01-16 07:04 - 2014-11-22 12:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-01-16 07:04 - 2014-11-22 12:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-01-16 07:04 - 2014-11-22 12:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-01-16 07:04 - 2014-11-22 12:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-01-16 07:04 - 2014-11-22 11:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-01-16 07:04 - 2014-11-22 11:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-01-16 07:04 - 2014-11-22 11:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-01-16 07:04 - 2014-11-22 11:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-01-16 07:04 - 2014-11-22 11:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-01-16 07:04 - 2014-11-22 11:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-01-16 07:04 - 2014-11-22 11:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-01-16 07:04 - 2014-11-22 11:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-01-16 07:04 - 2014-11-22 11:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-01-16 07:04 - 2014-11-22 11:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-01-16 07:04 - 2014-11-22 11:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-01-16 07:04 - 2014-11-22 11:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-01-16 07:04 - 2014-11-22 11:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-01-16 07:04 - 2014-11-22 11:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-01-16 07:04 - 2014-11-22 11:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-01-16 07:04 - 2014-11-22 11:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-01-16 07:04 - 2014-11-22 11:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-01-16 07:04 - 2014-11-22 11:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-01-16 07:04 - 2014-11-22 11:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-01-16 07:04 - 2014-11-22 11:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-01-16 07:04 - 2014-11-22 11:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-01-16 07:04 - 2014-11-22 11:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-01-16 07:04 - 2014-11-22 11:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-01-16 07:04 - 2014-11-22 10:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-01-16 07:04 - 2014-11-22 10:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-01-16 07:04 - 2014-11-11 13:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-01-16 07:04 - 2014-11-11 12:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-01-16 07:04 - 2014-11-11 11:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-01-16 07:04 - 2014-10-30 12:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-01-16 07:04 - 2014-10-30 11:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-01-16 07:04 - 2014-10-14 12:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-01-16 07:04 - 2014-10-14 12:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-01-16 07:04 - 2014-10-14 12:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-01-16 07:04 - 2014-10-14 11:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-01-16 07:04 - 2014-10-14 11:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-01-16 07:04 - 2014-08-21 16:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-01-16 07:04 - 2014-08-21 16:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-01-16 07:04 - 2014-08-21 16:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-01-16 07:04 - 2014-08-21 16:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-01-16 07:04 - 2014-06-24 13:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-01-16 07:04 - 2014-06-24 12:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-01-16 07:04 - 2014-06-19 08:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-01-16 07:04 - 2014-06-19 08:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-01-16 07:04 - 2014-06-19 08:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-01-16 07:04 - 2014-06-19 08:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-01-16 07:04 - 2014-06-19 08:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-01-16 07:04 - 2014-06-19 08:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-01-16 07:04 - 2014-06-18 12:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-01-16 07:04 - 2014-06-18 11:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-01-16 07:04 - 2014-06-06 20:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-01-16 07:04 - 2014-06-06 19:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-01-16 07:04 - 2014-05-30 16:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-01-16 07:04 - 2014-04-05 12:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-01-16 07:04 - 2014-04-05 12:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-01-16 07:04 - 2014-03-27 00:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-01-16 07:04 - 2014-03-27 00:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-01-16 07:04 - 2014-03-27 00:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-01-16 07:04 - 2014-03-27 00:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-01-16 07:01 - 2014-11-11 13:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-01-16 07:01 - 2014-11-11 13:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-01-16 07:01 - 2014-11-11 12:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-01-16 07:01 - 2014-11-11 12:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-01-16 07:01 - 2014-10-14 12:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-01-16 07:01 - 2014-10-14 12:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-01-16 07:01 - 2014-10-14 11:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-01-16 07:01 - 2014-10-14 11:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-01-16 07:01 - 2014-09-25 12:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-01-16 07:01 - 2014-09-25 11:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-01-16 07:01 - 2014-08-12 12:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-01-16 07:01 - 2014-08-12 11:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-01-16 07:01 - 2014-06-12 17:52 - 00986560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-01-16 07:01 - 2014-04-12 12:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-01-16 07:01 - 2014-04-12 12:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-01-16 07:01 - 2014-04-12 12:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-01-16 07:01 - 2014-04-12 12:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-01-16 07:01 - 2014-04-12 12:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-01-16 07:01 - 2014-03-04 19:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-01-16 07:01 - 2014-03-04 19:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-01-16 07:01 - 2014-03-04 19:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-01-16 07:01 - 2014-03-04 19:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-01-16 07:01 - 2014-03-04 19:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-01-16 07:01 - 2014-03-04 19:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-01-16 07:01 - 2014-03-04 19:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-01-16 07:01 - 2014-03-04 19:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-01-16 07:01 - 2014-03-04 19:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2015-01-16 07:01 - 2014-03-04 19:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2015-01-16 07:01 - 2014-03-04 19:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2015-01-16 07:01 - 2014-03-04 19:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2015-01-16 07:01 - 2014-03-04 19:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2015-01-16 07:01 - 2014-03-04 19:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2015-01-16 07:01 - 2014-03-04 19:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2015-01-16 07:01 - 2014-03-04 19:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-01-16 07:00 - 2014-12-12 15:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-16 07:00 - 2014-12-12 15:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-16 07:00 - 2014-12-12 15:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-16 07:00 - 2014-12-12 15:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-16 07:00 - 2014-12-12 15:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-16 07:00 - 2014-12-12 15:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-16 07:00 - 2014-12-12 15:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-16 07:00 - 2014-11-08 13:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-01-16 07:00 - 2014-11-08 12:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-01-16 07:00 - 2014-10-14 12:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-01-16 07:00 - 2014-10-14 11:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-01-16 07:00 - 2014-10-10 10:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-01-16 07:00 - 2014-10-03 12:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-01-16 07:00 - 2014-10-03 12:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-16 07:00 - 2014-10-03 12:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-01-16 07:00 - 2014-10-03 12:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-01-16 07:00 - 2014-10-03 12:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-01-16 07:00 - 2014-10-03 12:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-16 07:00 - 2014-10-03 12:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-16 07:00 - 2014-10-03 12:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-16 07:00 - 2014-10-03 12:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-16 07:00 - 2014-10-03 12:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-01-16 07:00 - 2014-10-03 11:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-01-16 07:00 - 2014-10-03 11:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-01-16 07:00 - 2014-10-03 11:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-01-16 07:00 - 2014-10-03 11:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-01-16 07:00 - 2014-10-03 11:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-01-16 07:00 - 2014-10-03 11:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-01-16 07:00 - 2014-10-03 11:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-01-16 07:00 - 2014-10-03 11:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-01-16 07:00 - 2014-09-04 15:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-01-16 07:00 - 2014-09-04 15:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-01-16 07:00 - 2014-07-17 12:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-01-16 07:00 - 2014-07-17 12:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-01-16 07:00 - 2014-07-17 12:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-01-16 07:00 - 2014-07-17 11:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-01-16 07:00 - 2014-07-17 11:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-01-16 07:00 - 2014-07-17 11:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-01-16 07:00 - 2014-06-25 12:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-01-16 07:00 - 2014-06-25 11:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-01-16 07:00 - 2014-06-03 20:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-01-16 07:00 - 2014-06-03 20:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-01-16 07:00 - 2014-06-03 20:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-01-16 07:00 - 2014-06-03 19:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-01-16 07:00 - 2014-06-03 19:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-01-16 07:00 - 2014-03-04 19:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-01-16 07:00 - 2014-03-04 19:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-01-16 07:00 - 2014-03-04 19:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-01-16 07:00 - 2014-03-04 19:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-01-16 07:00 - 2014-03-04 19:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-01-16 07:00 - 2014-03-04 19:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-01-16 07:00 - 2014-03-04 19:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-01-16 07:00 - 2014-03-04 19:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-01-16 07:00 - 2014-03-04 19:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-01-16 07:00 - 2014-03-04 18:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-01-16 07:00 - 2014-03-04 18:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-01-16 07:00 - 2013-07-20 20:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-01-16 07:00 - 2013-07-20 20:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-01-16 06:56 - 2014-10-18 12:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-01-16 06:56 - 2014-10-18 11:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-01-16 06:56 - 2014-08-23 12:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-01-16 06:56 - 2014-08-23 11:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-01-16 06:56 - 2014-07-14 12:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-01-16 06:56 - 2014-07-14 11:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-01-16 06:53 - 2015-01-16 06:53 - 00772160 _____ (Reimage®) C:\Users\DJG\Downloads\ReimageRepair.exe
2015-01-16 00:14 - 2015-01-16 00:14 - 00000000 ____D () C:\Users\Public\CyberLink
2015-01-15 23:47 - 2015-01-15 23:47 - 00000000 ____D () C:\Users\DJG\AppData\Roaming\hpqlog
2015-01-15 23:47 - 2015-01-15 23:47 - 00000000 ____D () C:\Users\DJG\AppData\Local\Hewlett-Packard
2015-01-15 23:33 - 2015-01-15 23:33 - 00000000 ____D () C:\Users\DJG\Downloads\New folder
2015-01-15 23:31 - 2015-01-15 23:31 - 00000778 _____ () C:\Users\DJG\Desktop\SeaToolsforWindowsSetup - Shortcut.lnk
2015-01-15 23:09 - 2015-01-15 23:29 - 26771088 _____ () C:\Users\DJG\Downloads\SeaToolsforWindowsSetup.exe
2015-01-15 16:33 - 2015-01-15 16:33 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
2015-01-15 16:26 - 2015-01-15 16:26 - 00000000 ____D () C:\ProgramData\Synaptics
2015-01-15 16:19 - 2015-01-15 16:19 - 00003160 _____ () C:\Windows\System32\Tasks\CLVDLauncher
2015-01-15 16:19 - 2015-01-15 16:19 - 00003160 _____ () C:\Windows\System32\Tasks\CLMLSvc_P2G8
2015-01-15 16:19 - 2015-01-15 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2015-01-15 16:19 - 2011-12-27 15:37 - 00090608 _____ (CyberLink) C:\Windows\system32\Drivers\CLVirtualDrive.sys
2015-01-15 16:18 - 2015-01-15 16:18 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2015-01-15 16:18 - 2013-03-05 16:22 - 00040896 _____ (CyberLink Corporation) C:\Windows\system32\Drivers\clwvd.sys
2015-01-15 16:17 - 2015-01-15 16:27 - 00000000 ____D () C:\ProgramData\CyberLink
2015-01-15 16:17 - 2015-01-15 16:19 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-01-15 16:17 - 2015-01-15 16:19 - 00000000 ____D () C:\ProgramData\Temp
2015-01-15 16:17 - 2015-01-15 16:19 - 00000000 ____D () C:\ProgramData\install_clap
2015-01-15 16:17 - 2015-01-15 16:19 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2015-01-15 16:17 - 2015-01-15 16:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-01-15 16:15 - 2015-01-15 16:15 - 00000000 ____D () C:\Windows\System32\Tasks\Hewlett-Packard
2015-01-15 16:14 - 2015-01-15 16:14 - 00000000 ____D () C:\ProgramData\{C19CA186-4F06-4E22-A1E6-6BAB4723A0DE}
2015-01-15 16:10 - 2015-01-17 01:46 - 00000061 _____ () C:\Windows\SysWOW64\LOCALDEVICE.INI
2015-01-15 16:10 - 2015-01-17 01:36 - 00003620 _____ () C:\Windows\SysWOW64\LOCALSERVICE.INI
2015-01-15 16:08 - 2015-01-15 16:08 - 00000000 ____D () C:\Windows\system32\Drivers\tr-TR
2015-01-15 16:08 - 2015-01-15 16:08 - 00000000 ____D () C:\Windows\system32\Drivers\th-TH
2015-01-15 16:08 - 2015-01-15 16:08 - 00000000 ____D () C:\Windows\system32\Drivers\ro-RO
2015-01-15 16:08 - 2015-01-15 16:08 - 00000000 ____D () C:\Windows\system32\Drivers\he-IL
2015-01-15 16:08 - 2015-01-15 16:08 - 00000000 ____D () C:\Windows\system32\Drivers\ar-SA
2015-01-15 16:08 - 2015-01-15 16:08 - 00000000 ____D () C:\ProgramData\Apple
2015-01-15 16:08 - 2015-01-15 16:08 - 00000000 ____D () C:\Program Files\Bonjour
2015-01-15 16:08 - 2015-01-15 16:08 - 00000000 ____D () C:\Program Files (x86)\Windows Virtual PC
2015-01-15 16:08 - 2015-01-15 16:08 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-01-15 16:08 - 2015-01-15 11:56 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC
2015-01-15 16:08 - 2013-08-10 16:44 - 00226816 _____ (Hewlett-Packard) C:\Windows\system32\hpbprtmonui.dll
2015-01-15 16:08 - 2013-08-10 16:43 - 00424960 _____ (Hewlett-Packard) C:\Windows\system32\hpbrprtmon.dll
2015-01-15 16:08 - 2013-08-10 16:42 - 00404992 _____ (Hewlett-Packard) C:\Windows\system32\hpbprtmon.dll
2015-01-15 16:06 - 2015-01-15 16:07 - 00000000 ___HD () C:\Program Files (x86)\Temp
2015-01-15 16:06 - 2015-01-15 16:06 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-01-15 16:06 - 2015-01-15 16:06 - 00000000 ____D () C:\Windows\system32\SRSLabs
2015-01-15 16:06 - 2015-01-15 16:06 - 00000000 ____D () C:\Program Files\Realtek
2015-01-15 16:06 - 2014-02-13 10:10 - 50406400 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-01-15 16:06 - 2014-02-13 10:10 - 03853016 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-01-15 16:06 - 2014-02-13 10:10 - 02825432 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 02787032 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 01958616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-01-15 16:06 - 2014-02-13 10:10 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 01022680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00733637 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-01-15 16:06 - 2014-02-13 10:10 - 00624344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00529624 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-01-15 16:06 - 2014-02-13 10:09 - 02080472 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-01-15 16:01 - 2015-01-15 16:01 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2015-01-15 16:01 - 2010-11-20 23:34 - 00360832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcvmm.sys
2015-01-15 16:01 - 2010-11-20 23:34 - 00194944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpchbus.sys
2015-01-15 16:01 - 2010-11-20 23:27 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\vpchbuspipe.dll
2015-01-15 16:01 - 2010-11-20 23:25 - 04514816 _____ (Microsoft Corporation) C:\Windows\system32\vpc.exe
2015-01-15 16:01 - 2010-11-20 23:25 - 02264064 _____ (Microsoft Corporation) C:\Windows\system32\VPCWizard.exe
2015-01-15 16:01 - 2010-11-20 23:25 - 01369600 _____ (Microsoft Corporation) C:\Windows\system32\VPCSettings.exe
2015-01-15 16:01 - 2010-11-20 21:37 - 01210368 _____ (Microsoft Corporation) C:\Windows\system32\VMWindow.exe
2015-01-15 16:01 - 2010-11-20 21:37 - 00936448 _____ (Microsoft Corporation) C:\Windows\system32\vmsal.exe
2015-01-15 16:01 - 2010-11-20 21:35 - 00562176 _____ (Microsoft Corporation) C:\Windows\system32\VMCPropertyHandler.dll
2015-01-15 16:01 - 2010-11-20 21:35 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcusb.sys
2015-01-15 16:01 - 2010-11-20 21:35 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcnfltr.sys
2015-01-15 16:01 - 2010-11-20 20:52 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vmsal.exe
2015-01-15 16:00 - 2015-01-15 16:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-01-15 16:00 - 2015-01-15 16:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-01-15 16:00 - 2015-01-15 16:00 - 00000000 ____D () C:\Windows\SysWOW64\sda
2015-01-15 16:00 - 2015-01-15 16:00 - 00000000 ____D () C:\Program Files\Synaptics
2015-01-15 16:00 - 2014-02-25 04:12 - 00041984 _____ (Intel Corporation) C:\Windows\system32\Drivers\USB3Ver.dll
2015-01-15 16:00 - 2014-01-04 10:08 - 00291544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsP2Stor.sys
2015-01-15 15:59 - 2015-01-15 16:20 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2015-01-15 15:59 - 2015-01-15 16:06 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-01-15 15:59 - 2015-01-15 15:59 - 00000000 ____D () C:\Windows\Hewlett-Packard
2015-01-15 15:59 - 2014-03-29 10:00 - 00918232 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2015-01-15 15:59 - 2014-03-29 10:00 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2015-01-15 15:59 - 2014-03-29 10:00 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-01-15 15:58 - 2015-01-15 15:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_BtL2caScoIf_01009.Wdf
2015-01-15 15:57 - 2015-01-15 15:58 - 00000032 _____ () C:\Windows\0
2015-01-15 15:57 - 2015-01-15 15:57 - 00000000 ____D () C:\Program Files (x86)\Ralink Corporation
2015-01-15 15:57 - 2015-01-15 15:57 - 00000000 _____ () C:\Windows\system32\0
2015-01-15 15:56 - 2015-01-21 06:40 - 00769752 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-15 15:55 - 2015-01-15 15:55 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-01-15 15:55 - 2015-01-15 15:55 - 00000000 ____D () C:\ProgramData\Intel
2015-01-15 15:55 - 2015-01-15 15:55 - 00000000 ____D () C:\Program Files\Intel
2015-01-15 15:55 - 2013-11-22 06:41 - 00064000 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2015-01-15 15:55 - 2013-11-22 06:41 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2015-01-15 15:54 - 2015-01-15 16:26 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2015-01-15 15:54 - 2015-01-15 16:19 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-15 15:54 - 2015-01-15 15:54 - 00002709 _____ () C:\Windows\system32\RaCoInst.log
2015-01-15 15:54 - 2015-01-15 15:54 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-01-15 15:54 - 2015-01-15 15:54 - 00000000 ____D () C:\ProgramData\Ralink Driver
2015-01-15 15:54 - 2013-12-10 09:26 - 00016344 _____ (Intel Corporation) C:\Windows\system32\Drivers\IntelMEFWVer.dll
2015-01-15 15:54 - 2013-11-26 18:25 - 02439368 _____ (Ralink Technology, Corp.) C:\Windows\system32\Drivers\netr28x.sys
2015-01-15 15:54 - 2013-10-09 12:58 - 00013973 _____ () C:\Windows\system32\RaCoInst.dat
2015-01-15 15:54 - 2013-07-04 03:46 - 00331568 _____ (Ralink Technology, Inc.) C:\Windows\system32\RaCoInstx.dll
2015-01-15 15:53 - 2015-01-15 16:00 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-01-15 15:53 - 2015-01-15 15:54 - 00000000 ____D () C:\Intel
2015-01-15 15:53 - 2015-01-15 15:53 - 00000000 __RSH () C:\Windows\SysWOW64\Drivers\103C_HP_bNB_250 G3 Notebook PC_Y5336AN_0U_QCND4419TL1_E751428-374_4A_I2211_SHP_V86.39_BF.23_T140919_W748-1_L409_M4033_J500_7Intel_8651_92.40_#150114_N_(J8K62PA#ABG)_XMOBILE_CN10_Z_20970100000405F00000634181.MRK
2015-01-15 15:53 - 2015-01-15 15:53 - 00000000 __RSH () C:\Windows\system32\Drivers\103C_HP_bNB_250 G3 Notebook PC_Y5336AN_0U_QCND4419TL1_E751428-374_4A_I2211_SHP_V86.39_BF.23_T140919_W748-1_L409_M4033_J500_7Intel_8651_92.40_#150114_N_(J8K62PA#ABG)_XMOBILE_CN10_Z_20970100000405F00000634181.MRK
2015-01-15 15:53 - 2013-08-22 09:16 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2015-01-15 15:50 - 2015-01-15 15:50 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-01-15 15:49 - 2015-01-15 15:49 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-01-15 15:28 - 2015-01-15 15:28 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2015-01-15 15:28 - 2015-01-15 15:28 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-01-15 15:28 - 2015-01-15 15:28 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-01-15 15:28 - 2015-01-15 15:28 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-01-15 15:28 - 2015-01-15 15:28 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-01-15 15:28 - 2015-01-15 15:28 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-01-15 15:28 - 2015-01-15 15:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-01-15 15:26 - 2015-01-19 18:28 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-01-15 15:26 - 2015-01-15 15:46 - 00000000 ____D () C:\Windows\CSC
2015-01-15 15:26 - 2009-06-11 06:30 - 00053551 _____ () C:\Windows\Professional.xml
2015-01-15 12:46 - 2015-01-21 22:44 - 00098519 _____ () C:\Users\DJG\FRST.txt
2015-01-15 12:46 - 2015-01-21 22:44 - 00019704 _____ () C:\Users\DJG\Addition.txt
2015-01-15 12:46 - 2015-01-21 22:44 - 00019537 _____ () C:\Users\DJG\Shortcut.txt
2015-01-15 12:45 - 2015-01-22 06:43 - 00000000 ____D () C:\FRST
2015-01-15 12:26 - 2015-01-12 18:07 - 18467928 _____ () C:\Users\DJG\Desktop\RogueKillerX64.exe
2015-01-15 12:06 - 2015-01-19 22:05 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-01-15 12:06 - 2015-01-15 12:06 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-01-15 12:00 - 2015-01-15 12:00 - 00000000 ____D () C:\Users\DJG\AppData\Roaming\Hewlett-Packard
2015-01-15 11:59 - 2015-01-15 11:59 - 00000000 __SHD () C:\Users\DJG\AppData\Local\EmieUserList
2015-01-15 11:59 - 2015-01-15 11:59 - 00000000 __SHD () C:\Users\DJG\AppData\Local\EmieSiteList
2015-01-15 11:58 - 2015-01-19 18:40 - 00058016 _____ () C:\Users\DJG\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-15 11:58 - 2015-01-19 18:40 - 00000000 ____D () C:\Users\DJG\Documents\Youcam
2015-01-15 11:58 - 2015-01-15 11:58 - 00000000 ____D () C:\Users\DJG\AppData\Local\CyberLink
2015-01-15 11:57 - 2015-01-18 16:34 - 00000000 ___RD () C:\Users\DJG\Virtual Machines
2015-01-15 11:57 - 2015-01-16 08:43 - 00000000 ____D () C:\Users\DJG\AppData\Local\VirtualStore
2015-01-15 11:57 - 2015-01-15 11:57 - 00001413 _____ () C:\Users\DJG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-15 11:57 - 2015-01-15 11:57 - 00000000 ____D () C:\Users\DJG\Documents\Bluetooth
2015-01-15 11:57 - 2015-01-15 11:57 - 00000000 ____D () C:\Users\DJG\AppData\Roaming\Synaptics
2015-01-15 11:57 - 2015-01-15 11:57 - 00000000 ____D () C:\Users\DJG\AppData\Roaming\Adobe
2015-01-15 11:57 - 2015-01-15 11:57 - 00000000 ____D () C:\Users\DJG\AppData\Local\bluesoleil
2015-01-15 11:56 - 2015-01-22 06:36 - 00000000 ____D () C:\Users\DJG
2015-01-15 11:56 - 2015-01-15 11:56 - 00000020 ___SH () C:\Users\DJG\ntuser.ini
2015-01-15 11:56 - 2015-01-15 11:56 - 00000000 ____D () C:\Users\DJG\AppData\Local\Power2Go8
2015-01-15 11:56 - 2014-05-15 02:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-01-15 11:56 - 2014-05-15 02:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-01-15 11:56 - 2014-05-15 02:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-01-15 11:56 - 2014-05-15 02:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-01-15 11:56 - 2014-05-15 02:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-01-15 11:56 - 2014-05-15 02:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-01-15 11:56 - 2014-05-15 02:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-01-15 11:56 - 2014-05-15 02:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-01-15 11:56 - 2014-05-15 02:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-01-15 11:56 - 2014-05-15 02:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-01-15 11:56 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-01-15 11:56 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-01-15 11:56 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-01-15 11:56 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-01-15 11:56 - 2009-07-14 14:54 - 00000000 ___RD () C:\Users\DJG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-15 11:56 - 2009-07-14 14:49 - 00000000 ___RD () C:\Users\DJG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-22 06:23 - 2009-07-14 15:13 - 00784286 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-22 06:23 - 2009-07-14 14:45 - 00034208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-22 06:23 - 2009-07-14 14:45 - 00034208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-22 06:18 - 2013-12-17 09:36 - 00001077 _____ () C:\Windows\SysWOW64\bscs.ini
2015-01-22 06:18 - 2009-07-14 15:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-21 11:57 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\rescache
2015-01-21 06:47 - 2009-07-14 13:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-21 06:46 - 2009-07-14 14:45 - 00267672 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-21 06:45 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-01-19 23:02 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-19 21:53 - 2009-07-14 13:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-19 17:04 - 2009-07-14 12:34 - 00000439 _____ () C:\Windows\win.ini
2015-01-17 05:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-01-17 05:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-01-17 05:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\AppCompat
2015-01-17 05:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-16 06:48 - 2009-07-14 15:32 - 00000000 ____D () C:\Windows\system32\restore
2015-01-15 16:40 - 2007-01-02 11:25 - 00000000 ____D () C:\Windows\Panther
2015-01-15 16:37 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\sysprep
2015-01-15 16:26 - 2009-07-14 14:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-01-15 16:16 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\Help
2015-01-15 16:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2015-01-15 16:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\th-TH
2015-01-15 16:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO
2015-01-15 16:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2015-01-15 16:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2015-01-15 16:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-01-15 16:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\th-TH
2015-01-15 16:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\ro-RO
2015-01-15 16:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\he-IL
2015-01-15 16:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2015-01-15 15:30 - 2014-06-05 14:18 - 00000012 _____ () C:\Windows\CSUP.txt
2015-01-15 15:26 - 2009-07-14 15:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-15 15:26 - 2009-07-14 15:32 - 00000000 ____D () C:\Program Files\DVD Maker
2015-01-15 15:26 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\security
2015-01-15 15:24 - 2009-07-14 15:38 - 00029696 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2015-01-15 15:24 - 2009-07-14 15:32 - 00032768 _____ () C:\Windows\system32\config\BCD-Template
2015-01-15 11:57 - 2011-02-11 05:23 - 00000000 ___HD () C:\SYSTEM.SAV
2015-01-15 11:57 - 2011-02-11 05:23 - 00000000 ____D () C:\SWSetup
2015-01-15 11:57 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\Recovery
2015-01-15 11:57 - 2007-01-02 11:32 - 00000000 __SHD () C:\Recovery
2015-01-08 09:55 - 2010-11-21 13:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
 
==================== Files in the root of some directories =======
2015-01-19 17:24 - 2015-01-19 20:50 - 0000600 _____ () C:\Users\DJG\AppData\Roaming\winscp.rnd
 
Files to move or delete:
====================
C:\Users\DJG\network.bat
 
 
Some content of TEMP:
====================
C:\Users\DJG\AppData\Local\Temp\dllnt_dump.dll
C:\Users\DJG\AppData\Local\Temp\InstHelper.exe
C:\Users\DJG\AppData\Local\Temp\Quarantine.exe
C:\Users\DJG\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-01-15 08:22
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by DJG at 2015-01-22 06:44:26
Running from C:\Users\DJG\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3228 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.2.3302 - CyberLink Corp.)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E1ACF120-CD69-47F0-B202-9A4B95C436D8}) (Version: 5.1.5 - Hewlett-Packard)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.234 - SurfRight B.V.)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{DB97D0DE-0AA1-413C-8398-92C7FA3F4A67}) (Version: 4.6.13.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.24.1790 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3368 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.9.1000 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Ralink Bluetooth Stack (HKLM\...\{1754C64C-CE72-BC8C-94D7-B3DE464B299C}) (Version: 11.0.749.0 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.37.0 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.83.328.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7164 - Realtek Semiconductor Corp.)
Registry Reviver (HKLM\...\Registry Reviver) (Version: 4.0.0.44 - ReviverSoft LLC)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.4.0 - Synaptics Incorporated)
ZoneAlarm Firewall (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 13.3.209.000 - Check Point)
ZoneAlarm Security (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security Toolbar  (HKLM-x32\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)
ZoneAlarm Security Toolbar  (HKU\S-1-5-21-698509535-3964860249-3740868791-1000\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
19-01-2015 16:49:11 Bomgar Support Customer Client Restore Point
19-01-2015 17:22:12 Checkpoint by HitmanPro
19-01-2015 17:23:13 Checkpoint by HitmanPro
19-01-2015 18:44:48 avast! antivirus system restore point
19-01-2015 22:49:40 Checkpoint by HitmanPro
21-01-2015 06:02:05 Windows Update
21-01-2015 06:26:57 Windows Update
21-01-2015 06:34:01 Windows Update
21-01-2015 20:30:57 avast! antivirus system restore point
21-01-2015 21:43:51 Windows Update
21-01-2015 23:08:04 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-01-19 20:04 - 2015-01-19 20:04 - 00000834 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0D48B210-3A03-4D5C-8250-2766919CE991} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-13] (CyberLink Corp.)
Task: {1E726EA3-ECC5-4DF7-BBD7-7EEE71BBEB76} - System32\Tasks\JetCleanLoginCheckUpdate => C:\remote-service\jetclean\AutoUpdate.exe
Task: {2C2D6B74-3D12-43C4-BF01-6EB0C38EAF7F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-11-30] (Hewlett-Packard Company)
Task: {3B364673-9512-458B-978D-314FC67C3364} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05] (CyberLink)
Task: {3BD539E0-6574-4D97-94A6-2B98F7352F7B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-16] (Google Inc.)
Task: {95A77475-5FB8-44AF-A372-57739D391671} - \Reimage Reminder No Task File <==== ATTENTION
Task: {A2D0C11B-6A1E-421D-AAD5-E669DDB5202E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-16] (Google Inc.)
Task: {C7905132-E9A1-40B6-8650-6532A7468B9A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-14] (Hewlett-Packard Company)
Task: {E0F29E95-9144-4F6A-969D-18BA3965428D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-14] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-12-17 09:45 - 2013-12-17 09:45 - 00016632 _____ () C:\Windows\system32\BsHelpCSps.dll
2013-12-17 09:46 - 2013-12-17 09:46 - 00029432 _____ () C:\Windows\system32\BsTrace.dll
2013-12-17 09:45 - 2013-12-17 09:45 - 00371448 _____ () C:\Windows\system32\BsExtendFunc.dll
2013-12-17 09:44 - 2013-12-17 09:44 - 00031480 _____ () C:\Windows\SysWOW64\BsHelpCSps.dll
2015-01-15 16:19 - 2013-08-05 17:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-06 09:48 - 2013-08-06 09:48 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-01-16 07:11 - 2015-01-09 10:35 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libglesv2.dll
2015-01-16 07:11 - 2015-01-09 10:35 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libegl.dll
2015-01-16 07:11 - 2015-01-09 10:35 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\pdf.dll
2015-01-16 07:11 - 2015-01-09 10:35 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: BtTray => "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe"
MSCONFIG\startupreg: HP Quick Launch => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
MSCONFIG\startupreg: HPOSD => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe"
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: YouCam Service => "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-698509535-3964860249-3740868791-500 - Administrator - Disabled)
DJG (S-1-5-21-698509535-3964860249-3740868791-1000 - Administrator - Enabled) => C:\Users\DJG
Guest (S-1-5-21-698509535-3964860249-3740868791-501 - Limited - Disabled)
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary avast! VM Monitor.
 
System Error:
The system cannot find the file specified.
.
 
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSP.
 
System Error:
The system cannot find the file specified.
.
 
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSnx.
 
System Error:
The system cannot find the file specified.
.
 
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary avast! Revert.
 
System Error:
The system cannot find the file specified.
.
 
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswRdr.
 
System Error:
The system cannot find the file specified.
.
 
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswMonFlt.
 
System Error:
The system cannot find the file specified.
.
 
Error: (01/21/2015 03:36:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5024
 
Error: (01/21/2015 03:36:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5024
 
Error: (01/21/2015 03:36:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/21/2015 03:36:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4025
 
 
System errors:
=============
Error: (01/21/2015 09:48:25 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070308: Security Update for Windows 7 for x64-based Systems (KB2965788).
 
Error: (01/21/2015 09:48:19 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070308: Update for Windows 7 for x64-based Systems (KB2923545).
 
Error: (01/21/2015 09:48:03 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070308: Security Update for Windows 7 for x64-based Systems (KB2984981).
 
Error: (01/21/2015 09:47:56 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070308: Security Update for Windows 7 for x64-based Systems (KB3020388).
 
Error: (01/21/2015 09:12:26 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The ESET Service service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (01/20/2015 07:15:38 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The HitmanPro 3.7 Crusader (Boot) service terminated with service-specific error %%0.
 
Error: (01/19/2015 11:03:23 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error: 
%%5
 
Error: (01/19/2015 10:53:23 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error: 
%%5
 
Error: (01/19/2015 08:52:58 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: 
%%1056
 
Error: (01/19/2015 08:52:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
 
Microsoft Office Sessions:
=========================
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary avast! VM Monitor.
 
System Error:
The system cannot find the file specified.
 
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSP.
 
System Error:
The system cannot find the file specified.
 
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSnx.
 
System Error:
The system cannot find the file specified.
 
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary avast! Revert.
 
System Error:
The system cannot find the file specified.
 
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswRdr.
 
System Error:
The system cannot find the file specified.
 
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswMonFlt.
 
System Error:
The system cannot find the file specified.
 
Error: (01/21/2015 03:36:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5024
 
Error: (01/21/2015 03:36:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5024
 
Error: (01/21/2015 03:36:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/21/2015 03:36:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4025
 

===========================================================================

 

I hope I got this all right ?

Looking forward to your comments.

 

MANY thanks again.

 

 

DIGGERMEL

 

 

 


Hi Nasdaq,

 

THANK YOU !!

 

When I tried the MWB link, the malware showed pic 1 attached, so I opened an https view of the home page,

and added the php'section of the link, and that got me the download page ok.

Nothing showed up in the MWB scan however. 

 

MWB Log posted as follows

==========================================================

 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
 
Protection, 22/01/2015 5:22:48 AM, SYSTEM, DJG-HP, Protection, Malware Protection, Starting, 
Protection, 22/01/2015 5:22:48 AM, SYSTEM, DJG-HP, Protection, Malware Protection, Started, 
Protection, 22/01/2015 5:22:48 AM, SYSTEM, DJG-HP, Protection, Malicious Website Protection, Starting, 
Protection, 22/01/2015 5:23:12 AM, SYSTEM, DJG-HP, Protection, Malicious Website Protection, Started, 
Update, 22/01/2015 5:23:32 AM, SYSTEM, DJG-HP, Manual, Rootkit Database, 2014.11.18.1, 2015.1.14.1, 
Update, 22/01/2015 5:23:32 AM, SYSTEM, DJG-HP, Manual, Remediation Database, 2013.10.16.1, 2014.12.6.1, 
Update, 22/01/2015 5:24:33 AM, SYSTEM, DJG-HP, Manual, Malware Database, 2014.11.20.6, 2015.1.21.9, 
Protection, 22/01/2015 5:24:33 AM, SYSTEM, DJG-HP, Protection, Refresh, Starting, 
Protection, 22/01/2015 5:24:33 AM, SYSTEM, DJG-HP, Protection, Malicious Website Protection, Stopping, 
Protection, 22/01/2015 5:24:33 AM, SYSTEM, DJG-HP, Protection, Malicious Website Protection, Stopped, 
Protection, 22/01/2015 5:24:36 AM, SYSTEM, DJG-HP, Protection, Refresh, Success, 
Protection, 22/01/2015 5:24:36 AM, SYSTEM, DJG-HP, Protection, Malicious Website Protection, Starting, 
Protection, 22/01/2015 5:24:37 AM, SYSTEM, DJG-HP, Protection, Malicious Website Protection, Started, 
Scan, 22/01/2015 5:40:29 AM, SYSTEM, DJG-HP, Manual, Start:22/01/2015 5:27:33 AM, Duration:12 min 56 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections, 
 
(end)
========================================================================================
 
Adware Cleaner log follows
 
========================================================================================
 
# AdwCleaner v4.108 - Report created 22/01/2015 at 06:16:51
# Updated 17/01/2015 by Xplode
# Database : 2015-01-18.1 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : DJG - DJG-HP
# Running from : C:\Users\DJG\Downloads\adwcleaner_4.108.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Program Files (x86)\Check Point Software Technologies LTD
Folder Deleted : C:\Users\DJG\AppData\Roaming\Check Point Software Technologies LTD
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{987D9269-F8A1-408F-BF62-4397D2F5363E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0722BEB-FDA1-4AA1-A2A8-15A74A5B3F70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F1963E76-845B-474C-8C7F-D69A96D8AA34}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E00DE9B9-B128-4C39-B732-B5D85013FA48}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17496
 
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
 
-\\ Google Chrome v39.0.2171.99
 
[C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.zonealarm.com/search?src=sp&tbid=HFA5&Lan=EN&q={searchTerms}&gu=c9611c6be64a4958b43a8fd1d61888ad&tu=10G9y00Hy2D33N0&sku=&tstsId=&ver=&
 
*************************
 
AdwCleaner[R0].txt - [735 octets] - [19/01/2015 18:42:10]
AdwCleaner[R1].txt - [3111 octets] - [22/01/2015 06:10:23]
AdwCleaner[S0].txt - [2950 octets] - [22/01/2015 06:16:51]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3010 octets] ##########
 
Now for the Farbar scans.
======================================================================
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by DJG (administrator) on DJG-HP on 22-01-2015 06:43:56
Running from C:\Users\DJG\Desktop
Loaded Profiles: DJG (Available profiles: DJG)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-08-13] (Check Point Software Technologies Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-698509535-3964860249-3740868791-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-698509535-3964860249-3740868791-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-au/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWOW64\skype4com.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-16]
CHR Extension: (Google Docs) - C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-16]
CHR Extension: (Google Drive) - C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-16]
CHR Extension: (YouTube) - C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-16]
CHR Extension: (Google Search) - C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-16]
CHR Extension: (Google Sheets) - C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-16]
CHR Extension: (Google Wallet) - C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-16]
CHR Extension: (Gmail) - C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-16]
CHR HKU\S-1-5-21-698509535-3964860249-3740868791-1000\...\Chrome\Extension: [kgdcapepedmpopjkmdbjnmmmfgllnfek] - C:\Users\DJG\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarm.crx [Not Found]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1579880 2013-12-17] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [145656 2013-12-17] (IVT Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-14] (Hewlett-Packard Company) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-09] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-02-13] (Realtek Semiconductor)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3596752 2014-08-13] (Check Point Software Technologies Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-06-05] (Microsoft Corporation)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [96272 2014-08-13] (Check Point Software Technologies, Ltd.)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [33968 2012-12-20] (IVT Corporation)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-16] (IVT Corporation)
S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [54064 2013-04-27] (Ralink Corporation)
S3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [50272 2013-12-17] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-27] (CyberLink)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-01-20] ()
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-11-07] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-22] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\drivers\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 rtbth; C:\Windows\System32\DRIVERS\rtbth.sys [1204424 2013-12-03] (Ralink Technology, Corp.)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [29936 2013-12-13] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\drivers\Smb_driver_Intel.sys [31472 2013-12-13] (Synaptics Incorporated)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [37624 2015-01-19] ()
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450456 2014-08-13] (Check Point Software Technologies Ltd.)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [33968 2012-12-20] (IVT Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-22 06:43 - 2015-01-22 06:44 - 00010372 _____ () C:\Users\DJG\Desktop\FRST.txt
2015-01-22 06:31 - 2015-01-22 06:32 - 02126848 _____ (Farbar) C:\Users\DJG\Desktop\FRST64.exe
2015-01-22 06:06 - 2015-01-22 06:07 - 02186752 _____ () C:\Users\DJG\Downloads\adwcleaner_4.108.exe
2015-01-22 05:57 - 2015-01-22 06:20 - 00000000 ____D () C:\Users\DJG\Documents\bleep
2015-01-22 05:43 - 2015-01-22 05:44 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\DJG\Downloads\mbam-setup-2.0.4.1028 (1).exe
2015-01-22 05:23 - 2015-01-22 06:19 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-22 05:22 - 2015-01-22 05:22 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-22 05:22 - 2015-01-22 05:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-22 05:22 - 2015-01-22 05:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-22 05:22 - 2015-01-22 05:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-22 05:22 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-22 05:22 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-22 05:22 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-22 05:19 - 2015-01-22 05:19 - 00000410 _____ () C:\Windows\BRWMARK.INI
2015-01-22 05:19 - 2015-01-22 05:19 - 00000000 ____D () C:\ProgramData\Brother
2015-01-22 05:12 - 2015-01-22 05:16 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\DJG\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-21 22:47 - 2015-01-21 22:47 - 00000000 _____ () C:\Users\DJG\New Text Document.txt
2015-01-21 22:41 - 2015-01-21 22:41 - 00000000 ____D () C:\Users\DJG\FRST-OlderVersion
2015-01-21 21:59 - 2014-12-12 03:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-21 21:14 - 2015-01-21 21:14 - 00000000 ____D () C:\Users\DJG\AppData\Roaming\ESET
2015-01-21 21:14 - 2015-01-21 21:14 - 00000000 ____D () C:\Users\DJG\AppData\Local\ESET
2015-01-21 21:12 - 2015-01-21 21:12 - 00000000 ____D () C:\Program Files\ESET
2015-01-21 20:29 - 2015-01-21 20:30 - 01132704 _____ (ESET spol. s r.o.) C:\Users\DJG\Downloads\eset_av_remover.exe
2015-01-21 20:26 - 2015-01-21 20:26 - 01660616 _____ (ESET) C:\Users\DJG\Downloads\eset_smart_security_live_installer_.exe
2015-01-21 09:22 - 2014-08-29 12:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-01-21 09:22 - 2014-05-08 19:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-01-21 09:21 - 2014-09-05 12:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-01-21 09:21 - 2014-09-05 11:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-01-21 06:44 - 2013-10-02 12:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-01-21 06:44 - 2013-10-02 12:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-01-21 06:44 - 2013-10-02 12:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-01-21 06:44 - 2013-10-02 11:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-01-21 06:44 - 2013-10-02 11:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-01-21 06:44 - 2013-10-02 11:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-01-21 06:44 - 2013-10-02 11:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-01-21 06:44 - 2013-10-02 10:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-01-21 06:44 - 2013-10-02 10:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-01-21 06:44 - 2013-10-02 10:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2015-01-21 06:44 - 2013-10-02 10:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-01-21 06:44 - 2013-10-02 09:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-01-21 06:44 - 2013-10-02 09:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-01-21 06:44 - 2013-10-02 09:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-01-21 06:44 - 2013-10-02 08:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-01-21 06:35 - 2012-08-24 00:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-01-21 06:35 - 2012-08-24 00:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-01-21 06:35 - 2012-08-24 00:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2015-01-21 06:35 - 2012-08-23 21:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2015-01-21 06:35 - 2012-08-23 20:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2015-01-21 06:34 - 2015-01-21 06:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01009.Wdf
2015-01-21 06:27 - 2015-01-21 06:30 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-21 06:27 - 2014-12-31 13:12 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-21 06:26 - 2014-12-13 15:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-01-21 06:26 - 2014-12-13 13:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-01-21 06:18 - 2015-01-21 06:18 - 00002132 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk
2015-01-21 06:18 - 2015-01-21 06:18 - 00002120 _____ () C:\Users\Public\Desktop\Belarc Advisor.lnk
2015-01-21 06:18 - 2015-01-21 06:18 - 00000000 ____D () C:\Program Files (x86)\Belarc
2015-01-21 06:17 - 2015-01-21 06:17 - 03644864 _____ () C:\Users\DJG\Downloads\advisorinstaller.exe
2015-01-20 20:02 - 2015-01-20 20:02 - 00001055 _____ () C:\Users\Public\Desktop\Registry Reviver.lnk
2015-01-20 20:02 - 2015-01-20 20:02 - 00000000 ____D () C:\ProgramData\ReviverSoft
2015-01-20 20:02 - 2015-01-20 20:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft
2015-01-20 20:02 - 2015-01-20 20:02 - 00000000 ____D () C:\Program Files\ReviverSoft
2015-01-20 20:01 - 2015-01-20 20:01 - 04161536 _____ (ReviverSoft LLC) C:\Users\DJG\Downloads\RegistryReviverInstaller.exe
2015-01-20 15:43 - 2015-01-20 15:43 - 00000000 ____D () C:\Users\DJG\AppData\Roaming\Intel Corporation
2015-01-20 15:15 - 2015-01-20 15:15 - 00028672 _____ () C:\SAVEDBCD
2015-01-20 15:15 - 2015-01-20 15:15 - 00025600 ___SH () C:\SAVEDBCD.LOG
2015-01-20 12:55 - 2014-07-09 08:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2015-01-20 12:55 - 2014-07-09 08:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2015-01-20 12:54 - 2014-10-25 11:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-01-20 12:54 - 2014-10-25 11:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-01-20 12:54 - 2014-07-09 12:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-01-20 12:54 - 2014-07-09 12:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-01-20 12:54 - 2014-07-09 12:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-01-20 12:54 - 2014-07-09 12:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-01-20 12:54 - 2014-07-09 12:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-01-20 12:54 - 2014-07-09 11:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-01-20 12:54 - 2014-07-09 11:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-01-20 12:54 - 2014-07-09 11:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-01-20 12:54 - 2014-07-09 11:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-01-20 12:54 - 2014-07-09 11:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-01-20 07:15 - 2015-01-20 07:15 - 00043664 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2015-01-19 22:46 - 2015-01-19 22:46 - 00000000 ____D () C:\Program Files\HitmanPro
2015-01-19 22:39 - 2015-01-19 22:43 - 11225840 _____ (SurfRight B.V.) C:\Users\DJG\Downloads\HitmanPro_x64 (1).exe
2015-01-19 21:54 - 2015-01-19 21:54 - 00431395 _____ () C:\Windows\system32\Drivers\vsconfig.xml
2015-01-19 21:54 - 2015-01-19 21:54 - 00000762 _____ () C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2015-01-19 21:54 - 2015-01-19 21:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2015-01-19 21:51 - 2015-01-19 21:54 - 00000000 ____D () C:\Program Files (x86)\CheckPoint
2015-01-19 21:51 - 2015-01-19 21:52 - 03401864 _____ (Check Point Software Technologies Ltd.) C:\Users\DJG\Downloads\zafwSetupWeb_133_209_000 (1).exe
2015-01-19 21:51 - 2015-01-19 21:51 - 00000000 ____D () C:\ProgramData\CheckPoint
2015-01-19 21:51 - 2015-01-19 21:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-19 21:50 - 2015-01-19 21:50 - 03401864 _____ (Check Point Software Technologies Ltd.) C:\Users\DJG\Downloads\zafwSetupWeb_133_209_000.exe
2015-01-19 20:54 - 2015-01-22 06:37 - 00817698 _____ () C:\Windows\WindowsUpdate.log
2015-01-19 20:51 - 2015-01-22 06:18 - 00516548 _____ () C:\Windows\PFRO.log
2015-01-19 20:51 - 2015-01-22 06:18 - 00002282 _____ () C:\Windows\setupact.log
2015-01-19 20:51 - 2015-01-19 20:51 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-19 18:44 - 2015-01-21 22:37 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-01-19 18:42 - 2015-01-22 06:17 - 00000000 ____D () C:\AdwCleaner
2015-01-19 18:41 - 2014-08-26 21:15 - 00002290 _____ () C:\Users\DJG\network.bat
2015-01-19 18:33 - 2015-01-19 18:35 - 132469808 _____ (AVAST Software) C:\Users\DJG\Downloads\avast_free_antivirus_setup.exe
2015-01-19 17:59 - 2015-01-19 17:59 - 00000000 ____D () C:\Windows\ERUNT
2015-01-19 17:25 - 2015-01-19 17:25 - 00003126 _____ () C:\Windows\System32\Tasks\JetCleanLoginCheckUpdate
2015-01-19 17:25 - 2015-01-19 17:25 - 00000000 ____D () C:\Users\DJG\AppData\Roaming\BlueSprig
2015-01-19 17:24 - 2015-01-19 20:50 - 00000600 _____ () C:\Users\DJG\AppData\Roaming\winscp.rnd
2015-01-19 17:23 - 2015-01-19 22:50 - 00002738 _____ () C:\Windows\system32\.crusader
2015-01-19 17:19 - 2015-01-19 17:23 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-01-19 17:03 - 2015-01-19 22:52 - 00000000 ____D () C:\Users\DJG\AppData\Local\CrashDumps
2015-01-19 16:56 - 2015-01-19 20:50 - 00000000 ____D () C:\CSV
2015-01-19 16:55 - 2015-01-19 20:50 - 00000000 ____D () C:\remote-service
2015-01-19 15:20 - 2015-01-19 15:23 - 11225840 _____ (SurfRight B.V.) C:\Users\DJG\Downloads\HitmanPro_x64.exe
2015-01-19 15:20 - 2015-01-19 15:20 - 00000000 ____D () C:\Diag-Advisor
2015-01-19 15:19 - 2015-01-19 15:20 - 04651952 _____ () C:\Users\DJG\Downloads\support diagnostic.exe
2015-01-19 14:52 - 2015-01-19 14:52 - 00000000 __SHD () C:\Users\DJG\AppData\Local\EmieBrowserModeList
2015-01-19 07:08 - 2015-01-19 07:08 - 00000384 _____ () C:\Windows\SysWOW64\win_hcleaner.ini
2015-01-19 07:05 - 2015-01-19 07:05 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-01-18 16:35 - 2015-01-18 16:35 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-01-17 05:08 - 2015-01-17 05:08 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-01-17 05:08 - 2015-01-17 05:08 - 00000000 ____D () C:\Windows\system32\appraiser
2015-01-17 03:35 - 2014-10-18 12:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-01-17 03:35 - 2014-10-18 11:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-01-17 03:35 - 2014-07-07 12:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-01-17 03:35 - 2014-07-07 12:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-01-17 03:35 - 2014-07-07 12:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-01-17 03:35 - 2014-07-07 12:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-01-17 03:35 - 2014-07-07 11:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-01-17 03:35 - 2014-07-07 11:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-01-17 03:35 - 2014-07-07 11:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-01-17 03:35 - 2014-07-07 11:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-01-17 03:28 - 2012-07-26 13:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2015-01-17 03:28 - 2012-07-26 13:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-01-17 03:28 - 2012-07-26 13:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-01-17 03:28 - 2012-07-26 13:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-01-17 03:28 - 2012-07-26 13:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2015-01-17 03:28 - 2012-07-26 12:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-01-17 03:28 - 2012-07-26 12:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-01-17 03:28 - 2012-06-03 00:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2015-01-17 03:04 - 2014-06-27 12:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-01-17 03:04 - 2014-06-27 11:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-01-17 03:01 - 2014-07-01 08:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-01-17 03:01 - 2014-07-01 08:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-01-17 03:01 - 2014-03-10 07:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-01-17 03:01 - 2014-03-10 07:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-01-17 03:01 - 2014-03-10 07:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-01-17 03:01 - 2014-03-10 07:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-01-17 03:00 - 2014-06-06 16:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-01-17 03:00 - 2014-06-06 16:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-01-16 11:09 - 2015-01-16 11:30 - 313886720 _____ () C:\Users\DJG\Downloads\kav_rescue_10.iso
2015-01-16 08:43 - 2015-01-16 08:43 - 00007606 _____ () C:\Users\DJG\Downloads\hijackthis.log
2015-01-16 08:42 - 2015-01-19 19:48 - 00388608 _____ (Trend Micro Inc.) C:\Users\DJG\Downloads\HijackThis.exe
2015-01-16 08:37 - 2011-04-09 16:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-01-16 08:37 - 2011-04-09 15:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-01-16 07:13 - 2015-01-16 07:13 - 00040196 _____ () C:\Users\DJG\Downloads\EPeek.txt
2015-01-16 07:11 - 2015-01-16 07:11 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-16 07:11 - 2015-01-16 07:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-16 07:10 - 2015-01-22 06:19 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-16 07:10 - 2015-01-22 06:15 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-16 07:10 - 2015-01-16 07:11 - 00000000 ____D () C:\Users\DJG\AppData\Local\Google
2015-01-16 07:10 - 2015-01-16 07:11 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-16 07:10 - 2015-01-16 07:10 - 00003888 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-16 07:10 - 2015-01-16 07:10 - 00003636 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-16 07:09 - 2015-01-16 07:10 - 00000000 ____D () C:\Users\DJG\AppData\Local\Deployment
2015-01-16 07:09 - 2015-01-16 07:09 - 00000000 ____D () C:\Users\DJG\AppData\Local\Apps\2.0
2015-01-16 07:06 - 2014-12-19 13:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-16 07:05 - 2014-12-04 12:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-01-16 07:05 - 2014-12-04 12:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-01-16 07:05 - 2014-12-04 12:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-01-16 07:05 - 2014-12-04 12:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-01-16 07:05 - 2014-12-04 12:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-01-16 07:05 - 2014-12-04 12:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-01-16 07:05 - 2014-12-04 12:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-01-16 07:05 - 2014-12-02 09:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-01-16 07:05 - 2014-09-19 19:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-01-16 07:05 - 2014-09-19 19:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-01-16 07:05 - 2014-09-19 19:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-01-16 07:05 - 2014-09-19 19:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-01-16 07:05 - 2014-09-19 19:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-01-16 07:05 - 2014-09-19 19:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-01-16 07:05 - 2014-09-19 19:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-01-16 07:05 - 2014-09-19 19:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-01-16 07:05 - 2014-09-19 19:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-01-16 07:05 - 2014-09-19 19:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-01-16 07:05 - 2014-09-19 19:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-01-16 07:05 - 2014-09-19 19:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-01-16 07:05 - 2014-08-01 21:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-01-16 07:05 - 2014-08-01 21:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-01-16 07:05 - 2014-04-25 12:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-01-16 07:05 - 2014-04-25 12:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-01-16 07:04 - 2014-12-19 11:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-16 07:04 - 2014-12-06 14:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-16 07:04 - 2014-12-06 13:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-16 07:04 - 2014-12-06 13:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-16 07:04 - 2014-11-27 11:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-01-16 07:04 - 2014-11-27 11:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-01-16 07:04 - 2014-11-22 13:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-01-16 07:04 - 2014-11-22 13:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-01-16 07:04 - 2014-11-22 13:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-01-16 07:04 - 2014-11-22 12:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-01-16 07:04 - 2014-11-22 12:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-01-16 07:04 - 2014-11-22 12:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-01-16 07:04 - 2014-11-22 12:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-01-16 07:04 - 2014-11-22 12:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-01-16 07:04 - 2014-11-22 12:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-01-16 07:04 - 2014-11-22 12:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-01-16 07:04 - 2014-11-22 12:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-01-16 07:04 - 2014-11-22 12:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-01-16 07:04 - 2014-11-22 12:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-01-16 07:04 - 2014-11-22 12:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-01-16 07:04 - 2014-11-22 12:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-01-16 07:04 - 2014-11-22 12:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-01-16 07:04 - 2014-11-22 12:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-01-16 07:04 - 2014-11-22 12:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-01-16 07:04 - 2014-11-22 12:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-01-16 07:04 - 2014-11-22 12:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-01-16 07:04 - 2014-11-22 12:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-01-16 07:04 - 2014-11-22 12:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-01-16 07:04 - 2014-11-22 12:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-01-16 07:04 - 2014-11-22 12:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-01-16 07:04 - 2014-11-22 12:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-01-16 07:04 - 2014-11-22 12:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-01-16 07:04 - 2014-11-22 12:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-01-16 07:04 - 2014-11-22 11:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-01-16 07:04 - 2014-11-22 11:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-01-16 07:04 - 2014-11-22 11:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-01-16 07:04 - 2014-11-22 11:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-01-16 07:04 - 2014-11-22 11:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-01-16 07:04 - 2014-11-22 11:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-01-16 07:04 - 2014-11-22 11:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-01-16 07:04 - 2014-11-22 11:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-01-16 07:04 - 2014-11-22 11:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-01-16 07:04 - 2014-11-22 11:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-01-16 07:04 - 2014-11-22 11:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-01-16 07:04 - 2014-11-22 11:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-01-16 07:04 - 2014-11-22 11:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-01-16 07:04 - 2014-11-22 11:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-01-16 07:04 - 2014-11-22 11:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-01-16 07:04 - 2014-11-22 11:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-01-16 07:04 - 2014-11-22 11:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-01-16 07:04 - 2014-11-22 11:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-01-16 07:04 - 2014-11-22 11:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-01-16 07:04 - 2014-11-22 11:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-01-16 07:04 - 2014-11-22 11:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-01-16 07:04 - 2014-11-22 11:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-01-16 07:04 - 2014-11-22 11:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-01-16 07:04 - 2014-11-22 10:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-01-16 07:04 - 2014-11-22 10:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-01-16 07:04 - 2014-11-11 13:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-01-16 07:04 - 2014-11-11 12:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-01-16 07:04 - 2014-11-11 11:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-01-16 07:04 - 2014-10-30 12:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-01-16 07:04 - 2014-10-30 11:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-01-16 07:04 - 2014-10-14 12:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-01-16 07:04 - 2014-10-14 12:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-01-16 07:04 - 2014-10-14 12:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-01-16 07:04 - 2014-10-14 11:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-01-16 07:04 - 2014-10-14 11:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-01-16 07:04 - 2014-08-21 16:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-01-16 07:04 - 2014-08-21 16:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-01-16 07:04 - 2014-08-21 16:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-01-16 07:04 - 2014-08-21 16:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-01-16 07:04 - 2014-06-24 13:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-01-16 07:04 - 2014-06-24 12:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-01-16 07:04 - 2014-06-19 08:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-01-16 07:04 - 2014-06-19 08:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-01-16 07:04 - 2014-06-19 08:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-01-16 07:04 - 2014-06-19 08:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-01-16 07:04 - 2014-06-19 08:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-01-16 07:04 - 2014-06-19 08:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-01-16 07:04 - 2014-06-18 12:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-01-16 07:04 - 2014-06-18 11:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-01-16 07:04 - 2014-06-06 20:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-01-16 07:04 - 2014-06-06 19:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-01-16 07:04 - 2014-05-30 16:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-01-16 07:04 - 2014-04-05 12:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-01-16 07:04 - 2014-04-05 12:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-01-16 07:04 - 2014-03-27 00:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-01-16 07:04 - 2014-03-27 00:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-01-16 07:04 - 2014-03-27 00:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-01-16 07:04 - 2014-03-27 00:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-01-16 07:01 - 2014-11-11 13:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-01-16 07:01 - 2014-11-11 13:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-01-16 07:01 - 2014-11-11 12:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-01-16 07:01 - 2014-11-11 12:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-01-16 07:01 - 2014-10-14 12:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-01-16 07:01 - 2014-10-14 12:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-01-16 07:01 - 2014-10-14 11:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-01-16 07:01 - 2014-10-14 11:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-01-16 07:01 - 2014-09-25 12:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-01-16 07:01 - 2014-09-25 11:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-01-16 07:01 - 2014-08-12 12:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-01-16 07:01 - 2014-08-12 11:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-01-16 07:01 - 2014-06-12 17:52 - 00986560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-01-16 07:01 - 2014-04-12 12:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-01-16 07:01 - 2014-04-12 12:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-01-16 07:01 - 2014-04-12 12:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-01-16 07:01 - 2014-04-12 12:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-01-16 07:01 - 2014-04-12 12:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-01-16 07:01 - 2014-03-04 19:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-01-16 07:01 - 2014-03-04 19:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-01-16 07:01 - 2014-03-04 19:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-01-16 07:01 - 2014-03-04 19:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-01-16 07:01 - 2014-03-04 19:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-01-16 07:01 - 2014-03-04 19:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-01-16 07:01 - 2014-03-04 19:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-01-16 07:01 - 2014-03-04 19:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-01-16 07:01 - 2014-03-04 19:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2015-01-16 07:01 - 2014-03-04 19:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2015-01-16 07:01 - 2014-03-04 19:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2015-01-16 07:01 - 2014-03-04 19:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2015-01-16 07:01 - 2014-03-04 19:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2015-01-16 07:01 - 2014-03-04 19:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2015-01-16 07:01 - 2014-03-04 19:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2015-01-16 07:01 - 2014-03-04 19:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-01-16 07:00 - 2014-12-12 15:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-16 07:00 - 2014-12-12 15:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-16 07:00 - 2014-12-12 15:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-16 07:00 - 2014-12-12 15:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-16 07:00 - 2014-12-12 15:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-16 07:00 - 2014-12-12 15:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-16 07:00 - 2014-12-12 15:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-16 07:00 - 2014-11-08 13:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-01-16 07:00 - 2014-11-08 12:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-01-16 07:00 - 2014-10-14 12:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-01-16 07:00 - 2014-10-14 11:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-01-16 07:00 - 2014-10-10 10:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-01-16 07:00 - 2014-10-03 12:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-01-16 07:00 - 2014-10-03 12:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-16 07:00 - 2014-10-03 12:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-01-16 07:00 - 2014-10-03 12:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-01-16 07:00 - 2014-10-03 12:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-01-16 07:00 - 2014-10-03 12:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-16 07:00 - 2014-10-03 12:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-16 07:00 - 2014-10-03 12:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-16 07:00 - 2014-10-03 12:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-16 07:00 - 2014-10-03 12:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-01-16 07:00 - 2014-10-03 11:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-01-16 07:00 - 2014-10-03 11:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-01-16 07:00 - 2014-10-03 11:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-01-16 07:00 - 2014-10-03 11:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-01-16 07:00 - 2014-10-03 11:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-01-16 07:00 - 2014-10-03 11:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-01-16 07:00 - 2014-10-03 11:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-01-16 07:00 - 2014-10-03 11:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-01-16 07:00 - 2014-09-04 15:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-01-16 07:00 - 2014-09-04 15:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-01-16 07:00 - 2014-07-17 12:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-01-16 07:00 - 2014-07-17 12:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-01-16 07:00 - 2014-07-17 12:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-01-16 07:00 - 2014-07-17 11:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-01-16 07:00 - 2014-07-17 11:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-01-16 07:00 - 2014-07-17 11:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-01-16 07:00 - 2014-06-25 12:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-01-16 07:00 - 2014-06-25 11:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-01-16 07:00 - 2014-06-03 20:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-01-16 07:00 - 2014-06-03 20:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-01-16 07:00 - 2014-06-03 20:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-01-16 07:00 - 2014-06-03 19:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-01-16 07:00 - 2014-06-03 19:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-01-16 07:00 - 2014-03-04 19:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-01-16 07:00 - 2014-03-04 19:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-01-16 07:00 - 2014-03-04 19:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-01-16 07:00 - 2014-03-04 19:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-01-16 07:00 - 2014-03-04 19:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-01-16 07:00 - 2014-03-04 19:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-01-16 07:00 - 2014-03-04 19:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-01-16 07:00 - 2014-03-04 19:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-01-16 07:00 - 2014-03-04 19:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-01-16 07:00 - 2014-03-04 18:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-01-16 07:00 - 2014-03-04 18:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-01-16 07:00 - 2013-07-20 20:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-01-16 07:00 - 2013-07-20 20:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-01-16 06:56 - 2014-10-18 12:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-01-16 06:56 - 2014-10-18 11:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-01-16 06:56 - 2014-08-23 12:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-01-16 06:56 - 2014-08-23 11:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-01-16 06:56 - 2014-07-14 12:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-01-16 06:56 - 2014-07-14 11:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-01-16 06:53 - 2015-01-16 06:53 - 00772160 _____ (Reimage®) C:\Users\DJG\Downloads\ReimageRepair.exe
2015-01-16 00:14 - 2015-01-16 00:14 - 00000000 ____D () C:\Users\Public\CyberLink
2015-01-15 23:47 - 2015-01-15 23:47 - 00000000 ____D () C:\Users\DJG\AppData\Roaming\hpqlog
2015-01-15 23:47 - 2015-01-15 23:47 - 00000000 ____D () C:\Users\DJG\AppData\Local\Hewlett-Packard
2015-01-15 23:33 - 2015-01-15 23:33 - 00000000 ____D () C:\Users\DJG\Downloads\New folder
2015-01-15 23:31 - 2015-01-15 23:31 - 00000778 _____ () C:\Users\DJG\Desktop\SeaToolsforWindowsSetup - Shortcut.lnk
2015-01-15 23:09 - 2015-01-15 23:29 - 26771088 _____ () C:\Users\DJG\Downloads\SeaToolsforWindowsSetup.exe
2015-01-15 16:33 - 2015-01-15 16:33 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
2015-01-15 16:26 - 2015-01-15 16:26 - 00000000 ____D () C:\ProgramData\Synaptics
2015-01-15 16:19 - 2015-01-15 16:19 - 00003160 _____ () C:\Windows\System32\Tasks\CLVDLauncher
2015-01-15 16:19 - 2015-01-15 16:19 - 00003160 _____ () C:\Windows\System32\Tasks\CLMLSvc_P2G8
2015-01-15 16:19 - 2015-01-15 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2015-01-15 16:19 - 2011-12-27 15:37 - 00090608 _____ (CyberLink) C:\Windows\system32\Drivers\CLVirtualDrive.sys
2015-01-15 16:18 - 2015-01-15 16:18 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2015-01-15 16:18 - 2013-03-05 16:22 - 00040896 _____ (CyberLink Corporation) C:\Windows\system32\Drivers\clwvd.sys
2015-01-15 16:17 - 2015-01-15 16:27 - 00000000 ____D () C:\ProgramData\CyberLink
2015-01-15 16:17 - 2015-01-15 16:19 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-01-15 16:17 - 2015-01-15 16:19 - 00000000 ____D () C:\ProgramData\Temp
2015-01-15 16:17 - 2015-01-15 16:19 - 00000000 ____D () C:\ProgramData\install_clap
2015-01-15 16:17 - 2015-01-15 16:19 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2015-01-15 16:17 - 2015-01-15 16:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-01-15 16:15 - 2015-01-15 16:15 - 00000000 ____D () C:\Windows\System32\Tasks\Hewlett-Packard
2015-01-15 16:14 - 2015-01-15 16:14 - 00000000 ____D () C:\ProgramData\{C19CA186-4F06-4E22-A1E6-6BAB4723A0DE}
2015-01-15 16:10 - 2015-01-17 01:46 - 00000061 _____ () C:\Windows\SysWOW64\LOCALDEVICE.INI
2015-01-15 16:10 - 2015-01-17 01:36 - 00003620 _____ () C:\Windows\SysWOW64\LOCALSERVICE.INI
2015-01-15 16:08 - 2015-01-15 16:08 - 00000000 ____D () C:\Windows\system32\Drivers\tr-TR
2015-01-15 16:08 - 2015-01-15 16:08 - 00000000 ____D () C:\Windows\system32\Drivers\th-TH
2015-01-15 16:08 - 2015-01-15 16:08 - 00000000 ____D () C:\Windows\system32\Drivers\ro-RO
2015-01-15 16:08 - 2015-01-15 16:08 - 00000000 ____D () C:\Windows\system32\Drivers\he-IL
2015-01-15 16:08 - 2015-01-15 16:08 - 00000000 ____D () C:\Windows\system32\Drivers\ar-SA
2015-01-15 16:08 - 2015-01-15 16:08 - 00000000 ____D () C:\ProgramData\Apple
2015-01-15 16:08 - 2015-01-15 16:08 - 00000000 ____D () C:\Program Files\Bonjour
2015-01-15 16:08 - 2015-01-15 16:08 - 00000000 ____D () C:\Program Files (x86)\Windows Virtual PC
2015-01-15 16:08 - 2015-01-15 16:08 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-01-15 16:08 - 2015-01-15 11:56 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC
2015-01-15 16:08 - 2013-08-10 16:44 - 00226816 _____ (Hewlett-Packard) C:\Windows\system32\hpbprtmonui.dll
2015-01-15 16:08 - 2013-08-10 16:43 - 00424960 _____ (Hewlett-Packard) C:\Windows\system32\hpbrprtmon.dll
2015-01-15 16:08 - 2013-08-10 16:42 - 00404992 _____ (Hewlett-Packard) C:\Windows\system32\hpbprtmon.dll
2015-01-15 16:06 - 2015-01-15 16:07 - 00000000 ___HD () C:\Program Files (x86)\Temp
2015-01-15 16:06 - 2015-01-15 16:06 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-01-15 16:06 - 2015-01-15 16:06 - 00000000 ____D () C:\Windows\system32\SRSLabs
2015-01-15 16:06 - 2015-01-15 16:06 - 00000000 ____D () C:\Program Files\Realtek
2015-01-15 16:06 - 2014-02-13 10:10 - 50406400 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-01-15 16:06 - 2014-02-13 10:10 - 03853016 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-01-15 16:06 - 2014-02-13 10:10 - 02825432 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 02787032 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 01958616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-01-15 16:06 - 2014-02-13 10:10 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 01022680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00733637 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-01-15 16:06 - 2014-02-13 10:10 - 00624344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00529624 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-01-15 16:06 - 2014-02-13 10:10 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-01-15 16:06 - 2014-02-13 10:09 - 02080472 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-01-15 16:01 - 2015-01-15 16:01 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2015-01-15 16:01 - 2010-11-20 23:34 - 00360832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcvmm.sys
2015-01-15 16:01 - 2010-11-20 23:34 - 00194944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpchbus.sys
2015-01-15 16:01 - 2010-11-20 23:27 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\vpchbuspipe.dll
2015-01-15 16:01 - 2010-11-20 23:25 - 04514816 _____ (Microsoft Corporation) C:\Windows\system32\vpc.exe
2015-01-15 16:01 - 2010-11-20 23:25 - 02264064 _____ (Microsoft Corporation) C:\Windows\system32\VPCWizard.exe
2015-01-15 16:01 - 2010-11-20 23:25 - 01369600 _____ (Microsoft Corporation) C:\Windows\system32\VPCSettings.exe
2015-01-15 16:01 - 2010-11-20 21:37 - 01210368 _____ (Microsoft Corporation) C:\Windows\system32\VMWindow.exe
2015-01-15 16:01 - 2010-11-20 21:37 - 00936448 _____ (Microsoft Corporation) C:\Windows\system32\vmsal.exe
2015-01-15 16:01 - 2010-11-20 21:35 - 00562176 _____ (Microsoft Corporation) C:\Windows\system32\VMCPropertyHandler.dll
2015-01-15 16:01 - 2010-11-20 21:35 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcusb.sys
2015-01-15 16:01 - 2010-11-20 21:35 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcnfltr.sys
2015-01-15 16:01 - 2010-11-20 20:52 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vmsal.exe
2015-01-15 16:00 - 2015-01-15 16:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-01-15 16:00 - 2015-01-15 16:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-01-15 16:00 - 2015-01-15 16:00 - 00000000 ____D () C:\Windows\SysWOW64\sda
2015-01-15 16:00 - 2015-01-15 16:00 - 00000000 ____D () C:\Program Files\Synaptics
2015-01-15 16:00 - 2014-02-25 04:12 - 00041984 _____ (Intel Corporation) C:\Windows\system32\Drivers\USB3Ver.dll
2015-01-15 16:00 - 2014-01-04 10:08 - 00291544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsP2Stor.sys
2015-01-15 15:59 - 2015-01-15 16:20 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2015-01-15 15:59 - 2015-01-15 16:06 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-01-15 15:59 - 2015-01-15 15:59 - 00000000 ____D () C:\Windows\Hewlett-Packard
2015-01-15 15:59 - 2014-03-29 10:00 - 00918232 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2015-01-15 15:59 - 2014-03-29 10:00 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2015-01-15 15:59 - 2014-03-29 10:00 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-01-15 15:58 - 2015-01-15 15:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_BtL2caScoIf_01009.Wdf
2015-01-15 15:57 - 2015-01-15 15:58 - 00000032 _____ () C:\Windows\0
2015-01-15 15:57 - 2015-01-15 15:57 - 00000000 ____D () C:\Program Files (x86)\Ralink Corporation
2015-01-15 15:57 - 2015-01-15 15:57 - 00000000 _____ () C:\Windows\system32\0
2015-01-15 15:56 - 2015-01-21 06:40 - 00769752 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-15 15:55 - 2015-01-15 15:55 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-01-15 15:55 - 2015-01-15 15:55 - 00000000 ____D () C:\ProgramData\Intel
2015-01-15 15:55 - 2015-01-15 15:55 - 00000000 ____D () C:\Program Files\Intel
2015-01-15 15:55 - 2013-11-22 06:41 - 00064000 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2015-01-15 15:55 - 2013-11-22 06:41 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2015-01-15 15:54 - 2015-01-15 16:26 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2015-01-15 15:54 - 2015-01-15 16:19 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-15 15:54 - 2015-01-15 15:54 - 00002709 _____ () C:\Windows\system32\RaCoInst.log
2015-01-15 15:54 - 2015-01-15 15:54 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-01-15 15:54 - 2015-01-15 15:54 - 00000000 ____D () C:\ProgramData\Ralink Driver
2015-01-15 15:54 - 2013-12-10 09:26 - 00016344 _____ (Intel Corporation) C:\Windows\system32\Drivers\IntelMEFWVer.dll
2015-01-15 15:54 - 2013-11-26 18:25 - 02439368 _____ (Ralink Technology, Corp.) C:\Windows\system32\Drivers\netr28x.sys
2015-01-15 15:54 - 2013-10-09 12:58 - 00013973 _____ () C:\Windows\system32\RaCoInst.dat
2015-01-15 15:54 - 2013-07-04 03:46 - 00331568 _____ (Ralink Technology, Inc.) C:\Windows\system32\RaCoInstx.dll
2015-01-15 15:53 - 2015-01-15 16:00 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-01-15 15:53 - 2015-01-15 15:54 - 00000000 ____D () C:\Intel
2015-01-15 15:53 - 2015-01-15 15:53 - 00000000 __RSH () C:\Windows\SysWOW64\Drivers\103C_HP_bNB_250 G3 Notebook PC_Y5336AN_0U_QCND4419TL1_E751428-374_4A_I2211_SHP_V86.39_BF.23_T140919_W748-1_L409_M4033_J500_7Intel_8651_92.40_#150114_N_(J8K62PA#ABG)_XMOBILE_CN10_Z_20970100000405F00000634181.MRK
2015-01-15 15:53 - 2015-01-15 15:53 - 00000000 __RSH () C:\Windows\system32\Drivers\103C_HP_bNB_250 G3 Notebook PC_Y5336AN_0U_QCND4419TL1_E751428-374_4A_I2211_SHP_V86.39_BF.23_T140919_W748-1_L409_M4033_J500_7Intel_8651_92.40_#150114_N_(J8K62PA#ABG)_XMOBILE_CN10_Z_20970100000405F00000634181.MRK
2015-01-15 15:53 - 2013-08-22 09:16 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2015-01-15 15:50 - 2015-01-15 15:50 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-01-15 15:49 - 2015-01-15 15:49 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-01-15 15:28 - 2015-01-15 15:28 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2015-01-15 15:28 - 2015-01-15 15:28 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-01-15 15:28 - 2015-01-15 15:28 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-01-15 15:28 - 2015-01-15 15:28 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-01-15 15:28 - 2015-01-15 15:28 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-01-15 15:28 - 2015-01-15 15:28 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-01-15 15:28 - 2015-01-15 15:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-01-15 15:28 - 2015-01-15 15:28 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-01-15 15:28 - 2015-01-15 15:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-01-15 15:26 - 2015-01-19 18:28 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-01-15 15:26 - 2015-01-15 15:46 - 00000000 ____D () C:\Windows\CSC
2015-01-15 15:26 - 2009-06-11 06:30 - 00053551 _____ () C:\Windows\Professional.xml
2015-01-15 12:46 - 2015-01-21 22:44 - 00098519 _____ () C:\Users\DJG\FRST.txt
2015-01-15 12:46 - 2015-01-21 22:44 - 00019704 _____ () C:\Users\DJG\Addition.txt
2015-01-15 12:46 - 2015-01-21 22:44 - 00019537 _____ () C:\Users\DJG\Shortcut.txt
2015-01-15 12:45 - 2015-01-22 06:43 - 00000000 ____D () C:\FRST
2015-01-15 12:26 - 2015-01-12 18:07 - 18467928 _____ () C:\Users\DJG\Desktop\RogueKillerX64.exe
2015-01-15 12:06 - 2015-01-19 22:05 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-01-15 12:06 - 2015-01-15 12:06 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-01-15 12:00 - 2015-01-15 12:00 - 00000000 ____D () C:\Users\DJG\AppData\Roaming\Hewlett-Packard
2015-01-15 11:59 - 2015-01-15 11:59 - 00000000 __SHD () C:\Users\DJG\AppData\Local\EmieUserList
2015-01-15 11:59 - 2015-01-15 11:59 - 00000000 __SHD () C:\Users\DJG\AppData\Local\EmieSiteList
2015-01-15 11:58 - 2015-01-19 18:40 - 00058016 _____ () C:\Users\DJG\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-15 11:58 - 2015-01-19 18:40 - 00000000 ____D () C:\Users\DJG\Documents\Youcam
2015-01-15 11:58 - 2015-01-15 11:58 - 00000000 ____D () C:\Users\DJG\AppData\Local\CyberLink
2015-01-15 11:57 - 2015-01-18 16:34 - 00000000 ___RD () C:\Users\DJG\Virtual Machines
2015-01-15 11:57 - 2015-01-16 08:43 - 00000000 ____D () C:\Users\DJG\AppData\Local\VirtualStore
2015-01-15 11:57 - 2015-01-15 11:57 - 00001413 _____ () C:\Users\DJG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-15 11:57 - 2015-01-15 11:57 - 00000000 ____D () C:\Users\DJG\Documents\Bluetooth
2015-01-15 11:57 - 2015-01-15 11:57 - 00000000 ____D () C:\Users\DJG\AppData\Roaming\Synaptics
2015-01-15 11:57 - 2015-01-15 11:57 - 00000000 ____D () C:\Users\DJG\AppData\Roaming\Adobe
2015-01-15 11:57 - 2015-01-15 11:57 - 00000000 ____D () C:\Users\DJG\AppData\Local\bluesoleil
2015-01-15 11:56 - 2015-01-22 06:36 - 00000000 ____D () C:\Users\DJG
2015-01-15 11:56 - 2015-01-15 11:56 - 00000020 ___SH () C:\Users\DJG\ntuser.ini
2015-01-15 11:56 - 2015-01-15 11:56 - 00000000 ____D () C:\Users\DJG\AppData\Local\Power2Go8
2015-01-15 11:56 - 2014-05-15 02:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-01-15 11:56 - 2014-05-15 02:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-01-15 11:56 - 2014-05-15 02:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-01-15 11:56 - 2014-05-15 02:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-01-15 11:56 - 2014-05-15 02:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-01-15 11:56 - 2014-05-15 02:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-01-15 11:56 - 2014-05-15 02:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-01-15 11:56 - 2014-05-15 02:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-01-15 11:56 - 2014-05-15 02:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-01-15 11:56 - 2014-05-15 02:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-01-15 11:56 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-01-15 11:56 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-01-15 11:56 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-01-15 11:56 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-01-15 11:56 - 2009-07-14 14:54 - 00000000 ___RD () C:\Users\DJG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-15 11:56 - 2009-07-14 14:49 - 00000000 ___RD () C:\Users\DJG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-22 06:23 - 2009-07-14 15:13 - 00784286 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-22 06:23 - 2009-07-14 14:45 - 00034208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-22 06:23 - 2009-07-14 14:45 - 00034208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-22 06:18 - 2013-12-17 09:36 - 00001077 _____ () C:\Windows\SysWOW64\bscs.ini
2015-01-22 06:18 - 2009-07-14 15:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-21 11:57 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\rescache
2015-01-21 06:47 - 2009-07-14 13:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-21 06:46 - 2009-07-14 14:45 - 00267672 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-21 06:45 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-01-19 23:02 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-19 21:53 - 2009-07-14 13:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-19 17:04 - 2009-07-14 12:34 - 00000439 _____ () C:\Windows\win.ini
2015-01-17 05:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-01-17 05:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-01-17 05:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\AppCompat
2015-01-17 05:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-16 06:48 - 2009-07-14 15:32 - 00000000 ____D () C:\Windows\system32\restore
2015-01-15 16:40 - 2007-01-02 11:25 - 00000000 ____D () C:\Windows\Panther
2015-01-15 16:37 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\sysprep
2015-01-15 16:26 - 2009-07-14 14:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-01-15 16:16 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\Help
2015-01-15 16:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2015-01-15 16:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\th-TH
2015-01-15 16:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO
2015-01-15 16:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2015-01-15 16:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2015-01-15 16:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-01-15 16:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\th-TH
2015-01-15 16:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\ro-RO
2015-01-15 16:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\he-IL
2015-01-15 16:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2015-01-15 15:30 - 2014-06-05 14:18 - 00000012 _____ () C:\Windows\CSUP.txt
2015-01-15 15:26 - 2009-07-14 15:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-15 15:26 - 2009-07-14 15:32 - 00000000 ____D () C:\Program Files\DVD Maker
2015-01-15 15:26 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\security
2015-01-15 15:24 - 2009-07-14 15:38 - 00029696 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2015-01-15 15:24 - 2009-07-14 15:32 - 00032768 _____ () C:\Windows\system32\config\BCD-Template
2015-01-15 11:57 - 2011-02-11 05:23 - 00000000 ___HD () C:\SYSTEM.SAV
2015-01-15 11:57 - 2011-02-11 05:23 - 00000000 ____D () C:\SWSetup
2015-01-15 11:57 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\Recovery
2015-01-15 11:57 - 2007-01-02 11:32 - 00000000 __SHD () C:\Recovery
2015-01-08 09:55 - 2010-11-21 13:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
 
==================== Files in the root of some directories =======
2015-01-19 17:24 - 2015-01-19 20:50 - 0000600 _____ () C:\Users\DJG\AppData\Roaming\winscp.rnd
 
Files to move or delete:
====================
C:\Users\DJG\network.bat
 
 
Some content of TEMP:
====================
C:\Users\DJG\AppData\Local\Temp\dllnt_dump.dll
C:\Users\DJG\AppData\Local\Temp\InstHelper.exe
C:\Users\DJG\AppData\Local\Temp\Quarantine.exe
C:\Users\DJG\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-01-15 08:22
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by DJG at 2015-01-22 06:44:26
Running from C:\Users\DJG\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3228 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.2.3302 - CyberLink Corp.)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E1ACF120-CD69-47F0-B202-9A4B95C436D8}) (Version: 5.1.5 - Hewlett-Packard)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.234 - SurfRight B.V.)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{DB97D0DE-0AA1-413C-8398-92C7FA3F4A67}) (Version: 4.6.13.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.24.1790 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3368 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.9.1000 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Ralink Bluetooth Stack (HKLM\...\{1754C64C-CE72-BC8C-94D7-B3DE464B299C}) (Version: 11.0.749.0 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.37.0 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.83.328.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7164 - Realtek Semiconductor Corp.)
Registry Reviver (HKLM\...\Registry Reviver) (Version: 4.0.0.44 - ReviverSoft LLC)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.4.0 - Synaptics Incorporated)
ZoneAlarm Firewall (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 13.3.209.000 - Check Point)
ZoneAlarm Security (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security Toolbar  (HKLM-x32\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)
ZoneAlarm Security Toolbar  (HKU\S-1-5-21-698509535-3964860249-3740868791-1000\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
19-01-2015 16:49:11 Bomgar Support Customer Client Restore Point
19-01-2015 17:22:12 Checkpoint by HitmanPro
19-01-2015 17:23:13 Checkpoint by HitmanPro
19-01-2015 18:44:48 avast! antivirus system restore point
19-01-2015 22:49:40 Checkpoint by HitmanPro
21-01-2015 06:02:05 Windows Update
21-01-2015 06:26:57 Windows Update
21-01-2015 06:34:01 Windows Update
21-01-2015 20:30:57 avast! antivirus system restore point
21-01-2015 21:43:51 Windows Update
21-01-2015 23:08:04 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-01-19 20:04 - 2015-01-19 20:04 - 00000834 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0D48B210-3A03-4D5C-8250-2766919CE991} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-13] (CyberLink Corp.)
Task: {1E726EA3-ECC5-4DF7-BBD7-7EEE71BBEB76} - System32\Tasks\JetCleanLoginCheckUpdate => C:\remote-service\jetclean\AutoUpdate.exe
Task: {2C2D6B74-3D12-43C4-BF01-6EB0C38EAF7F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-11-30] (Hewlett-Packard Company)
Task: {3B364673-9512-458B-978D-314FC67C3364} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05] (CyberLink)
Task: {3BD539E0-6574-4D97-94A6-2B98F7352F7B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-16] (Google Inc.)
Task: {95A77475-5FB8-44AF-A372-57739D391671} - \Reimage Reminder No Task File <==== ATTENTION
Task: {A2D0C11B-6A1E-421D-AAD5-E669DDB5202E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-16] (Google Inc.)
Task: {C7905132-E9A1-40B6-8650-6532A7468B9A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-14] (Hewlett-Packard Company)
Task: {E0F29E95-9144-4F6A-969D-18BA3965428D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-14] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-12-17 09:45 - 2013-12-17 09:45 - 00016632 _____ () C:\Windows\system32\BsHelpCSps.dll
2013-12-17 09:46 - 2013-12-17 09:46 - 00029432 _____ () C:\Windows\system32\BsTrace.dll
2013-12-17 09:45 - 2013-12-17 09:45 - 00371448 _____ () C:\Windows\system32\BsExtendFunc.dll
2013-12-17 09:44 - 2013-12-17 09:44 - 00031480 _____ () C:\Windows\SysWOW64\BsHelpCSps.dll
2015-01-15 16:19 - 2013-08-05 17:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-06 09:48 - 2013-08-06 09:48 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-01-16 07:11 - 2015-01-09 10:35 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libglesv2.dll
2015-01-16 07:11 - 2015-01-09 10:35 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libegl.dll
2015-01-16 07:11 - 2015-01-09 10:35 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\pdf.dll
2015-01-16 07:11 - 2015-01-09 10:35 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: BtTray => "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe"
MSCONFIG\startupreg: HP Quick Launch => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
MSCONFIG\startupreg: HPOSD => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe"
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: YouCam Service => "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-698509535-3964860249-3740868791-500 - Administrator - Disabled)
DJG (S-1-5-21-698509535-3964860249-3740868791-1000 - Administrator - Enabled) => C:\Users\DJG
Guest (S-1-5-21-698509535-3964860249-3740868791-501 - Limited - Disabled)
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary avast! VM Monitor.
 
System Error:
The system cannot find the file specified.
.
 
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSP.
 
System Error:
The system cannot find the file specified.
.
 
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSnx.
 
System Error:
The system cannot find the file specified.
.
 
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary avast! Revert.
 
System Error:
The system cannot find the file specified.
.
 
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswRdr.
 
System Error:
The system cannot find the file specified.
.
 
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswMonFlt.
 
System Error:
The system cannot find the file specified.
.
 
Error: (01/21/2015 03:36:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5024
 
Error: (01/21/2015 03:36:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5024
 
Error: (01/21/2015 03:36:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/21/2015 03:36:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4025
 
 
System errors:
=============
Error: (01/21/2015 09:48:25 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070308: Security Update for Windows 7 for x64-based Systems (KB2965788).
 
Error: (01/21/2015 09:48:19 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070308: Update for Windows 7 for x64-based Systems (KB2923545).
 
Error: (01/21/2015 09:48:03 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070308: Security Update for Windows 7 for x64-based Systems (KB2984981).
 
Error: (01/21/2015 09:47:56 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070308: Security Update for Windows 7 for x64-based Systems (KB3020388).
 
Error: (01/21/2015 09:12:26 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The ESET Service service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (01/20/2015 07:15:38 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The HitmanPro 3.7 Crusader (Boot) service terminated with service-specific error %%0.
 
Error: (01/19/2015 11:03:23 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error: 
%%5
 
Error: (01/19/2015 10:53:23 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error: 
%%5
 
Error: (01/19/2015 08:52:58 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: 
%%1056
 
Error: (01/19/2015 08:52:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
 
Microsoft Office Sessions:
=========================
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary avast! VM Monitor.
 
System Error:
The system cannot find the file specified.
 
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSP.
 
System Error:
The system cannot find the file specified.
 
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSnx.
 
System Error:
The system cannot find the file specified.
 
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary avast! Revert.
 
System Error:
The system cannot find the file specified.
 
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswRdr.
 
System Error:
The system cannot find the file specified.
 
Error: (01/21/2015 09:44:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswMonFlt.
 
System Error:
The system cannot find the file specified.
 
Error: (01/21/2015 03:36:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5024
 
Error: (01/21/2015 03:36:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5024
 
Error: (01/21/2015 03:36:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/21/2015 03:36:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4025
 

===========================================================================

 

I hope I got this all right ?

Looking forward to your comments.

 

MANY thanks again.

 

 

DIGGERMEL

 

 

 

Attached Files



#5 nasdaq

nasdaq

  • Malware Response Team
  • 38,249 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:17 PM

Posted 22 January 2015 - 08:47 AM



Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
start

CloseProcesses:

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
HKU\S-1-5-21-698509535-3964860249-3740868791-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR Extension: (Google Wallet) - C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-16]
CHR HKU\S-1-5-21-698509535-3964860249-3740868791-1000\...\Chrome\Extension: [kgdcapepedmpopjkmdbjnmmmfgllnfek] - C:\Users\DJG\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarm.crx [Not Found]
Task: {95A77475-5FB8-44AF-A372-57739D391671} - \Reimage Reminder No Task File <==== ATTENTION

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log Fixlog.txt please post it to your reply.
===

Download Security Check by screen317 from here
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.

If the site is busy or not available use this mirror site:
http://www.bleepingcomputer.com/download/securitycheck/

How is the computer running now?

======

#6 diggermel

diggermel
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brisbane, Australia
  • Local time:03:17 AM

Posted 22 January 2015 - 07:07 PM

Hi Nasdaq,

 

FIXLOG.txt follows

 

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-01-2015
Ran by DJG at 2015-01-23 06:45:16 Run:1
Running from C:\Users\DJG\Desktop
Loaded Profiles: DJG (Available profiles: DJG)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
 
CloseProcesses:
 
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
HKU\S-1-5-21-698509535-3964860249-3740868791-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR Extension: (Google Wallet) - C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-16]
CHR HKU\S-1-5-21-698509535-3964860249-3740868791-1000\...\Chrome\Extension: [kgdcapepedmpopjkmdbjnmmmfgllnfek] - C:\Users\DJG\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarm.crx [Not Found]
Task: {95A77475-5FB8-44AF-A372-57739D391671} - \Reimage Reminder No Task File <==== ATTENTION
 
End
*****************
 
Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => Key not found. 
"HKU\S-1-5-21-698509535-3964860249-3740868791-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
C:\Users\DJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => Moved successfully.
"HKU\S-1-5-21-698509535-3964860249-3740868791-1000\SOFTWARE\Google\Chrome\Extensions\kgdcapepedmpopjkmdbjnmmmfgllnfek" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{95A77475-5FB8-44AF-A372-57739D391671}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95A77475-5FB8-44AF-A372-57739D391671}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Reimage Reminder => Key not found. 
 
 
The system needed a reboot. 
 
==== End of Fixlog 06:45:17 ====
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
 
Checkup.txt follows
 
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 

 Results of screen317's Security Check version 0.99.95  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
  Java 64-bit 8 Update 31  
 Google Chrome (39.0.2171.99) 
 Google Chrome (40.0.2214.91) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 CheckPoint ZoneAlarm vsmon.exe  
 CheckPoint ZoneAlarm ZaPrivacyService.exe  
 CheckPoint ZoneAlarm zatray.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 0% 
````````````````````End of Log`````````````````````` 
 
 
====================================================================================
 
After this, I noticed in TASK MANAGER that 3 files,
    winlogon.exe
    csrss.exe
   RAVBg64.exe
still had no User Name or Description.
I gathered from prior research that this was an indication that these were
therefore suspect files, and the problem was thus still active  ??
Is this so ?
 
What are the items to look for to confirm the problem has been dealt with ?
 
MANY thanks
 
 
Diggermel
 
 


#7 nasdaq

nasdaq

  • Malware Response Team
  • 38,249 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:17 PM

Posted 23 January 2015 - 10:01 AM


After this, I noticed in TASK MANAGER that 3 files,
winlogon.exe
csrss.exe
RAVBg64.exe
still had no User Name or Description.


winlogon.exe
csrss.exe
RAVBg64.exe


The first two file are important Operating system files.
The other is for you Realtek High Definition Audio by Realtek Semiconductor.

Unless you have issues these files are good and should be left alone.
====

What are the items to look for to confirm the problem has been dealt with ?


I see nothing bad on your logs. You tell me what issues you are still having with this computer.
I may be able to suggest a possible fix.

#8 diggermel

diggermel
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brisbane, Australia
  • Local time:03:17 AM

Posted 24 January 2015 - 01:23 AM

Hi Nasdaq,

 

The desktop PC is at

 

http://www.bleepingcomputer.com/forums/t/564315/desktop-pc-with-csrssexe-malware-attn-nasdaq/

 

Many TNX

 

 

Diggermel






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users