Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

What a mess


  • This topic is locked This topic is locked
25 replies to this topic

#1 Smorton1951

Smorton1951

  • Members
  • 108 posts
  • OFFLINE
  •  
  • Local time:10:23 AM

Posted 01 February 2015 - 12:07 PM

A few days ago I posted about having a problem with jpeg and other files being labeled "PriceLess".  I then ignored or did not understand some advice that was given to me and I went back to an earlier clone of my OS via EaseUS To Do Backup (paid version).

 

I have had so many problems since then it seems unreal.

 

Some of them that come to mind:

 

1.  Firefox.  I get this message on a very frequent basis:  "A script on this page may be busy or it may have stopped responding.  You can stop the script now, open the script in the debugger or let the script continue.."

 

2.  I am having problems with Office 2010.  Word did not work, Outlook goes into "unresponsive" state all the time.

 

3.  I tried to reinstall FileCenter, a program I purchased some time ago.  It will not run and I get a message that  it will not work and the message will not go away.

 

4,  I get this message from time to time:  "The language DLL 'VBE7INTL.DLL'could not be found."

 

5.  There seems to be countless other issues.

 

Can someone help?

 

Thank you.

 

Smorton



BC AdBot (Login to Remove)

 


#2 Smorton1951

Smorton1951
  • Topic Starter

  • Members
  • 108 posts
  • OFFLINE
  •  
  • Local time:10:23 AM

Posted 01 February 2015 - 12:23 PM

Also, Adobe Flash crashes every few minutes.

 

Smorton



#3 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,013 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:23 AM

Posted 03 February 2015 - 11:31 AM

Hello and Welcome on board ,

my Name is Machiavelli and I will assist you with your problem.
If you booted into safe mode on your computer then print my instructions!
I'm in the 'Malware Staff Team' and will provide you with advice:

To remove Malware on a computer can be very complicated. Malware (malicious software) is able to hide and so I may not be able to find it so easily. In order to remove Malware from you Computer, you need to follow my instructions carefully. Don't be worried if you don't know what to do. just ask me! Please stay in contact with me until the problem is fixed.

Below are a few tips:
  • Removing Malware is usually very difficult.
    We need to search and analyse a lot of files. As this is done in our free time, please be patient especially if I don't answer every day!
  • Please follow these instructions
    If you don't follow the instructions your computer may crash. If you fix your PC by yourself, this can be very risky!
  • Please stay in contact with me until your problem is resolved
    As Malware may not be totally removed in one session or in one day, please stay in contact with me until the problem is resolved.
  • Please don't run any other tools without consulting with me as this can complicate finding and removing all Malware
    Don't run any tools while I'm fixing your PC. That is counter productive and again, will only complicate finding and removing all Malware!
  • Read my post completely
    If you don't do so, you may make mistakes that could result in your System crashing by your own actions!
  • My Help is completely free of charge!
    Just if you like to donate me some money you can do it and I'd appreciate it. :)
 

Please download FRST (by Farbar) from the link below and save it to your Desktop.

Download Mirror #1

If you are unsure whether you have 32-Bit or 64-Bit Windows, see here
  • Disable all anti-virus and anti-malware software to prevent them inhibiting FRST in any way. If you are unsure how to do this, see THIS.
  • Double-click FRST.exe/FRST64.exe (depending on which version you downloaded) to run it. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • When the disclaimer appears, click Yes.
  • Click Scan to start FRST.
  • When FRST finishes scanning, two logs, FRST.txt and Addition.txt will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of both of these logs into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#4 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,013 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:23 AM

Posted 07 February 2015 - 08:25 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#5 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,013 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:23 AM

Posted 10 February 2015 - 12:16 PM

User returned.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#6 Smorton1951

Smorton1951
  • Topic Starter

  • Members
  • 108 posts
  • OFFLINE
  •  
  • Local time:10:23 AM

Posted 11 February 2015 - 09:53 AM

I have attached the two text files.  It will not allow me to post them by cutting and pasting.

 

How this works.

 

Thanks

 

SM



#7 Smorton1951

Smorton1951
  • Topic Starter

  • Members
  • 108 posts
  • OFFLINE
  •  
  • Local time:10:23 AM

Posted 11 February 2015 - 09:56 AM

I could not cut and paste them, only attach them.

 

I hope this works.

 

Thank you.

 

SM

Attached Files



#8 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,013 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:23 AM

Posted 11 February 2015 - 11:10 AM

Can you please post it into your thread by splitting it up into more posts? :)

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#9 Smorton1951

Smorton1951
  • Topic Starter

  • Members
  • 108 posts
  • OFFLINE
  •  
  • Local time:10:23 AM

Posted 11 February 2015 - 01:42 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-02-2015 01
Ran by Steve's Computer (administrator) on STEVESCOMPUTER on 11-02-2015 08:44:47
Running from C:\Users\Steve's Computer\Desktop
Loaded Profiles: Steve's Computer (Available profiles: Steve's Computer & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Reflect\ReflectService.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\vds.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\Program Files (x86)\System\REMINDER.EXE
(Copernic inc.) C:\Program Files (x86)\Copernic\DesktopSearch4\Copernic.DesktopSearch.exe
(IVONA Software Sp. z o.o.) C:\Program Files (x86)\IVONA\IVONA ControlCenter\IVONA ControlCenter.exe
(PFU LIMITED) C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\SnagIt 8\SnagIt32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(PFU LIMITED) C:\Windows\SSDriver\fi5110\SsWiaChecker.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
(Lucion Technologies, LLC) C:\Program Files (x86)\FileCenter\Main\FileAgent.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\SnagIt 8\TscHelp.exe
(PFU LIMITED) C:\Program Files (x86)\PFU\ScanSnap\SSFolder\SSFolderTray.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\SnagIt 8\SnagPriv.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(FormalSoft, Inc.) C:\DJ\Djwin.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(PortableApps.com) D:\.File Center\Dailys\Dailys\ThunderbirdPortable Sbolton@arvig.net IMAP\ThunderbirdPortable.exe
(Mozilla Corporation) D:\.File Center\Dailys\Dailys\ThunderbirdPortable Sbolton@arvig.net IMAP\App\Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [3995824 2013-02-14] (Stardock Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [160256 2012-12-29] (IvoSoft)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595336 2014-10-01] (ESET)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498728 2014-12-03] (Adobe Systems Inc.)
HKLM-x32\...\Run: [ScanSnap WIA Service Checker] => C:\Windows\SSDriver\fi5110\SsWiaChecker.exe [86016 2009-09-30] (PFU LIMITED)
HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft anti-malware\a2guard.exe [4997872 2015-01-29] (Emsisoft GmbH)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [FileAgent] => C:\Program Files (x86)\FileCenter\Main\FileAgent.exe [12857928 2015-01-26] (Lucion Technologies, LLC)
HKU\S-1-5-21-3222326871-1970532402-3162339370-1000\...\Run: [Reminder] => C:\program files (x86)\System\reminder.exe [36352 1998-07-24] (Microsoft Corporation)
HKU\S-1-5-21-3222326871-1970532402-3162339370-1000\...\Run: [Copernic Desktop Search 4] => C:\Program Files (x86)\Copernic\DesktopSearch4\Copernic.DesktopSearch.exe [1553472 2013-11-04] (Copernic inc.)
HKU\S-1-5-21-3222326871-1970532402-3162339370-1000\...\Run: [IVONA ControlCenter] => C:\Program Files (x86)\IVONA\IVONA ControlCenter\IVONA ControlCenter.exe [2540408 2013-11-25] (IVONA Software Sp. z o.o.)
HKU\S-1-5-21-3222326871-1970532402-3162339370-1000\...\MountPoints2: {0e60dc1c-879c-11e2-9c1e-001fd081e753} - L:\SISetup.exe
AppInit_DLLs: C:\Windows\Jaksta\AC\x64\jaudcap.dll => C:\Windows\Jaksta\AC\x64\jaudcap.dll [311584 2014-06-09] (Jaksta Technologies Pty Ltd)
AppInit_DLLs-x32: C:\Windows\Jaksta\AC\x86\jaudcap.dll => C:\Windows\Jaksta\AC\x86\jaudcap.dll [264480 2014-06-09] (Jaksta Technologies Pty Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScanSnap Manager.lnk
ShortcutTarget: ScanSnap Manager.lnk -> C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe (PFU LIMITED)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SnagIt 8.lnk
ShortcutTarget: SnagIt 8.lnk -> C:\Program Files (x86)\TechSmith\SnagIt 8\SnagIt32.exe (TechSmith Corporation)
Startup: C:\Users\Steve's Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3222326871-1970532402-3162339370-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\SnagIt 8\DLLx64\SnagItBHO64.dll (TechSmith Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\SnagIt 8\SnagItBHO.dll (TechSmith Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\SnagIt 8\SnagItIEAddin.dll (TechSmith Corporation)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3222326871-1970532402-3162339370-1000 -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} -  No File
Toolbar: HKU\S-1-5-21-3222326871-1970532402-3162339370-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Steve's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\0gd4lkx1.default
FF DefaultSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Steve's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\0gd4lkx1.default\Extensions\artur.dubovoy@gmail.com [2015-02-09]
FF Extension: LastPass - C:\Users\Steve's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\0gd4lkx1.default\Extensions\support@lastpass.com [2015-01-29]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-07-06]

Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Users\Steve's Computer\AppData\Local\Google\Chrome\User Data\PepperFlash\11.6.602.167\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Browser\nppdf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll No File
CHR Profile: C:\Users\Steve's Computer\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Steve's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2013-07-06]
CHR Extension: (Wunderlist - To-do & Task List) - C:\Users\Steve's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjliknjliaohjgjajlgolhijphojjdkc [2013-03-07]
CHR Extension: (LastPass) - C:\Users\Steve's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2013-03-07]
CHR Extension: (Vimeo Couch Mode) - C:\Users\Steve's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjkdhkejcnlmkfdodbkdkelefnkobfif [2013-03-07]
CHR Extension: (Zoom) - C:\Users\Steve's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\lajondecmobodlejlcjllhojikagldgd [2013-03-07]
CHR Extension: (LastPass Vault) - C:\Users\Steve's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncliohomlfopnmlfkepkcbnhmeijkhhf [2013-03-07]
CHR Extension: (Readability) - C:\Users\Steve's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\oknpjjbmpnndlpmnhmekjpocelpnlfdi [2013-03-07]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-12-03]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - C:\Program Files (x86)\LastPass\lpchrome.crx [2013-03-07]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2015-01-29] (SUPERAntiSpyware.com)
R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4920104 2015-01-29] (Emsisoft GmbH)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [89864 2013-03-04] (CyberLink Corp.)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-03-04] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [294664 2013-03-04] (CyberLink)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [68168 2013-03-16] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2014-10-01] (ESET)
R2 Guard Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [23624 2013-03-16] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-13] (Microsoft Corporation)
R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [1141360 2013-11-08] (Paramount Software UK Ltd)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
R2 simptcp; C:\Windows\SysWOW64\tcpsvcs.exe [9216 2009-07-13] (Microsoft Corporation)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-13] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 42435248; C:\Windows\System32\DRIVERS\42435248.sys [460888 2013-03-08] (Kaspersky Lab ZAO)
R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2015-01-29] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [23088 2015-01-29] (Emsisoft GmbH)
S3 appliand; C:\Windows\System32\DRIVERS\appliand.sys [33888 2011-06-25] (Applian Technologies Inc.)
R3 appliandMP; C:\Windows\System32\DRIVERS\appliand.sys [33888 2011-06-25] (Applian Technologies Inc.)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-08-18] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241368 2014-08-18] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169280 2014-08-18] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [158968 2014-09-18] (ESET)
R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [58952 2013-03-16] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48200 2013-03-16] () [File not signed]
R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [18504 2013-03-16] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R1 EUFDDISK; C:\Windows\system32\drivers\EuFdDisk.sys [189000 2013-03-16] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-11] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-13] (Microsoft Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-09-25] (Marvell Semiconductor, Inc.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
R2 ntk_PowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [83704 2012-09-10] (Cyberlink Corp.)
R1 SafDskNT; C:\Windows\system32\drivers\SAFDSKNT.SYS [76112 2009-12-07] (PC Dynamics, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [1093256 2013-02-15] (Acronis)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [166024 2013-02-15] (Acronis)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-11 08:44 - 2015-02-11 08:44 - 00000000 ____D () C:\Users\Steve's Computer\Desktop\FRST-OlderVersion
2015-02-11 08:18 - 2015-02-11 08:18 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Roaming\Thunderbird
2015-02-10 23:16 - 2015-02-10 23:16 - 00000215 _____ () C:\Users\Steve's Computer\Desktop\Free Data Recovery, Backup, Partition Manager, System Utility Software for WindowsMaciOSAndroid - EaseUS.URL
2015-02-10 23:15 - 2015-02-10 23:15 - 00000453 _____ () C:\Users\Steve's Computer\Desktop\Move an offline Outlook Data File (.ost).URL
2015-02-10 23:15 - 2015-02-10 23:15 - 00000263 _____ () C:\Users\Steve's Computer\Desktop\Best Practices Review - Cooperative Efforts in Public Service Delivery.URL
2015-02-10 23:14 - 2015-02-10 23:14 - 00000235 _____ () C:\Users\Steve's Computer\Desktop\Joint Powers.URL
2015-02-10 22:13 - 2015-02-10 22:13 - 00002629 _____ () C:\Users\Steve's Computer\Desktop\Boyhood 2.wlmp
2015-02-10 22:10 - 2015-02-10 22:12 - 109730895 _____ () C:\Users\Steve's Computer\Desktop\Camera+ iPhone App Tutorial (HD).mp4
2015-02-10 22:10 - 2015-02-10 22:10 - 00000278 _____ () C:\Users\Steve's Computer\Desktop\Joint power agreements in Minnesota - Google Search.URL
2015-02-10 21:51 - 2015-02-10 21:54 - 135807122 _____ () C:\Users\Steve's Computer\Desktop\Remove Malware Infections with Farbar Recovery Scan Tool by Britec (HD).mp4
2015-02-10 20:20 - 2015-02-10 22:07 - 636563740 _____ () C:\Users\Steve's Computer\Desktop\Boyhood 1.mp4
2015-02-10 20:18 - 2015-02-10 20:18 - 00002642 _____ () C:\Users\Steve's Computer\Desktop\Boyhood 1.wlmp
2015-02-10 19:48 - 2015-02-10 19:48 - 00001389 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-02-10 19:48 - 2015-02-10 19:48 - 00001320 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-02-10 19:48 - 2015-02-10 19:48 - 00000000 ____D () C:\Windows\en
2015-02-10 19:47 - 2015-02-10 19:47 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2015-02-10 19:46 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-02-10 19:46 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-02-10 19:46 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-02-10 19:46 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-02-10 19:46 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-02-10 19:46 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-02-10 19:46 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-02-10 19:46 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-02-10 19:46 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-02-10 19:46 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-02-10 19:45 - 2015-02-10 19:45 - 00000199 _____ () C:\Windows\DirectX.log
2015-02-10 19:45 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-02-10 19:45 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-02-10 19:44 - 2015-02-10 20:15 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Local\Windows Live
2015-02-10 19:43 - 2015-02-10 19:43 - 01239752 _____ (Microsoft Corporation) C:\Users\Steve's Computer\Downloads\wlsetup-web.exe
2015-02-10 19:40 - 2015-02-10 19:40 - 00000884 _____ () C:\Users\Steve's Computer\Desktop\License Key.txt
2015-02-10 19:40 - 2015-02-10 19:40 - 00000034 _____ () C:\Users\Steve's Computer\AppData\Roaming\pcouffin.log
2015-02-10 19:39 - 2015-02-10 19:40 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Roaming\Vso
2015-02-10 19:39 - 2015-02-10 19:39 - 00099384 _____ () C:\Users\Steve's Computer\AppData\Roaming\inst.exe
2015-02-10 19:39 - 2015-02-10 19:39 - 00082816 _____ (VSO Software) C:\Windows\system32\Drivers\pcouffin.sys
2015-02-10 19:39 - 2015-02-10 19:39 - 00082816 _____ (VSO Software) C:\Users\Steve's Computer\AppData\Roaming\pcouffin.sys
2015-02-10 19:39 - 2015-02-10 19:39 - 00007859 _____ () C:\Users\Steve's Computer\AppData\Roaming\pcouffin.cat
2015-02-10 19:39 - 2015-02-10 19:39 - 00000950 _____ () C:\Users\Steve's Computer\Desktop\DVDFab 6.lnk
2015-02-10 19:39 - 2015-02-10 19:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 6
2015-02-10 19:39 - 2015-02-10 19:39 - 00000000 ____D () C:\Program Files (x86)\DVDFab 6
2015-02-10 19:12 - 2015-02-10 19:12 - 15121175 _____ () C:\Users\Steve's Computer\Desktop\How To Compress Video Files Less Than 5 Times Their Size While Keeping The Quality (Low).mp4
2015-02-10 19:09 - 2015-02-10 19:09 - 00001403 _____ () C:\Users\Steve's Computer\Desktop\outlook - Shortcut.lnk
2015-02-10 18:14 - 2015-02-03 21:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-10 18:14 - 2015-02-03 21:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-10 18:14 - 2015-02-03 21:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-10 18:14 - 2015-02-03 21:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-10 18:14 - 2015-02-03 21:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-10 18:14 - 2015-02-03 21:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-10 18:14 - 2015-02-03 21:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-10 18:14 - 2015-01-27 17:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-10 18:14 - 2015-01-13 23:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-10 18:14 - 2015-01-13 23:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-10 18:14 - 2015-01-11 21:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-10 18:14 - 2015-01-11 21:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-10 18:14 - 2015-01-11 21:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-10 18:14 - 2015-01-11 20:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-10 18:14 - 2015-01-11 20:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-10 18:14 - 2015-01-11 20:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-10 18:14 - 2015-01-11 20:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-10 18:14 - 2015-01-11 20:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-10 18:14 - 2015-01-11 20:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-10 18:14 - 2015-01-11 20:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-10 18:14 - 2015-01-11 20:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-10 18:14 - 2015-01-11 20:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-10 18:14 - 2015-01-11 20:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-10 18:14 - 2015-01-11 20:33 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-10 18:14 - 2015-01-11 20:32 - 06041088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-10 18:14 - 2015-01-11 20:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-10 18:14 - 2015-01-11 20:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-10 18:14 - 2015-01-11 20:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-10 18:14 - 2015-01-11 20:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-10 18:14 - 2015-01-11 20:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-10 18:14 - 2015-01-11 20:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-10 18:14 - 2015-01-11 20:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-10 18:14 - 2015-01-11 20:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-10 18:14 - 2015-01-11 20:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-10 18:14 - 2015-01-11 20:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-10 18:14 - 2015-01-11 20:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-10 18:14 - 2015-01-11 20:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-10 18:14 - 2015-01-11 20:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-10 18:14 - 2015-01-11 20:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-10 18:14 - 2015-01-11 19:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-10 18:14 - 2015-01-11 19:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-10 18:14 - 2015-01-11 19:55 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-10 18:14 - 2015-01-11 19:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-10 18:14 - 2015-01-11 19:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-10 18:14 - 2015-01-11 19:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-10 18:14 - 2015-01-11 19:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-10 18:14 - 2015-01-11 19:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-10 18:14 - 2015-01-11 19:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-10 18:14 - 2015-01-11 19:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-10 18:14 - 2015-01-11 19:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-10 18:14 - 2015-01-11 19:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-10 18:14 - 2015-01-11 19:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-10 18:14 - 2015-01-11 19:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-10 18:14 - 2015-01-11 19:29 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-10 18:14 - 2015-01-11 19:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-10 18:14 - 2015-01-11 19:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-10 18:14 - 2015-01-11 19:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-10 18:14 - 2015-01-11 19:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-10 18:14 - 2015-01-11 19:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-10 18:14 - 2015-01-11 19:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-10 18:14 - 2015-01-11 19:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-10 18:14 - 2015-01-11 19:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-10 18:14 - 2015-01-11 18:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-10 18:14 - 2015-01-11 18:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-10 18:14 - 2015-01-10 00:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-10 18:14 - 2015-01-10 00:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-10 18:14 - 2015-01-10 00:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-10 18:14 - 2015-01-10 00:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-10 18:14 - 2015-01-10 00:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-10 18:14 - 2015-01-10 00:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-10 18:14 - 2015-01-10 00:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-10 18:14 - 2015-01-10 00:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-10 18:14 - 2015-01-10 00:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-10 18:14 - 2015-01-10 00:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-10 18:14 - 2015-01-10 00:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-10 18:14 - 2015-01-10 00:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-10 18:14 - 2015-01-10 00:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-10 18:14 - 2015-01-10 00:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-10 18:13 - 2015-01-15 02:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-10 18:13 - 2015-01-15 02:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-10 18:13 - 2015-01-15 02:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-10 18:13 - 2015-01-15 02:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-10 18:13 - 2015-01-15 02:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-10 18:13 - 2015-01-15 02:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-10 18:13 - 2015-01-15 02:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-10 18:13 - 2015-01-15 02:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-10 18:13 - 2015-01-15 02:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-10 18:13 - 2015-01-15 02:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-10 18:13 - 2015-01-15 02:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-10 18:13 - 2015-01-15 01:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-10 18:13 - 2015-01-15 01:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-10 18:13 - 2015-01-15 01:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-10 18:13 - 2015-01-15 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-10 18:13 - 2015-01-15 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-10 18:13 - 2015-01-15 01:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-10 18:13 - 2015-01-14 22:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-10 18:13 - 2015-01-12 21:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-10 18:13 - 2015-01-12 20:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-10 18:13 - 2014-12-11 23:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-10 18:13 - 2014-12-11 23:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-10 18:13 - 2014-11-25 21:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-10 18:13 - 2014-11-25 21:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-10 18:13 - 2014-07-06 20:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-10 18:13 - 2014-07-06 20:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-10 18:13 - 2014-07-06 19:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-10 18:13 - 2014-07-06 19:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-10 18:12 - 2015-01-14 00:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-10 18:12 - 2015-01-14 00:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-10 18:12 - 2015-01-14 00:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-10 18:12 - 2015-01-14 00:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-10 18:12 - 2015-01-13 23:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-10 18:12 - 2015-01-13 23:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-10 18:12 - 2015-01-13 23:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-10 18:12 - 2015-01-08 20:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-10 18:12 - 2014-12-07 21:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-10 18:12 - 2014-12-07 20:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-10 12:46 - 2015-02-10 12:49 - 09116133 _____ () C:\Users\Steve's Computer\Desktop\A Day In The Life (Mobile).3gp
2015-02-10 12:31 - 2015-02-10 12:35 - 164279877 _____ () C:\Users\Steve's Computer\Desktop\Windows 10 Technical Preview (Jan. 2015) (HD).mp4
2015-02-10 12:02 - 2015-02-10 12:48 - 00000543 _____ () C:\Users\Steve's Computer\Desktop\Cannot start Microsoft Outlook.  Cannot open the Outlook Window..txt
2015-02-10 11:46 - 2015-02-10 11:46 - 00000333 _____ () C:\Users\Steve's Computer\Desktop\What a Mess. Please reopen - BleepingComputer.com.URL
2015-02-10 10:26 - 2015-02-10 10:26 - 00000000 ____D () C:\Users\Steve's Computer\Desktop\Pachel, Ruth
2015-02-10 09:04 - 2015-02-10 10:08 - 09418844 _____ () C:\Users\Steve's Computer\Desktop\Steve's journal.ZIP
2015-02-10 08:45 - 2015-02-10 10:25 - 00000000 ____D () C:\Users\Steve's Computer\Desktop\2015 Morocco Trip
2015-02-10 08:36 - 2015-02-10 08:36 - 00000000 ____D () C:\Users\Steve's Computer\Desktop\2-10-2015
2015-02-10 07:56 - 2015-02-11 08:45 - 00026089 _____ () C:\Users\Steve's Computer\Desktop\FRST.txt
2015-02-10 07:52 - 2015-02-11 08:44 - 02134016 _____ (Farbar) C:\Users\Steve's Computer\Desktop\FRST64.exe
2015-02-10 07:30 - 2015-02-10 07:49 - 00000000 ____D () C:\Users\Steve's Computer\Desktop\Sort File
2015-02-09 20:26 - 2015-02-09 20:27 - 00004378 _____ () C:\Windows\SysWOW64\FCAgent.ini
2015-02-09 20:26 - 2015-02-09 20:26 - 00001171 _____ () C:\Users\Public\Desktop\FileCenter.lnk
2015-02-09 20:26 - 2015-02-09 20:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileCenter
2015-02-09 20:26 - 2015-02-09 20:26 - 00000000 ____D () C:\Program Files (x86)\FileCenter
2015-02-09 20:26 - 2015-01-26 08:06 - 01116232 _____ () C:\Windows\SysWOW64\FCAgent32.dll
2015-02-01 14:23 - 2015-02-01 14:23 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Local\GlassWire
2015-02-01 14:22 - 2015-02-01 14:22 - 00000000 ____D () C:\ProgramData\GlassWire
2015-02-01 12:34 - 2015-02-11 03:24 - 00011812 _____ () C:\Windows\PFRO.log
2015-02-01 11:32 - 2015-02-01 11:32 - 09414675 _____ () C:\Steve's journal.ZIP
2015-01-31 20:17 - 2015-01-31 20:17 - 00000000 ____D () C:\ProgramData\Emsisoft
2015-01-31 20:10 - 2015-02-11 03:25 - 00000852 _____ () C:\Windows\setupact.log
2015-01-31 20:10 - 2015-01-31 20:10 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-31 17:28 - 2015-01-31 17:28 - 00000837 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-01-31 17:28 - 2015-01-31 17:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-01-30 23:14 - 2015-02-10 23:12 - 00000711 _____ () C:\Users\Steve's Computer\Desktop\1.txt
2015-01-30 22:05 - 2015-01-30 22:13 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Local\Thunderbird
2015-01-30 21:27 - 2015-01-30 21:27 - 00000664 _____ () C:\Users\Steve's Computer\Desktop\BOYHOOD - Shortcut.lnk
2015-01-30 20:16 - 2015-01-30 20:16 - 00367392 _____ () C:\Users\Steve's Computer\Desktop\▶ Travel to Russia Winter in Moscow - YouTube -.mpg
2015-01-30 20:12 - 2015-01-30 20:12 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Roaming\WMBrowser
2015-01-30 20:12 - 2015-01-30 20:12 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Roaming\Replay Video Capture 7
2015-01-30 16:16 - 2015-01-30 16:18 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Roaming\Apple Computer
2015-01-30 16:16 - 2015-01-30 16:16 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Local\Apple Computer
2015-01-30 16:16 - 2015-01-30 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-01-30 16:16 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2015-01-30 16:15 - 2015-01-30 16:16 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-30 16:15 - 2015-01-30 16:16 - 00000000 ____D () C:\Program Files\iTunes
2015-01-30 16:15 - 2015-01-30 16:15 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-01-30 16:15 - 2015-01-30 16:15 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Local\Apple
2015-01-30 16:15 - 2015-01-30 16:15 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-01-30 16:15 - 2015-01-30 16:15 - 00000000 ____D () C:\Program Files\iPod
2015-01-30 16:15 - 2015-01-30 16:15 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-01-30 16:15 - 2015-01-30 16:15 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-01-30 16:14 - 2015-01-30 16:15 - 00000000 ____D () C:\ProgramData\Apple
2015-01-30 16:14 - 2015-01-30 16:15 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-30 16:14 - 2015-01-30 16:14 - 00000000 ____D () C:\Program Files\Bonjour
2015-01-30 16:14 - 2015-01-30 16:14 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-01-30 15:31 - 2015-01-30 15:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2015-01-30 15:31 - 2015-01-30 15:31 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2015-01-30 15:28 - 2015-01-30 20:16 - 00000000 ____D () C:\Program Files (x86)\Replay Video Capture 7
2015-01-30 15:28 - 2015-01-30 15:28 - 00000000 ____D () C:\Windows\Replay Video Capture 7
2015-01-30 15:28 - 2015-01-30 15:28 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applian Technologies
2015-01-30 15:27 - 2015-01-30 15:27 - 00000000 ____D () C:\Windows\Jaksta
2015-01-30 08:40 - 2015-01-30 08:40 - 00000000 ____D () C:\Windows\Minidump
2015-01-30 01:43 - 2015-01-30 01:43 - 00004096 ___SH () C:\{77F4C2BF-7582-4931-9A6F-61CB1A5614F6}.CBM
2015-01-30 00:58 - 2015-01-30 00:58 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-01-30 00:33 - 2015-01-30 00:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SafeHouse Explorer
2015-01-30 00:33 - 2009-12-07 16:06 - 00076112 _____ (PC Dynamics, Inc.) C:\Windows\system32\Drivers\SAFDSKNT.SYS
2015-01-30 00:32 - 2015-01-30 00:33 - 00000000 ____D () C:\Program Files (x86)\SafeHouse Explorer
2015-01-30 00:32 - 2015-01-30 00:32 - 00000000 ____D () C:\SafeHouse
2015-01-29 23:57 - 2015-01-29 23:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IVONA
2015-01-29 23:57 - 2015-01-29 23:57 - 00002150 _____ () C:\Users\Public\Desktop\IVONA MiniReader.lnk
2015-01-29 23:57 - 2015-01-29 23:57 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Roaming\IVONA ControlCenter
2015-01-29 23:56 - 2015-01-29 23:58 - 00000000 ____D () C:\Program Files (x86)\IVONA
2015-01-29 23:56 - 2015-01-29 23:56 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Local\IVONA_INST
2015-01-29 23:53 - 2015-01-29 23:53 - 00000972 _____ () C:\Users\Steve's Computer\Desktop\Balabolka.lnk
2015-01-29 23:53 - 2015-01-29 23:53 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Balabolka
2015-01-29 23:53 - 2015-01-29 23:53 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Roaming\Balabolka
2015-01-29 23:53 - 2015-01-29 23:53 - 00000000 ____D () C:\Program Files (x86)\Balabolka
2015-01-29 22:53 - 2015-01-29 22:53 - 02194432 _____ () C:\Users\Steve's Computer\Desktop\AdwCleaner.exe
2015-01-29 14:42 - 2014-12-05 22:17 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\tlntsess.exe
2015-01-29 14:42 - 2012-05-31 23:39 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2015-01-29 14:42 - 2012-05-31 23:36 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2015-01-29 14:42 - 2012-05-31 23:36 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2015-01-29 14:42 - 2012-05-31 23:35 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2015-01-29 14:42 - 2012-05-31 23:34 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2015-01-29 14:42 - 2012-05-31 23:33 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2015-01-29 14:42 - 2012-05-31 22:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2015-01-29 14:42 - 2012-05-31 22:37 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2015-01-29 14:42 - 2012-05-31 22:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2015-01-29 14:42 - 2012-05-31 22:35 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2015-01-29 14:42 - 2012-05-31 22:35 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2015-01-29 14:42 - 2012-05-31 22:34 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2015-01-29 14:30 - 2015-01-30 14:37 - 00000000 ____D () C:\AdwCleaner
2015-01-29 12:49 - 2015-02-01 15:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-01-29 12:49 - 2015-01-31 14:39 - 00003021 _____ () C:\Users\Steve's Computer\Desktop\Microsoft Word 2010.lnk
2015-01-29 12:49 - 2015-01-31 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2015-01-29 12:47 - 2015-02-10 19:48 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-01-29 12:47 - 2015-01-29 12:47 - 00000000 ____D () C:\Windows\PCHEALTH
2015-01-29 12:47 - 2015-01-29 12:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2015-01-29 12:47 - 2015-01-29 12:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Sync Framework
2015-01-29 12:44 - 2015-01-29 12:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2015-01-29 12:44 - 2015-01-29 12:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2015-01-29 12:43 - 2015-01-29 12:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-01-29 12:41 - 2015-01-29 12:41 - 00000000 __RHD () C:\MSOCache
2015-01-29 12:16 - 2015-01-29 12:16 - 00000862 _____ () C:\Windows\system32\termcap
2015-01-29 12:16 - 2015-01-29 12:16 - 00000000 ____D () C:\Windows\SysWOW64\BestPractices
2015-01-29 12:16 - 2015-01-29 12:16 - 00000000 ____D () C:\Windows\system32\msmq
2015-01-29 12:16 - 2015-01-29 12:16 - 00000000 ____D () C:\Windows\system32\BestPractices
2015-01-29 12:16 - 2015-01-29 12:16 - 00000000 ____D () C:\inetpub
2015-01-29 10:50 - 2015-01-29 10:50 - 00000017 _____ () C:\Users\Steve's Computer\AppData\Local\resmon.resmoncfg
2015-01-29 10:50 - 2015-01-29 10:50 - 00000000 __SHD () C:\Users\Steve's Computer\AppData\Local\EmieUserList
2015-01-29 10:50 - 2015-01-29 10:50 - 00000000 __SHD () C:\Users\Steve's Computer\AppData\Local\EmieSiteList
2015-01-29 10:50 - 2015-01-29 10:50 - 00000000 __SHD () C:\Users\Steve's Computer\AppData\Local\EmieBrowserModeList
2015-01-29 10:31 - 2015-01-29 10:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-01-29 10:31 - 2009-10-16 00:00 - 00132560 _____ (Seiko Epson Corporation) C:\Windows\system32\esdevapp.exe
2015-01-29 10:31 - 2009-10-16 00:00 - 00013824 _____ (Seiko Epson Corporation) C:\Windows\system32\esxcdev.dll
2015-01-29 10:31 - 2009-03-13 00:00 - 00230912 _____ (Seiko Epson Corp.) C:\Windows\system32\esxuin7c.dll
2015-01-29 10:31 - 2009-03-13 00:00 - 00221184 _____ (Seiko Epson Corp.) C:\Windows\SysWOW64\esint7c.dll
2015-01-29 10:31 - 2009-03-13 00:00 - 00065793 _____ () C:\Windows\system32\esfw7c.bin
2015-01-29 10:31 - 2007-11-29 00:00 - 00084992 _____ (SEIKO EPSON CORP.) C:\Windows\system32\esxwia7c.dll
2015-01-29 10:31 - 2006-03-10 00:00 - 00004608 _____ (SEIKO EPSON CORP.) C:\Windows\system32\esxwiaml.dll
2015-01-29 09:21 - 2014-07-08 20:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-01-29 09:21 - 2014-07-08 20:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-01-29 09:21 - 2014-07-08 20:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-01-29 09:21 - 2014-07-08 20:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-01-29 09:21 - 2014-07-08 20:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-01-29 09:21 - 2014-07-08 19:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-01-29 09:21 - 2014-07-08 19:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-01-29 09:21 - 2014-07-08 19:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-01-29 09:21 - 2014-07-08 19:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-01-29 09:21 - 2014-07-08 19:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-01-29 09:21 - 2014-07-08 16:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2015-01-29 09:21 - 2014-07-08 16:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2015-01-29 08:47 - 2015-02-11 08:44 - 00000000 ____D () C:\FRST
2015-01-29 04:27 - 2015-02-11 03:22 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-01-29 04:27 - 2015-02-11 03:22 - 00000000 ____D () C:\Windows\system32\appraiser
2015-01-29 03:27 - 2015-02-11 08:08 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-29 03:26 - 2015-01-29 03:26 - 00001121 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-29 03:26 - 2015-01-29 03:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-29 03:26 - 2015-01-29 03:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-29 03:26 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-29 03:24 - 2014-10-17 20:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-01-29 03:24 - 2014-10-17 19:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-01-29 03:24 - 2014-07-06 20:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-01-29 03:24 - 2014-07-06 20:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-01-29 03:24 - 2014-07-06 20:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-01-29 03:24 - 2014-07-06 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-01-29 03:24 - 2014-07-06 19:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-01-29 03:24 - 2014-07-06 19:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-01-29 03:24 - 2014-07-06 19:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-01-29 03:24 - 2014-07-06 19:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-01-29 03:08 - 2014-06-26 20:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-01-29 03:08 - 2014-06-26 19:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-01-29 03:00 - 2014-06-30 16:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-01-29 03:00 - 2014-06-30 16:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-01-29 03:00 - 2014-06-06 00:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-01-29 03:00 - 2014-06-06 00:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-01-29 03:00 - 2014-03-09 15:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-01-29 03:00 - 2014-03-09 15:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-01-29 03:00 - 2014-03-09 15:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-01-29 03:00 - 2014-03-09 15:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-01-29 01:21 - 2015-01-29 01:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-01-29 01:21 - 2015-01-29 01:21 - 00000000 ____D () C:\ProgramData\ESET
2015-01-29 01:21 - 2015-01-29 01:21 - 00000000 ____D () C:\Program Files\ESET
2015-01-29 00:52 - 2015-01-29 00:52 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-29 00:52 - 2015-01-29 00:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-29 00:52 - 2015-01-29 00:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-29 00:11 - 2014-08-01 05:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-01-29 00:11 - 2014-08-01 05:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-01-29 00:11 - 2014-04-24 20:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-01-29 00:11 - 2014-04-24 20:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-01-29 00:11 - 2014-01-27 20:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-01-29 00:10 - 2014-12-18 21:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-29 00:10 - 2014-12-11 11:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-29 00:10 - 2014-12-05 22:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-29 00:10 - 2014-12-05 21:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-29 00:10 - 2014-12-05 21:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-29 00:10 - 2014-10-13 20:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-01-29 00:10 - 2014-06-23 21:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-01-29 00:10 - 2014-06-23 20:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-01-29 00:10 - 2014-06-18 16:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-01-29 00:10 - 2014-06-18 16:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-01-29 00:10 - 2014-06-18 16:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-01-29 00:10 - 2014-06-18 16:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-01-29 00:10 - 2014-06-18 16:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-01-29 00:10 - 2014-06-18 16:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-01-29 00:10 - 2014-04-04 20:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-01-29 00:10 - 2014-04-04 20:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-01-29 00:10 - 2014-03-26 08:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-01-29 00:10 - 2014-03-26 08:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-01-29 00:10 - 2014-03-26 08:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-01-29 00:10 - 2014-03-26 08:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-01-29 00:10 - 2014-01-28 20:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-29 00:10 - 2014-01-28 20:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-29 00:09 - 2014-12-18 19:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-29 00:09 - 2014-11-10 21:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-01-29 00:09 - 2014-11-10 20:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-01-29 00:09 - 2014-11-10 19:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-01-29 00:09 - 2014-10-02 20:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-29 00:09 - 2014-10-02 20:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-29 00:09 - 2014-10-02 20:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-29 00:09 - 2014-10-02 20:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-29 00:09 - 2014-10-02 20:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-29 00:09 - 2014-10-02 19:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-01-29 00:09 - 2014-10-02 19:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-01-29 00:09 - 2014-10-02 19:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-01-29 00:09 - 2014-09-24 20:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-01-29 00:09 - 2014-09-24 19:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-01-29 00:09 - 2014-08-21 00:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-01-29 00:09 - 2014-08-21 00:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-01-29 00:09 - 2014-08-21 00:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-01-29 00:09 - 2014-08-21 00:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-01-29 00:09 - 2014-08-11 20:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-01-29 00:09 - 2014-08-11 19:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-01-29 00:09 - 2014-06-17 20:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-01-29 00:09 - 2014-06-17 19:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-01-29 00:09 - 2014-06-15 20:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-01-29 00:09 - 2014-06-06 04:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-01-29 00:09 - 2014-06-06 03:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-01-29 00:09 - 2014-05-30 00:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-01-29 00:09 - 2014-03-04 03:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-01-29 00:09 - 2014-03-04 03:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-01-29 00:09 - 2014-03-04 03:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-01-29 00:09 - 2014-03-04 03:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-01-29 00:09 - 2014-03-04 03:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-01-29 00:09 - 2014-03-04 03:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-01-29 00:09 - 2014-03-04 03:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-01-29 00:09 - 2014-03-04 03:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-01-29 00:09 - 2014-03-04 03:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2015-01-29 00:09 - 2014-03-04 03:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2015-01-29 00:09 - 2014-03-04 03:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2015-01-29 00:09 - 2014-03-04 03:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2015-01-29 00:09 - 2014-03-04 03:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2015-01-29 00:09 - 2014-03-04 03:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2015-01-29 00:09 - 2014-03-04 03:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2015-01-29 00:09 - 2014-03-04 03:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-01-29 00:09 - 2014-02-03 20:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-01-29 00:09 - 2014-02-03 20:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-01-29 00:09 - 2014-02-03 20:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-01-29 00:09 - 2014-02-03 20:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2015-01-29 00:09 - 2014-02-03 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2015-01-29 00:08 - 2014-11-07 21:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-01-29 00:08 - 2014-11-07 20:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-01-29 00:08 - 2014-10-29 20:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-01-29 00:08 - 2014-10-29 19:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-01-29 00:08 - 2014-10-24 19:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-01-29 00:08 - 2014-10-24 19:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-01-29 00:08 - 2014-10-02 20:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-01-29 00:08 - 2014-10-02 20:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-01-29 00:08 - 2014-10-02 20:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-01-29 00:08 - 2014-10-02 20:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-01-29 00:08 - 2014-10-02 20:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-01-29 00:08 - 2014-10-02 19:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-01-29 00:08 - 2014-10-02 19:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-01-29 00:08 - 2014-10-02 19:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-01-29 00:08 - 2014-10-02 19:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-01-29 00:08 - 2014-10-02 19:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-01-29 00:08 - 2014-09-03 23:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-01-29 00:08 - 2014-09-03 23:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-01-29 00:08 - 2014-08-28 20:07 - 05780480 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-01-29 00:08 - 2014-08-28 20:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-01-29 00:08 - 2014-08-28 20:07 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-01-29 00:08 - 2014-08-28 20:07 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-01-29 00:08 - 2014-08-28 20:06 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-01-29 00:08 - 2014-08-28 19:44 - 04922368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-01-29 00:08 - 2014-08-28 19:44 - 01050112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-01-29 00:08 - 2014-08-28 19:44 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-01-29 00:08 - 2014-08-28 19:44 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-01-29 00:08 - 2014-06-24 20:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-01-29 00:08 - 2014-06-24 19:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-01-29 00:08 - 2014-05-08 03:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-01-29 00:07 - 2014-10-13 20:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-01-29 00:07 - 2014-10-13 19:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-01-29 00:07 - 2014-07-16 20:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-01-29 00:07 - 2014-07-16 20:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-01-29 00:07 - 2014-07-16 20:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-01-29 00:07 - 2014-07-16 19:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-01-29 00:07 - 2014-07-16 19:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-01-29 00:07 - 2014-07-16 19:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-01-29 00:07 - 2014-06-03 04:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-01-29 00:07 - 2014-06-03 04:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-01-29 00:07 - 2014-06-03 04:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-01-29 00:07 - 2014-06-03 03:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-01-29 00:07 - 2014-06-03 03:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-01-29 00:07 - 2014-03-04 03:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-01-29 00:07 - 2014-03-04 03:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-01-29 00:07 - 2014-03-04 03:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-01-29 00:07 - 2014-03-04 03:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-01-29 00:07 - 2014-03-04 03:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-01-29 00:07 - 2014-03-04 03:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-01-29 00:07 - 2014-03-04 03:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-01-29 00:07 - 2014-03-04 03:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-01-29 00:07 - 2014-03-04 03:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-01-29 00:07 - 2014-03-04 02:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-01-29 00:07 - 2014-03-04 02:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-01-29 00:07 - 2014-01-23 20:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-01-29 00:06 - 2014-08-22 20:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-01-29 00:06 - 2014-08-22 19:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-01-29 00:06 - 2014-07-13 20:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-01-29 00:06 - 2014-07-13 19:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-01-28 23:22 - 2014-05-14 10:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-01-28 23:22 - 2014-05-14 10:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-01-28 23:22 - 2014-05-14 10:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-01-28 23:22 - 2014-05-14 10:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-01-28 23:22 - 2014-05-14 10:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-01-28 23:22 - 2014-05-14 10:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-01-28 23:22 - 2014-05-14 10:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-01-28 23:22 - 2014-05-14 10:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-01-28 23:22 - 2014-05-14 10:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-01-28 23:22 - 2014-05-14 10:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-01-28 23:22 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-01-28 23:22 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-01-28 23:22 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-01-28 23:22 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-11 08:18 - 2014-02-24 23:46 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2015-02-11 08:09 - 2013-07-05 22:53 - 00000000 ____D () C:\ProgramData\FileCenter
2015-02-11 07:47 - 2013-07-05 23:39 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-11 04:15 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache
2015-02-11 03:49 - 2013-02-15 20:11 - 01249002 _____ () C:\Windows\WindowsUpdate.log
2015-02-11 03:31 - 2009-07-13 22:45 - 00020496 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-11 03:31 - 2009-07-13 22:45 - 00020496 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-11 03:30 - 2009-07-13 23:13 - 00007626 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-11 03:25 - 2013-02-15 20:24 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-11 03:25 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-11 03:24 - 2009-07-13 22:45 - 05034304 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-11 03:19 - 2013-07-06 12:37 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-11 03:18 - 2013-02-15 20:35 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-11 03:18 - 2009-07-13 20:34 - 00000478 _____ () C:\Windows\win.ini
2015-02-11 03:13 - 2013-11-18 00:45 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 03:03 - 2013-03-08 07:39 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-10 22:11 - 2013-02-15 21:16 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Roaming\vlc
2015-02-10 21:50 - 2013-03-07 21:32 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Local\CutePDF Writer
2015-02-10 19:47 - 2009-07-13 21:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-02-10 18:49 - 2013-02-15 21:01 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Local\Adobe
2015-02-10 13:00 - 2013-07-05 23:13 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-02-10 12:59 - 2013-03-08 08:31 - 00000000 ___RD () C:\Users\Steve's Computer\Desktop\Shortcuts
2015-02-10 07:40 - 2013-06-30 09:22 - 00000000 ___RD () C:\Users\Steve's Computer\Desktop\Bookmarks
2015-02-09 20:27 - 2013-07-05 22:55 - 00004378 _____ () C:\Windows\system32\FCAgent.ini
2015-02-09 15:47 - 2013-07-05 23:39 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-09 15:47 - 2013-02-15 21:40 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-09 15:47 - 2013-02-15 21:40 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-01 08:47 - 2013-02-15 20:19 - 00110080 _____ () C:\Users\Steve's Computer\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-31 19:44 - 2013-02-15 22:03 - 00000000 ____D () C:\Windows\Panther
2015-01-31 17:28 - 2013-03-08 07:48 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-31 14:53 - 2013-02-15 20:35 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Local\Microsoft Help
2015-01-31 14:38 - 2011-04-12 02:28 - 00000000 ____D () C:\Windows\ShellNew
2015-01-31 14:37 - 2009-07-13 23:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-01-31 00:22 - 2013-02-15 20:58 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-30 20:14 - 2013-07-06 12:45 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Local\Applian
2015-01-30 18:46 - 2014-02-25 13:18 - 00000000 ____D () C:\Program Files (x86)\Applian Director 3
2015-01-30 15:30 - 2013-07-06 12:40 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Local\Replay Media Catcher 5
2015-01-30 15:27 - 2013-07-06 12:40 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Roaming\Replay Media Catcher 5
2015-01-30 15:27 - 2013-07-06 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applian Technologies
2015-01-30 15:27 - 2013-07-06 12:39 - 00000000 ____D () C:\Program Files (x86)\Applian Technologies
2015-01-30 15:26 - 2014-02-25 13:18 - 00002072 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Applian Director.lnk
2015-01-30 15:26 - 2014-02-25 13:18 - 00000000 ____D () C:\Windows\Applian Director
2015-01-30 09:58 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-01-30 08:40 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\SysWOW64\inetsrv
2015-01-30 08:40 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\inetsrv
2015-01-30 01:35 - 2013-02-15 22:58 - 00488960 ___SH () C:\EUMONBMP.SYS
2015-01-29 12:44 - 2013-02-15 20:35 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-01-29 12:22 - 2013-02-15 20:12 - 00001432 _____ () C:\Users\Steve's Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-29 12:17 - 2013-07-06 12:42 - 00007330 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-29 10:49 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\registration
2015-01-29 10:38 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-01-29 10:31 - 2013-03-07 21:27 - 00000000 ____D () C:\Program Files (x86)\epson
2015-01-29 08:36 - 2013-03-08 01:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2015-01-29 07:58 - 2013-07-06 00:50 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2015-01-29 07:58 - 2013-07-06 00:50 - 00002225 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2015-01-29 07:58 - 2013-07-06 00:50 - 00002064 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2015-01-29 04:32 - 2009-07-13 21:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-29 04:27 - 2011-04-12 02:28 - 00000000 ____D () C:\Program Files\Windows Journal
2015-01-29 04:27 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-01-29 04:27 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-01-29 04:27 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\AppCompat
2015-01-29 03:26 - 2013-03-07 22:53 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Roaming\Malwarebytes
2015-01-29 03:26 - 2013-03-07 22:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-29 03:20 - 2013-02-15 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-01-29 03:19 - 2013-02-15 21:32 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-01-29 03:19 - 2013-02-15 21:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-01-29 01:18 - 2013-02-15 20:25 - 00001945 _____ () C:\Windows\epplauncher.mif
2015-01-29 00:52 - 2013-02-15 21:17 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Roaming\Mozilla
2015-01-29 00:46 - 2013-03-08 00:21 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amicus
2015-01-29 00:08 - 2013-02-15 22:27 - 00000000 ____D () C:\DJ
2015-01-26 08:06 - 2013-07-05 22:55 - 01797192 _____ () C:\Windows\system32\FCAgent64.dll

==================== Files in the root of some directories =======

1998-07-24 23:00 - 1998-07-24 23:00 - 0016686 _____ () C:\Program Files (x86)\EULA.TXT
1998-07-24 23:00 - 1998-07-24 23:00 - 0013312 _____ (Microsoft Corporation) C:\Program Files (x86)\MSMONEY.EXE
1998-07-24 23:00 - 1998-07-24 23:00 - 0000166 _____ () C:\Program Files (x86)\PUBKEY
1998-07-24 23:00 - 1998-07-24 23:00 - 0023271 _____ () C:\Program Files (x86)\README.TXT
1998-07-24 23:00 - 1998-07-24 23:00 - 2410496 _____ () C:\Program Files (x86)\SAMPLE.MNY
2013-03-07 22:16 - 2013-03-07 22:16 - 14823424 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2015-02-10 19:39 - 2015-02-10 19:39 - 0099384 _____ () C:\Users\Steve's Computer\AppData\Roaming\inst.exe
2015-02-10 19:39 - 2015-02-10 19:39 - 0007859 _____ () C:\Users\Steve's Computer\AppData\Roaming\pcouffin.cat
2015-02-10 19:39 - 2015-02-10 19:39 - 0001167 _____ () C:\Users\Steve's Computer\AppData\Roaming\pcouffin.inf
2015-02-10 19:40 - 2015-02-10 19:40 - 0000034 _____ () C:\Users\Steve's Computer\AppData\Roaming\pcouffin.log
2015-02-10 19:39 - 2015-02-10 19:39 - 0082816 _____ (VSO Software) C:\Users\Steve's Computer\AppData\Roaming\pcouffin.sys
2013-07-06 18:11 - 2013-07-06 18:11 - 0000218 _____ () C:\Users\Steve's Computer\AppData\Local\recently-used.xbel
2015-01-29 10:50 - 2015-01-29 10:50 - 0000017 _____ () C:\Users\Steve's Computer\AppData\Local\resmon.resmoncfg

Some content of TEMP:
====================
C:\Users\Steve's Computer\AppData\Local\Temp\install_flashplayer16x32_mssd_aaa_aih.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-09 18:46

==================== End Of Log ============================


#10 Smorton1951

Smorton1951
  • Topic Starter

  • Members
  • 108 posts
  • OFFLINE
  •  
  • Local time:10:23 AM

Posted 11 February 2015 - 01:44 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-02-2015 01
Ran by Steve's Computer at 2015-02-11 08:45:27
Running from C:\Users\Steve's Computer\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Emsisoft Anti-Malware (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY FineReader for ScanSnap (TM) 3.0 (HKLM-x32\...\{FB250000-0001-0000-0000-074957833700}) (Version: 8.00.553.50218 - ABBYY Software House)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.10 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.2090 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 4.4 64-bit (HKLM\...\{11A955CD-4398-405A-886D-E464C3618FBF}) (Version: 4.4.1 - Adobe)
Amicus Attorney 2008 SFE (HKLM-x32\...\AmicusSFEAttorney) (Version:  - )
Apple Application Support (32-bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Applian Director 3 (HKLM-x32\...\Applian Director3.01) (Version: 3.01 - Applian Technologies Inc.)
Balabolka (HKLM-x32\...\Balabolka) (Version: 2.10.0.577 - Ilya Morozov)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Classic Shell (HKLM\...\{CB00799C-0E4F-4FD1-A046-BD24321BCDFF}) (Version: 3.6.5 - IvoSoft)
Copernic Desktop Search 4 (HKLM-x32\...\CopernicDesktopSearch4) (Version: 4.0.2.1105 - Copernic Inc.)
Copernic Desktop Search 4 (x32 Version: 4.0.2.1105 - Copernic Inc.) Hidden
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  3.0 - CutePDF.com)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.2625.57 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DVDFab 6.1.2.5 (27/10/2009) (HKLM-x32\...\DVDFab 6_is1) (Version:  - Fengtao Software Inc.)
EaseUS Todo Backup Home 5.8 (HKLM-x32\...\EaseUS Todo Backup Home 5.8_is1) (Version: 5.8 - CHENGDU YIWO Tech Development Co., Ltd)
Emsisoft Anti-Malware (HKLM-x32\...\{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1) (Version: 8.1 - Emsisoft GmbH)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
ESET NOD32 Antivirus (HKLM\...\{7F39EB28-B9B7-41B8-8564-DB33284A010D}) (Version: 8.0.304.0 - ESET, spol s r. o.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FairCom Crystal Driver (HKLM-x32\...\{1698B560-DB7C-11D2-BAAA-00207814ABF0}) (Version:  - )
Fences 2 (HKLM-x32\...\Fences 2) (Version: 2.09 - Stardock Software, Inc.)
FileCenter 8.0.0.40 (HKLM-x32\...\{8BC914BF-F80D-47D9-BD1E-809EB6A7C23C}_is1) (Version: 8.0.0.40 - Lucion Technologies, LLC)
Gentibus CD 1.51 (HKLM-x32\...\Gentibus CD_is1) (Version: 1.51 - Luc DI FELICE)
HP Deskjet 1000 J110 series Basic Device Software (HKLM\...\{883B114D-BD3E-498F-9DAD-5E4A8E1C43BA}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 1000 J110 series Help (HKLM-x32\...\{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}) (Version: 140.0.65.65 - Hewlett Packard)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version:  - )
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3781 - HP Photo Creations Powered by RocketLife)
iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.)
IVONA 2 (HKLM-x32\...\IVONA 2) (Version: 1.6.63 - IVONA Software Sp. z o.o.)
IVONA ControlCenter (HKLM-x32\...\IVONA ControlCenter) (Version: 1.1.10 - IVONA Software Sp. z o.o.)
IVONA MiniReader (HKLM-x32\...\IVONA MiniReader) (Version:  - IVONA Software Sp. z o.o.)
LastPass(uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 5.2 - Paramount Software (UK) Ltd.)
Macrium Reflect Free Edition (Version: 5.2.6433 - Paramount Software (UK) Ltd.) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft FrontPage 2002 (HKLM-x32\...\{90170409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Money 99 (HKLM-x32\...\MSMONEYV70) (Version:  - )
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
Mozilla Thunderbird (2.0.0.24) (HKLM-x32\...\Mozilla Thunderbird (2.0.0.24)) (Version: 2.0.0.24 (en-US) - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Graphics Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Replay Media Catcher 4 (4.4.5) (HKLM-x32\...\Replay Media Catcher 4) (Version: 4.4.5 - Applian Technologies)
Replay Media Catcher 5 (5.0.1.54) (HKLM-x32\...\Replay Media Catcher 5) (Version: 5.0.1.54 - Applian Technologies)
Replay Video Capture 7 (HKLM-x32\...\Replay Video Capture7.4) (Version: 7.4 - Applian Technologies Inc.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SafeHouse Explorer 3.01 (HKLM-x32\...\SafeHouseExplorer) (Version: 3.01.00.1 - PC Dynamics, Inc.)
ScanSnap Manager (HKLM-x32\...\{DBCDB997-EEEB-4BE9-BAFF-26B4094DBDE6}) (Version: V6.0L10 - PFU)
ScanSnap Manager (x32 Version: 6.0.10.49.54.0 - PFU) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SnagIt 8 (HKLM-x32\...\{B6F0BE9B-41D7-45A2-9A76-D3DB1A89EC6A}) (Version: 8.2.2 - TechSmith Corporation)
Sp5 (x32 Version: 5.1.4324.0 - Microsoft) Hidden
Sp5Intl (x32 Version: 5.1.4324.0 - Microsoft) Hidden
Sp5TTInt (x32 Version: 5.1.4324.0 - Microsoft) Hidden
SpCommon (x32 Version: 5.1.4324.0 - Microsoft) Hidden
SpPhones (x32 Version: 6.0.3122.0 - Microsoft) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1020 - SUPERAntiSpyware.com)
True Image 2013 (HKLM-x32\...\{3288AAFA-652E-4359-803C-A55EFF4DC01A}Visible) (Version: 16.0.5020 - Acronis)
True Image 2013 (x32 Version: 16.0.5020 - Acronis) Hidden
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
Wunderlist (HKLM-x32\...\{1ca68332-4ba1-4943-9010-eaa1aa45b492}) (Version: 2.3.0.31 - 6 Wunderkinder GmbH)
Wunderlist (x32 Version: 2.3.0.31 - 6 Wunderkinder GmbH) Hidden
xplorer² Ultimate 64 bit (HKLM\...\xplorer2p64_u) (Version: 3.0.0.1 - Zabkat)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

09-02-2015 14:47:27 Windows Update
10-02-2015 06:49:54 Revo Uninstaller's restore point - GlassWire 1.0 (remove only)
10-02-2015 06:57:14 Revo Uninstaller's restore point - Bing Bar
10-02-2015 19:39:46 Device Driver Package Install: VSO Software
10-02-2015 19:44:35 Windows Live Essentials
10-02-2015 19:45:02 Installed DirectX
10-02-2015 19:45:49 Installed DirectX
10-02-2015 19:46:15 Installed DirectX
10-02-2015 19:47:17 WLSetup
11-02-2015 03:00:30 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0E986FD2-33B6-4B18-A413-D7BC002D3B30} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-09] (Adobe Systems Incorporated)
Task: {1FFC1D12-C865-4F9A-BC5F-03749C7691A3} - System32\Tasks\{360A31AE-2C56-48A7-8865-D0D0008F251D} => pcalua.exe -a "C:\ScanSnap downloaded on 12-3 -2012\Manager\ScanSnap\setup.exe" -d "C:\ScanSnap downloaded on 12-3 -2012\Manager\ScanSnap"
Task: {2CB8C7DA-AD56-47F6-A416-AFF059E4B6D7} - System32\Tasks\{F9999CDD-6FB1-4C21-ABCF-F120150F821D} => pcalua.exe -a "D:\My old Outlook Express email -ThunderbirdPortable IMPORTANT\ThunderbirdPortable.exe" -d "D:\My old Outlook Express email -ThunderbirdPortable IMPORTANT"
Task: {C20AC2BA-D70C-4A1D-9786-DC235F5871FD} - System32\Tasks\AdobeAAMUpdater-1.0-StevesComputer-Steve's Computer => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {CF3D5267-474B-46C0-AB6E-EF487BB793CD} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {E31AE6EF-81BB-40F4-A587-1A1631EE4166} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) ==============

2013-02-15 21:26 - 2012-10-04 18:49 - 00087152 _____ () C:\Windows\System32\cpwmon64.dll
2013-03-07 22:33 - 2012-08-31 15:03 - 00288768 _____ () C:\Windows\System32\HP1100LM.DLL
2013-03-07 22:33 - 2012-08-31 15:02 - 00074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-02-15 20:23 - 2013-01-18 09:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-07-06 22:24 - 2013-03-16 11:36 - 00098888 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2013-07-06 22:24 - 2013-03-16 11:36 - 00029768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2013-07-06 22:25 - 2008-11-25 16:18 - 01291264 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2013-07-06 22:25 - 2004-10-05 02:08 - 00055808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2013-07-06 22:25 - 2013-03-16 11:36 - 00050248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2013-07-06 22:24 - 2013-03-16 11:36 - 00090696 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2013-07-06 22:24 - 2013-03-16 11:36 - 00293960 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExchBackupSize.dll
2013-07-06 22:24 - 2013-03-16 11:36 - 00578632 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2013-07-06 22:24 - 2013-03-16 11:36 - 00468040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExchBackupSizeEx.dll
2013-07-06 22:24 - 2013-03-16 11:36 - 00192072 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll
2013-07-06 22:24 - 2013-03-16 11:36 - 00068680 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2013-07-06 22:25 - 2013-03-16 11:36 - 00069192 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2013-07-06 22:24 - 2013-03-16 11:36 - 00022088 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2013-07-06 22:25 - 2013-03-16 11:36 - 00115784 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2013-07-06 22:24 - 2013-03-16 11:36 - 00192584 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll
2013-07-06 22:24 - 2013-03-16 11:36 - 00135752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2013-07-06 22:24 - 2013-03-16 11:36 - 00037960 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2013-07-06 22:24 - 2013-03-16 11:36 - 00096840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBFireWall.dll
2012-08-02 21:35 - 2012-08-02 21:35 - 00435584 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-11-04 15:36 - 2013-11-04 15:36 - 01563200 _____ () C:\Program Files (x86)\Copernic\DesktopSearch4\Copernic.System.RT.dll
2014-02-24 22:28 - 2012-09-04 15:09 - 00421888 _____ () C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsConfig.dll
2014-02-24 22:28 - 2012-09-05 11:25 - 00241664 _____ () C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsExtention.dll
2014-02-24 22:28 - 2003-03-26 18:46 - 00135168 _____ () C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsImgIO.dll
2014-02-24 22:28 - 2011-12-06 14:00 - 00897024 _____ () C:\Program Files (x86)\PFU\ScanSnap\Driver\P2IDIGCROP.dll
2014-02-24 22:29 - 2010-08-24 16:56 - 00167936 _____ () C:\Program Files (x86)\PFU\ScanSnap\Driver\SSsltsa.dll
2013-02-15 22:27 - 1998-02-25 21:13 - 00392192 _____ () C:\DJ\C4dll.dll
2015-01-29 00:52 - 2015-01-23 04:37 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-01-29 00:56 - 2015-01-29 00:56 - 01020928 _____ () C:\Users\Steve's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\0gd4lkx1.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll
2015-02-09 15:47 - 2015-02-09 15:47 - 16852144 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-12-21 00:04 - 2013-12-21 00:04 - 03989888 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\PDFMaker\Common\AdobePDFMakerX.dll
2013-02-14 15:46 - 2013-02-14 15:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2015-02-11 08:18 - 2015-02-11 08:18 - 00008704 _____ () C:\Users\Steve's Computer\AppData\Local\Temp\nsj8DD.tmp\newadvsplash.dll
2015-02-11 08:18 - 2015-02-11 08:18 - 00011264 _____ () C:\Users\Steve's Computer\AppData\Local\Temp\nsj8DD.tmp\System.dll
2015-02-11 08:18 - 2015-02-11 08:18 - 00029696 _____ () C:\Users\Steve's Computer\AppData\Local\Temp\nsj8DD.tmp\registry.dll
2015-01-16 17:45 - 2015-01-14 14:30 - 03347056 _____ () D:\.File Center\Dailys\Dailys\ThunderbirdPortable Sbolton@arvig.net IMAP\App\thunderbird\mozjs.dll
2015-01-16 17:45 - 2015-01-14 14:30 - 00158832 _____ () D:\.File Center\Dailys\Dailys\ThunderbirdPortable Sbolton@arvig.net IMAP\App\thunderbird\NSLDAP32V60.dll
2015-01-16 17:45 - 2015-01-14 14:30 - 00023152 _____ () D:\.File Center\Dailys\Dailys\ThunderbirdPortable Sbolton@arvig.net IMAP\App\thunderbird\NSLDAPPR32V60.dll
2012-08-02 22:04 - 2012-08-02 22:04 - 00019840 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3222326871-1970532402-3162339370-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: AdobeBridge => 
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: EaseUs Tray => "C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe"
MSCONFIG\startupreg: EaseUs Watch => "C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: PowerDVD12Agent => "C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe"
MSCONFIG\startupreg: Wunderlist => "C:\Program Files (x86)\Wunderlist2\Wunderlist.exe" /silent

==================== Accounts: =============================

Administrator (S-1-5-21-3222326871-1970532402-3162339370-500 - Administrator - Disabled)
Guest (S-1-5-21-3222326871-1970532402-3162339370-501 - Limited - Disabled)
Steve's Computer (S-1-5-21-3222326871-1970532402-3162339370-1000 - Administrator - Enabled) => C:\Users\Steve's Computer
UpdatusUser (S-1-5-21-3222326871-1970532402-3162339370-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/11/2015 03:30:19 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (02/11/2015 03:30:19 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (02/11/2015 03:25:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/11/2015 00:06:12 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/10/2015 11:28:28 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (02/10/2015 11:28:28 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (02/10/2015 11:25:54 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (02/10/2015 11:25:54 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (02/10/2015 11:24:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/10/2015 08:38:15 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.


System errors:
=============
Error: (02/11/2015 03:28:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069

Error: (02/11/2015 03:28:14 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (02/11/2015 03:25:58 AM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (02/11/2015 03:25:50 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Emsisoft Anti-Malware 8.0 - Service service hung on starting.

Error: (02/11/2015 03:03:48 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (02/11/2015 03:03:26 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (02/11/2015 03:02:01 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (02/11/2015 03:01:57 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (02/11/2015 02:54:10 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (02/11/2015 02:53:56 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.


Microsoft Office Sessions:
=========================
Error: (02/11/2015 03:30:19 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (02/11/2015 03:30:19 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (02/11/2015 03:25:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/11/2015 00:06:12 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (02/10/2015 11:28:28 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (02/10/2015 11:28:28 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (02/10/2015 11:25:54 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (02/10/2015 11:25:54 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (02/10/2015 11:24:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/10/2015 08:38:15 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Quad CPU Q9550 @ 2.83GHz
Percentage of memory in use: 33%
Total physical RAM: 8190.3 MB
Available physical RAM: 5416.23 MB
Total Pagefile: 16378.8 MB
Available Pagefile: 12898.48 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (System Reserved) (Fixed) (Total:119.14 GB) (Free:56.5 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Steve' 2TB Drive) (Fixed) (Total:1863.01 GB) (Free:267.98 GB) NTFS
Drive e: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Law Office - Acronis) (Fixed) (Total:931.41 GB) (Free:176.99 GB) NTFS
Drive g: (Seagate Expansion Drive) (Fixed) (Total:931.51 GB) (Free:562.24 GB) NTFS
Drive i: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive j: (128GB) (Fixed) (Total:119.22 GB) (Free:109.36 GB) FAT32
Drive k: (Back Up 003, 4-20-2014) (Fixed) (Total:931.51 GB) (Free:580.39 GB) NTFS
Drive l: (Seagate Backup Plus Drive) (Fixed) (Total:1397.26 GB) (Free:1342.37 GB) NTFS
Drive m: () (Removable) (Total:29.7 GB) (Free:26.88 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: FA2FFAC1)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 34890FA4)
Partition 1: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 0075F92F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 29.7 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 4 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 000F1F52)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

========================================================
Disk: 5 (Size: 931.5 GB) (Disk ID: 1390FB70)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 6 (Size: 931.5 GB) (Disk ID: 6CA5A301)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 7 (Size: 119.3 GB) (Disk ID: D9115ECF)
Partition 1: (Not Active) - (Size=119.2 GB) - (Type=0C)

========================================================
Disk: 8 (MBR Code: Windows XP) (Size: 1397.3 GB) (Disk ID: 99EAAB2F)
Partition 1: (Active) - (Size=1397.3 GB) - (Type=07 NTFS)

==================== End Of Log ============================


#11 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,013 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:23 AM

Posted 11 February 2015 - 02:24 PM

Hey, :)

Step 1: Adwarecleaner

Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

Download Mirror #1
  • Right-click on AdwCleaner.exe and select Run as administrator. (If you have Windows XP the just run it)
  • Click Scan and let the scan run.
  • When it finishes, click Clean, following the on screen prompts
  • After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.
Note: The log can also be found in here: C:\AdwCleaner\

Step 2: Malwarebytes

Please download Malwarebytes Anti-Malware to your desktop Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings.JPG

Go back to the Dashboard and select Scan Now

MBAMScan.JPG

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot.JPG

MBAMLog.JPG

On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop
Post that log

Step 3: Junkware Removal Tool

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 4: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#12 Smorton1951

Smorton1951
  • Topic Starter

  • Members
  • 108 posts
  • OFFLINE
  •  
  • Local time:10:23 AM

Posted 11 February 2015 - 10:04 PM

# AdwCleaner v4.110 - Logfile created 11/02/2015 at 19:03:37
# Updated 05/02/2015 by Xplode
# Database : 2015-02-09.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Steve's Computer - STEVESCOMPUTER
# Running from : C:\Users\Steve's Computer\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17631


-\\ Mozilla Firefox v35.0.1 (x86 en-US)


-\\ Google Chrome v

*************************

AdwCleaner[R1].txt - [1019 bytes] - [29/01/2015 14:30:23]
AdwCleaner[R2].txt - [925 bytes] - [30/01/2015 14:35:23]
AdwCleaner[R3].txt - [890 bytes] - [11/02/2015 19:03:37]
AdwCleaner[S1].txt - [1040 bytes] - [29/01/2015 14:33:41]
AdwCleaner[S2].txt - [985 bytes] - [30/01/2015 14:37:40]

########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [1065 bytes] ##########



#13 Smorton1951

Smorton1951
  • Topic Starter

  • Members
  • 108 posts
  • OFFLINE
  •  
  • Local time:10:23 AM

Posted 11 February 2015 - 10:07 PM

Malwarebytes Anti-Malware
www.malwarebytes.org


Protection, 2/11/2015 3:26:10 AM, SYSTEM, STEVESCOMPUTER, Protection, Malware Protection, Starting, 
Protection, 2/11/2015 3:26:10 AM, SYSTEM, STEVESCOMPUTER, Protection, Malware Protection, Started, 
Protection, 2/11/2015 3:26:10 AM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Starting, 
Protection, 2/11/2015 3:26:15 AM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Started, 
Update, 2/11/2015 8:53:24 AM, SYSTEM, STEVESCOMPUTER, Scheduler, Malware Database, 2015.2.11.2, 2015.2.11.4, 
Protection, 2/11/2015 8:53:24 AM, SYSTEM, STEVESCOMPUTER, Protection, Refresh, Starting, 
Protection, 2/11/2015 8:53:24 AM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Stopping, 
Protection, 2/11/2015 8:53:24 AM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Stopped, 
Protection, 2/11/2015 8:53:31 AM, SYSTEM, STEVESCOMPUTER, Protection, Refresh, Success, 
Protection, 2/11/2015 8:53:32 AM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Starting, 
Protection, 2/11/2015 8:53:32 AM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Started, 
Update, 2/11/2015 9:55:18 AM, SYSTEM, STEVESCOMPUTER, Scheduler, Malware Database, 2015.2.11.4, 2015.2.11.5, 
Protection, 2/11/2015 9:55:18 AM, SYSTEM, STEVESCOMPUTER, Protection, Refresh, Starting, 
Protection, 2/11/2015 9:55:18 AM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Stopping, 
Protection, 2/11/2015 9:55:18 AM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Stopped, 
Protection, 2/11/2015 9:55:26 AM, SYSTEM, STEVESCOMPUTER, Protection, Refresh, Success, 
Protection, 2/11/2015 9:55:26 AM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Starting, 
Protection, 2/11/2015 9:55:27 AM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Started, 
Update, 2/11/2015 12:40:00 PM, SYSTEM, STEVESCOMPUTER, Scheduler, Malware Database, 2015.2.11.5, 2015.2.11.6, 
Protection, 2/11/2015 12:40:00 PM, SYSTEM, STEVESCOMPUTER, Protection, Refresh, Starting, 
Protection, 2/11/2015 12:40:00 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Stopping, 
Protection, 2/11/2015 12:40:00 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Stopped, 
Protection, 2/11/2015 12:40:08 PM, SYSTEM, STEVESCOMPUTER, Protection, Refresh, Success, 
Protection, 2/11/2015 12:40:08 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Starting, 
Protection, 2/11/2015 12:40:08 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Started, 
Update, 2/11/2015 1:38:47 PM, SYSTEM, STEVESCOMPUTER, Scheduler, Malware Database, 2015.2.11.6, 2015.2.11.7, 
Protection, 2/11/2015 1:38:47 PM, SYSTEM, STEVESCOMPUTER, Protection, Refresh, Starting, 
Protection, 2/11/2015 1:38:47 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Stopping, 
Protection, 2/11/2015 1:38:47 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Stopped, 
Protection, 2/11/2015 1:38:55 PM, SYSTEM, STEVESCOMPUTER, Protection, Refresh, Success, 
Protection, 2/11/2015 1:38:55 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Starting, 
Protection, 2/11/2015 1:38:55 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Started, 
Update, 2/11/2015 3:44:31 PM, SYSTEM, STEVESCOMPUTER, Scheduler, Malware Database, 2015.2.11.7, 2015.2.11.8, 
Protection, 2/11/2015 3:44:31 PM, SYSTEM, STEVESCOMPUTER, Protection, Refresh, Starting, 
Protection, 2/11/2015 3:44:31 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Stopping, 
Protection, 2/11/2015 3:44:31 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Stopped, 
Protection, 2/11/2015 3:44:39 PM, SYSTEM, STEVESCOMPUTER, Protection, Refresh, Success, 
Protection, 2/11/2015 3:44:39 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Starting, 
Protection, 2/11/2015 3:44:39 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Started, 
Update, 2/11/2015 4:43:52 PM, SYSTEM, STEVESCOMPUTER, Scheduler, Malware Database, 2015.2.11.8, 2015.2.11.9, 
Protection, 2/11/2015 4:43:52 PM, SYSTEM, STEVESCOMPUTER, Protection, Refresh, Starting, 
Protection, 2/11/2015 4:43:52 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Stopping, 
Protection, 2/11/2015 4:43:52 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Stopped, 
Protection, 2/11/2015 4:44:00 PM, SYSTEM, STEVESCOMPUTER, Protection, Refresh, Success, 
Protection, 2/11/2015 4:44:00 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Starting, 
Protection, 2/11/2015 4:44:00 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Started, 
Protection, 2/11/2015 6:59:05 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Stopping, 
Protection, 2/11/2015 6:59:05 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Stopped, 
Protection, 2/11/2015 6:59:05 PM, SYSTEM, STEVESCOMPUTER, Protection, Malware Protection, Stopping, 
Protection, 2/11/2015 6:59:05 PM, SYSTEM, STEVESCOMPUTER, Protection, Malware Protection, Stopped, 
Protection, 2/11/2015 7:02:58 PM, SYSTEM, STEVESCOMPUTER, Protection, Malware Protection, Starting, 
Protection, 2/11/2015 7:02:58 PM, SYSTEM, STEVESCOMPUTER, Protection, Malware Protection, Started, 
Protection, 2/11/2015 7:02:58 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Starting, 
Protection, 2/11/2015 7:02:59 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Started, 
Update, 2/11/2015 7:03:03 PM, SYSTEM, STEVESCOMPUTER, Manual, Remediation Database, 2013.10.16.1, 2014.12.6.1, 
Protection, 2/11/2015 7:14:16 PM, SYSTEM, STEVESCOMPUTER, Protection, Malware Protection, Starting, 
Protection, 2/11/2015 7:14:16 PM, SYSTEM, STEVESCOMPUTER, Protection, Malware Protection, Started, 
Protection, 2/11/2015 7:14:16 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Starting, 
Protection, 2/11/2015 7:15:21 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Started, 
Update, 2/11/2015 7:16:05 PM, SYSTEM, STEVESCOMPUTER, Manual, Malware Database, 2014.11.20.6, 2015.2.11.9, 
Protection, 2/11/2015 7:16:05 PM, SYSTEM, STEVESCOMPUTER, Protection, Refresh, Starting, 
Protection, 2/11/2015 7:16:05 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Stopping, 
Protection, 2/11/2015 7:16:05 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Stopped, 
Protection, 2/11/2015 7:16:11 PM, SYSTEM, STEVESCOMPUTER, Protection, Refresh, Success, 
Protection, 2/11/2015 7:16:11 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Starting, 
Protection, 2/11/2015 7:16:11 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Started, 
Scan, 2/11/2015 7:17:21 PM, SYSTEM, STEVESCOMPUTER, Manual, Duration:0 min 0 sec, Threat Scan, Failed, 0 Malware Detections, 0 Non-Malware Detections, 
Update, 2/11/2015 7:46:15 PM, SYSTEM, STEVESCOMPUTER, Scheduler, Remediation Database, 0.0.0.0, 2014.12.6.1, 
Update, 2/11/2015 7:46:15 PM, SYSTEM, STEVESCOMPUTER, Scheduler, Rootkit Database, 0.0.0.0, 2015.2.3.1, 
Update, 2/11/2015 7:46:29 PM, SYSTEM, STEVESCOMPUTER, Scheduler, Malware Database, 0.0.0.0, 2015.2.11.9, 
Protection, 2/11/2015 7:46:29 PM, SYSTEM, STEVESCOMPUTER, Protection, Refresh, Starting, 
Protection, 2/11/2015 7:46:29 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Stopping, 
Protection, 2/11/2015 7:46:29 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Stopped, 
Protection, 2/11/2015 7:46:35 PM, SYSTEM, STEVESCOMPUTER, Protection, Refresh, Success, 
Protection, 2/11/2015 7:46:35 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Starting, 
Protection, 2/11/2015 7:46:35 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Started, 
Scan, 2/11/2015 7:48:58 PM, SYSTEM, STEVESCOMPUTER, Manual, Start:2/11/2015 7:46:30 PM, Duration:2 min 27 sec, Hyper Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections, 
Protection, 2/11/2015 8:00:38 PM, SYSTEM, STEVESCOMPUTER, Protection, Malware Protection, Stopping, 
Protection, 2/11/2015 8:00:38 PM, SYSTEM, STEVESCOMPUTER, Protection, Malware Protection, Stopped, 
Protection, 2/11/2015 8:00:43 PM, SYSTEM, STEVESCOMPUTER, Protection, Malware Protection, Starting, 
Protection, 2/11/2015 8:00:43 PM, SYSTEM, STEVESCOMPUTER, Protection, Malware Protection, Started, 
Scan, 2/11/2015 8:17:14 PM, SYSTEM, STEVESCOMPUTER, Manual, Start:2/11/2015 8:07:47 PM, Duration:9 min 26 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections, 
Protection, 2/11/2015 8:18:45 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Stopping, 
Protection, 2/11/2015 8:18:45 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Stopped, 
Protection, 2/11/2015 8:18:45 PM, SYSTEM, STEVESCOMPUTER, Protection, Malware Protection, Stopping, 
Protection, 2/11/2015 8:18:47 PM, SYSTEM, STEVESCOMPUTER, Protection, Malware Protection, Stopped, 
Protection, 2/11/2015 9:05:41 PM, SYSTEM, STEVESCOMPUTER, Protection, Malware Protection, Starting, 
Protection, 2/11/2015 9:05:41 PM, SYSTEM, STEVESCOMPUTER, Protection, Malware Protection, Started, 
Protection, 2/11/2015 9:05:41 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Starting, 
Protection, 2/11/2015 9:05:41 PM, SYSTEM, STEVESCOMPUTER, Protection, Malicious Website Protection, Started, 

(end)


#14 Smorton1951

Smorton1951
  • Topic Starter

  • Members
  • 108 posts
  • OFFLINE
  •  
  • Local time:10:23 AM

Posted 11 February 2015 - 10:10 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Home Premium x64
Ran by Steve's Computer on Wed 02/11/2015 at 20:20:29.05
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 02/11/2015 at 20:34:30.06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#15 Smorton1951

Smorton1951
  • Topic Starter

  • Members
  • 108 posts
  • OFFLINE
  •  
  • Local time:10:23 AM

Posted 11 February 2015 - 10:12 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-02-2015 01
Ran by Steve's Computer (administrator) on STEVESCOMPUTER on 11-02-2015 21:00:47
Running from C:\Users\Steve's Computer\Desktop
Loaded Profiles: Steve's Computer (Available profiles: Steve's Computer & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Reflect\ReflectService.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\Program Files (x86)\System\REMINDER.EXE
(Copernic inc.) C:\Program Files (x86)\Copernic\DesktopSearch4\Copernic.DesktopSearch.exe
(IVONA Software Sp. z o.o.) C:\Program Files (x86)\IVONA\IVONA ControlCenter\IVONA ControlCenter.exe
(PFU LIMITED) C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\SnagIt 8\SnagIt32.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(PFU LIMITED) C:\Windows\SSDriver\fi5110\SsWiaChecker.exe
(Lucion Technologies, LLC) C:\Program Files (x86)\FileCenter\Main\FileAgent.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\SnagIt 8\TscHelp.exe
(PFU LIMITED) C:\Program Files (x86)\PFU\ScanSnap\SSFolder\SSFolderTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\SnagIt 8\SnagPriv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
(Lucion Technologies, LLC) C:\Program Files (x86)\FileCenter\Main\FileCenter.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(FormalSoft, Inc.) C:\DJ\Djwin.exe
Failed to access process -> dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [3995824 2013-02-14] (Stardock Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [160256 2012-12-29] (IvoSoft)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595336 2014-10-01] (ESET)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498728 2014-12-03] (Adobe Systems Inc.)
HKLM-x32\...\Run: [ScanSnap WIA Service Checker] => C:\Windows\SSDriver\fi5110\SsWiaChecker.exe [86016 2009-09-30] (PFU LIMITED)
HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft anti-malware\a2guard.exe [4997872 2015-01-29] (Emsisoft GmbH)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [FileAgent] => C:\Program Files (x86)\FileCenter\Main\FileAgent.exe [12857928 2015-01-26] (Lucion Technologies, LLC)
HKU\S-1-5-21-3222326871-1970532402-3162339370-1000\...\Run: [Reminder] => C:\program files (x86)\System\reminder.exe [36352 1998-07-24] (Microsoft Corporation)
HKU\S-1-5-21-3222326871-1970532402-3162339370-1000\...\Run: [Copernic Desktop Search 4] => C:\Program Files (x86)\Copernic\DesktopSearch4\Copernic.DesktopSearch.exe [1553472 2013-11-04] (Copernic inc.)
HKU\S-1-5-21-3222326871-1970532402-3162339370-1000\...\Run: [IVONA ControlCenter] => C:\Program Files (x86)\IVONA\IVONA ControlCenter\IVONA ControlCenter.exe [2540408 2013-11-25] (IVONA Software Sp. z o.o.)
HKU\S-1-5-21-3222326871-1970532402-3162339370-1000\...\MountPoints2: {0e60dc1c-879c-11e2-9c1e-001fd081e753} - L:\SISetup.exe
AppInit_DLLs: C:\Windows\Jaksta\AC\x64\jaudcap.dll => C:\Windows\Jaksta\AC\x64\jaudcap.dll [311584 2014-06-09] (Jaksta Technologies Pty Ltd)
AppInit_DLLs-x32: C:\Windows\Jaksta\AC\x86\jaudcap.dll => C:\Windows\Jaksta\AC\x86\jaudcap.dll [264480 2014-06-09] (Jaksta Technologies Pty Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScanSnap Manager.lnk
ShortcutTarget: ScanSnap Manager.lnk -> C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe (PFU LIMITED)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SnagIt 8.lnk
ShortcutTarget: SnagIt 8.lnk -> C:\Program Files (x86)\TechSmith\SnagIt 8\SnagIt32.exe (TechSmith Corporation)
Startup: C:\Users\Steve's Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3222326871-1970532402-3162339370-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\SnagIt 8\DLLx64\SnagItBHO64.dll (TechSmith Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\SnagIt 8\SnagItBHO.dll (TechSmith Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\SnagIt 8\SnagItIEAddin.dll (TechSmith Corporation)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3222326871-1970532402-3162339370-1000 -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} -  No File
Toolbar: HKU\S-1-5-21-3222326871-1970532402-3162339370-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Steve's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\0gd4lkx1.default
FF DefaultSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Steve's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\0gd4lkx1.default\Extensions\artur.dubovoy@gmail.com [2015-02-09]
FF Extension: LastPass - C:\Users\Steve's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\0gd4lkx1.default\Extensions\support@lastpass.com [2015-01-29]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-07-06]

Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Users\Steve's Computer\AppData\Local\Google\Chrome\User Data\PepperFlash\11.6.602.167\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Browser\nppdf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll No File
CHR Profile: C:\Users\Steve's Computer\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Steve's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2013-07-06]
CHR Extension: (Wunderlist - To-do & Task List) - C:\Users\Steve's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjliknjliaohjgjajlgolhijphojjdkc [2013-03-07]
CHR Extension: (LastPass) - C:\Users\Steve's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2013-03-07]
CHR Extension: (Vimeo Couch Mode) - C:\Users\Steve's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjkdhkejcnlmkfdodbkdkelefnkobfif [2013-03-07]
CHR Extension: (Zoom) - C:\Users\Steve's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\lajondecmobodlejlcjllhojikagldgd [2013-03-07]
CHR Extension: (LastPass Vault) - C:\Users\Steve's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncliohomlfopnmlfkepkcbnhmeijkhhf [2013-03-07]
CHR Extension: (Readability) - C:\Users\Steve's Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\oknpjjbmpnndlpmnhmekjpocelpnlfdi [2013-03-07]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-12-03]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - C:\Program Files (x86)\LastPass\lpchrome.crx [2013-03-07]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2015-01-29] (SUPERAntiSpyware.com)
R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4920104 2015-01-29] (Emsisoft GmbH)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [89864 2013-03-04] (CyberLink Corp.)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-03-04] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [294664 2013-03-04] (CyberLink)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [68168 2013-03-16] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2014-10-01] (ESET)
R2 Guard Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [23624 2013-03-16] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-13] (Microsoft Corporation)
R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [1141360 2013-11-08] (Paramount Software UK Ltd)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
R2 simptcp; C:\Windows\SysWOW64\tcpsvcs.exe [9216 2009-07-13] (Microsoft Corporation)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-13] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 42435248; C:\Windows\System32\DRIVERS\42435248.sys [460888 2013-03-08] (Kaspersky Lab ZAO)
R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2015-01-29] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [23088 2015-01-29] (Emsisoft GmbH)
S3 appliand; C:\Windows\System32\DRIVERS\appliand.sys [33888 2011-06-25] (Applian Technologies Inc.)
R3 appliandMP; C:\Windows\System32\DRIVERS\appliand.sys [33888 2011-06-25] (Applian Technologies Inc.)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-08-18] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241368 2014-08-18] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169280 2014-08-18] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [158968 2014-09-18] (ESET)
R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [58952 2013-03-16] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48200 2013-03-16] () [File not signed]
R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [18504 2013-03-16] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R1 EUFDDISK; C:\Windows\system32\drivers\EuFdDisk.sys [189000 2013-03-16] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-13] (Microsoft Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-09-25] (Marvell Semiconductor, Inc.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
R2 ntk_PowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [83704 2012-09-10] (Cyberlink Corp.)
R1 SafDskNT; C:\Windows\system32\drivers\SAFDSKNT.SYS [76112 2009-12-07] (PC Dynamics, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [1093256 2013-02-15] (Acronis)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [166024 2013-02-15] (Acronis)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-11 21:00 - 2015-02-11 21:00 - 00025163 _____ () C:\Users\Steve's Computer\Desktop\FRST.txt
2015-02-11 20:34 - 2015-02-11 20:34 - 00000644 _____ () C:\Users\Steve's Computer\Desktop\JRT.txt
2015-02-11 20:17 - 2015-02-11 20:17 - 01388274 _____ (Thisisu) C:\Users\Steve's Computer\Desktop\JRT.exe
2015-02-11 19:09 - 2015-02-11 19:09 - 00001144 _____ () C:\Users\Steve's Computer\Desktop\AdwCleaner[R3].txt
2015-02-11 19:02 - 2015-02-11 19:46 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-11 19:02 - 2015-02-11 19:02 - 00001121 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-11 19:02 - 2015-02-11 19:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-11 19:02 - 2015-02-11 19:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-11 19:02 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-11 19:02 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-11 19:02 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-11 18:56 - 2015-02-11 18:56 - 00000367 _____ () C:\Users\Steve's Computer\Desktop\Watch the Online Video Course Understanding Financial Ratios.URL
2015-02-11 18:56 - 2015-02-11 18:56 - 00000253 _____ () C:\Users\Steve's Computer\Desktop\What a mess - Virus, Trojan, Spyware, and Malware Removal Logs.URL
2015-02-11 18:54 - 2015-02-11 18:55 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Steve's Computer\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-11 18:53 - 2015-02-11 18:53 - 02112512 _____ () C:\Users\Steve's Computer\Desktop\AdwCleaner.exe
2015-02-11 16:12 - 2015-02-11 16:13 - 00000000 ____D () C:\Users\Steve's Computer\Desktop\Lindow cases
2015-02-11 10:20 - 2015-02-11 10:20 - 00003271 _____ () C:\Users\Steve's Computer\Desktop\Minnesota Statute Section 471.59 provides.txt
2015-02-11 08:44 - 2015-02-11 08:44 - 00000000 ____D () C:\Users\Steve's Computer\Desktop\FRST-OlderVersion
2015-02-10 23:16 - 2015-02-10 23:16 - 00000215 _____ () C:\Users\Steve's Computer\Desktop\Free Data Recovery, Backup, Partition Manager, System Utility Software for WindowsMaciOSAndroid - EaseUS.URL
2015-02-10 23:15 - 2015-02-10 23:15 - 00000453 _____ () C:\Users\Steve's Computer\Desktop\Move an offline Outlook Data File (.ost).URL
2015-02-10 23:15 - 2015-02-10 23:15 - 00000263 _____ () C:\Users\Steve's Computer\Desktop\Best Practices Review - Cooperative Efforts in Public Service Delivery.URL
2015-02-10 23:14 - 2015-02-10 23:14 - 00000235 _____ () C:\Users\Steve's Computer\Desktop\Joint Powers.URL
2015-02-10 22:13 - 2015-02-10 22:13 - 00002629 _____ () C:\Users\Steve's Computer\Desktop\Boyhood 2.wlmp
2015-02-10 22:10 - 2015-02-10 22:12 - 109730895 _____ () C:\Users\Steve's Computer\Desktop\Camera+ iPhone App Tutorial (HD).mp4
2015-02-10 22:10 - 2015-02-10 22:10 - 00000278 _____ () C:\Users\Steve's Computer\Desktop\Joint power agreements in Minnesota - Google Search.URL
2015-02-10 21:51 - 2015-02-10 21:54 - 135807122 _____ () C:\Users\Steve's Computer\Desktop\Remove Malware Infections with Farbar Recovery Scan Tool by Britec (HD).mp4
2015-02-10 20:20 - 2015-02-10 22:07 - 636563740 _____ () C:\Users\Steve's Computer\Desktop\Boyhood 1.mp4
2015-02-10 20:18 - 2015-02-10 20:18 - 00002642 _____ () C:\Users\Steve's Computer\Desktop\Boyhood 1.wlmp
2015-02-10 19:48 - 2015-02-10 19:48 - 00001389 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-02-10 19:48 - 2015-02-10 19:48 - 00001320 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-02-10 19:48 - 2015-02-10 19:48 - 00000000 ____D () C:\Windows\en
2015-02-10 19:47 - 2015-02-10 19:47 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2015-02-10 19:46 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-02-10 19:46 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-02-10 19:46 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-02-10 19:46 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-02-10 19:46 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-02-10 19:46 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-02-10 19:46 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-02-10 19:46 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-02-10 19:46 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-02-10 19:46 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-02-10 19:45 - 2015-02-10 19:45 - 00000199 _____ () C:\Windows\DirectX.log
2015-02-10 19:45 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-02-10 19:45 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-02-10 19:44 - 2015-02-10 20:15 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Local\Windows Live
2015-02-10 19:43 - 2015-02-10 19:43 - 01239752 _____ (Microsoft Corporation) C:\Users\Steve's Computer\Downloads\wlsetup-web.exe
2015-02-10 19:40 - 2015-02-10 19:40 - 00000884 _____ () C:\Users\Steve's Computer\Desktop\License Key.txt
2015-02-10 19:40 - 2015-02-10 19:40 - 00000034 _____ () C:\Users\Steve's Computer\AppData\Roaming\pcouffin.log
2015-02-10 19:39 - 2015-02-10 19:40 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Roaming\Vso
2015-02-10 19:39 - 2015-02-10 19:39 - 00099384 _____ () C:\Users\Steve's Computer\AppData\Roaming\inst.exe
2015-02-10 19:39 - 2015-02-10 19:39 - 00082816 _____ (VSO Software) C:\Windows\system32\Drivers\pcouffin.sys
2015-02-10 19:39 - 2015-02-10 19:39 - 00082816 _____ (VSO Software) C:\Users\Steve's Computer\AppData\Roaming\pcouffin.sys
2015-02-10 19:39 - 2015-02-10 19:39 - 00007859 _____ () C:\Users\Steve's Computer\AppData\Roaming\pcouffin.cat
2015-02-10 19:39 - 2015-02-10 19:39 - 00000950 _____ () C:\Users\Steve's Computer\Desktop\DVDFab 6.lnk
2015-02-10 19:39 - 2015-02-10 19:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 6
2015-02-10 19:39 - 2015-02-10 19:39 - 00000000 ____D () C:\Program Files (x86)\DVDFab 6
2015-02-10 19:12 - 2015-02-10 19:12 - 15121175 _____ () C:\Users\Steve's Computer\Desktop\How To Compress Video Files Less Than 5 Times Their Size While Keeping The Quality (Low).mp4
2015-02-10 19:09 - 2015-02-10 19:09 - 00001403 _____ () C:\Users\Steve's Computer\Desktop\outlook - Shortcut.lnk
2015-02-10 18:14 - 2015-02-03 21:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-10 18:14 - 2015-02-03 21:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-10 18:14 - 2015-02-03 21:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-10 18:14 - 2015-02-03 21:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-10 18:14 - 2015-02-03 21:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-10 18:14 - 2015-02-03 21:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-10 18:14 - 2015-02-03 21:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-10 18:14 - 2015-01-27 17:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-10 18:14 - 2015-01-13 23:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-10 18:14 - 2015-01-13 23:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-10 18:14 - 2015-01-11 21:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-10 18:14 - 2015-01-11 21:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-10 18:14 - 2015-01-11 21:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-10 18:14 - 2015-01-11 20:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-10 18:14 - 2015-01-11 20:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-10 18:14 - 2015-01-11 20:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-10 18:14 - 2015-01-11 20:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-10 18:14 - 2015-01-11 20:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-10 18:14 - 2015-01-11 20:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-10 18:14 - 2015-01-11 20:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-10 18:14 - 2015-01-11 20:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-10 18:14 - 2015-01-11 20:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-10 18:14 - 2015-01-11 20:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-10 18:14 - 2015-01-11 20:33 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-10 18:14 - 2015-01-11 20:32 - 06041088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-10 18:14 - 2015-01-11 20:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-10 18:14 - 2015-01-11 20:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-10 18:14 - 2015-01-11 20:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-10 18:14 - 2015-01-11 20:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-10 18:14 - 2015-01-11 20:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-10 18:14 - 2015-01-11 20:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-10 18:14 - 2015-01-11 20:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-10 18:14 - 2015-01-11 20:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-10 18:14 - 2015-01-11 20:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-10 18:14 - 2015-01-11 20:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-10 18:14 - 2015-01-11 20:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-10 18:14 - 2015-01-11 20:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-10 18:14 - 2015-01-11 20:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-10 18:14 - 2015-01-11 20:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-10 18:14 - 2015-01-11 19:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-10 18:14 - 2015-01-11 19:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-10 18:14 - 2015-01-11 19:55 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-10 18:14 - 2015-01-11 19:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-10 18:14 - 2015-01-11 19:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-10 18:14 - 2015-01-11 19:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-10 18:14 - 2015-01-11 19:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-10 18:14 - 2015-01-11 19:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-10 18:14 - 2015-01-11 19:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-10 18:14 - 2015-01-11 19:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-10 18:14 - 2015-01-11 19:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-10 18:14 - 2015-01-11 19:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-10 18:14 - 2015-01-11 19:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-10 18:14 - 2015-01-11 19:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-10 18:14 - 2015-01-11 19:29 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-10 18:14 - 2015-01-11 19:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-10 18:14 - 2015-01-11 19:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-10 18:14 - 2015-01-11 19:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-10 18:14 - 2015-01-11 19:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-10 18:14 - 2015-01-11 19:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-10 18:14 - 2015-01-11 19:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-10 18:14 - 2015-01-11 19:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-10 18:14 - 2015-01-11 19:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-10 18:14 - 2015-01-11 18:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-10 18:14 - 2015-01-11 18:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-10 18:14 - 2015-01-10 00:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-10 18:14 - 2015-01-10 00:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-10 18:14 - 2015-01-10 00:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-10 18:14 - 2015-01-10 00:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-10 18:14 - 2015-01-10 00:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-10 18:14 - 2015-01-10 00:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-10 18:14 - 2015-01-10 00:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-10 18:14 - 2015-01-10 00:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-10 18:14 - 2015-01-10 00:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-10 18:14 - 2015-01-10 00:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-10 18:14 - 2015-01-10 00:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-10 18:14 - 2015-01-10 00:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-10 18:14 - 2015-01-10 00:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-10 18:14 - 2015-01-10 00:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-10 18:13 - 2015-01-15 02:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-10 18:13 - 2015-01-15 02:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-10 18:13 - 2015-01-15 02:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-10 18:13 - 2015-01-15 02:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-10 18:13 - 2015-01-15 02:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-10 18:13 - 2015-01-15 02:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-10 18:13 - 2015-01-15 02:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-10 18:13 - 2015-01-15 02:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-10 18:13 - 2015-01-15 02:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-10 18:13 - 2015-01-15 02:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-10 18:13 - 2015-01-15 02:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-10 18:13 - 2015-01-15 01:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-10 18:13 - 2015-01-15 01:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-10 18:13 - 2015-01-15 01:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-10 18:13 - 2015-01-15 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-10 18:13 - 2015-01-15 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-10 18:13 - 2015-01-15 01:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-10 18:13 - 2015-01-14 22:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-10 18:13 - 2015-01-12 21:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-10 18:13 - 2015-01-12 20:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-10 18:13 - 2014-12-11 23:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-10 18:13 - 2014-12-11 23:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-10 18:13 - 2014-11-25 21:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-10 18:13 - 2014-11-25 21:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-10 18:13 - 2014-07-06 20:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-10 18:13 - 2014-07-06 20:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-10 18:13 - 2014-07-06 19:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-10 18:13 - 2014-07-06 19:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-10 18:12 - 2015-01-14 00:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-10 18:12 - 2015-01-14 00:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-10 18:12 - 2015-01-14 00:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-10 18:12 - 2015-01-14 00:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-10 18:12 - 2015-01-13 23:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-10 18:12 - 2015-01-13 23:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-10 18:12 - 2015-01-13 23:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-10 18:12 - 2015-01-08 20:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-10 18:12 - 2014-12-07 21:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-10 18:12 - 2014-12-07 20:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-10 12:46 - 2015-02-10 12:49 - 09116133 _____ () C:\Users\Steve's Computer\Desktop\A Day In The Life (Mobile).3gp
2015-02-10 12:31 - 2015-02-10 12:35 - 164279877 _____ () C:\Users\Steve's Computer\Desktop\Windows 10 Technical Preview (Jan. 2015) (HD).mp4
2015-02-10 12:02 - 2015-02-10 12:48 - 00000543 _____ () C:\Users\Steve's Computer\Desktop\Cannot start Microsoft Outlook.  Cannot open the Outlook Window..txt
2015-02-10 11:46 - 2015-02-10 11:46 - 00000333 _____ () C:\Users\Steve's Computer\Desktop\What a Mess. Please reopen - BleepingComputer.com.URL
2015-02-10 10:26 - 2015-02-10 10:26 - 00000000 ____D () C:\Users\Steve's Computer\Desktop\Pachel, Ruth
2015-02-10 09:04 - 2015-02-11 08:58 - 09419436 _____ () C:\Users\Steve's Computer\Desktop\Steve's journal.ZIP
2015-02-10 08:45 - 2015-02-10 10:25 - 00000000 ____D () C:\Users\Steve's Computer\Desktop\2015 Morocco Trip
2015-02-10 08:36 - 2015-02-10 08:36 - 00000000 ____D () C:\Users\Steve's Computer\Desktop\2-11-2015
2015-02-10 07:52 - 2015-02-11 08:44 - 02134016 _____ (Farbar) C:\Users\Steve's Computer\Desktop\FRST64.exe
2015-02-10 07:30 - 2015-02-11 08:46 - 00000000 ____D () C:\Users\Steve's Computer\Desktop\Sort File
2015-02-09 20:26 - 2015-02-09 20:27 - 00004378 _____ () C:\Windows\SysWOW64\FCAgent.ini
2015-02-09 20:26 - 2015-02-09 20:26 - 00001171 _____ () C:\Users\Public\Desktop\FileCenter.lnk
2015-02-09 20:26 - 2015-02-09 20:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileCenter
2015-02-09 20:26 - 2015-02-09 20:26 - 00000000 ____D () C:\Program Files (x86)\FileCenter
2015-02-09 20:26 - 2015-01-26 08:06 - 01116232 _____ () C:\Windows\SysWOW64\FCAgent32.dll
2015-02-01 14:23 - 2015-02-01 14:23 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Local\GlassWire
2015-02-01 14:22 - 2015-02-01 14:22 - 00000000 ____D () C:\ProgramData\GlassWire
2015-02-01 12:34 - 2015-02-11 19:11 - 00012188 _____ () C:\Windows\PFRO.log
2015-02-01 11:32 - 2015-02-01 11:32 - 09414675 _____ () C:\Steve's journal.ZIP
2015-01-31 20:17 - 2015-01-31 20:17 - 00000000 ____D () C:\ProgramData\Emsisoft
2015-01-31 20:10 - 2015-02-11 19:12 - 00000908 _____ () C:\Windows\setupact.log
2015-01-31 20:10 - 2015-01-31 20:10 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-31 17:28 - 2015-01-31 17:28 - 00000837 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-01-31 17:28 - 2015-01-31 17:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-01-30 23:14 - 2015-02-10 23:12 - 00000711 _____ () C:\Users\Steve's Computer\Desktop\1.txt
2015-01-30 22:05 - 2015-01-30 22:13 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Local\Thunderbird
2015-01-30 21:27 - 2015-01-30 21:27 - 00000664 _____ () C:\Users\Steve's Computer\Desktop\BOYHOOD - Shortcut.lnk
2015-01-30 20:16 - 2015-01-30 20:16 - 00367392 _____ () C:\Users\Steve's Computer\Desktop\▶ Travel to Russia Winter in Moscow - YouTube -.mpg
2015-01-30 20:12 - 2015-01-30 20:12 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Roaming\WMBrowser
2015-01-30 20:12 - 2015-01-30 20:12 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Roaming\Replay Video Capture 7
2015-01-30 16:16 - 2015-01-30 16:18 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Roaming\Apple Computer
2015-01-30 16:16 - 2015-01-30 16:16 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Local\Apple Computer
2015-01-30 16:16 - 2015-01-30 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-01-30 16:16 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2015-01-30 16:15 - 2015-01-30 16:16 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-30 16:15 - 2015-01-30 16:16 - 00000000 ____D () C:\Program Files\iTunes
2015-01-30 16:15 - 2015-01-30 16:15 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-01-30 16:15 - 2015-01-30 16:15 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Local\Apple
2015-01-30 16:15 - 2015-01-30 16:15 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-01-30 16:15 - 2015-01-30 16:15 - 00000000 ____D () C:\Program Files\iPod
2015-01-30 16:15 - 2015-01-30 16:15 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-01-30 16:15 - 2015-01-30 16:15 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-01-30 16:14 - 2015-01-30 16:15 - 00000000 ____D () C:\ProgramData\Apple
2015-01-30 16:14 - 2015-01-30 16:15 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-30 16:14 - 2015-01-30 16:14 - 00000000 ____D () C:\Program Files\Bonjour
2015-01-30 16:14 - 2015-01-30 16:14 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-01-30 15:31 - 2015-01-30 15:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2015-01-30 15:31 - 2015-01-30 15:31 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2015-01-30 15:28 - 2015-01-30 20:16 - 00000000 ____D () C:\Program Files (x86)\Replay Video Capture 7
2015-01-30 15:28 - 2015-01-30 15:28 - 00000000 ____D () C:\Windows\Replay Video Capture 7
2015-01-30 15:28 - 2015-01-30 15:28 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applian Technologies
2015-01-30 15:27 - 2015-01-30 15:27 - 00000000 ____D () C:\Windows\Jaksta
2015-01-30 08:40 - 2015-01-30 08:40 - 00000000 ____D () C:\Windows\Minidump
2015-01-30 01:43 - 2015-01-30 01:43 - 00004096 ___SH () C:\{77F4C2BF-7582-4931-9A6F-61CB1A5614F6}.CBM
2015-01-30 00:58 - 2015-01-30 00:58 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-01-30 00:33 - 2015-01-30 00:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SafeHouse Explorer
2015-01-30 00:33 - 2009-12-07 16:06 - 00076112 _____ (PC Dynamics, Inc.) C:\Windows\system32\Drivers\SAFDSKNT.SYS
2015-01-30 00:32 - 2015-01-30 00:33 - 00000000 ____D () C:\Program Files (x86)\SafeHouse Explorer
2015-01-30 00:32 - 2015-01-30 00:32 - 00000000 ____D () C:\SafeHouse
2015-01-29 23:57 - 2015-01-29 23:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IVONA
2015-01-29 23:57 - 2015-01-29 23:57 - 00002150 _____ () C:\Users\Public\Desktop\IVONA MiniReader.lnk
2015-01-29 23:57 - 2015-01-29 23:57 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Roaming\IVONA ControlCenter
2015-01-29 23:56 - 2015-01-29 23:58 - 00000000 ____D () C:\Program Files (x86)\IVONA
2015-01-29 23:56 - 2015-01-29 23:56 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Local\IVONA_INST
2015-01-29 23:53 - 2015-01-29 23:53 - 00000972 _____ () C:\Users\Steve's Computer\Desktop\Balabolka.lnk
2015-01-29 23:53 - 2015-01-29 23:53 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Balabolka
2015-01-29 23:53 - 2015-01-29 23:53 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Roaming\Balabolka
2015-01-29 23:53 - 2015-01-29 23:53 - 00000000 ____D () C:\Program Files (x86)\Balabolka
2015-01-29 14:42 - 2014-12-05 22:17 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\tlntsess.exe
2015-01-29 14:42 - 2012-05-31 23:39 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2015-01-29 14:42 - 2012-05-31 23:36 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2015-01-29 14:42 - 2012-05-31 23:36 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2015-01-29 14:42 - 2012-05-31 23:35 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2015-01-29 14:42 - 2012-05-31 23:34 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2015-01-29 14:42 - 2012-05-31 23:33 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2015-01-29 14:42 - 2012-05-31 22:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2015-01-29 14:42 - 2012-05-31 22:37 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2015-01-29 14:42 - 2012-05-31 22:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2015-01-29 14:42 - 2012-05-31 22:35 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2015-01-29 14:42 - 2012-05-31 22:35 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2015-01-29 14:42 - 2012-05-31 22:34 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2015-01-29 14:30 - 2015-02-11 19:09 - 00000000 ____D () C:\AdwCleaner
2015-01-29 12:49 - 2015-02-01 15:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-01-29 12:49 - 2015-01-31 14:39 - 00003021 _____ () C:\Users\Steve's Computer\Desktop\Microsoft Word 2010.lnk
2015-01-29 12:49 - 2015-01-31 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2015-01-29 12:47 - 2015-02-10 19:48 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-01-29 12:47 - 2015-01-29 12:47 - 00000000 ____D () C:\Windows\PCHEALTH
2015-01-29 12:47 - 2015-01-29 12:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2015-01-29 12:47 - 2015-01-29 12:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Sync Framework
2015-01-29 12:44 - 2015-01-29 12:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2015-01-29 12:44 - 2015-01-29 12:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2015-01-29 12:43 - 2015-01-29 12:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-01-29 12:41 - 2015-01-29 12:41 - 00000000 __RHD () C:\MSOCache
2015-01-29 12:16 - 2015-01-29 12:16 - 00000862 _____ () C:\Windows\system32\termcap
2015-01-29 12:16 - 2015-01-29 12:16 - 00000000 ____D () C:\Windows\SysWOW64\BestPractices
2015-01-29 12:16 - 2015-01-29 12:16 - 00000000 ____D () C:\Windows\system32\msmq
2015-01-29 12:16 - 2015-01-29 12:16 - 00000000 ____D () C:\Windows\system32\BestPractices
2015-01-29 12:16 - 2015-01-29 12:16 - 00000000 ____D () C:\inetpub
2015-01-29 10:50 - 2015-01-29 10:50 - 00000017 _____ () C:\Users\Steve's Computer\AppData\Local\resmon.resmoncfg
2015-01-29 10:50 - 2015-01-29 10:50 - 00000000 __SHD () C:\Users\Steve's Computer\AppData\Local\EmieUserList
2015-01-29 10:50 - 2015-01-29 10:50 - 00000000 __SHD () C:\Users\Steve's Computer\AppData\Local\EmieSiteList
2015-01-29 10:50 - 2015-01-29 10:50 - 00000000 __SHD () C:\Users\Steve's Computer\AppData\Local\EmieBrowserModeList
2015-01-29 10:31 - 2015-01-29 10:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-01-29 10:31 - 2009-10-16 00:00 - 00132560 _____ (Seiko Epson Corporation) C:\Windows\system32\esdevapp.exe
2015-01-29 10:31 - 2009-10-16 00:00 - 00013824 _____ (Seiko Epson Corporation) C:\Windows\system32\esxcdev.dll
2015-01-29 10:31 - 2009-03-13 00:00 - 00230912 _____ (Seiko Epson Corp.) C:\Windows\system32\esxuin7c.dll
2015-01-29 10:31 - 2009-03-13 00:00 - 00221184 _____ (Seiko Epson Corp.) C:\Windows\SysWOW64\esint7c.dll
2015-01-29 10:31 - 2009-03-13 00:00 - 00065793 _____ () C:\Windows\system32\esfw7c.bin
2015-01-29 10:31 - 2007-11-29 00:00 - 00084992 _____ (SEIKO EPSON CORP.) C:\Windows\system32\esxwia7c.dll
2015-01-29 10:31 - 2006-03-10 00:00 - 00004608 _____ (SEIKO EPSON CORP.) C:\Windows\system32\esxwiaml.dll
2015-01-29 09:21 - 2014-07-08 20:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-01-29 09:21 - 2014-07-08 20:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-01-29 09:21 - 2014-07-08 20:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-01-29 09:21 - 2014-07-08 20:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-01-29 09:21 - 2014-07-08 20:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-01-29 09:21 - 2014-07-08 19:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-01-29 09:21 - 2014-07-08 19:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-01-29 09:21 - 2014-07-08 19:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-01-29 09:21 - 2014-07-08 19:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-01-29 09:21 - 2014-07-08 19:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-01-29 09:21 - 2014-07-08 16:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2015-01-29 09:21 - 2014-07-08 16:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2015-01-29 08:47 - 2015-02-11 21:00 - 00000000 ____D () C:\FRST
2015-01-29 04:27 - 2015-02-11 03:22 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-01-29 04:27 - 2015-02-11 03:22 - 00000000 ____D () C:\Windows\system32\appraiser
2015-01-29 03:24 - 2014-10-17 20:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-01-29 03:24 - 2014-10-17 19:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-01-29 03:24 - 2014-07-06 20:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-01-29 03:24 - 2014-07-06 20:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-01-29 03:24 - 2014-07-06 20:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-01-29 03:24 - 2014-07-06 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-01-29 03:24 - 2014-07-06 19:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-01-29 03:24 - 2014-07-06 19:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-01-29 03:24 - 2014-07-06 19:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-01-29 03:24 - 2014-07-06 19:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-01-29 03:08 - 2014-06-26 20:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-01-29 03:08 - 2014-06-26 19:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-01-29 03:00 - 2014-06-30 16:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-01-29 03:00 - 2014-06-30 16:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-01-29 03:00 - 2014-06-06 00:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-01-29 03:00 - 2014-06-06 00:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-01-29 03:00 - 2014-03-09 15:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-01-29 03:00 - 2014-03-09 15:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-01-29 03:00 - 2014-03-09 15:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-01-29 03:00 - 2014-03-09 15:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-01-29 01:21 - 2015-01-29 01:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-01-29 01:21 - 2015-01-29 01:21 - 00000000 ____D () C:\ProgramData\ESET
2015-01-29 01:21 - 2015-01-29 01:21 - 00000000 ____D () C:\Program Files\ESET
2015-01-29 00:52 - 2015-01-29 00:52 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-29 00:52 - 2015-01-29 00:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-29 00:52 - 2015-01-29 00:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-29 00:11 - 2014-08-01 05:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-01-29 00:11 - 2014-08-01 05:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-01-29 00:11 - 2014-04-24 20:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-01-29 00:11 - 2014-04-24 20:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-01-29 00:11 - 2014-01-27 20:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-01-29 00:10 - 2014-12-18 21:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-29 00:10 - 2014-12-11 11:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-29 00:10 - 2014-12-05 22:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-29 00:10 - 2014-12-05 21:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-29 00:10 - 2014-12-05 21:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-29 00:10 - 2014-10-13 20:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-01-29 00:10 - 2014-06-23 21:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-01-29 00:10 - 2014-06-23 20:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-01-29 00:10 - 2014-06-18 16:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-01-29 00:10 - 2014-06-18 16:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-01-29 00:10 - 2014-06-18 16:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-01-29 00:10 - 2014-06-18 16:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-01-29 00:10 - 2014-06-18 16:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-01-29 00:10 - 2014-06-18 16:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-01-29 00:10 - 2014-04-04 20:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-01-29 00:10 - 2014-04-04 20:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-01-29 00:10 - 2014-03-26 08:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-01-29 00:10 - 2014-03-26 08:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-01-29 00:10 - 2014-03-26 08:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-01-29 00:10 - 2014-03-26 08:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-01-29 00:10 - 2014-01-28 20:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-29 00:10 - 2014-01-28 20:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-29 00:09 - 2014-12-18 19:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-29 00:09 - 2014-11-10 21:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-01-29 00:09 - 2014-11-10 20:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-01-29 00:09 - 2014-11-10 19:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-01-29 00:09 - 2014-10-02 20:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-29 00:09 - 2014-10-02 20:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-29 00:09 - 2014-10-02 20:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-29 00:09 - 2014-10-02 20:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-29 00:09 - 2014-10-02 20:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-29 00:09 - 2014-10-02 19:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-01-29 00:09 - 2014-10-02 19:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-01-29 00:09 - 2014-10-02 19:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-01-29 00:09 - 2014-09-24 20:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-01-29 00:09 - 2014-09-24 19:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-01-29 00:09 - 2014-08-21 00:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-01-29 00:09 - 2014-08-21 00:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-01-29 00:09 - 2014-08-21 00:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-01-29 00:09 - 2014-08-21 00:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-01-29 00:09 - 2014-08-11 20:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-01-29 00:09 - 2014-08-11 19:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-01-29 00:09 - 2014-06-17 20:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-01-29 00:09 - 2014-06-17 19:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-01-29 00:09 - 2014-06-15 20:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-01-29 00:09 - 2014-06-06 04:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-01-29 00:09 - 2014-06-06 03:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-01-29 00:09 - 2014-05-30 00:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-01-29 00:09 - 2014-03-04 03:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-01-29 00:09 - 2014-03-04 03:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-01-29 00:09 - 2014-03-04 03:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-01-29 00:09 - 2014-03-04 03:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-01-29 00:09 - 2014-03-04 03:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-01-29 00:09 - 2014-03-04 03:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-01-29 00:09 - 2014-03-04 03:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-01-29 00:09 - 2014-03-04 03:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-01-29 00:09 - 2014-03-04 03:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2015-01-29 00:09 - 2014-03-04 03:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2015-01-29 00:09 - 2014-03-04 03:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2015-01-29 00:09 - 2014-03-04 03:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2015-01-29 00:09 - 2014-03-04 03:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2015-01-29 00:09 - 2014-03-04 03:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2015-01-29 00:09 - 2014-03-04 03:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2015-01-29 00:09 - 2014-03-04 03:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-01-29 00:09 - 2014-02-03 20:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-01-29 00:09 - 2014-02-03 20:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-01-29 00:09 - 2014-02-03 20:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-01-29 00:09 - 2014-02-03 20:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2015-01-29 00:09 - 2014-02-03 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2015-01-29 00:08 - 2014-11-07 21:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-01-29 00:08 - 2014-11-07 20:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-01-29 00:08 - 2014-10-29 20:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-01-29 00:08 - 2014-10-29 19:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-01-29 00:08 - 2014-10-24 19:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-01-29 00:08 - 2014-10-24 19:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-01-29 00:08 - 2014-10-02 20:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-01-29 00:08 - 2014-10-02 20:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-01-29 00:08 - 2014-10-02 20:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-01-29 00:08 - 2014-10-02 20:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-01-29 00:08 - 2014-10-02 20:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-01-29 00:08 - 2014-10-02 19:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-01-29 00:08 - 2014-10-02 19:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-01-29 00:08 - 2014-10-02 19:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-01-29 00:08 - 2014-10-02 19:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-01-29 00:08 - 2014-10-02 19:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-01-29 00:08 - 2014-09-03 23:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-01-29 00:08 - 2014-09-03 23:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-01-29 00:08 - 2014-08-28 20:07 - 05780480 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-01-29 00:08 - 2014-08-28 20:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-01-29 00:08 - 2014-08-28 20:07 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-01-29 00:08 - 2014-08-28 20:07 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-01-29 00:08 - 2014-08-28 20:06 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-01-29 00:08 - 2014-08-28 19:44 - 04922368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-01-29 00:08 - 2014-08-28 19:44 - 01050112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-01-29 00:08 - 2014-08-28 19:44 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-01-29 00:08 - 2014-08-28 19:44 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-01-29 00:08 - 2014-06-24 20:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-01-29 00:08 - 2014-06-24 19:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-01-29 00:08 - 2014-05-08 03:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-01-29 00:07 - 2014-10-13 20:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-01-29 00:07 - 2014-10-13 19:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-01-29 00:07 - 2014-07-16 20:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-01-29 00:07 - 2014-07-16 20:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-01-29 00:07 - 2014-07-16 20:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-01-29 00:07 - 2014-07-16 19:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-01-29 00:07 - 2014-07-16 19:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-01-29 00:07 - 2014-07-16 19:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-01-29 00:07 - 2014-06-03 04:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-01-29 00:07 - 2014-06-03 04:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-01-29 00:07 - 2014-06-03 04:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-01-29 00:07 - 2014-06-03 03:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-01-29 00:07 - 2014-06-03 03:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-01-29 00:07 - 2014-03-04 03:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-01-29 00:07 - 2014-03-04 03:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-01-29 00:07 - 2014-03-04 03:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-01-29 00:07 - 2014-03-04 03:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-01-29 00:07 - 2014-03-04 03:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-01-29 00:07 - 2014-03-04 03:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-01-29 00:07 - 2014-03-04 03:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-01-29 00:07 - 2014-03-04 03:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-01-29 00:07 - 2014-03-04 03:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-01-29 00:07 - 2014-03-04 02:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-01-29 00:07 - 2014-03-04 02:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-01-29 00:07 - 2014-01-23 20:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-01-29 00:06 - 2014-08-22 20:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-01-29 00:06 - 2014-08-22 19:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-01-29 00:06 - 2014-07-13 20:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-01-29 00:06 - 2014-07-13 19:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-01-28 23:22 - 2014-05-14 10:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-01-28 23:22 - 2014-05-14 10:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-01-28 23:22 - 2014-05-14 10:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-01-28 23:22 - 2014-05-14 10:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-01-28 23:22 - 2014-05-14 10:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-01-28 23:22 - 2014-05-14 10:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-01-28 23:22 - 2014-05-14 10:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-01-28 23:22 - 2014-05-14 10:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-01-28 23:22 - 2014-05-14 10:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-01-28 23:22 - 2014-05-14 10:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-01-28 23:22 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-01-28 23:22 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-01-28 23:22 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-01-28 23:22 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-11 20:47 - 2013-07-05 23:39 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-11 20:20 - 2014-02-24 23:46 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2015-02-11 19:50 - 2013-02-15 20:11 - 01327910 _____ () C:\Windows\WindowsUpdate.log
2015-02-11 19:47 - 2013-07-05 22:53 - 00000000 ____D () C:\ProgramData\FileCenter
2015-02-11 19:22 - 2009-07-13 22:45 - 00020496 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-11 19:22 - 2009-07-13 22:45 - 00020496 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-11 19:17 - 2009-07-13 23:13 - 00007626 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-11 19:13 - 2013-02-15 21:01 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Local\Adobe
2015-02-11 19:12 - 2013-02-15 20:24 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-11 19:12 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-11 10:50 - 2013-02-15 21:16 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Roaming\vlc
2015-02-11 04:15 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache
2015-02-11 03:24 - 2009-07-13 22:45 - 05034304 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-11 03:19 - 2013-07-06 12:37 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-11 03:18 - 2013-02-15 20:35 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-11 03:18 - 2009-07-13 20:34 - 00000478 _____ () C:\Windows\win.ini
2015-02-11 03:13 - 2013-11-18 00:45 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 03:03 - 2013-03-08 07:39 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-10 21:50 - 2013-03-07 21:32 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Local\CutePDF Writer
2015-02-10 19:47 - 2009-07-13 21:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-02-10 13:00 - 2013-07-05 23:13 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-02-10 12:59 - 2013-03-08 08:31 - 00000000 ___RD () C:\Users\Steve's Computer\Desktop\Shortcuts
2015-02-10 07:40 - 2013-06-30 09:22 - 00000000 ___RD () C:\Users\Steve's Computer\Desktop\Bookmarks
2015-02-09 20:27 - 2013-07-05 22:55 - 00004378 _____ () C:\Windows\system32\FCAgent.ini
2015-02-09 15:47 - 2013-07-05 23:39 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-09 15:47 - 2013-02-15 21:40 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-09 15:47 - 2013-02-15 21:40 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-01 08:47 - 2013-02-15 20:19 - 00110080 _____ () C:\Users\Steve's Computer\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-31 19:44 - 2013-02-15 22:03 - 00000000 ____D () C:\Windows\Panther
2015-01-31 17:28 - 2013-03-08 07:48 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-31 14:53 - 2013-02-15 20:35 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Local\Microsoft Help
2015-01-31 14:38 - 2011-04-12 02:28 - 00000000 ____D () C:\Windows\ShellNew
2015-01-31 14:37 - 2009-07-13 23:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-01-31 00:22 - 2013-02-15 20:58 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-30 20:14 - 2013-07-06 12:45 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Local\Applian
2015-01-30 18:46 - 2014-02-25 13:18 - 00000000 ____D () C:\Program Files (x86)\Applian Director 3
2015-01-30 15:30 - 2013-07-06 12:40 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Local\Replay Media Catcher 5
2015-01-30 15:27 - 2013-07-06 12:40 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Roaming\Replay Media Catcher 5
2015-01-30 15:27 - 2013-07-06 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applian Technologies
2015-01-30 15:27 - 2013-07-06 12:39 - 00000000 ____D () C:\Program Files (x86)\Applian Technologies
2015-01-30 15:26 - 2014-02-25 13:18 - 00002072 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Applian Director.lnk
2015-01-30 15:26 - 2014-02-25 13:18 - 00000000 ____D () C:\Windows\Applian Director
2015-01-30 09:58 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-01-30 08:40 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\SysWOW64\inetsrv
2015-01-30 08:40 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\inetsrv
2015-01-30 01:35 - 2013-02-15 22:58 - 00488960 ___SH () C:\EUMONBMP.SYS
2015-01-29 12:44 - 2013-02-15 20:35 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-01-29 12:22 - 2013-02-15 20:12 - 00001432 _____ () C:\Users\Steve's Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-29 12:17 - 2013-07-06 12:42 - 00007330 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-29 10:49 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\registration
2015-01-29 10:38 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-01-29 10:31 - 2013-03-07 21:27 - 00000000 ____D () C:\Program Files (x86)\epson
2015-01-29 08:36 - 2013-03-08 01:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2015-01-29 07:58 - 2013-07-06 00:50 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2015-01-29 07:58 - 2013-07-06 00:50 - 00002225 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2015-01-29 07:58 - 2013-07-06 00:50 - 00002064 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2015-01-29 04:32 - 2009-07-13 21:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-29 04:27 - 2011-04-12 02:28 - 00000000 ____D () C:\Program Files\Windows Journal
2015-01-29 04:27 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-01-29 04:27 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-01-29 04:27 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\AppCompat
2015-01-29 03:26 - 2013-03-07 22:53 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Roaming\Malwarebytes
2015-01-29 03:26 - 2013-03-07 22:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-29 03:20 - 2013-02-15 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-01-29 03:19 - 2013-02-15 21:32 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-01-29 03:19 - 2013-02-15 21:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-01-29 01:18 - 2013-02-15 20:25 - 00001945 _____ () C:\Windows\epplauncher.mif
2015-01-29 00:52 - 2013-02-15 21:17 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Roaming\Mozilla
2015-01-29 00:46 - 2013-03-08 00:21 - 00000000 ____D () C:\Users\Steve's Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amicus
2015-01-29 00:08 - 2013-02-15 22:27 - 00000000 ____D () C:\DJ
2015-01-26 08:06 - 2013-07-05 22:55 - 01797192 _____ () C:\Windows\system32\FCAgent64.dll

==================== Files in the root of some directories =======

1998-07-24 23:00 - 1998-07-24 23:00 - 0016686 _____ () C:\Program Files (x86)\EULA.TXT
1998-07-24 23:00 - 1998-07-24 23:00 - 0013312 _____ (Microsoft Corporation) C:\Program Files (x86)\MSMONEY.EXE
1998-07-24 23:00 - 1998-07-24 23:00 - 0000166 _____ () C:\Program Files (x86)\PUBKEY
1998-07-24 23:00 - 1998-07-24 23:00 - 0023271 _____ () C:\Program Files (x86)\README.TXT
1998-07-24 23:00 - 1998-07-24 23:00 - 2410496 _____ () C:\Program Files (x86)\SAMPLE.MNY
2013-03-07 22:16 - 2013-03-07 22:16 - 14823424 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2015-02-10 19:39 - 2015-02-10 19:39 - 0099384 _____ () C:\Users\Steve's Computer\AppData\Roaming\inst.exe
2015-02-10 19:39 - 2015-02-10 19:39 - 0007859 _____ () C:\Users\Steve's Computer\AppData\Roaming\pcouffin.cat
2015-02-10 19:39 - 2015-02-10 19:39 - 0001167 _____ () C:\Users\Steve's Computer\AppData\Roaming\pcouffin.inf
2015-02-10 19:40 - 2015-02-10 19:40 - 0000034 _____ () C:\Users\Steve's Computer\AppData\Roaming\pcouffin.log
2015-02-10 19:39 - 2015-02-10 19:39 - 0082816 _____ (VSO Software) C:\Users\Steve's Computer\AppData\Roaming\pcouffin.sys
2013-07-06 18:11 - 2013-07-06 18:11 - 0000218 _____ () C:\Users\Steve's Computer\AppData\Local\recently-used.xbel
2015-01-29 10:50 - 2015-01-29 10:50 - 0000017 _____ () C:\Users\Steve's Computer\AppData\Local\resmon.resmoncfg

Some content of TEMP:
====================
C:\Users\Steve's Computer\AppData\Local\Temp\install_flashplayer16x32_mssd_aaa_aih.exe
C:\Users\Steve's Computer\AppData\Local\Temp\Quarantine.exe
C:\Users\Steve's Computer\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-09 18:46

==================== End Of Log ============================





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users