Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hijacked Browser - Rover Redirect


  • This topic is locked This topic is locked
12 replies to this topic

#1 Stuart1951

Stuart1951

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:17 AM

Posted 24 March 2015 - 09:36 AM

Any help in how to remove this hijacker would be appreciated

 

If I put a word in the Google Search box and click on the Magnifying Glass the drop down list includes the following

 

“Ebay” search - Youtube rover.ebay……….

“Yahoo” search – rover 26 redirect yahoo

“You Tube” search – you tube rover.ebay browser hijack

“Firefox” search – firefox hijack browser rover

“BBC Sport” – Is ok – no problem

 

If I continue the search for “Yahoo” a new tab presents itself with the following URL

https://rover.ebay.com/ar/1/126133 (I have quoted only the first part of the URL as it actually goes on for pages.

This is the start of the content of the new tab:-

document.write(" " ); var rvr_id=802493214346; var mpserv; var mpi="img-cdn.mediaplex.com/0/"; var mpcrgif="710/208824/94928_DAP_15Q1_UK_SnA_Q1_300x600_42.jpg"; var mpck="rover.ebay.com/rover/1/710-208824-51244-1/4?mpt=24019&Perf_Tracker_1=&Perf_Tracker_2=394274&Perf_Tracker_3=yho&Perf_Tracker_4=&Perf_Tracker_5=&Perf_Tracker_6=&Perf_Tracker_7=&Perf_Tracker_8=&Perf_Tracker_10=&ff5=133163&ff6=4090848215481724480&

I have tried refreshing Firefox and have scanned with Malawarebytes and Ad Aware without success. I am also running Kaspersky.

Any help would be appreciated.

 

Details of the Farber Recovery Scan Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Stuart (administrator) on FAMILY on 24-03-2015 17:57:10
Running from C:\Users\Stuart\Downloads
Loaded Profiles: Stuart (Available profiles: Stuart & Janet & Ella & Sophie)
Platform: Windows 8.1 (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avpui.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSPanel.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [111976 2013-09-11] (Intel Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe [9566192 2015-03-10] ()
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)
HKU\S-1-5-21-1462671516-2646988751-4029834669-1001\...\Run: [Spotify] => C:\Users\Stuart\AppData\Roaming\Spotify\spotify.exe [6737976 2015-03-01] (Spotify Ltd)
HKU\S-1-5-21-1462671516-2646988751-4029834669-1001\...\Run: [Spotify Web Helper] => C:\Users\Stuart\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2015-03-01] (Spotify Ltd)
HKU\S-1-5-21-1462671516-2646988751-4029834669-1001\...\RunOnce: [Adobe Speed Launcher] => 1427218307
HKU\S-1-5-21-1462671516-2646988751-4029834669-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11776 2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [KAVOverlayIcon] -> {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\shellex.dll (Kaspersky Lab ZAO)
ShellIconOverlayIdentifiers-x32: [KAVOverlayIcon] -> {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\shellex.dll (Kaspersky Lab ZAO)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1462671516-2646988751-4029834669-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-1462671516-2646988751-4029834669-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-1462671516-2646988751-4029834669-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.bbc.co.uk/sport/0/
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-03-17] (Kaspersky Lab ZAO)
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-03-17] (IObit)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-22] (Oracle Corporation)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-03-17] (Kaspersky Lab ZAO)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-22] (Oracle Corporation)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-03-17] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\IEExt\ie_plugin.dll [2015-03-17] (Kaspersky Lab ZAO)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-22] (Oracle Corporation)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\IEExt\ie_plugin.dll [2015-03-17] (Kaspersky Lab ZAO)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-22] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\IEExt\ie_plugin.dll [2015-03-17] (Kaspersky Lab ZAO)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\79p5m762.default-1427107603372
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-03-01] ()
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-22] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-01] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-22] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-03-17] ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-03-17] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-03-17] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\79p5m762.default-1427107603372\user.js [2015-03-23]
FF Extension: FoxTrick - C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\79p5m762.default-1427107603372\Extensions\{9d1f059c-cada-4111-9696-41a62d64e3ba} [2015-03-24]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-03-17]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Віртуальна клавіатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-03-17]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Безпечні платежі - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-03-17]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 0275051426583445mcinstcleanup; C:\Users\Ella\AppData\Local\Temp\027505~1.EXE [851136 2014-08-08] (McAfee, Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [File not signed]
R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [115632 2013-09-11] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116656 2013-09-11] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148688 2013-09-11] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [124880 2013-09-11] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-09] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel® Corporation) [File not signed]
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe [720760 2015-03-10] ()
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-03-17] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [1055008 2015-01-14] (IObit)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
S3 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-06] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [71952 2014-03-31] (ASUS Corporation)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [143568 2013-09-11] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [114680 2013-09-11] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [287160 2013-09-11] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494272 2013-09-11] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [150536 2015-03-17] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [247480 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [800440 2015-03-17] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [68616 2015-03-17] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [77512 2015-03-17] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-03-24] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2014-02-11] (Windows ® Win 7 DDK provider)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [423128 2013-07-24] (Realsil Semiconductor Corporation)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-01-22] (BitDefender S.R.L.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]
U0 msahci; system32\drivers\msahci.sys

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-24 17:57 - 2015-03-24 17:57 - 00021483 _____ () C:\Users\Stuart\Downloads\FRST.txt
2015-03-24 17:53 - 2015-03-24 17:53 - 02095616 _____ (Farbar) C:\Users\Stuart\Downloads\FRST64.exe
2015-03-24 16:38 - 2015-03-24 17:57 - 00000000 ____D () C:\FRST
2015-03-24 15:38 - 2015-03-24 15:38 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-03-24 12:45 - 2015-03-24 12:45 - 00002325 _____ () C:\Users\Sophie\Desktop\Safe Money.lnk
2015-03-22 18:27 - 2015-03-22 18:27 - 00000000 ____D () C:\Users\Stuart\AppData\Roaming\Lavasoft
2015-03-22 18:12 - 2015-03-22 18:12 - 00000000 ____D () C:\Users\Ella\AppData\Roaming\LavasoftStatistics
2015-03-22 18:11 - 2015-03-24 15:28 - 00002347 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2015-03-22 18:11 - 2015-03-22 18:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-03-22 18:11 - 2015-03-22 18:11 - 00000000 ____D () C:\Program Files\Lavasoft
2015-03-22 18:10 - 2015-03-22 18:10 - 00000000 ____D () C:\Users\Ella\AppData\Local\Lavasoft
2015-03-22 18:10 - 2015-03-22 18:10 - 00000000 ____D () C:\ProgramData\Lavasoft
2015-03-22 18:09 - 2015-03-22 18:09 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2015-03-22 18:00 - 2015-03-22 18:00 - 00305664 _____ (Secure By Design Inc.) C:\Users\Stuart\Downloads\Ninite AdAware Installer.exe
2015-03-22 17:58 - 2015-03-22 17:58 - 00000000 ____D () C:\Users\Ella\AppData\Local\Adobe
2015-03-22 17:23 - 2015-03-24 17:31 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-22 17:22 - 2015-03-22 17:22 - 00001120 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-22 17:20 - 2015-03-22 17:20 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Stuart\Downloads\mbam-setup-2.1.4.1018.exe
2015-03-22 13:30 - 2015-03-23 10:46 - 00000000 ____D () C:\Users\Stuart\Desktop\Old Firefox Data
2015-03-21 19:32 - 2015-03-21 19:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-19 09:16 - 2015-03-19 09:16 - 00000000 ____D () C:\Users\Ella\AppData\Local\Macromedia
2015-03-17 22:11 - 2015-03-17 22:13 - 00000000 ____D () C:\Users\Ella\Desktop\New folder
2015-03-17 22:10 - 2015-03-17 22:10 - 00002325 _____ () C:\Users\Ella\Desktop\Safe Money.lnk
2015-03-17 16:39 - 2015-03-17 16:39 - 00000000 ____D () C:\Users\Janet\AppData\Local\Apple
2015-03-17 16:05 - 2015-03-17 16:05 - 00002325 _____ () C:\Users\Janet\Desktop\Safe Money.lnk
2015-03-17 09:45 - 2015-03-17 09:45 - 00000000 ____D () C:\Users\Stuart\Desktop\New folder
2015-03-17 09:37 - 2015-03-17 09:37 - 00002325 _____ () C:\Users\Stuart\Desktop\Safe Money.lnk
2015-03-17 09:37 - 2015-03-17 09:37 - 00002071 _____ () C:\Users\Public\Desktop\Kaspersky Total Security.lnk
2015-03-17 09:37 - 2015-03-17 09:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2015-03-17 09:37 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-03-17 09:35 - 2015-03-24 17:31 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-03-17 09:35 - 2015-03-17 09:35 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2015-03-17 09:35 - 2014-08-12 18:32 - 00247480 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-03-17 09:28 - 2015-03-17 09:28 - 00000000 ____D () C:\Users\Ella\AppData\Roaming\ProductData
2015-03-17 09:27 - 2015-03-17 09:28 - 00002388 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Stuart
2015-03-17 09:27 - 2015-03-17 09:28 - 00000290 _____ () C:\Windows\Tasks\Uninstaller_SkipUac_Stuart.job
2015-03-17 09:27 - 2015-03-17 09:27 - 00001274 _____ () C:\Users\Ella\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2015-03-17 09:16 - 2015-03-17 09:16 - 00000000 ___HD () C:\kleaner.tmp
2015-03-11 11:05 - 2015-02-06 23:09 - 00396419 _____ () C:\Windows\system32\ApnDatabase.xml
2015-03-11 11:05 - 2015-02-03 23:58 - 00264000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-03-11 11:05 - 2015-02-03 23:58 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-03-11 11:05 - 2015-02-03 23:58 - 00044024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-03-11 11:05 - 2015-02-02 23:53 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2015-03-11 11:05 - 2015-02-02 23:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2015-03-11 11:05 - 2015-01-27 03:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2015-03-11 11:05 - 2015-01-24 01:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2015-03-11 11:05 - 2015-01-23 07:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-03-11 11:05 - 2015-01-23 05:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-03-11 11:04 - 2015-02-07 23:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-03-11 11:04 - 2015-02-07 23:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-03-11 11:04 - 2015-02-06 01:28 - 02257408 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-03-11 11:04 - 2015-02-06 01:08 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-03-11 11:04 - 2015-02-05 20:24 - 01113920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-03-11 11:04 - 2015-02-03 00:03 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2015-03-11 11:04 - 2015-02-03 00:02 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2015-03-11 11:04 - 2015-01-30 23:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-03-11 11:04 - 2015-01-30 23:29 - 02484224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-03-11 11:04 - 2015-01-30 03:01 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2015-03-11 11:04 - 2015-01-30 03:00 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2015-03-11 11:04 - 2015-01-30 02:03 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-03-11 11:04 - 2015-01-30 02:03 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-03-11 11:04 - 2015-01-30 02:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-03-11 11:04 - 2015-01-30 01:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-03-11 11:04 - 2015-01-30 01:42 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-03-11 11:04 - 2015-01-30 01:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2015-03-11 11:04 - 2015-01-30 01:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-03-11 11:04 - 2015-01-30 01:29 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll
2015-03-11 11:04 - 2015-01-30 01:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-03-11 11:04 - 2015-01-30 01:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2015-03-11 11:04 - 2015-01-30 01:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2015-03-11 11:04 - 2015-01-30 01:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-03-11 11:04 - 2015-01-30 01:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2015-03-11 11:04 - 2015-01-29 01:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-03-11 11:04 - 2015-01-29 01:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2015-03-11 11:04 - 2015-01-29 01:11 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 11:04 - 2015-01-29 01:04 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-03-11 11:04 - 2015-01-29 01:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-03-11 11:04 - 2015-01-29 01:00 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 11:04 - 2015-01-29 00:59 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-03-11 11:04 - 2015-01-29 00:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-03-11 11:04 - 2015-01-29 00:50 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-03-11 11:04 - 2015-01-29 00:49 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-03-11 11:04 - 2015-01-28 02:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2015-03-11 11:04 - 2015-01-28 01:47 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2015-03-11 11:04 - 2015-01-27 23:47 - 02501368 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-03-11 11:04 - 2015-01-27 23:41 - 02207488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-03-11 11:04 - 2014-12-11 05:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2015-03-11 11:04 - 2014-10-29 02:46 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2015-03-11 11:04 - 2014-10-29 02:46 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2015-03-11 11:04 - 2014-10-29 02:45 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-03-11 11:04 - 2014-10-29 02:43 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\printui.exe
2015-03-11 11:04 - 2014-10-29 02:34 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-03-11 11:04 - 2014-10-29 02:34 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe
2015-03-11 11:04 - 2014-10-29 02:34 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2015-03-11 11:04 - 2014-10-29 02:04 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\findnetprinters.dll
2015-03-11 11:04 - 2014-10-29 02:03 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\fsquirt.exe
2015-03-11 11:04 - 2014-10-29 01:58 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.exe
2015-03-11 11:04 - 2014-10-29 01:52 - 00289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compstui.dll
2015-03-11 11:04 - 2014-10-29 01:51 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-03-11 11:04 - 2014-10-29 01:45 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2015-03-11 11:04 - 2014-10-29 01:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\findnetprinters.dll
2015-03-11 11:04 - 2014-10-29 01:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\atlthunk.dll
2015-03-11 11:04 - 2014-10-29 01:20 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-03-11 11:04 - 2014-10-29 01:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\eappprxy.dll
2015-03-11 11:04 - 2014-10-29 01:15 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2015-03-11 11:04 - 2014-10-29 01:13 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2015-03-11 11:04 - 2014-10-29 00:59 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappprxy.dll
2015-03-11 11:04 - 2014-10-29 00:55 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2015-03-11 11:04 - 2014-10-29 00:55 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2015-03-11 11:04 - 2014-10-29 00:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2015-03-11 11:04 - 2014-10-29 00:41 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2015-03-11 11:04 - 2014-10-29 00:35 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2015-03-11 08:29 - 2015-03-06 02:53 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 08:29 - 2015-03-06 02:33 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 08:29 - 2015-02-25 23:26 - 04178944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 08:29 - 2015-02-20 03:03 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 08:29 - 2015-02-20 02:58 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 08:29 - 2015-02-20 02:20 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 08:29 - 2015-02-20 02:15 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 08:29 - 2015-01-30 23:20 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 08:29 - 2015-01-28 15:41 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 08:29 - 2015-01-28 15:41 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-03-11 08:29 - 2015-01-28 15:41 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-03-11 08:29 - 2015-01-27 04:22 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 08:29 - 2015-01-27 02:11 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 08:29 - 2014-10-29 03:56 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-03-11 08:29 - 2014-10-29 02:49 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 08:29 - 2014-10-29 02:44 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 08:29 - 2014-10-29 02:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 08:29 - 2014-10-29 02:37 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2015-03-11 08:29 - 2014-10-29 02:04 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 08:29 - 2014-10-29 02:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 08:29 - 2014-10-29 02:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 08:28 - 2015-02-21 01:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 08:28 - 2015-02-21 00:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 08:28 - 2015-02-21 00:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 08:28 - 2015-02-21 00:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-03-11 08:28 - 2015-02-21 00:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 08:28 - 2015-02-20 23:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 08:28 - 2015-02-20 23:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 08:28 - 2015-02-20 02:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 08:28 - 2015-02-20 02:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 08:28 - 2015-02-20 02:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 08:28 - 2015-02-20 02:35 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-11 08:28 - 2015-02-20 02:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 08:28 - 2015-02-20 02:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 08:28 - 2015-02-20 02:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 08:28 - 2015-02-20 02:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-03-11 08:28 - 2015-02-20 02:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 08:28 - 2015-02-20 02:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 08:28 - 2015-02-20 02:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 08:28 - 2015-02-20 01:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-03-11 08:28 - 2015-02-20 01:56 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-03-11 08:28 - 2015-02-20 01:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-03-11 08:28 - 2015-02-20 01:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 08:28 - 2015-02-20 01:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 08:28 - 2015-02-20 01:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 08:28 - 2015-02-20 01:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 08:28 - 2015-02-20 01:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 08:28 - 2015-02-20 01:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-03-11 08:28 - 2015-02-20 01:29 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-03-11 08:28 - 2015-02-20 01:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 08:28 - 2015-02-20 01:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-03-11 08:28 - 2015-02-20 01:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 08:28 - 2015-02-20 01:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 08:28 - 2015-02-20 01:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 08:28 - 2015-02-20 01:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 08:28 - 2015-02-20 01:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 08:28 - 2015-02-20 00:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 08:28 - 2015-02-20 00:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 08:28 - 2015-01-29 18:45 - 01763352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 08:28 - 2015-01-29 18:34 - 01488040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 08:27 - 2015-02-12 17:40 - 22291584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 08:27 - 2015-02-12 17:34 - 19731824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 08:27 - 2015-01-28 01:31 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 08:27 - 2015-01-28 01:11 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-11 08:27 - 2015-01-21 05:54 - 01384712 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 08:27 - 2015-01-21 05:15 - 01123848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-06 15:17 - 2015-03-06 15:17 - 00000000 ____D () C:\ProgramData\HP
2015-03-06 15:17 - 2010-05-14 15:04 - 00138752 _____ (Hewlett-Packard Company) C:\Windows\system32\hpf3l02t.dll
2015-03-04 10:30 - 2015-03-24 13:59 - 00000000 ____D () C:\Users\Stuart\Documents\Finance
2015-03-04 10:29 - 2015-03-04 10:30 - 00000000 ____D () C:\Users\Stuart\Documents\Books
2015-03-04 10:27 - 2015-03-17 20:27 - 00000000 ____D () C:\Users\Stuart\Documents\HatTrick
2015-03-04 08:29 - 2015-03-04 08:29 - 00000000 ____D () C:\Users\Janet\AppData\Local\Adobe
2015-03-03 17:13 - 2015-03-03 17:13 - 00002411 _____ () C:\Users\Stuart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sky Go Desktop.lnk
2015-03-03 17:13 - 2015-03-03 17:13 - 00002381 _____ () C:\Users\Stuart\Desktop\Sky Go Desktop.lnk
2015-03-03 16:50 - 2015-03-03 16:50 - 00001190 _____ () C:\Users\Stuart\Desktop\BBC iPlayer Downloads.lnk
2015-03-03 16:50 - 2015-03-03 16:50 - 00000000 ____D () C:\Users\Stuart\AppData\Local\BBC
2015-03-03 16:49 - 2015-03-03 16:49 - 21602304 _____ () C:\Users\Stuart\Downloads\BBC-iPlayer-Downloads-1.11.1.msi
2015-03-03 15:17 - 2015-03-03 15:17 - 00000000 ____D () C:\Users\Janet\AppData\Local\Macromedia
2015-03-03 15:01 - 2015-03-03 15:01 - 00000000 ____D () C:\Users\Janet\AppData\Roaming\ProductData
2015-03-03 13:50 - 2015-03-03 13:50 - 00000000 ____D () C:\Users\Janet\AppData\Roaming\WebStorage
2015-03-03 13:49 - 2015-03-22 18:47 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1462671516-2646988751-4029834669-1002
2015-03-03 13:48 - 2015-03-03 13:48 - 00000000 ____D () C:\Users\Janet\AppData\Roaming\Mozilla
2015-03-03 13:48 - 2015-03-03 13:48 - 00000000 ____D () C:\Users\Janet\AppData\Local\Mozilla
2015-03-03 13:44 - 2015-03-24 12:53 - 00000074 _____ () C:\Users\Janet\AppData\Roaming\sp_data.sys
2015-03-03 13:44 - 2015-03-04 08:29 - 00000000 ____D () C:\Users\Janet\AppData\Roaming\Adobe
2015-03-03 13:44 - 2015-03-03 13:46 - 00000000 ____D () C:\Users\Janet\AppData\Local\Packages
2015-03-03 13:44 - 2015-03-03 13:44 - 00001448 _____ () C:\Users\Janet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-03 13:44 - 2015-03-03 13:44 - 00000020 ___SH () C:\Users\Janet\ntuser.ini
2015-03-03 13:44 - 2015-03-03 13:44 - 00000000 ____D () C:\Users\Janet\AppData\Roaming\IObit
2015-03-03 13:44 - 2015-03-03 13:44 - 00000000 ____D () C:\Users\Janet\AppData\Local\VirtualStore
2015-03-03 13:44 - 2015-03-03 13:44 - 00000000 ____D () C:\Users\Janet
2015-03-03 13:44 - 2015-03-01 10:30 - 00000000 ____D () C:\Users\Janet\AppData\Roaming\Macromedia
2015-03-03 13:44 - 2014-10-29 14:11 - 00000000 ___RD () C:\Users\Janet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-03 13:44 - 2014-10-29 13:20 - 00000000 ___RD () C:\Users\Janet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-03 13:44 - 2014-03-18 15:27 - 00000369 _____ () C:\Users\Janet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-03-03 13:44 - 2014-03-18 15:27 - 00000369 _____ () C:\Users\Janet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-03-03 13:44 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Janet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-03 13:44 - 2013-08-22 15:36 - 00000000 ____D () C:\Users\Janet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-03 13:41 - 2015-03-03 13:41 - 00000000 ____D () C:\Users\Sophie\AppData\Roaming\Mozilla
2015-03-03 13:41 - 2015-03-03 13:41 - 00000000 ____D () C:\Users\Sophie\AppData\Local\Mozilla
2015-03-03 13:37 - 2015-03-24 12:50 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1462671516-2646988751-4029834669-1004
2015-03-03 13:37 - 2015-03-03 13:37 - 00000000 ____D () C:\Users\Sophie\AppData\Roaming\WebStorage
2015-03-03 13:32 - 2015-03-24 12:47 - 00000074 _____ () C:\Users\Sophie\AppData\Roaming\sp_data.sys
2015-03-03 13:32 - 2015-03-03 13:33 - 00000000 ____D () C:\Users\Sophie\AppData\Local\Packages
2015-03-03 13:32 - 2015-03-03 13:32 - 00001448 _____ () C:\Users\Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-03 13:32 - 2015-03-03 13:32 - 00000020 ___SH () C:\Users\Sophie\ntuser.ini
2015-03-03 13:32 - 2015-03-03 13:32 - 00000000 ____D () C:\Users\Sophie\AppData\Roaming\IObit
2015-03-03 13:32 - 2015-03-03 13:32 - 00000000 ____D () C:\Users\Sophie\AppData\Roaming\Adobe
2015-03-03 13:32 - 2015-03-03 13:32 - 00000000 ____D () C:\Users\Sophie\AppData\Local\VirtualStore
2015-03-03 13:32 - 2015-03-03 13:32 - 00000000 ____D () C:\Users\Sophie
2015-03-03 13:32 - 2015-03-01 10:30 - 00000000 ____D () C:\Users\Sophie\AppData\Roaming\Macromedia
2015-03-03 13:32 - 2014-10-29 14:11 - 00000000 ___RD () C:\Users\Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-03 13:32 - 2014-10-29 13:20 - 00000000 ___RD () C:\Users\Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-03 13:32 - 2014-03-18 15:27 - 00000369 _____ () C:\Users\Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-03-03 13:32 - 2014-03-18 15:27 - 00000369 _____ () C:\Users\Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-03-03 13:32 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-03 13:32 - 2013-08-22 15:36 - 00000000 ____D () C:\Users\Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-03 13:25 - 2015-03-03 13:26 - 00000000 ____D () C:\Users\Ella\AppData\Roaming\Mozilla
2015-03-03 13:25 - 2015-03-03 13:25 - 00000000 ____D () C:\Users\Ella\AppData\Local\Mozilla
2015-03-03 13:18 - 2015-03-05 13:09 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1462671516-2646988751-4029834669-1003
2015-03-03 13:18 - 2015-03-03 13:18 - 00000000 ____D () C:\Users\Ella\AppData\Roaming\WebStorage
2015-03-03 13:12 - 2015-03-24 16:16 - 00000074 _____ () C:\Users\Ella\AppData\Roaming\sp_data.sys
2015-03-03 13:12 - 2015-03-22 17:59 - 00000000 ____D () C:\Users\Ella\AppData\Roaming\Adobe
2015-03-03 13:12 - 2015-03-17 09:29 - 00000000 ____D () C:\Users\Ella\AppData\Roaming\IObit
2015-03-03 13:12 - 2015-03-03 13:17 - 00000000 ____D () C:\Users\Ella\AppData\Local\Packages
2015-03-03 13:12 - 2015-03-03 13:13 - 00000000 ____D () C:\Users\Ella
2015-03-03 13:12 - 2015-03-03 13:12 - 00001448 _____ () C:\Users\Ella\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-03 13:12 - 2015-03-03 13:12 - 00000020 ___SH () C:\Users\Ella\ntuser.ini
2015-03-03 13:12 - 2015-03-03 13:12 - 00000000 ____D () C:\Users\Ella\AppData\Local\VirtualStore
2015-03-03 13:12 - 2015-03-03 13:12 - 00000000 ____D () C:\Users\Ella\AppData\Local\ASUS
2015-03-03 13:12 - 2015-03-01 10:30 - 00000000 ____D () C:\Users\Ella\AppData\Roaming\Macromedia
2015-03-03 13:12 - 2014-10-29 14:11 - 00000000 ___RD () C:\Users\Ella\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-03 13:12 - 2014-10-29 13:20 - 00000000 ___RD () C:\Users\Ella\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-03 13:12 - 2014-03-18 15:27 - 00000369 _____ () C:\Users\Ella\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-03-03 13:12 - 2014-03-18 15:27 - 00000369 _____ () C:\Users\Ella\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-03-03 13:12 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Ella\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-03 13:12 - 2013-08-22 15:36 - 00000000 ____D () C:\Users\Ella\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-03 12:39 - 2015-03-03 12:39 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-03 12:39 - 2015-03-03 12:39 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-03 12:36 - 2015-03-24 12:59 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-03 12:36 - 2015-03-24 12:53 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-02 15:29 - 2015-01-19 18:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-03-02 15:29 - 2014-12-19 08:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-03-02 15:29 - 2014-12-19 08:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-03-02 15:29 - 2014-12-13 21:28 - 00513488 _____ () C:\Windows\SysWOW64\locale.nls
2015-03-02 15:29 - 2014-12-13 21:28 - 00513488 _____ () C:\Windows\system32\locale.nls
2015-03-02 15:29 - 2014-11-10 02:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll
2015-03-02 15:29 - 2014-11-10 01:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
2015-03-02 15:29 - 2014-10-30 23:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-02 15:29 - 2014-10-30 23:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-02 15:29 - 2014-10-29 01:27 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-03-02 15:29 - 2014-10-29 01:27 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2015-03-02 15:29 - 2014-10-29 01:04 - 00868352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-03-02 15:29 - 2014-10-29 01:04 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2015-03-02 15:29 - 2014-10-13 02:33 - 00116032 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-03-02 15:29 - 2014-10-11 00:58 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-03-02 15:29 - 2014-10-11 00:53 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-03-02 15:29 - 2014-10-08 07:30 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-03-02 15:29 - 2014-10-08 07:09 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-03-02 15:29 - 2014-10-08 06:27 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-03-02 15:29 - 2014-09-22 04:38 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-03-02 15:29 - 2014-09-19 00:16 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-03-02 15:28 - 2015-02-03 23:38 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-02 15:28 - 2015-02-03 23:08 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-02 15:28 - 2015-02-03 23:08 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-02 15:28 - 2015-02-02 23:11 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-03-02 15:28 - 2015-02-02 23:11 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-02 15:28 - 2015-02-02 23:11 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-02 15:28 - 2014-12-02 23:09 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-03-02 12:50 - 2015-01-15 22:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-02 12:50 - 2015-01-15 22:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-02 12:50 - 2015-01-14 04:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-03-02 12:50 - 2015-01-14 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-03-02 12:50 - 2014-12-09 01:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-03-02 12:50 - 2014-10-29 02:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-02 12:50 - 2014-10-29 02:50 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-02 12:50 - 2014-10-29 02:06 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-02 12:50 - 2014-10-29 02:06 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-02 12:50 - 2014-10-29 01:31 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-02 12:49 - 2014-12-12 02:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-03-02 12:49 - 2014-12-12 00:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-03-02 12:49 - 2014-12-09 03:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-03-02 12:49 - 2014-12-09 01:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-03-02 12:49 - 2014-10-29 02:02 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-03-02 12:49 - 2014-10-29 02:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-03-02 12:49 - 2014-10-29 01:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-03-02 12:49 - 2014-10-29 01:15 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-03-02 12:49 - 2014-10-29 01:15 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-03-02 12:49 - 2014-10-29 01:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-03-02 12:49 - 2014-10-29 01:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-03-02 12:49 - 2014-10-29 01:13 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-03-02 12:49 - 2014-09-27 07:13 - 00104336 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-03-02 12:49 - 2014-09-27 05:24 - 00088800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-03-02 12:49 - 2014-09-27 03:30 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-03-02 12:49 - 2014-08-02 00:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-03-02 12:48 - 2015-01-12 02:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-02 12:48 - 2015-01-12 01:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-02 12:48 - 2015-01-12 01:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-02 12:48 - 2015-01-12 01:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-02 12:48 - 2014-12-19 06:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-03-02 12:48 - 2014-11-22 02:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-03-02 12:48 - 2014-11-22 02:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-03-02 12:48 - 2014-10-31 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-03-02 12:48 - 2014-10-31 05:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-03-02 12:48 - 2014-10-31 05:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-03-02 12:48 - 2014-10-31 05:09 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-03-02 12:48 - 2014-10-31 05:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-03-02 12:48 - 2014-10-31 05:06 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-03-02 12:48 - 2014-10-31 05:06 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-02 12:48 - 2014-10-31 05:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-02 12:48 - 2014-10-31 04:57 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-02 12:48 - 2014-10-31 04:56 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-02 12:48 - 2014-10-31 04:54 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-03-02 12:48 - 2014-10-31 04:53 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-02 12:48 - 2014-10-31 04:52 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2015-03-02 12:48 - 2014-10-31 04:51 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-02 12:48 - 2014-10-31 04:51 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-02 12:48 - 2014-10-31 04:40 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-03-02 12:48 - 2014-10-31 04:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-02 12:48 - 2014-10-31 04:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-03-02 12:48 - 2014-10-31 04:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-03-02 12:48 - 2014-10-31 04:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-03-02 12:48 - 2014-10-31 04:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-02 12:48 - 2014-10-31 04:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-03-02 12:48 - 2014-10-31 04:19 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-03-02 12:48 - 2014-10-31 03:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-03-02 12:48 - 2014-10-31 03:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-03-02 12:48 - 2014-10-31 03:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-03-02 12:48 - 2014-10-31 03:27 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-03-02 12:48 - 2014-10-31 03:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-03-02 12:48 - 2014-10-31 03:25 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-03-02 12:48 - 2014-10-31 03:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-03-02 12:48 - 2014-10-31 03:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-02 12:48 - 2014-10-31 03:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-02 12:48 - 2014-10-31 03:16 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-02 12:48 - 2014-10-31 03:15 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-02 12:48 - 2014-10-31 03:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-03-02 12:48 - 2014-10-31 03:13 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-02 12:48 - 2014-10-31 03:13 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2015-03-02 12:48 - 2014-10-31 03:12 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-02 12:48 - 2014-10-31 03:11 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-02 12:48 - 2014-10-31 03:03 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-03-02 12:48 - 2014-10-31 02:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-02 12:48 - 2014-10-31 02:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-03-02 12:48 - 2014-10-31 02:56 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-03-02 12:48 - 2014-10-31 02:56 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-03-02 12:48 - 2014-10-31 02:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-02 12:48 - 2014-10-31 02:53 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-03-02 12:48 - 2014-10-31 02:48 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-03-02 12:48 - 2014-10-31 02:26 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-03-02 12:48 - 2014-10-31 02:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-03-02 12:48 - 2014-09-04 00:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-03-02 12:48 - 2014-09-04 00:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-03-02 12:48 - 2014-02-06 11:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-02 12:48 - 2014-02-06 11:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-02 12:48 - 2014-02-06 10:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-02 12:47 - 2014-08-23 06:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2015-03-02 12:47 - 2014-08-23 05:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2015-03-02 12:47 - 2014-08-23 04:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2015-03-02 12:46 - 2014-12-08 19:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-03-02 12:46 - 2014-12-08 19:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-02 12:46 - 2014-12-08 19:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-03-02 12:46 - 2014-12-08 19:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-03-02 12:46 - 2014-12-08 19:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-03-02 12:46 - 2014-12-08 19:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-02 12:46 - 2014-12-08 19:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-03-02 12:46 - 2014-12-08 19:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-03-02 12:46 - 2014-12-06 03:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-03-02 12:46 - 2014-12-06 01:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-03-02 12:46 - 2014-12-06 01:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-03-02 12:46 - 2014-11-09 23:19 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-02 12:46 - 2014-11-09 23:19 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-02 12:46 - 2014-11-09 23:18 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-03-02 12:46 - 2014-11-09 23:18 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-03-02 12:46 - 2014-10-30 22:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-03-02 12:46 - 2014-10-30 22:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-03-02 12:46 - 2014-10-29 04:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-03-02 12:46 - 2014-10-29 04:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2015-03-02 12:46 - 2014-10-29 03:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-02 12:46 - 2014-10-29 03:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-02 12:46 - 2014-10-29 03:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-02 12:46 - 2014-10-29 03:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-02 12:46 - 2014-10-29 03:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-03-02 12:46 - 2014-10-29 03:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2015-03-02 12:46 - 2014-10-29 03:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-02 12:46 - 2014-10-29 03:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-02 12:46 - 2014-10-29 03:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-02 12:46 - 2014-10-29 02:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-03-02 12:46 - 2014-10-29 01:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2015-03-02 12:46 - 2014-10-29 01:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-03-02 12:46 - 2014-10-29 01:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-02 12:46 - 2014-10-29 01:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-03-02 12:46 - 2014-10-23 05:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-03-02 12:46 - 2014-10-23 05:05 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-03-02 12:46 - 2014-10-13 02:43 - 00238912 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-03-02 12:46 - 2014-10-13 02:43 - 00153920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-03-02 12:46 - 2014-10-13 02:43 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-03-02 12:46 - 2014-10-13 02:43 - 00039744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2015-03-02 12:46 - 2014-09-10 06:25 - 00474432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-03-02 12:46 - 2014-09-08 03:07 - 02497344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-03-02 12:46 - 2014-09-08 03:07 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-03-02 12:46 - 2014-09-04 03:05 - 00836176 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2015-03-02 12:46 - 2014-09-04 02:22 - 00670384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-03-02 12:46 - 2014-09-04 00:10 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2015-03-02 12:46 - 2014-08-31 00:17 - 00148800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-03-02 12:46 - 2014-08-30 22:05 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2015-03-02 12:46 - 2014-08-30 21:58 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2015-03-02 12:46 - 2014-08-30 21:04 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-03-02 12:46 - 2014-08-30 20:53 - 00239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
2015-03-02 12:46 - 2014-08-30 20:17 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-03-02 12:46 - 2014-08-28 00:21 - 02480128 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-03-02 12:46 - 2014-08-28 00:06 - 02030592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-03-02 12:46 - 2014-08-23 05:18 - 02149376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-03-02 12:46 - 2014-08-23 05:14 - 13424128 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2015-03-02 12:46 - 2014-08-23 05:04 - 11820544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2015-03-02 12:46 - 2014-08-23 05:03 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-03-02 12:46 - 2014-08-23 04:50 - 02714112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-03-02 12:46 - 2014-08-16 04:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2015-03-02 12:46 - 2014-08-16 03:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-03-02 12:46 - 2014-08-16 03:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2015-03-02 12:46 - 2014-08-16 01:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-03-02 12:46 - 2014-08-16 01:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2015-03-02 12:46 - 2014-08-16 00:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-03-02 12:46 - 2014-08-16 00:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2015-03-02 12:46 - 2014-08-16 00:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2015-03-02 12:46 - 2014-08-16 00:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2015-03-02 12:46 - 2014-08-16 00:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2015-03-02 12:46 - 2014-08-16 00:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2015-03-02 12:46 - 2014-08-16 00:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-03-02 12:46 - 2014-08-16 00:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2015-03-02 12:46 - 2014-08-16 00:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2015-03-02 12:46 - 2014-08-16 00:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2015-03-02 12:46 - 2014-08-16 00:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2015-03-02 12:46 - 2014-08-16 00:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2015-03-02 12:46 - 2014-08-16 00:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2015-03-02 12:46 - 2014-08-16 00:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2015-03-02 12:46 - 2014-08-16 00:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-03-02 12:46 - 2014-08-16 00:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2015-03-02 12:46 - 2014-08-16 00:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2015-03-02 12:46 - 2014-08-16 00:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2015-03-02 12:46 - 2014-08-16 00:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-03-02 12:46 - 2014-08-02 00:51 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-03-02 12:46 - 2014-08-02 00:35 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-03-02 12:46 - 2014-07-24 03:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2015-03-02 12:46 - 2014-07-24 03:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2015-03-02 12:46 - 2014-05-19 06:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2015-03-02 12:46 - 2014-05-19 06:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2015-03-02 12:46 - 2014-05-19 05:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2015-03-02 12:45 - 2015-03-02 12:45 - 00114660 _____ () C:\Users\Stuart\Downloads\Forty One Shots 2015(1).ods
2015-03-02 12:44 - 2015-03-02 12:45 - 00114660 _____ () C:\Users\Stuart\Downloads\Forty One Shots 2015.ods
2015-03-01 22:11 - 2015-03-01 22:11 - 00000000 ____D () C:\Users\Stuart\AppData\Roaming\ProductData
2015-03-01 22:10 - 2015-03-17 09:28 - 00000000 ____D () C:\ProgramData\IObit
2015-03-01 22:09 - 2015-03-23 08:17 - 00000000 ____D () C:\ProgramData\ProductData
2015-03-01 22:09 - 2015-03-17 09:27 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-03-01 22:09 - 2015-03-01 22:40 - 00000000 ____D () C:\Users\Stuart\AppData\Roaming\IObit
2015-03-01 22:09 - 2015-03-01 22:09 - 00001301 _____ () C:\Users\Public\Desktop\Start Menu 8.lnk
2015-03-01 22:09 - 2015-03-01 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8
2015-03-01 22:08 - 2015-03-01 22:08 - 09344920 _____ (IObit ) C:\Users\Stuart\Downloads\startmenu-setup.exe
2015-03-01 20:25 - 2015-03-09 15:53 - 00017760 _____ () C:\Users\Stuart\Documents\Pass.ods
2015-03-01 20:05 - 2015-03-01 20:05 - 00000000 ____D () C:\Users\Stuart\AppData\Roaming\LibreOffice
2015-03-01 19:57 - 2015-03-15 18:36 - 00000000 ____D () C:\Users\Stuart\AppData\Local\Spotify
2015-03-01 18:21 - 2015-03-22 17:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-01 18:21 - 2015-03-22 17:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-01 18:21 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-01 18:21 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-01 18:21 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-01 18:21 - 2015-03-01 18:21 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-01 18:20 - 2015-03-01 18:20 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-03-01 18:18 - 2015-03-01 18:18 - 00305664 _____ (Secure By Design Inc.) C:\Users\Stuart\Downloads\Ninite Air Essentials Firefox Java 8 Installer(1).exe
2015-03-01 18:16 - 2015-03-01 18:16 - 00305664 _____ (Secure By Design Inc.) C:\Users\Stuart\Downloads\Ninite Air Essentials Firefox Java 8 Installer.exe
2015-03-01 14:07 - 2015-03-01 14:07 - 00000000 ____D () C:\Users\Stuart\AppData\Local\Macromedia
2015-03-01 14:05 - 2015-03-24 16:10 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-01 14:05 - 2015-03-01 14:05 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-01 10:42 - 2015-03-01 10:43 - 00000000 ____D () C:\Users\Stuart\AppData\Roaming\Mozilla
2015-03-01 10:42 - 2015-03-01 10:43 - 00000000 ____D () C:\Users\Stuart\AppData\Local\Mozilla
2015-03-01 10:41 - 2015-03-01 10:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-03-01 10:41 - 2015-03-01 10:41 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2015-03-01 10:40 - 2015-03-01 10:41 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.4
2015-03-01 10:40 - 2015-03-01 10:40 - 00001516 _____ () C:\Users\Public\Desktop\LibreOffice 4.4.lnk
2015-03-01 10:38 - 2015-03-01 10:40 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2015-03-01 10:37 - 2015-03-04 10:26 - 00000000 ____D () C:\Users\Stuart\AppData\Roaming\Apple Computer
2015-03-01 10:37 - 2015-03-01 10:37 - 00001767 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-03-01 10:37 - 2015-03-01 10:37 - 00000000 ____D () C:\Users\Stuart\AppData\Local\Apple Computer
2015-03-01 10:37 - 2015-03-01 10:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-03-01 10:36 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2015-03-01 10:34 - 2015-03-01 10:36 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-03-01 10:34 - 2015-03-01 10:36 - 00000000 ____D () C:\Program Files\iTunes
2015-03-01 10:34 - 2015-03-01 10:34 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-03-01 10:34 - 2015-03-01 10:34 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2015-03-01 10:34 - 2015-03-01 10:34 - 00000000 ____D () C:\Users\Stuart\AppData\Local\Apple
2015-03-01 10:34 - 2015-03-01 10:34 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-03-01 10:34 - 2015-03-01 10:34 - 00000000 ____D () C:\Program Files\iPod
2015-03-01 10:34 - 2015-03-01 10:34 - 00000000 ____D () C:\Program Files\Bonjour
2015-03-01 10:34 - 2015-03-01 10:34 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-03-01 10:34 - 2015-03-01 10:34 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-03-01 10:34 - 2015-03-01 10:34 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-03-01 10:33 - 2015-03-01 10:34 - 00000000 ____D () C:\ProgramData\Apple
2015-03-01 10:33 - 2015-03-01 10:34 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-03-01 10:32 - 2015-03-22 18:02 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-03-01 10:32 - 2015-03-15 18:41 - 00000000 ____D () C:\Users\Stuart\AppData\Roaming\Spotify
2015-03-01 10:32 - 2015-03-01 10:32 - 00001820 _____ () C:\Users\Stuart\Desktop\Spotify.lnk
2015-03-01 10:32 - 2015-03-01 10:32 - 00001806 _____ () C:\Users\Stuart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-03-01 10:31 - 2015-03-22 18:01 - 00000000 ____D () C:\Program Files\Java
2015-03-01 10:31 - 2015-03-22 18:00 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-03-01 10:31 - 2015-03-01 10:31 - 00000000 ____D () C:\ProgramData\Sun
2015-03-01 10:31 - 2015-03-01 10:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-01 10:30 - 2015-03-22 18:01 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-01 10:30 - 2015-03-02 19:41 - 00000000 ____D () C:\Users\Stuart\AppData\Local\Adobe
2015-03-01 10:30 - 2015-03-02 19:41 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-01 10:30 - 2015-03-01 18:20 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-03-01 10:30 - 2015-03-01 10:30 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-03-01 10:30 - 2015-03-01 10:30 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-03-01 10:30 - 2015-03-01 10:30 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-01 10:29 - 2015-03-01 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-03-01 10:27 - 2015-03-01 10:27 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-03-01 10:27 - 2015-03-01 10:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-03-01 10:26 - 2015-03-22 08:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-01 10:26 - 2015-03-01 10:26 - 00001177 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-01 10:26 - 2015-03-01 10:26 - 00001165 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-01 10:26 - 2015-03-01 10:26 - 00000000 ____D () C:\ProgramData\Mozilla
2015-02-28 17:59 - 2015-02-28 17:59 - 00001142 _____ () C:\Users\Stuart\Desktop\Welcome to ASUS Product Registration.lnk
2015-02-28 16:53 - 2015-02-28 16:53 - 00000000 __SHD () C:\Users\Stuart\AppData\Local\EmieUserList
2015-02-28 16:53 - 2015-02-28 16:53 - 00000000 __SHD () C:\Users\Stuart\AppData\Local\EmieSiteList
2015-02-28 16:52 - 2015-02-28 16:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-02-28 16:48 - 2015-03-24 13:58 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B141FB32-3942-4C22-8B81-24AEE17BFE35}
2015-02-28 16:45 - 2015-03-24 07:54 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1462671516-2646988751-4029834669-1001
2015-02-28 16:45 - 2015-02-28 16:45 - 00000000 ____D () C:\Users\Stuart\AppData\Roaming\WebStorage
2015-02-28 16:41 - 2015-03-24 17:33 - 00000074 _____ () C:\Users\Stuart\AppData\Roaming\sp_data.sys
2015-02-28 16:41 - 2015-02-28 17:27 - 00000000 ____D () C:\ProgramData\USBChargerPlus
2015-02-28 16:41 - 2015-02-28 16:41 - 00000000 ____D () C:\Users\Stuart\AppData\Roaming\Macromedia
2015-02-28 16:40 - 2015-03-03 13:45 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-02-28 16:40 - 2015-03-02 19:41 - 00000000 ____D () C:\Users\Stuart\AppData\Roaming\Adobe
2015-02-28 16:40 - 2015-02-28 16:41 - 00000000 ____D () C:\Users\Stuart\AppData\Local\Packages
2015-02-28 16:40 - 2015-02-28 16:40 - 00001448 _____ () C:\Users\Stuart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-28 16:40 - 2015-02-28 16:40 - 00000194 _____ () C:\Windows\FixPatch.log
2015-02-28 16:40 - 2015-02-28 16:40 - 00000180 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-02-28 16:40 - 2015-02-28 16:40 - 00000000 ____D () C:\Users\Stuart\AppData\Local\VirtualStore
2015-02-28 16:40 - 2015-02-28 16:40 - 00000000 ____D () C:\Users\Stuart\AppData\Local\ASUS
2015-02-28 16:39 - 2015-02-28 16:40 - 00000000 ____D () C:\Users\Stuart
2015-02-28 16:39 - 2015-02-28 16:39 - 00000020 ___SH () C:\Users\Stuart\ntuser.ini
2015-02-28 16:39 - 2014-10-29 14:11 - 00000000 ___RD () C:\Users\Stuart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-28 16:39 - 2014-10-29 13:20 - 00000000 ___RD () C:\Users\Stuart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-28 16:39 - 2014-03-18 15:27 - 00000369 _____ () C:\Users\Stuart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-02-28 16:39 - 2014-03-18 15:27 - 00000369 _____ () C:\Users\Stuart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-02-28 16:39 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Stuart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-28 16:39 - 2013-08-22 15:36 - 00000000 ____D () C:\Users\Stuart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-28 16:35 - 2015-03-24 17:57 - 01128382 _____ () C:\Windows\WindowsUpdate.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-24 17:17 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sru
2015-03-24 15:42 - 2014-03-18 15:26 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-24 15:38 - 2013-08-22 14:46 - 00038782 _____ () C:\Windows\setupact.log
2015-03-24 15:27 - 2013-08-22 14:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-23 21:55 - 2013-08-22 13:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2015-03-17 16:40 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-17 09:43 - 2014-08-20 18:04 - 00800440 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-03-17 09:43 - 2014-08-18 14:43 - 00150536 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-03-17 09:43 - 2014-08-13 19:34 - 00077512 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klwtp.sys
2015-03-17 09:43 - 2014-07-25 13:13 - 00068616 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klwfp.sys
2015-03-17 09:37 - 2013-08-22 13:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-03-17 09:35 - 2013-08-22 15:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-03-17 09:17 - 2014-12-11 13:58 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2015-03-17 09:17 - 2014-03-18 08:16 - 00017030 _____ () C:\Windows\PFRO.log
2015-03-17 09:13 - 2014-12-11 13:58 - 00000000 ____D () C:\ProgramData\McAfee
2015-03-12 17:58 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\rescache
2015-03-12 10:29 - 2013-08-22 15:36 - 00000000 ___RD () C:\Windows\ToastData
2015-03-12 10:29 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-12 10:29 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-12 10:29 - 2013-08-22 15:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-12 10:29 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\WinStore
2015-03-12 10:29 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2015-03-12 10:29 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\en-GB
2015-03-12 10:29 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-12 10:29 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-12 09:51 - 2013-08-22 15:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-03-11 22:03 - 2013-08-22 14:44 - 00400712 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-06 12:27 - 2014-03-18 15:10 - 00000000 ____D () C:\Program Files\Windows Journal
2015-03-06 12:27 - 2014-03-18 14:58 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2015-03-06 12:27 - 2014-03-18 14:58 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2015-03-06 12:27 - 2014-03-18 14:58 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2015-03-06 12:27 - 2014-03-18 14:58 - 00000000 ____D () C:\Windows\system32\winrm
2015-03-06 12:27 - 2014-03-18 14:58 - 00000000 ____D () C:\Windows\system32\WCN
2015-03-06 12:27 - 2014-03-18 14:58 - 00000000 ____D () C:\Windows\system32\slmgr
2015-03-06 12:27 - 2013-08-22 15:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-03-06 12:27 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2015-03-06 12:27 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\MUI
2015-03-06 12:27 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-03-06 12:27 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-03-06 12:27 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-03-06 12:27 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\servicing
2015-03-05 19:17 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2015-03-05 19:17 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2015-03-05 13:06 - 2014-03-18 14:58 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2015-03-05 13:06 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2015-03-05 13:06 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\migwiz
2015-03-05 13:06 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Com
2015-03-05 13:06 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\Help
2015-03-05 13:06 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-03-05 13:06 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\system32\oobe
2015-03-05 13:06 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-05 12:45 - 2014-03-18 14:58 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-03-05 12:45 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\Com
2015-03-05 12:45 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-03-05 12:45 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\IME
2015-03-05 12:45 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2015-03-05 12:45 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-05 12:44 - 2013-08-22 15:36 - 00000000 ___SD () C:\Windows\system32\dsc
2015-03-04 21:24 - 2013-08-22 15:38 - 00792032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-04 21:24 - 2013-08-22 15:38 - 00178144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-03 12:39 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\MediaViewer
2015-03-03 12:39 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\FileManager
2015-03-03 12:39 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\Camera
2015-03-03 12:39 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\AppCompat
2015-03-03 12:39 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-28 16:40 - 2014-10-29 13:02 - 00000000 ____D () C:\Windows\Panther
2015-02-28 16:40 - 2014-10-29 11:24 - 00000000 ____D () C:\Windows\Log

==================== Files in the root of some directories =======

2015-02-28 16:41 - 2015-03-24 17:33 - 0000074 _____ () C:\Users\Stuart\AppData\Roaming\sp_data.sys
2014-12-11 13:49 - 2014-12-11 13:49 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-10-29 06:25 - 2012-09-07 11:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-10-29 06:25 - 2009-07-22 10:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-10-29 06:25 - 2012-09-07 11:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS


Some content of TEMP:
====================
C:\Users\Ella\AppData\Local\Temp\0275051426583445mcinst.exe
C:\Users\Ella\AppData\Local\Temp\mccspuninstall.exe
C:\Users\Stuart\AppData\Local\Temp\autorun.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-12 09:48

==================== End Of Log ============================

 

Sorry for being a tech novice. I have tried to follow the guideance but can't see the browse button to attach the addition.txt file to this post so I have copied it below.

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Stuart at 2015-03-24 17:58:25
Running from C:\Users\Stuart\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Kaspersky Total Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Kaspersky Total Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ad-Aware Antivirus (HKLM\...\{FF054A8C-C0A4-4C78-8910-E2A459BEFF05}_AdAwareUpdater) (Version: 11.6.306.7947 - Lavasoft)
AdAwareInstaller (Version: 11.6.306.7947 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.6.306.7947 - Lavasoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AntimalwareEngine (Version: 3.0.98.0 - Lavasoft) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.8 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.8 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.14 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0034 - ASUS)
BBC iPlayer Downloads (HKLM-x32\...\{C3794B09-6C43-4B93-9CA8-F10BECCF2971}) (Version: 1.11.1 - BBC)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2103 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.3 - IObit)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418040F0}) (Version: 8.0.400 - Oracle Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Total Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
LibreOffice 4.4.1.2 (HKLM-x32\...\{4A754DA6-6E12-40AF-BAF0-B7D60C6BE005}) (Version: 4.4.1.2 - The Document Foundation)
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.2.194 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.3004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 36.0.4 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 en-GB)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7224 - Realtek Semiconductor Corp.)
Sky Go Desktop (HKU\S-1-5-21-1462671516-2646988751-4029834669-1001\...\1255788187.go.sky.com) (Version:  - go.sky.com)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1462671516-2646988751-4029834669-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 2.0.1 - IObit)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent)
Windows Driver Package - ASUS (ATP) Mouse  (03/17/2014 1.0.0.207) (HKLM\...\AA2CC56D4BBEE037DC99871F5F6551133D2A0CC3) (Version: 03/17/2014 1.0.0.207 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1462671516-2646988751-4029834669-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points  =========================

06-03-2015 12:22:45 Language Pack Removal
11-03-2015 11:45:50 Windows Update
14-03-2015 15:38:33 Windows Update
22-03-2015 13:59:34 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {06B66EE6-D455-4180-95A1-3A0DA92F4B0A} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-07] (ASUS)
Task: {126D477F-72C1-4194-BC51-504286A9B279} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {19EF1E62-858A-4DA6-A20A-B98D81146C32} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-04-15] (Realtek Semiconductor)
Task: {1F57DE5D-449B-425B-BA3F-B98E831491E5} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2014-03-11] ()
Task: {1FC176FF-9B0F-41D5-BF8A-8C53FD04CF8F} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-03-31] (AsusTek)
Task: {20587F51-0726-45AA-B786-62D67FE6C95F} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [2014-02-11] ()
Task: {234FA72C-7732-49D1-ACB5-27F57B7C1536} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86) [2015-03-21] ()
Task: {36E27157-D0DB-4D2D-A708-3BCE4417161E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.)
Task: {607D6313-EB03-4296-B32D-34D9B2F2E2AD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-03-24] (Microsoft Corporation)
Task: {60A9156E-65E6-481D-98C5-2D4347ED0FF4} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-04-10] (Realtek Semiconductor)
Task: {66976CAC-389B-4BC2-9EF2-E3B09C598E23} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86) [2015-03-21] ()
Task: {7AC81BD8-A90D-4EF7-B83C-AB3D3FFB5BB8} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2014-02-11] (ASUS)
Task: {98133921-46EC-4E13-8177-9A8BEC846412} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-01] (Adobe Systems Incorporated)
Task: {B24F2D62-9120-424A-BBE9-8E71E5997621} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.)
Task: {CDE0F3A7-C824-4A26-B426-C5053050D2C3} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-14] (ASUSTek Computer Inc.)
Task: {E06B4090-4A16-404A-B3B0-4D15B2C6ED4C} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-07] (ASUSTeK Computer Inc.)
Task: {EAC564C0-0332-4B60-BB9C-A6B418955F8E} - System32\Tasks\Uninstaller_SkipUac_Stuart => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-03-17] (IObit)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Uninstaller_SkipUac_Stuart.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Loaded Modules (whitelisted) ==============

2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-10 18:47 - 2015-03-10 18:47 - 00720760 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
2015-03-10 18:51 - 2015-03-10 18:51 - 00107024 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_thread-vc100-mt-1_57.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00024080 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_system-vc100-mt-1_57.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00055320 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_date_time-vc100-mt-1_57.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00125464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_filesystem-vc100-mt-1_57.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00033296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_chrono-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 12745216 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareServiceKernel.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 03396064 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\RCF.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00785936 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_regex-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00744960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareActivation.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00480272 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareApplicationUpdater.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00812032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareGamingMode.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00099312 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareReset.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00119792 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTime.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00963088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareDefinitionsUpdater.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00868896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareDefinitionsUpdaterScheduler.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01108992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareIgnoreList.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00247808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareQuarantine.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01013256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiMalwareEngine.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00211464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiRootkitEngine.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01177608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScannerHistory.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01302008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScanner.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00034832 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_timer-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00977416 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScannerScheduler.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01143824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareRealTimeProtection.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00237568 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareIncompatibles.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00893432 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiSpam.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00847872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiPhishing.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 03104776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareParentalControl.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 02958848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareWebProtection.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01288712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareEmailProtection.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00053272 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_iostreams-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01293832 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareNetworkProtection.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00969200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwarePromo.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00366584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareFeedback.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 02787344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareThreatWorkAlliance.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01232888 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwarePinCode.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00969208 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareNotice.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00963576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAvcEngine.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01184792 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareRealTimeProtectionHistory.dll
2014-02-11 17:08 - 2014-02-11 17:08 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2014-02-11 17:08 - 2014-02-11 17:08 - 00028672 _____ () C:\Program Files\ASUS\P4G\plctrl.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 09566192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe
2015-03-10 18:51 - 2015-03-10 18:51 - 00499728 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_locale-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 02144248 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\HtmlFramework.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00869896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTrayDefaultSkin.dll
2014-08-30 17:12 - 2014-08-30 17:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\kpcengine.2.3.dll
2015-03-01 22:10 - 2015-01-14 16:15 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2014-12-11 13:44 - 2013-10-23 13:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-03-01 22:09 - 2015-01-14 16:14 - 00348960 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl
2015-03-01 22:09 - 2015-01-14 16:14 - 00183584 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl
2015-03-01 22:09 - 2015-01-14 16:14 - 00050976 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl
2015-03-01 22:09 - 2015-01-14 16:15 - 00268920 _____ () C:\Program Files (x86)\IObit\Start Menu 8\sqlite3.dll
2015-03-01 22:09 - 2015-01-14 16:15 - 00053024 _____ () C:\Program Files (x86)\IObit\Start Menu 8\parseAuto.dll
2015-03-01 22:09 - 2015-01-14 16:15 - 00622880 _____ () C:\Program Files (x86)\IObit\Start Menu 8\ProductStatistics.dll
2015-03-01 22:09 - 2015-01-14 16:15 - 00041248 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll
2013-10-08 20:41 - 2013-10-08 20:41 - 00037968 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2013-09-09 18:23 - 2013-09-09 18:23 - 00162816 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-08-30 17:12 - 2015-03-17 09:43 - 00459048 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2014-08-30 17:12 - 2015-03-17 09:43 - 00332584 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\online_banking@kaspersky.com\nponlinebanking.dll
2014-08-30 17:12 - 2015-03-17 09:43 - 00587048 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1462671516-2646988751-4029834669-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Stuart\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKU\S-1-5-21-1462671516-2646988751-4029834669-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1462671516-2646988751-4029834669-1001\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Accounts: =============================

Administrator (S-1-5-21-1462671516-2646988751-4029834669-500 - Administrator - Disabled)
Ella (S-1-5-21-1462671516-2646988751-4029834669-1003 - Administrator - Enabled) => C:\Users\Ella
Guest (S-1-5-21-1462671516-2646988751-4029834669-501 - Limited - Disabled)
Janet (S-1-5-21-1462671516-2646988751-4029834669-1002 - Limited - Enabled) => C:\Users\Janet
Sophie (S-1-5-21-1462671516-2646988751-4029834669-1004 - Limited - Enabled) => C:\Users\Sophie
Stuart (S-1-5-21-1462671516-2646988751-4029834669-1001 - Administrator - Enabled) => C:\Users\Stuart

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/24/2015 05:17:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1716140

Error: (03/24/2015 05:17:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1716140

Error: (03/24/2015 05:17:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/24/2015 05:17:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1700547

Error: (03/24/2015 05:17:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1700547

Error: (03/24/2015 05:17:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/24/2015 04:14:34 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Notifications for the volume C:\ are not active.

Context: Windows Application


Details:
    The volume change journal is being deleted.  (HRESULT : 0x8007049a) (0x8007049a)

Error: (03/24/2015 03:49:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5172

Error: (03/24/2015 03:49:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5172

Error: (03/24/2015 03:49:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (03/24/2015 03:28:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The McAfee Application Installer Cleanup (0275051426583445) service terminated unexpectedly. It has done this 1 time(s).

Error: (03/24/2015 03:18:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The McAfee Application Installer Cleanup (0275051426583445) service terminated unexpectedly. It has done this 1 time(s).

Error: (03/24/2015 02:17:07 PM) (Source: DCOM) (EventID: 10010) (User: Family)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (03/24/2015 02:02:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The McAfee Application Installer Cleanup (0275051426583445) service terminated unexpectedly. It has done this 1 time(s).

Error: (03/24/2015 01:19:50 PM) (Source: DCOM) (EventID: 10010) (User: Family)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (03/24/2015 00:41:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The McAfee Application Installer Cleanup (0275051426583445) service terminated unexpectedly. It has done this 1 time(s).

Error: (03/24/2015 07:35:42 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.

Error: (03/24/2015 07:26:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The McAfee Application Installer Cleanup (0275051426583445) service terminated unexpectedly. It has done this 1 time(s).

Error: (03/23/2015 09:57:33 PM) (Source: DCOM) (EventID: 10016) (User: Family)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}FamilyStuartS-1-5-21-1462671516-2646988751-4029834669-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (03/23/2015 09:57:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The McAfee Application Installer Cleanup (0275051426583445) service terminated unexpectedly. It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (03/24/2015 05:17:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1716140

Error: (03/24/2015 05:17:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1716140

Error: (03/24/2015 05:17:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/24/2015 05:17:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1700547

Error: (03/24/2015 05:17:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1700547

Error: (03/24/2015 05:17:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/24/2015 04:14:34 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Context: Windows Application


Details:
    The volume change journal is being deleted.  (HRESULT : 0x8007049a) (0x8007049a)
C:\

Error: (03/24/2015 03:49:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5172

Error: (03/24/2015 03:49:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5172

Error: (03/24/2015 03:49:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


==================== Memory info ===========================

Processor: Intel® Core™ i3-4010U CPU @ 1.70GHz
Percentage of memory in use: 25%
Total physical RAM: 8075.66 MB
Available physical RAM: 6050.75 MB
Total Pagefile: 9355.66 MB
Available Pagefile: 6805.84 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:325.97 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:537.61 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 56D2C6F6)

Partition: GPT Partition Type.

==================== End Of Log ============================

 


Edited by Stuart1951, 24 March 2015 - 01:18 PM.


BC AdBot (Login to Remove)

 


#2 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:17 PM

Posted 24 March 2015 - 07:22 PM

Hello and welcome to bleeping computer.

Please hover over the magnifying glass next to the google search box and you should see a tiny arrow appear.

Click on that arrow, then click "change search settings"

Now a new window should pop open > (Options > search)

Under the one-click search engine, uncheck everything there except "google" > now highlight the other ones one at a time and click "remove" (unless there is a particular search engine there you want to keep).

Click on OK.

NEXT

Please run the following:

Please download AdwCleaner and save it to your desktop.
http://www.bleepingcomputer.com/download/adwcleaner/?rha=1

**ATTENTION:** After you click the Download Now button, another page will open - DO NOT CLICK any additional 'download now' buttons as they are sponsored advertisements. Please wait and look toward the top or bottom of your browser for the option to Run or Save. Click Save to save the file.

Double click on AdwCleaner.exe to run the tool.
Click on the Scan button.
After the scan has finished... click on the Cleaning button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a log file report (AdwCleaner[S0].txt) will open automatically.
Attach that log file to your next reply.
A copy of that log file will also be saved in the C:\AdwCleaner folder.

Edited by CatByte, 24 March 2015 - 07:22 PM.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#3 Stuart1951

Stuart1951
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:17 AM

Posted 25 March 2015 - 12:03 PM

Thanks for the welcome, the speedy response and the clear advice contained above.

 

I have done as you asked but was unable to "attach" the log file. I have therefore copied and pasted the result below..

 

# AdwCleaner v4.113 - Logfile created 25/03/2015 at 16:36:01
# Updated 22/03/2015 by Xplode
# Database : 2015-03-23.1 [Server]
# Operating system : Windows 8.1  (x64)
# Username : Stuart - FAMILY
# Running from : C:\Users\Stuart\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\Ella\AppData\Roaming\Mozilla\Firefox\Profiles\0pzzsihm.default\user.js
File Found : C:\Users\Janet\AppData\Roaming\Mozilla\Firefox\Profiles\gxysdv7z.default\user.js
File Found : C:\Users\Sophie\AppData\Roaming\Mozilla\Firefox\Profiles\cias9c6a.default\user.js
File Found : C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\79p5m762.default-1427107603372\user.js

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
Key Found : HKCU\Software\AppDataLow\Software\adawarebp

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v36.0.4 (x86 en-GB)

*************************

AdwCleaner[R0].txt - [1149 bytes] - [25/03/2015 16:36:01]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1208 bytes] ########### AdwCleaner v4.113 - Logfile created 25/03/2015 at 16:39:05
# Updated 22/03/2015 by Xplode
# Database : 2015-03-23.1 [Server]
# Operating system : Windows 8.1  (x64)
# Username : Stuart - FAMILY
# Running from : C:\Users\Stuart\Downloads\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

File Deleted : C:\Users\Ella\AppData\Roaming\Mozilla\Firefox\Profiles\0pzzsihm.default\user.js
File Deleted : C:\Users\Janet\AppData\Roaming\Mozilla\Firefox\Profiles\gxysdv7z.default\user.js
File Deleted : C:\Users\Sophie\AppData\Roaming\Mozilla\Firefox\Profiles\cias9c6a.default\user.js
File Deleted : C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\79p5m762.default-1427107603372\user.js

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v36.0.4 (x86 en-GB)


*************************

AdwCleaner[R0].txt - [1287 bytes] - [25/03/2015 16:36:01]
AdwCleaner[S0].txt - [1226 bytes] - [25/03/2015 16:39:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1285  bytes] ##########

 

Hope that helps and thanks again for the help thus far.
 



#4 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:17 PM

Posted 25 March 2015 - 12:06 PM

please run a fresh scan with FRST and post the new log

 

please advise if there are any outstanding issues.


Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#5 Stuart1951

Stuart1951
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:17 AM

Posted 25 March 2015 - 12:28 PM

Thanks again. Once more I will have to copy and paste the log. Hope that is ok.

 

can result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Stuart (administrator) on FAMILY on 25-03-2015 17:19:44
Running from c:\Users\Stuart\Downloads
Loaded Profiles: Stuart (Available profiles: Stuart & Janet & Ella & Sophie)
Platform: Windows 8.1 (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avpui.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSPanel.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [111976 2013-09-11] (Intel Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe [9566192 2015-03-10] ()
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)
HKU\S-1-5-21-1462671516-2646988751-4029834669-1001\...\Run: [Spotify] => C:\Users\Stuart\AppData\Roaming\Spotify\spotify.exe [6737976 2015-03-01] (Spotify Ltd)
HKU\S-1-5-21-1462671516-2646988751-4029834669-1001\...\Run: [Spotify Web Helper] => C:\Users\Stuart\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2015-03-01] (Spotify Ltd)
HKU\S-1-5-21-1462671516-2646988751-4029834669-1001\...\RunOnce: [Adobe Speed Launcher] => 1427301718
HKU\S-1-5-21-1462671516-2646988751-4029834669-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11776 2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [KAVOverlayIcon] -> {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\shellex.dll (Kaspersky Lab ZAO)
ShellIconOverlayIdentifiers-x32: [KAVOverlayIcon] -> {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\shellex.dll (Kaspersky Lab ZAO)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1462671516-2646988751-4029834669-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-1462671516-2646988751-4029834669-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-1462671516-2646988751-4029834669-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.bbc.co.uk/sport/0/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-03-17] (Kaspersky Lab ZAO)
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-03-17] (IObit)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-22] (Oracle Corporation)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-03-17] (Kaspersky Lab ZAO)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-22] (Oracle Corporation)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-03-17] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\IEExt\ie_plugin.dll [2015-03-17] (Kaspersky Lab ZAO)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-22] (Oracle Corporation)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\IEExt\ie_plugin.dll [2015-03-17] (Kaspersky Lab ZAO)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-22] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\IEExt\ie_plugin.dll [2015-03-17] (Kaspersky Lab ZAO)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\79p5m762.default-1427107603372
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-03-01] ()
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-22] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-01] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-22] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-03-17] ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-03-17] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-03-17] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: FoxTrick - C:\Users\Stuart\AppData\Roaming\Mozilla\Firefox\Profiles\79p5m762.default-1427107603372\Extensions\{9d1f059c-cada-4111-9696-41a62d64e3ba} [2015-03-24]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-03-17]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Віртуальна клавіатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-03-17]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Безпечні платежі - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-03-17]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 0275051426583445mcinstcleanup; C:\Users\Ella\AppData\Local\Temp\027505~1.EXE [851136 2014-08-08] (McAfee, Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [File not signed]
R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [115632 2013-09-11] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116656 2013-09-11] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148688 2013-09-11] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [124880 2013-09-11] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-09] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel® Corporation) [File not signed]
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe [720760 2015-03-10] ()
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-03-17] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [1055008 2015-01-14] (IObit)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
S3 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-06] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [71952 2014-03-31] (ASUS Corporation)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [143568 2013-09-11] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [114680 2013-09-11] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [287160 2013-09-11] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494272 2013-09-11] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [150536 2015-03-17] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [247480 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [800440 2015-03-17] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [68616 2015-03-17] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [77512 2015-03-17] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-03-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2014-02-11] (Windows ® Win 7 DDK provider)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [423128 2013-07-24] (Realsil Semiconductor Corporation)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-01-22] (BitDefender S.R.L.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]
U0 msahci; system32\drivers\msahci.sys

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-25 16:35 - 2015-03-25 16:39 - 00000000 ____D () C:\AdwCleaner
2015-03-25 16:34 - 2015-03-25 16:34 - 02168320 _____ () C:\Users\Stuart\Downloads\AdwCleaner.exe
2015-03-24 19:59 - 2015-03-24 19:59 - 00000000 __SHD () C:\Users\Stuart\AppData\Local\EmieBrowserModeList
2015-03-24 17:58 - 2015-03-24 17:59 - 00029864 _____ () C:\Users\Stuart\Downloads\Addition.txt
2015-03-24 17:57 - 2015-03-25 17:19 - 00021929 _____ () C:\Users\Stuart\Downloads\FRST.txt
2015-03-24 17:53 - 2015-03-24 17:53 - 02095616 _____ (Farbar) C:\Users\Stuart\Downloads\FRST64.exe
2015-03-24 16:38 - 2015-03-25 17:19 - 00000000 ____D () C:\FRST
2015-03-24 15:38 - 2015-03-24 15:38 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-03-24 12:45 - 2015-03-24 12:45 - 00002325 _____ () C:\Users\Sophie\Desktop\Safe Money.lnk
2015-03-22 18:27 - 2015-03-22 18:27 - 00000000 ____D () C:\Users\Stuart\AppData\Roaming\Lavasoft
2015-03-22 18:12 - 2015-03-22 18:12 - 00000000 ____D () C:\Users\Ella\AppData\Roaming\LavasoftStatistics
2015-03-22 18:11 - 2015-03-25 16:41 - 00002347 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2015-03-22 18:11 - 2015-03-25 16:41 - 00002347 _____ () C:\ProgramData\Desktop\Ad-Aware Antivirus.lnk
2015-03-22 18:11 - 2015-03-22 18:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-03-22 18:11 - 2015-03-22 18:11 - 00000000 ____D () C:\Program Files\Lavasoft
2015-03-22 18:10 - 2015-03-22 18:10 - 00000000 ____D () C:\Users\Ella\AppData\Local\Lavasoft
2015-03-22 18:10 - 2015-03-22 18:10 - 00000000 ____D () C:\ProgramData\Lavasoft
2015-03-22 18:09 - 2015-03-22 18:09 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2015-03-22 18:00 - 2015-03-22 18:00 - 00305664 _____ (Secure By Design Inc.) C:\Users\Stuart\Downloads\Ninite AdAware Installer.exe
2015-03-22 17:58 - 2015-03-22 17:58 - 00000000 ____D () C:\Users\Ella\AppData\Local\Adobe
2015-03-22 17:23 - 2015-03-25 16:41 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-22 17:22 - 2015-03-22 17:22 - 00001120 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-22 17:22 - 2015-03-22 17:22 - 00001120 _____ () C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-22 17:20 - 2015-03-22 17:20 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Stuart\Downloads\mbam-setup-2.1.4.1018.exe
2015-03-22 13:30 - 2015-03-23 10:46 - 00000000 ____D () C:\Users\Stuart\Desktop\Old Firefox Data
2015-03-21 19:32 - 2015-03-21 19:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-19 09:16 - 2015-03-19 09:16 - 00000000 ____D () C:\Users\Ella\AppData\Local\Macromedia
2015-03-17 22:11 - 2015-03-17 22:13 - 00000000 ____D () C:\Users\Ella\Desktop\New folder
2015-03-17 22:10 - 2015-03-17 22:10 - 00002325 _____ () C:\Users\Ella\Desktop\Safe Money.lnk
2015-03-17 16:39 - 2015-03-17 16:39 - 00000000 ____D () C:\Users\Janet\AppData\Local\Apple
2015-03-17 16:05 - 2015-03-17 16:05 - 00002325 _____ () C:\Users\Janet\Desktop\Safe Money.lnk
2015-03-17 09:45 - 2015-03-17 09:45 - 00000000 ____D () C:\Users\Stuart\Desktop\New folder
2015-03-17 09:37 - 2015-03-17 09:37 - 00002325 _____ () C:\Users\Stuart\Desktop\Safe Money.lnk
2015-03-17 09:37 - 2015-03-17 09:37 - 00002071 _____ () C:\Users\Public\Desktop\Kaspersky Total Security.lnk
2015-03-17 09:37 - 2015-03-17 09:37 - 00002071 _____ () C:\ProgramData\Desktop\Kaspersky Total Security.lnk
2015-03-17 09:37 - 2015-03-17 09:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2015-03-17 09:37 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-03-17 09:35 - 2015-03-25 17:10 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-03-17 09:35 - 2015-03-17 09:35 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2015-03-17 09:35 - 2014-08-12 18:32 - 00247480 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-03-17 09:28 - 2015-03-17 09:28 - 00000000 ____D () C:\Users\Ella\AppData\Roaming\ProductData
2015-03-17 09:27 - 2015-03-17 09:28 - 00002388 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Stuart
2015-03-17 09:27 - 2015-03-17 09:28 - 00000290 _____ () C:\Windows\Tasks\Uninstaller_SkipUac_Stuart.job
2015-03-17 09:27 - 2015-03-17 09:27 - 00001274 _____ () C:\Users\Ella\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2015-03-17 09:16 - 2015-03-17 09:16 - 00000000 ___HD () C:\kleaner.tmp
2015-03-11 11:05 - 2015-02-06 23:09 - 00396419 _____ () C:\Windows\system32\ApnDatabase.xml
2015-03-11 11:05 - 2015-02-03 23:58 - 00264000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-03-11 11:05 - 2015-02-03 23:58 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-03-11 11:05 - 2015-02-03 23:58 - 00044024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-03-11 11:05 - 2015-02-02 23:53 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2015-03-11 11:05 - 2015-02-02 23:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2015-03-11 11:05 - 2015-01-27 03:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2015-03-11 11:05 - 2015-01-24 01:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2015-03-11 11:05 - 2015-01-23 07:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-03-11 11:05 - 2015-01-23 05:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-03-11 11:04 - 2015-02-07 23:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-03-11 11:04 - 2015-02-07 23:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-03-11 11:04 - 2015-02-06 01:28 - 02257408 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-03-11 11:04 - 2015-02-06 01:08 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-03-11 11:04 - 2015-02-05 20:24 - 01113920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-03-11 11:04 - 2015-02-03 00:03 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2015-03-11 11:04 - 2015-02-03 00:02 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2015-03-11 11:04 - 2015-01-30 23:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-03-11 11:04 - 2015-01-30 23:29 - 02484224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-03-11 11:04 - 2015-01-30 03:01 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2015-03-11 11:04 - 2015-01-30 03:00 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2015-03-11 11:04 - 2015-01-30 02:03 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-03-11 11:04 - 2015-01-30 02:03 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-03-11 11:04 - 2015-01-30 02:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-03-11 11:04 - 2015-01-30 01:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-03-11 11:04 - 2015-01-30 01:42 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-03-11 11:04 - 2015-01-30 01:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2015-03-11 11:04 - 2015-01-30 01:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-03-11 11:04 - 2015-01-30 01:29 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll
2015-03-11 11:04 - 2015-01-30 01:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-03-11 11:04 - 2015-01-30 01:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2015-03-11 11:04 - 2015-01-30 01:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2015-03-11 11:04 - 2015-01-30 01:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-03-11 11:04 - 2015-01-30 01:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2015-03-11 11:04 - 2015-01-29 01:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-03-11 11:04 - 2015-01-29 01:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2015-03-11 11:04 - 2015-01-29 01:11 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 11:04 - 2015-01-29 01:04 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-03-11 11:04 - 2015-01-29 01:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-03-11 11:04 - 2015-01-29 01:00 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 11:04 - 2015-01-29 00:59 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-03-11 11:04 - 2015-01-29 00:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-03-11 11:04 - 2015-01-29 00:50 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-03-11 11:04 - 2015-01-29 00:49 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-03-11 11:04 - 2015-01-28 02:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2015-03-11 11:04 - 2015-01-28 01:47 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2015-03-11 11:04 - 2015-01-27 23:47 - 02501368 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-03-11 11:04 - 2015-01-27 23:41 - 02207488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-03-11 11:04 - 2014-12-11 05:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2015-03-11 11:04 - 2014-10-29 02:46 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2015-03-11 11:04 - 2014-10-29 02:46 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2015-03-11 11:04 - 2014-10-29 02:45 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-03-11 11:04 - 2014-10-29 02:43 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\printui.exe
2015-03-11 11:04 - 2014-10-29 02:34 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-03-11 11:04 - 2014-10-29 02:34 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe
2015-03-11 11:04 - 2014-10-29 02:34 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2015-03-11 11:04 - 2014-10-29 02:04 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\findnetprinters.dll
2015-03-11 11:04 - 2014-10-29 02:03 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\fsquirt.exe
2015-03-11 11:04 - 2014-10-29 01:58 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.exe
2015-03-11 11:04 - 2014-10-29 01:52 - 00289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compstui.dll
2015-03-11 11:04 - 2014-10-29 01:51 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-03-11 11:04 - 2014-10-29 01:45 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2015-03-11 11:04 - 2014-10-29 01:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\findnetprinters.dll
2015-03-11 11:04 - 2014-10-29 01:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\atlthunk.dll
2015-03-11 11:04 - 2014-10-29 01:20 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-03-11 11:04 - 2014-10-29 01:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\eappprxy.dll
2015-03-11 11:04 - 2014-10-29 01:15 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2015-03-11 11:04 - 2014-10-29 01:13 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2015-03-11 11:04 - 2014-10-29 00:59 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappprxy.dll
2015-03-11 11:04 - 2014-10-29 00:55 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2015-03-11 11:04 - 2014-10-29 00:55 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2015-03-11 11:04 - 2014-10-29 00:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2015-03-11 11:04 - 2014-10-29 00:41 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2015-03-11 11:04 - 2014-10-29 00:35 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2015-03-11 08:29 - 2015-03-06 02:53 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 08:29 - 2015-03-06 02:33 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 08:29 - 2015-02-25 23:26 - 04178944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 08:29 - 2015-02-20 03:03 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 08:29 - 2015-02-20 02:58 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 08:29 - 2015-02-20 02:20 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 08:29 - 2015-02-20 02:15 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 08:29 - 2015-01-30 23:20 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 08:29 - 2015-01-28 15:41 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 08:29 - 2015-01-28 15:41 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-03-11 08:29 - 2015-01-28 15:41 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-03-11 08:29 - 2015-01-27 04:22 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 08:29 - 2015-01-27 02:11 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 08:29 - 2014-10-29 03:56 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-03-11 08:29 - 2014-10-29 02:49 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 08:29 - 2014-10-29 02:44 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 08:29 - 2014-10-29 02:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 08:29 - 2014-10-29 02:37 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2015-03-11 08:29 - 2014-10-29 02:04 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 08:29 - 2014-10-29 02:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 08:29 - 2014-10-29 02:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 08:28 - 2015-02-21 01:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 08:28 - 2015-02-21 00:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 08:28 - 2015-02-21 00:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 08:28 - 2015-02-21 00:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-03-11 08:28 - 2015-02-21 00:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 08:28 - 2015-02-20 23:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 08:28 - 2015-02-20 23:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 08:28 - 2015-02-20 02:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 08:28 - 2015-02-20 02:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 08:28 - 2015-02-20 02:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 08:28 - 2015-02-20 02:35 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-11 08:28 - 2015-02-20 02:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 08:28 - 2015-02-20 02:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 08:28 - 2015-02-20 02:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 08:28 - 2015-02-20 02:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-03-11 08:28 - 2015-02-20 02:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 08:28 - 2015-02-20 02:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 08:28 - 2015-02-20 02:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 08:28 - 2015-02-20 01:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-03-11 08:28 - 2015-02-20 01:56 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-03-11 08:28 - 2015-02-20 01:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-03-11 08:28 - 2015-02-20 01:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 08:28 - 2015-02-20 01:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 08:28 - 2015-02-20 01:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 08:28 - 2015-02-20 01:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 08:28 - 2015-02-20 01:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 08:28 - 2015-02-20 01:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-03-11 08:28 - 2015-02-20 01:29 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-03-11 08:28 - 2015-02-20 01:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 08:28 - 2015-02-20 01:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-03-11 08:28 - 2015-02-20 01:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 08:28 - 2015-02-20 01:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 08:28 - 2015-02-20 01:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 08:28 - 2015-02-20 01:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 08:28 - 2015-02-20 01:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 08:28 - 2015-02-20 00:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 08:28 - 2015-02-20 00:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 08:28 - 2015-01-29 18:45 - 01763352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 08:28 - 2015-01-29 18:34 - 01488040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 08:27 - 2015-02-12 17:40 - 22291584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 08:27 - 2015-02-12 17:34 - 19731824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 08:27 - 2015-01-28 01:31 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 08:27 - 2015-01-28 01:11 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-11 08:27 - 2015-01-21 05:54 - 01384712 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 08:27 - 2015-01-21 05:15 - 01123848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-06 15:17 - 2015-03-06 15:17 - 00000000 ____D () C:\ProgramData\HP
2015-03-06 15:17 - 2010-05-14 15:04 - 00138752 _____ (Hewlett-Packard Company) C:\Windows\system32\hpf3l02t.dll
2015-03-04 10:30 - 2015-03-24 13:59 - 00000000 ____D () C:\Users\Stuart\Documents\Finance
2015-03-04 10:29 - 2015-03-04 10:30 - 00000000 ____D () C:\Users\Stuart\Documents\Books
2015-03-04 10:27 - 2015-03-17 20:27 - 00000000 ____D () C:\Users\Stuart\Documents\HatTrick
2015-03-04 08:29 - 2015-03-04 08:29 - 00000000 ____D () C:\Users\Janet\AppData\Local\Adobe
2015-03-03 17:13 - 2015-03-03 17:13 - 00002411 _____ () C:\Users\Stuart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sky Go Desktop.lnk
2015-03-03 17:13 - 2015-03-03 17:13 - 00002381 _____ () C:\Users\Stuart\Desktop\Sky Go Desktop.lnk
2015-03-03 16:50 - 2015-03-03 16:50 - 00001190 _____ () C:\Users\Stuart\Desktop\BBC iPlayer Downloads.lnk
2015-03-03 16:50 - 2015-03-03 16:50 - 00000000 ____D () C:\Users\Stuart\AppData\Local\BBC
2015-03-03 16:49 - 2015-03-03 16:49 - 21602304 _____ () C:\Users\Stuart\Downloads\BBC-iPlayer-Downloads-1.11.1.msi
2015-03-03 15:17 - 2015-03-03 15:17 - 00000000 ____D () C:\Users\Janet\AppData\Local\Macromedia
2015-03-03 15:01 - 2015-03-03 15:01 - 00000000 ____D () C:\Users\Janet\AppData\Roaming\ProductData
2015-03-03 13:50 - 2015-03-03 13:50 - 00000000 ____D () C:\Users\Janet\AppData\Roaming\WebStorage
2015-03-03 13:49 - 2015-03-22 18:47 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1462671516-2646988751-4029834669-1002
2015-03-03 13:48 - 2015-03-03 13:48 - 00000000 ____D () C:\Users\Janet\AppData\Roaming\Mozilla
2015-03-03 13:48 - 2015-03-03 13:48 - 00000000 ____D () C:\Users\Janet\AppData\Local\Mozilla
2015-03-03 13:44 - 2015-03-25 15:28 - 00000074 _____ () C:\Users\Janet\AppData\Roaming\sp_data.sys
2015-03-03 13:44 - 2015-03-04 08:29 - 00000000 ____D () C:\Users\Janet\AppData\Roaming\Adobe
2015-03-03 13:44 - 2015-03-03 13:46 - 00000000 ____D () C:\Users\Janet\AppData\Local\Packages
2015-03-03 13:44 - 2015-03-03 13:44 - 00001448 _____ () C:\Users\Janet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-03 13:44 - 2015-03-03 13:44 - 00000020 ___SH () C:\Users\Janet\ntuser.ini
2015-03-03 13:44 - 2015-03-03 13:44 - 00000000 ____D () C:\Users\Janet\AppData\Roaming\IObit
2015-03-03 13:44 - 2015-03-03 13:44 - 00000000 ____D () C:\Users\Janet\AppData\Local\VirtualStore
2015-03-03 13:44 - 2015-03-03 13:44 - 00000000 ____D () C:\Users\Janet
2015-03-03 13:44 - 2015-03-01 10:30 - 00000000 ____D () C:\Users\Janet\AppData\Roaming\Macromedia
2015-03-03 13:44 - 2014-10-29 14:11 - 00000000 ___RD () C:\Users\Janet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-03 13:44 - 2014-10-29 13:20 - 00000000 ___RD () C:\Users\Janet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-03 13:44 - 2014-03-18 15:27 - 00000369 _____ () C:\Users\Janet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-03-03 13:44 - 2014-03-18 15:27 - 00000369 _____ () C:\Users\Janet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-03-03 13:44 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Janet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-03 13:44 - 2013-08-22 15:36 - 00000000 ____D () C:\Users\Janet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-03 13:41 - 2015-03-03 13:41 - 00000000 ____D () C:\Users\Sophie\AppData\Roaming\Mozilla
2015-03-03 13:41 - 2015-03-03 13:41 - 00000000 ____D () C:\Users\Sophie\AppData\Local\Mozilla
2015-03-03 13:37 - 2015-03-24 12:50 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1462671516-2646988751-4029834669-1004
2015-03-03 13:37 - 2015-03-03 13:37 - 00000000 ____D () C:\Users\Sophie\AppData\Roaming\WebStorage
2015-03-03 13:32 - 2015-03-24 12:47 - 00000074 _____ () C:\Users\Sophie\AppData\Roaming\sp_data.sys
2015-03-03 13:32 - 2015-03-03 13:33 - 00000000 ____D () C:\Users\Sophie\AppData\Local\Packages
2015-03-03 13:32 - 2015-03-03 13:32 - 00001448 _____ () C:\Users\Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-03 13:32 - 2015-03-03 13:32 - 00000020 ___SH () C:\Users\Sophie\ntuser.ini
2015-03-03 13:32 - 2015-03-03 13:32 - 00000000 ____D () C:\Users\Sophie\AppData\Roaming\IObit
2015-03-03 13:32 - 2015-03-03 13:32 - 00000000 ____D () C:\Users\Sophie\AppData\Roaming\Adobe
2015-03-03 13:32 - 2015-03-03 13:32 - 00000000 ____D () C:\Users\Sophie\AppData\Local\VirtualStore
2015-03-03 13:32 - 2015-03-03 13:32 - 00000000 ____D () C:\Users\Sophie
2015-03-03 13:32 - 2015-03-01 10:30 - 00000000 ____D () C:\Users\Sophie\AppData\Roaming\Macromedia
2015-03-03 13:32 - 2014-10-29 14:11 - 00000000 ___RD () C:\Users\Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-03 13:32 - 2014-10-29 13:20 - 00000000 ___RD () C:\Users\Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-03 13:32 - 2014-03-18 15:27 - 00000369 _____ () C:\Users\Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-03-03 13:32 - 2014-03-18 15:27 - 00000369 _____ () C:\Users\Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-03-03 13:32 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-03 13:32 - 2013-08-22 15:36 - 00000000 ____D () C:\Users\Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-03 13:25 - 2015-03-03 13:26 - 00000000 ____D () C:\Users\Ella\AppData\Roaming\Mozilla
2015-03-03 13:25 - 2015-03-03 13:25 - 00000000 ____D () C:\Users\Ella\AppData\Local\Mozilla
2015-03-03 13:18 - 2015-03-05 13:09 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1462671516-2646988751-4029834669-1003
2015-03-03 13:18 - 2015-03-03 13:18 - 00000000 ____D () C:\Users\Ella\AppData\Roaming\WebStorage
2015-03-03 13:12 - 2015-03-24 16:16 - 00000074 _____ () C:\Users\Ella\AppData\Roaming\sp_data.sys
2015-03-03 13:12 - 2015-03-22 17:59 - 00000000 ____D () C:\Users\Ella\AppData\Roaming\Adobe
2015-03-03 13:12 - 2015-03-17 09:29 - 00000000 ____D () C:\Users\Ella\AppData\Roaming\IObit
2015-03-03 13:12 - 2015-03-03 13:17 - 00000000 ____D () C:\Users\Ella\AppData\Local\Packages
2015-03-03 13:12 - 2015-03-03 13:13 - 00000000 ____D () C:\Users\Ella
2015-03-03 13:12 - 2015-03-03 13:12 - 00001448 _____ () C:\Users\Ella\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-03 13:12 - 2015-03-03 13:12 - 00000020 ___SH () C:\Users\Ella\ntuser.ini
2015-03-03 13:12 - 2015-03-03 13:12 - 00000000 ____D () C:\Users\Ella\AppData\Local\VirtualStore
2015-03-03 13:12 - 2015-03-03 13:12 - 00000000 ____D () C:\Users\Ella\AppData\Local\ASUS
2015-03-03 13:12 - 2015-03-01 10:30 - 00000000 ____D () C:\Users\Ella\AppData\Roaming\Macromedia
2015-03-03 13:12 - 2014-10-29 14:11 - 00000000 ___RD () C:\Users\Ella\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-03 13:12 - 2014-10-29 13:20 - 00000000 ___RD () C:\Users\Ella\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-03 13:12 - 2014-03-18 15:27 - 00000369 _____ () C:\Users\Ella\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-03-03 13:12 - 2014-03-18 15:27 - 00000369 _____ () C:\Users\Ella\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-03-03 13:12 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Ella\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-03 13:12 - 2013-08-22 15:36 - 00000000 ____D () C:\Users\Ella\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-03 12:39 - 2015-03-03 12:39 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-03 12:39 - 2015-03-03 12:39 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-03 12:36 - 2015-03-24 12:59 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-03 12:36 - 2015-03-24 12:53 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-02 15:29 - 2015-01-19 18:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-03-02 15:29 - 2014-12-19 08:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-03-02 15:29 - 2014-12-19 08:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-03-02 15:29 - 2014-12-13 21:28 - 00513488 _____ () C:\Windows\SysWOW64\locale.nls
2015-03-02 15:29 - 2014-12-13 21:28 - 00513488 _____ () C:\Windows\system32\locale.nls
2015-03-02 15:29 - 2014-11-10 02:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll
2015-03-02 15:29 - 2014-11-10 01:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
2015-03-02 15:29 - 2014-10-30 23:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-02 15:29 - 2014-10-30 23:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-02 15:29 - 2014-10-29 01:27 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-03-02 15:29 - 2014-10-29 01:27 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2015-03-02 15:29 - 2014-10-29 01:04 - 00868352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-03-02 15:29 - 2014-10-29 01:04 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2015-03-02 15:29 - 2014-10-13 02:33 - 00116032 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-03-02 15:29 - 2014-10-11 00:58 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-03-02 15:29 - 2014-10-11 00:53 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-03-02 15:29 - 2014-10-08 07:30 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-03-02 15:29 - 2014-10-08 07:09 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-03-02 15:29 - 2014-10-08 06:27 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-03-02 15:29 - 2014-09-22 04:38 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-03-02 15:29 - 2014-09-19 00:16 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-03-02 15:28 - 2015-02-03 23:38 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-02 15:28 - 2015-02-03 23:08 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-02 15:28 - 2015-02-03 23:08 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-02 15:28 - 2015-02-02 23:11 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-03-02 15:28 - 2015-02-02 23:11 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-02 15:28 - 2015-02-02 23:11 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-02 15:28 - 2014-12-02 23:09 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-03-02 12:50 - 2015-01-15 22:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-02 12:50 - 2015-01-15 22:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-02 12:50 - 2015-01-14 04:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-03-02 12:50 - 2015-01-14 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-03-02 12:50 - 2014-12-09 01:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-03-02 12:50 - 2014-10-29 02:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-02 12:50 - 2014-10-29 02:50 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-02 12:50 - 2014-10-29 02:06 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-02 12:50 - 2014-10-29 02:06 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-02 12:50 - 2014-10-29 01:31 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-02 12:49 - 2014-12-12 02:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-03-02 12:49 - 2014-12-12 00:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-03-02 12:49 - 2014-12-09 03:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-03-02 12:49 - 2014-12-09 01:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-03-02 12:49 - 2014-10-29 02:02 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-03-02 12:49 - 2014-10-29 02:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-03-02 12:49 - 2014-10-29 01:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-03-02 12:49 - 2014-10-29 01:15 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-03-02 12:49 - 2014-10-29 01:15 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-03-02 12:49 - 2014-10-29 01:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-03-02 12:49 - 2014-10-29 01:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-03-02 12:49 - 2014-10-29 01:13 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-03-02 12:49 - 2014-09-27 07:13 - 00104336 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-03-02 12:49 - 2014-09-27 05:24 - 00088800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-03-02 12:49 - 2014-09-27 03:30 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-03-02 12:49 - 2014-08-02 00:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-03-02 12:48 - 2015-01-12 02:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-02 12:48 - 2015-01-12 01:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-02 12:48 - 2015-01-12 01:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-02 12:48 - 2015-01-12 01:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-02 12:48 - 2014-12-19 06:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-03-02 12:48 - 2014-11-22 02:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-03-02 12:48 - 2014-11-22 02:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-03-02 12:48 - 2014-10-31 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-03-02 12:48 - 2014-10-31 05:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-03-02 12:48 - 2014-10-31 05:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-03-02 12:48 - 2014-10-31 05:09 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-03-02 12:48 - 2014-10-31 05:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-03-02 12:48 - 2014-10-31 05:06 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-03-02 12:48 - 2014-10-31 05:06 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-02 12:48 - 2014-10-31 05:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-02 12:48 - 2014-10-31 04:57 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-02 12:48 - 2014-10-31 04:56 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-02 12:48 - 2014-10-31 04:54 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-03-02 12:48 - 2014-10-31 04:53 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-02 12:48 - 2014-10-31 04:52 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2015-03-02 12:48 - 2014-10-31 04:51 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-02 12:48 - 2014-10-31 04:51 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-02 12:48 - 2014-10-31 04:40 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-03-02 12:48 - 2014-10-31 04:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-02 12:48 - 2014-10-31 04:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-03-02 12:48 - 2014-10-31 04:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-03-02 12:48 - 2014-10-31 04:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-03-02 12:48 - 2014-10-31 04:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-02 12:48 - 2014-10-31 04:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-03-02 12:48 - 2014-10-31 04:19 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-03-02 12:48 - 2014-10-31 03:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-03-02 12:48 - 2014-10-31 03:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-03-02 12:48 - 2014-10-31 03:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-03-02 12:48 - 2014-10-31 03:27 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-03-02 12:48 - 2014-10-31 03:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-03-02 12:48 - 2014-10-31 03:25 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-03-02 12:48 - 2014-10-31 03:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-03-02 12:48 - 2014-10-31 03:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-02 12:48 - 2014-10-31 03:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-02 12:48 - 2014-10-31 03:16 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-02 12:48 - 2014-10-31 03:15 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-02 12:48 - 2014-10-31 03:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-03-02 12:48 - 2014-10-31 03:13 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-02 12:48 - 2014-10-31 03:13 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2015-03-02 12:48 - 2014-10-31 03:12 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-02 12:48 - 2014-10-31 03:11 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-02 12:48 - 2014-10-31 03:03 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-03-02 12:48 - 2014-10-31 02:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-02 12:48 - 2014-10-31 02:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-03-02 12:48 - 2014-10-31 02:56 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-03-02 12:48 - 2014-10-31 02:56 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-03-02 12:48 - 2014-10-31 02:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-02 12:48 - 2014-10-31 02:53 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-03-02 12:48 - 2014-10-31 02:48 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-03-02 12:48 - 2014-10-31 02:26 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-03-02 12:48 - 2014-10-31 02:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-03-02 12:48 - 2014-09-04 00:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-03-02 12:48 - 2014-09-04 00:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-03-02 12:48 - 2014-02-06 11:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-02 12:48 - 2014-02-06 11:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-02 12:48 - 2014-02-06 10:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-02 12:47 - 2014-08-23 06:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2015-03-02 12:47 - 2014-08-23 05:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2015-03-02 12:47 - 2014-08-23 04:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2015-03-02 12:46 - 2014-12-08 19:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-03-02 12:46 - 2014-12-08 19:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-02 12:46 - 2014-12-08 19:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-03-02 12:46 - 2014-12-08 19:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-03-02 12:46 - 2014-12-08 19:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-03-02 12:46 - 2014-12-08 19:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-02 12:46 - 2014-12-08 19:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-03-02 12:46 - 2014-12-08 19:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-03-02 12:46 - 2014-12-06 03:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-03-02 12:46 - 2014-12-06 01:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-03-02 12:46 - 2014-12-06 01:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-03-02 12:46 - 2014-11-09 23:19 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-02 12:46 - 2014-11-09 23:19 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-02 12:46 - 2014-11-09 23:18 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-03-02 12:46 - 2014-11-09 23:18 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-03-02 12:46 - 2014-10-30 22:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-03-02 12:46 - 2014-10-30 22:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-03-02 12:46 - 2014-10-29 04:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-03-02 12:46 - 2014-10-29 04:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2015-03-02 12:46 - 2014-10-29 03:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-02 12:46 - 2014-10-29 03:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-02 12:46 - 2014-10-29 03:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-02 12:46 - 2014-10-29 03:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-02 12:46 - 2014-10-29 03:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-03-02 12:46 - 2014-10-29 03:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2015-03-02 12:46 - 2014-10-29 03:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-02 12:46 - 2014-10-29 03:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-02 12:46 - 2014-10-29 03:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-02 12:46 - 2014-10-29 02:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-03-02 12:46 - 2014-10-29 01:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2015-03-02 12:46 - 2014-10-29 01:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-03-02 12:46 - 2014-10-29 01:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-02 12:46 - 2014-10-29 01:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-03-02 12:46 - 2014-10-23 05:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-03-02 12:46 - 2014-10-23 05:05 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-03-02 12:46 - 2014-10-13 02:43 - 00238912 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-03-02 12:46 - 2014-10-13 02:43 - 00153920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-03-02 12:46 - 2014-10-13 02:43 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-03-02 12:46 - 2014-10-13 02:43 - 00039744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2015-03-02 12:46 - 2014-09-10 06:25 - 00474432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-03-02 12:46 - 2014-09-08 03:07 - 02497344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-03-02 12:46 - 2014-09-08 03:07 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-03-02 12:46 - 2014-09-04 03:05 - 00836176 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2015-03-02 12:46 - 2014-09-04 02:22 - 00670384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-03-02 12:46 - 2014-09-04 00:10 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2015-03-02 12:46 - 2014-08-31 00:17 - 00148800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-03-02 12:46 - 2014-08-30 22:05 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2015-03-02 12:46 - 2014-08-30 21:58 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2015-03-02 12:46 - 2014-08-30 21:04 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-03-02 12:46 - 2014-08-30 20:53 - 00239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
2015-03-02 12:46 - 2014-08-30 20:17 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-03-02 12:46 - 2014-08-28 00:21 - 02480128 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-03-02 12:46 - 2014-08-28 00:06 - 02030592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-03-02 12:46 - 2014-08-23 05:18 - 02149376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-03-02 12:46 - 2014-08-23 05:14 - 13424128 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2015-03-02 12:46 - 2014-08-23 05:04 - 11820544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2015-03-02 12:46 - 2014-08-23 05:03 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-03-02 12:46 - 2014-08-23 04:50 - 02714112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-03-02 12:46 - 2014-08-16 04:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2015-03-02 12:46 - 2014-08-16 03:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-03-02 12:46 - 2014-08-16 03:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2015-03-02 12:46 - 2014-08-16 01:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-03-02 12:46 - 2014-08-16 01:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2015-03-02 12:46 - 2014-08-16 00:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-03-02 12:46 - 2014-08-16 00:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2015-03-02 12:46 - 2014-08-16 00:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2015-03-02 12:46 - 2014-08-16 00:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2015-03-02 12:46 - 2014-08-16 00:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2015-03-02 12:46 - 2014-08-16 00:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2015-03-02 12:46 - 2014-08-16 00:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-03-02 12:46 - 2014-08-16 00:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2015-03-02 12:46 - 2014-08-16 00:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2015-03-02 12:46 - 2014-08-16 00:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2015-03-02 12:46 - 2014-08-16 00:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2015-03-02 12:46 - 2014-08-16 00:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2015-03-02 12:46 - 2014-08-16 00:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2015-03-02 12:46 - 2014-08-16 00:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2015-03-02 12:46 - 2014-08-16 00:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-03-02 12:46 - 2014-08-16 00:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2015-03-02 12:46 - 2014-08-16 00:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2015-03-02 12:46 - 2014-08-16 00:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2015-03-02 12:46 - 2014-08-16 00:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-03-02 12:46 - 2014-08-02 00:51 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-03-02 12:46 - 2014-08-02 00:35 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-03-02 12:46 - 2014-07-24 03:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2015-03-02 12:46 - 2014-07-24 03:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2015-03-02 12:46 - 2014-05-19 06:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2015-03-02 12:46 - 2014-05-19 06:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2015-03-02 12:46 - 2014-05-19 05:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2015-03-02 12:45 - 2015-03-02 12:45 - 00114660 _____ () C:\Users\Stuart\Downloads\Forty One Shots 2015(1).ods
2015-03-02 12:44 - 2015-03-02 12:45 - 00114660 _____ () C:\Users\Stuart\Downloads\Forty One Shots 2015.ods
2015-03-01 22:11 - 2015-03-01 22:11 - 00000000 ____D () C:\Users\Stuart\AppData\Roaming\ProductData
2015-03-01 22:10 - 2015-03-17 09:28 - 00000000 ____D () C:\ProgramData\IObit
2015-03-01 22:09 - 2015-03-23 08:17 - 00000000 ____D () C:\ProgramData\ProductData
2015-03-01 22:09 - 2015-03-17 09:27 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-03-01 22:09 - 2015-03-01 22:40 - 00000000 ____D () C:\Users\Stuart\AppData\Roaming\IObit
2015-03-01 22:09 - 2015-03-01 22:09 - 00001301 _____ () C:\Users\Public\Desktop\Start Menu 8.lnk
2015-03-01 22:09 - 2015-03-01 22:09 - 00001301 _____ () C:\ProgramData\Desktop\Start Menu 8.lnk
2015-03-01 22:09 - 2015-03-01 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8
2015-03-01 22:08 - 2015-03-01 22:08 - 09344920 _____ (IObit ) C:\Users\Stuart\Downloads\startmenu-setup.exe
2015-03-01 20:25 - 2015-03-09 15:53 - 00017760 _____ () C:\Users\Stuart\Documents\Pass.ods
2015-03-01 20:05 - 2015-03-01 20:05 - 00000000 ____D () C:\Users\Stuart\AppData\Roaming\LibreOffice
2015-03-01 19:57 - 2015-03-15 18:36 - 00000000 ____D () C:\Users\Stuart\AppData\Local\Spotify
2015-03-01 18:21 - 2015-03-22 17:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-01 18:21 - 2015-03-22 17:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-01 18:21 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-01 18:21 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-01 18:21 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-01 18:21 - 2015-03-01 18:21 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-01 18:20 - 2015-03-01 18:20 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-03-01 18:18 - 2015-03-01 18:18 - 00305664 _____ (Secure By Design Inc.) C:\Users\Stuart\Downloads\Ninite Air Essentials Firefox Java 8 Installer(1).exe
2015-03-01 18:16 - 2015-03-01 18:16 - 00305664 _____ (Secure By Design Inc.) C:\Users\Stuart\Downloads\Ninite Air Essentials Firefox Java 8 Installer.exe
2015-03-01 14:07 - 2015-03-01 14:07 - 00000000 ____D () C:\Users\Stuart\AppData\Local\Macromedia
2015-03-01 14:05 - 2015-03-25 17:10 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-01 14:05 - 2015-03-01 14:05 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-01 10:42 - 2015-03-01 10:43 - 00000000 ____D () C:\Users\Stuart\AppData\Roaming\Mozilla
2015-03-01 10:42 - 2015-03-01 10:43 - 00000000 ____D () C:\Users\Stuart\AppData\Local\Mozilla
2015-03-01 10:41 - 2015-03-01 10:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-03-01 10:41 - 2015-03-01 10:41 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2015-03-01 10:40 - 2015-03-01 10:41 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.4
2015-03-01 10:40 - 2015-03-01 10:40 - 00001516 _____ () C:\Users\Public\Desktop\LibreOffice 4.4.lnk
2015-03-01 10:40 - 2015-03-01 10:40 - 00001516 _____ () C:\ProgramData\Desktop\LibreOffice 4.4.lnk
2015-03-01 10:38 - 2015-03-01 10:40 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2015-03-01 10:37 - 2015-03-04 10:26 - 00000000 ____D () C:\Users\Stuart\AppData\Roaming\Apple Computer
2015-03-01 10:37 - 2015-03-01 10:37 - 00001767 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-03-01 10:37 - 2015-03-01 10:37 - 00001767 _____ () C:\ProgramData\Desktop\iTunes.lnk
2015-03-01 10:37 - 2015-03-01 10:37 - 00000000 ____D () C:\Users\Stuart\AppData\Local\Apple Computer
2015-03-01 10:37 - 2015-03-01 10:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-03-01 10:36 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2015-03-01 10:34 - 2015-03-01 10:36 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-03-01 10:34 - 2015-03-01 10:36 - 00000000 ____D () C:\Program Files\iTunes
2015-03-01 10:34 - 2015-03-01 10:34 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-03-01 10:34 - 2015-03-01 10:34 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2015-03-01 10:34 - 2015-03-01 10:34 - 00000000 ____D () C:\Users\Stuart\AppData\Local\Apple
2015-03-01 10:34 - 2015-03-01 10:34 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-03-01 10:34 - 2015-03-01 10:34 - 00000000 ____D () C:\Program Files\iPod
2015-03-01 10:34 - 2015-03-01 10:34 - 00000000 ____D () C:\Program Files\Bonjour
2015-03-01 10:34 - 2015-03-01 10:34 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-03-01 10:34 - 2015-03-01 10:34 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-03-01 10:34 - 2015-03-01 10:34 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-03-01 10:33 - 2015-03-01 10:34 - 00000000 ____D () C:\ProgramData\Apple
2015-03-01 10:33 - 2015-03-01 10:34 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-03-01 10:32 - 2015-03-22 18:02 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-03-01 10:32 - 2015-03-15 18:41 - 00000000 ____D () C:\Users\Stuart\AppData\Roaming\Spotify
2015-03-01 10:32 - 2015-03-01 10:32 - 00001820 _____ () C:\Users\Stuart\Desktop\Spotify.lnk
2015-03-01 10:32 - 2015-03-01 10:32 - 00001806 _____ () C:\Users\Stuart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-03-01 10:31 - 2015-03-22 18:01 - 00000000 ____D () C:\Program Files\Java
2015-03-01 10:31 - 2015-03-22 18:00 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-03-01 10:31 - 2015-03-01 10:31 - 00000000 ____D () C:\ProgramData\Sun
2015-03-01 10:31 - 2015-03-01 10:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-01 10:30 - 2015-03-22 18:01 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-01 10:30 - 2015-03-02 19:41 - 00000000 ____D () C:\Users\Stuart\AppData\Local\Adobe
2015-03-01 10:30 - 2015-03-02 19:41 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-01 10:30 - 2015-03-01 18:20 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-03-01 10:30 - 2015-03-01 10:30 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-03-01 10:30 - 2015-03-01 10:30 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-03-01 10:30 - 2015-03-01 10:30 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-01 10:29 - 2015-03-01 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-03-01 10:27 - 2015-03-01 10:27 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-03-01 10:27 - 2015-03-01 10:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-03-01 10:26 - 2015-03-22 08:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-01 10:26 - 2015-03-01 10:26 - 00001177 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-01 10:26 - 2015-03-01 10:26 - 00001165 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-01 10:26 - 2015-03-01 10:26 - 00001165 _____ () C:\ProgramData\Desktop\Mozilla Firefox.lnk
2015-03-01 10:26 - 2015-03-01 10:26 - 00000000 ____D () C:\ProgramData\Mozilla
2015-02-28 17:59 - 2015-02-28 17:59 - 00001142 _____ () C:\Users\Stuart\Desktop\Welcome to ASUS Product Registration.lnk
2015-02-28 16:53 - 2015-02-28 16:53 - 00000000 __SHD () C:\Users\Stuart\AppData\Local\EmieUserList
2015-02-28 16:53 - 2015-02-28 16:53 - 00000000 __SHD () C:\Users\Stuart\AppData\Local\EmieSiteList
2015-02-28 16:52 - 2015-02-28 16:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-02-28 16:48 - 2015-03-25 16:44 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B141FB32-3942-4C22-8B81-24AEE17BFE35}
2015-02-28 16:45 - 2015-03-24 07:54 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1462671516-2646988751-4029834669-1001
2015-02-28 16:45 - 2015-02-28 16:45 - 00000000 ____D () C:\Users\Stuart\AppData\Roaming\WebStorage
2015-02-28 16:41 - 2015-03-25 16:43 - 00000074 _____ () C:\Users\Stuart\AppData\Roaming\sp_data.sys
2015-02-28 16:41 - 2015-02-28 17:27 - 00000000 ____D () C:\ProgramData\USBChargerPlus
2015-02-28 16:41 - 2015-02-28 16:41 - 00000000 ____D () C:\Users\Stuart\AppData\Roaming\Macromedia
2015-02-28 16:40 - 2015-03-03 13:45 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-02-28 16:40 - 2015-03-02 19:41 - 00000000 ____D () C:\Users\Stuart\AppData\Roaming\Adobe
2015-02-28 16:40 - 2015-02-28 16:41 - 00000000 ____D () C:\Users\Stuart\AppData\Local\Packages
2015-02-28 16:40 - 2015-02-28 16:40 - 00001448 _____ () C:\Users\Stuart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-28 16:40 - 2015-02-28 16:40 - 00000194 _____ () C:\Windows\FixPatch.log
2015-02-28 16:40 - 2015-02-28 16:40 - 00000180 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-02-28 16:40 - 2015-02-28 16:40 - 00000000 ____D () C:\Users\Stuart\AppData\Local\VirtualStore
2015-02-28 16:40 - 2015-02-28 16:40 - 00000000 ____D () C:\Users\Stuart\AppData\Local\ASUS
2015-02-28 16:39 - 2015-02-28 16:40 - 00000000 ____D () C:\Users\Stuart
2015-02-28 16:39 - 2015-02-28 16:39 - 00000020 ___SH () C:\Users\Stuart\ntuser.ini
2015-02-28 16:39 - 2014-10-29 14:11 - 00000000 ___RD () C:\Users\Stuart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-28 16:39 - 2014-10-29 13:20 - 00000000 ___RD () C:\Users\Stuart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-28 16:39 - 2014-03-18 15:27 - 00000369 _____ () C:\Users\Stuart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-02-28 16:39 - 2014-03-18 15:27 - 00000369 _____ () C:\Users\Stuart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-02-28 16:39 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Stuart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-28 16:39 - 2013-08-22 15:36 - 00000000 ____D () C:\Users\Stuart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-28 16:35 - 2015-03-25 16:52 - 01324877 _____ () C:\Windows\WindowsUpdate.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-25 17:00 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sru
2015-03-25 16:41 - 2013-08-22 14:46 - 00039594 _____ () C:\Windows\setupact.log
2015-03-25 16:41 - 2013-08-22 14:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-25 16:39 - 2013-08-22 13:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2015-03-25 16:27 - 2013-08-22 15:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-03-24 15:42 - 2014-03-18 15:26 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-17 16:40 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-17 09:43 - 2014-08-20 18:04 - 00800440 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-03-17 09:43 - 2014-08-18 14:43 - 00150536 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-03-17 09:43 - 2014-08-13 19:34 - 00077512 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klwtp.sys
2015-03-17 09:43 - 2014-07-25 13:13 - 00068616 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klwfp.sys
2015-03-17 09:37 - 2013-08-22 13:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-03-17 09:35 - 2013-08-22 15:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-03-17 09:17 - 2014-12-11 13:58 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2015-03-17 09:17 - 2014-03-18 08:16 - 00017030 _____ () C:\Windows\PFRO.log
2015-03-17 09:13 - 2014-12-11 13:58 - 00000000 ____D () C:\ProgramData\McAfee
2015-03-12 17:58 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\rescache
2015-03-12 10:29 - 2013-08-22 15:36 - 00000000 ___RD () C:\Windows\ToastData
2015-03-12 10:29 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-12 10:29 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-12 10:29 - 2013-08-22 15:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-12 10:29 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\WinStore
2015-03-12 10:29 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2015-03-12 10:29 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\en-GB
2015-03-12 10:29 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-12 10:29 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-11 22:03 - 2013-08-22 14:44 - 00400712 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-06 12:27 - 2014-03-18 15:10 - 00000000 ____D () C:\Program Files\Windows Journal
2015-03-06 12:27 - 2014-03-18 14:58 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2015-03-06 12:27 - 2014-03-18 14:58 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2015-03-06 12:27 - 2014-03-18 14:58 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2015-03-06 12:27 - 2014-03-18 14:58 - 00000000 ____D () C:\Windows\system32\winrm
2015-03-06 12:27 - 2014-03-18 14:58 - 00000000 ____D () C:\Windows\system32\WCN
2015-03-06 12:27 - 2014-03-18 14:58 - 00000000 ____D () C:\Windows\system32\slmgr
2015-03-06 12:27 - 2013-08-22 15:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-03-06 12:27 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2015-03-06 12:27 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\MUI
2015-03-06 12:27 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-03-06 12:27 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-03-06 12:27 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-03-06 12:27 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\servicing
2015-03-05 19:17 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2015-03-05 19:17 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2015-03-05 13:06 - 2014-03-18 14:58 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2015-03-05 13:06 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2015-03-05 13:06 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\migwiz
2015-03-05 13:06 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Com
2015-03-05 13:06 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\Help
2015-03-05 13:06 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-03-05 13:06 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\system32\oobe
2015-03-05 13:06 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-05 12:45 - 2014-03-18 14:58 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-03-05 12:45 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\Com
2015-03-05 12:45 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-03-05 12:45 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\IME
2015-03-05 12:45 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2015-03-05 12:45 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-05 12:44 - 2013-08-22 15:36 - 00000000 ___SD () C:\Windows\system32\dsc
2015-03-04 21:24 - 2013-08-22 15:38 - 00792032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-04 21:24 - 2013-08-22 15:38 - 00178144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-03 12:39 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\MediaViewer
2015-03-03 12:39 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\FileManager
2015-03-03 12:39 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\Camera
2015-03-03 12:39 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\AppCompat
2015-03-03 12:39 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-28 16:40 - 2014-10-29 13:02 - 00000000 ____D () C:\Windows\Panther
2015-02-28 16:40 - 2014-10-29 11:24 - 00000000 ____D () C:\Windows\Log

==================== Files in the root of some directories =======

2015-02-28 16:41 - 2015-03-25 16:43 - 0000074 _____ () C:\Users\Stuart\AppData\Roaming\sp_data.sys
2014-12-11 13:49 - 2014-12-11 13:49 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-10-29 06:25 - 2012-09-07 11:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-10-29 06:25 - 2009-07-22 10:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-10-29 06:25 - 2012-09-07 11:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS


Some content of TEMP:
====================
C:\Users\Ella\AppData\Local\Temp\0275051426583445mcinst.exe
C:\Users\Ella\AppData\Local\Temp\mccspuninstall.exe
C:\Users\Stuart\AppData\Local\Temp\autorun.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-12 09:48

==================== End Of Log ============================

 

Thanks



#6 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:17 PM

Posted 25 March 2015 - 12:37 PM

how is the computer running now, are there any outstanding issues?


Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#7 Stuart1951

Stuart1951
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:17 AM

Posted 25 March 2015 - 03:40 PM

So far so good. But, until now, I haven't used it after the latest scans. I will post again tomorrow night with an update.

 

Thankyou very much for your assistance, much appreciated.



#8 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:17 PM

Posted 25 March 2015 - 06:35 PM

That's good to hear. Now we can clean up our tools, please do the following:

You can delete the FRST logs and program from your desktop.

 

NEXT

Double click on adwcleaner.exe to run the tool.
Click on the Uninstall button
Confirm with yes

If there are any logs/tools remaining on your desktop > right click and delete them

NEXT

Below I have included a couple of recommendations for how to protect your computer against malware infections.
It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection.
Refer to this Microsoft article - Strong passwords: How to create and use them
http://www.microsoft.com/security/online-privacy/passwords-create.aspx

Keep Windows updated by regularly checking their website at :
http://windowsupdate.microsoft.com

This will ensure your computer has always the latest security updates available installed on your computer.

http://www.mywot.com
Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
Green to go
Yellow for caution
Red to stop
WOT has an addon available for Chrome, Firefox and IE

AdblockPlus, Surf the web without annoying ads!
Blocks banners, pop-ups and video ads - even on Facebook and YouTube
Protects your online privacy
Two-click installation, It's free!
https://adblockplus.org/en/internet-explorer
https://adblockplus.org/en/firefox
https://adblockplus.org/en/chrome
click the link(s) for your browser(s) and download.

Thank you for your patience, and performing all of the procedures requested.

 


Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#9 Stuart1951

Stuart1951
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:17 AM

Posted 26 March 2015 - 05:48 AM

I am pleased to report that there have been no untoward events this morning.

 

I have done as you suggested above, including the downloads. I will now keep my fingers firmly crossed over the next 24 hours or so.

 

I can't express how delighted I am with the support you have given me. The steps you suggested were easy to follow even for a technophobe like me. I will keep an eye on things for a day or so and if there is no repetition of the problem I will gladly make a donation.

 

I just wonder from the logs if you have any idea what this problem was and how it originated. My best guess would be an e mail attachment or a Youtube video. I was recently viewing some of these prior to purchasing a TV and PVR.

 

Thanks again, you have been fantastic.



#10 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:17 PM

Posted 26 March 2015 - 12:03 PM

That's good to hear,

part of the issue is the default settings that are included within the browser, those can be deselected, but they don't offer how that clearly, also adware usually sneaks on the machine by piggy backing in on legitimate downloads and updates so you have to watch carefully and remember to "opt out" of any additional installs.

Also, ads can be delivered as you suspect > email attachments, so be very careful that you identify the source before opening.

Regards

~Cb

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#11 Stuart1951

Stuart1951
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:17 AM

Posted 29 March 2015 - 03:39 PM

That's good to hear,

part of the issue is the default settings that are included within the browser, those can be deselected, but they don't offer how that clearly, also adware usually sneaks on the machine by piggy backing in on legitimate downloads and updates so you have to watch carefully and remember to "opt out" of any additional installs.

Also, ads can be delivered as you suspect > email attachments, so be very careful that you identify the source before opening.

Regards

~Cb

Still all clear - Many thanks - Donation made with pleasure.



#12 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:17 PM

Posted 29 March 2015 - 11:44 PM

you are welcome, and thank-you

stay safe :hello:

~CB

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#13 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:09:17 PM

Posted 29 March 2015 - 11:44 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users