Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Removing Trojan Virus Backdoor Generic12 CDKZ Completely


  • This topic is locked This topic is locked
28 replies to this topic

#1 Sky9928

Sky9928

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:07:34 PM

Posted 25 March 2015 - 02:07 PM

How to remove completely this virus?

My Public Folder always create many random exe file. I have run antivirus and delete the files and the virus is Trojan Virus Backdoor Generic12 CDKZ . But after some times, the exe file is created again and again.

Thanks...


Edited by hamluis, 25 March 2015 - 03:01 PM.
Moved from AII to MRL - Hamluis.


BC AdBot (Login to Remove)

 


#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:34 AM

Posted 25 March 2015 - 02:45 PM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully: :exclame:
  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Step 1

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 jiteshjmedh

jiteshjmedh

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:34 PM

Posted 25 March 2015 - 02:46 PM

Try out the troubleshooting steps on the above link



#4 Sky9928

Sky9928
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:07:34 PM

Posted 25 March 2015 - 03:01 PM

FRST:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by lenovo (administrator) on IDEA-PC on 26-03-2015 02:56:25
Running from C:\Users\lenovo\Downloads\Programs
Loaded Profiles: lenovo (Available profiles: lenovo & MsDtsServer110 & MSSQLServerOLAPService & ReportServer & MSSQLFDLauncher & MSSQLSERVER & Classic .NET AppPool & .NET v4.5 & DefaultAppPool & .NET v2.0 & .NET v4.5 Classic & .NET v2.0 Classic)
Platform: Windows 8.1 Single Language (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Arcai.com) C:\Program Files (x86)\NetCutDefender\services\aips.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
() C:\Program Files\Smartfren Connex CE682 UI\HEject.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\regedit.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13626072 2013-06-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1311304 2013-06-05] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [683352 2013-06-27] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6339656 2013-05-15] (Realtek semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286704 2013-05-08] (Intel Corporation)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-15] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15794160 2013-09-25] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80368 2013-09-25] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [IgfxTray] => C:\windows\system32\igfxtray.exe [457616 2014-10-04] ()
HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [4031152 2013-11-26] (Stardock Corporation)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-31] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-06] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5188112 2014-12-16] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-06] (Adobe Systems Inc.)
HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3882576 2014-11-07] (Tonec Inc.)
HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\Run: [Speech Recognition] => C:\windows\Speech\Common\sapisvr.exe [44544 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\Run: [Leap Control Panel] => C:\Program Files (x86)\Leap Motion\Core Services\LeapControlPanel.exe [2658128 2014-06-06] (Leap Motion, Inc.)
HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\Run: [uTorrent] => C:\Users\lenovo\AppData\Roaming\uTorrent\uTorrent.exe [1936720 2014-08-04] (BitTorrent Inc.)
HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-22] (Piriform Ltd)
HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\MountPoints2: {5b2857cd-87a2-11e3-be84-f82fa8f46a8c} - "G:\Setup.exe" 
HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\MountPoints2: {731c014a-6837-11e3-be75-f82fa8f46a8c} - "J:\Setup.exe" 
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [174856 2014-11-13] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [174856 2014-11-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [156840 2014-11-13] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fences.lnk
ShortcutTarget: Fences.lnk -> C:\Program Files (x86)\Stardock\Fences\Fences.exe (Stardock Corporation)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} =>  No File
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-400893759-885556648-3021147256-1002\Software\Microsoft\Internet Explorer\Main,Search Page = http://hi.ru/search/?q={searchTerms}
HKU\S-1-5-21-400893759-885556648-3021147256-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-400893759-885556648-3021147256-1002 -> {012007EE-26B6-4C6C-9383-A4BFFF2592F0} URL = 
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2014-11-07] (Internet Download Manager, Tonec Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\bin\ssv.dll [2014-01-15] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\bin\jp2ssv.dll [2014-01-15] (Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2014-11-07] (Internet Download Manager, Tonec Inc.)
BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2013-10-05] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-01-29] (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-06] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-01-29] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-06] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-06] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-400893759-885556648-3021147256-1002 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095} 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{82DA6416-0AEF-42EF-9238-39D13422F009}: [NameServer] 8.8.8.8 8.8.4.4
 
FireFox:
========
FF ProfilePath: C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\njhm2646.default-1407796171145
FF DefaultSearchEngine: Google
FF NetworkProxy: "socks_remote_dns", true
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-03-06] ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> D:\bin\dtplugin\npDeployJava1.dll [2014-01-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> D:\bin\plugin2\npjp2.dll [2014-01-15] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-06] ()
FF Plugin-x32: @exent.com/npExentControl,version=7.1.0.1 -> C:\Program Files (x86)\FreeRide Games\npExentControl.dll [2010-10-19] (Exent Technologies Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-01-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-01-29] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-25] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2012-12-14] (Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-11-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-11-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-06] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-400893759-885556648-3021147256-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\lenovo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-27] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-06-28] (Nullsoft, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-02-21]
FF HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\lenovo\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\lenovo\AppData\Roaming\IDM\idmmzcc5 [2014-12-11]
FF HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\lenovo\AppData\Roaming\IDM\idmmzcc5
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://mysearch.avg.com?cid={4CBA4FC1-5E34-4DF7-9948-F8F5582EA259}&mid=48a512585fd547d39dc22966ee10837f-b713803a47fb529df0a45e1326720b63f387e49c&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-09 15:10:52&v=18.1.7.598&pid=safeguard&sg=&sap=hp
CHR StartupUrls: Default -> "hxxp://mysearch.avg.com?cid={4CBA4FC1-5E34-4DF7-9948-F8F5582EA259}&mid=48a512585fd547d39dc22966ee10837f-b713803a47fb529df0a45e1326720b63f387e49c&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-09 15:10:52&v=18.1.7.598&pid=safeguard&sg=&sap=hp"
CHR DefaultSuggestURL: Default -> https://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-19]
CHR Extension: (Google Drive) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-19]
CHR Extension: (YouTube) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-19]
CHR Extension: (Google Search) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-19]
CHR Extension: (IDM Integration Module) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2013-12-19]
CHR Extension: (GWT Developer Plugin) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpjpnpmbddbjkfaccnmhnkdgjideieim [2014-08-07]
CHR Extension: (Google Wallet) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-19]
CHR Extension: (Gmail) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-19]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-10-15]
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-10-15]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AIPS; C:\Program Files (x86)\NetCutDefender\services\AIPS.exe [262144 2011-07-28] (Arcai.com) [File not signed]
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3247120 2014-12-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-12-16] (AVG Technologies CZ, s.r.o.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-05] (Broadcom Corporation.)
S3 BrightstarDB; C:\Program Files\BrightstarDB\Service\BrightstarService.exe [25600 2014-08-10] () [File not signed]
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [958680 2013-05-29] (Broadcom Corporation.)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2014-12-11] (Microsoft Corporation)
R2 CDROM_Eject_H; C:\Program Files\Smartfren Connex CE682 UI\HEject.exe [267776 2011-09-06] () [File not signed]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-05-08] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-04] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-14] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-14] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-16] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe [14760 2013-01-02] (Microsoft Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-03-01] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-16] (Intel Corporation)
S3 LeapService; C:\Program Files (x86)\Leap Motion\Core Services\LeapSvc.exe [5529936 2014-06-06] (Leap Motion, Inc.)
S3 MsDtsServer110; C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe [218040 2012-06-13] (Microsoft Corporation)
S3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [49752 2012-02-11] (Microsoft Corporation)
S3 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [190904 2012-06-13] (Microsoft Corporation)
S3 MSSQLServerOLAPService; C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\msmdsrv.exe [61538744 2012-06-13] (Microsoft Corporation)
S3 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-12-14] (Nitro PDF Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 ReportServer; C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2348472 2012-06-13] (Microsoft Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-26] (CACE Technologies, Inc.)
S3 SQL Server Distributed Replay Client; C:\Program Files (x86)\Microsoft SQL Server\110\Tools\DReplayClient\DReplayClient.exe [137304 2012-02-12] (Microsoft Corporation)
S3 SQL Server Distributed Replay Controller; C:\Program Files (x86)\Microsoft SQL Server\110\Tools\DReplayController\DReplayController.exe [342104 2012-02-12] (Microsoft Corporation)
S3 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [608696 2012-06-13] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-20] (Adobe Systems Incorporated) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2013-09-25] ()
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-05] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-12-11] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [546304 2014-12-11] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
S2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [620056 2015-03-15] ()
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-05] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-07-01] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-22] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-25] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-10-30] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [270104 2014-07-01] (AVG Technologies CZ, s.r.o.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-05] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R3 btwpanfl; C:\WINDOWS\system32\drivers\btwpanfl.sys [44912 2013-01-20] (Broadcom Corporation.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-12-23] (Disc Soft Ltd)
S3 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-26] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S4 RsFx0200; C:\Windows\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8243528 2013-05-15] (Realtek Semiconductor Corp.)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 UsbModemDriver; C:\Windows\system32\DRIVERS\USB_MODEM_H.sys [28160 2011-04-08] ()
R3 USB_BusEnum_H; C:\Windows\System32\drivers\USB_BusEnum_H.sys [44544 2009-11-05] ()
R3 USB_ETS_H; C:\Windows\System32\drivers\USB_ETS_H.sys [21760 2008-05-31] (Via Telecom, Inc.)
R3 USB_WinMux_H; C:\Windows\system32\DRIVERS\USB_WinMux_H.sys [37376 2009-10-27] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
R2 X5XSEx_Pr148; C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys [56136 2012-08-03] (Exent Technologies Ltd.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-26 02:56 - 2015-03-26 02:56 - 00000000 ____D () C:\FRST
2015-03-26 02:39 - 2015-03-26 02:39 - 00074377 _____ () C:\Users\lenovo\Documents\Result.txt
2015-03-26 02:33 - 2015-03-26 02:33 - 00001828 _____ () C:\Users\lenovo\Documents\JRT.txt
2015-03-26 02:32 - 2015-03-26 02:32 - 00001828 _____ () C:\Users\lenovo\Desktop\JRT.txt
2015-03-26 01:41 - 2015-03-26 01:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft HiJackFree
2015-03-26 01:41 - 2015-03-26 01:41 - 00000000 ____D () C:\Program Files (x86)\Emsisoft HiJackFree
2015-03-25 18:56 - 2015-03-25 18:56 - 00003502 _____ () C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-stevanus.w28@gmail.com
2015-03-25 12:25 - 2015-03-11 09:38 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-03-25 12:25 - 2015-03-11 05:08 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-03-25 12:25 - 2015-03-11 05:08 - 00943104 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-03-25 12:25 - 2015-03-11 05:08 - 00760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-03-25 12:25 - 2015-03-11 05:08 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-03-25 12:25 - 2015-03-11 05:08 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-03-25 12:25 - 2015-03-11 05:08 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-03-24 16:37 - 2015-03-24 16:37 - 00001547 _____ () C:\Users\lenovo\AppData\Local\recently-used.xbel
2015-03-23 17:01 - 2015-03-23 17:05 - 00001164 _____ () C:\WINDOWS\DirectX.log
2015-03-23 17:01 - 2015-03-23 17:01 - 00000623 _____ () C:\Users\Public\Desktop\Play Resident Evil Revelations 2.lnk
2015-03-23 17:01 - 2015-03-23 17:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Capcom
2015-03-22 12:40 - 2015-03-22 12:43 - 77278590 _____ () C:\Users\lenovo\Downloads\Tonansub_Durarara_X2_Shou_11_480.mkv
2015-03-22 12:37 - 2015-03-22 12:39 - 74316093 _____ () C:\Users\lenovo\Downloads\oploverz_-_685_[mini]_[44F17F40].mkv
2015-03-20 20:39 - 2015-03-22 13:25 - 00000000 ____D () C:\Users\lenovo\Downloads\Interstellar (2014)
2015-03-20 20:35 - 2015-03-20 20:35 - 00011045 _____ () C:\Users\lenovo\Downloads\interstellar-2014-720p.torrent
2015-03-19 16:15 - 2015-03-20 00:32 - 00000000 ____D () C:\Users\lenovo\Downloads\The.Flash.2014.S01E15.HDTV.x264-LOL[ettv]
2015-03-18 00:49 - 2015-03-18 00:49 - 00000837 _____ () C:\Users\Public\Desktop\Smartfren Connex CE682 UI.lnk
2015-03-18 00:49 - 2015-03-18 00:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smartfren Connex CE682 UI
2015-03-18 00:49 - 2015-03-18 00:49 - 00000000 ____D () C:\Program Files\Smartfren Connex CE682 UI
2015-03-17 11:15 - 2015-03-17 11:15 - 00000000 ____D () C:\Users\lenovo\Downloads\HTML
2015-03-16 14:50 - 2015-03-16 14:50 - 00042152 _____ (Connectify) C:\WINDOWS\system32\Drivers\cnnctfy3.sys
2015-03-16 13:45 - 2015-03-16 13:45 - 00000000 ____D () C:\Users\lenovo\AppData\Local\Chris_Pietschmann_(http__
2015-03-16 13:39 - 2015-03-16 14:59 - 00000000 ____D () C:\Program Files (x86)\Virtual Router
2015-03-16 11:10 - 2015-03-26 02:20 - 00002719 _____ () C:\WINDOWS\setupact.log
2015-03-16 11:10 - 2015-03-16 11:10 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-03-15 15:42 - 2015-03-26 02:53 - 01339015 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-11 16:20 - 2015-02-21 08:16 - 25021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-03-11 16:20 - 2015-02-21 07:41 - 12827648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-03-11 16:20 - 2015-02-21 07:27 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-03-11 16:20 - 2015-02-21 07:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-03-11 16:20 - 2015-02-21 07:25 - 19720192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-03-11 16:20 - 2015-02-21 06:58 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-03-11 16:20 - 2015-02-21 06:32 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-03-11 16:20 - 2015-02-20 09:49 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-03-11 16:20 - 2015-02-20 09:48 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-03-11 16:20 - 2015-02-20 09:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-03-11 16:20 - 2015-02-20 09:35 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-03-11 16:20 - 2015-02-20 09:34 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-03-11 16:20 - 2015-02-20 09:32 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-03-11 16:20 - 2015-02-20 09:09 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-03-11 16:20 - 2015-02-20 09:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-03-11 16:20 - 2015-02-20 09:06 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-03-11 16:20 - 2015-02-20 09:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-03-11 16:20 - 2015-02-20 09:03 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-03-11 16:20 - 2015-02-20 08:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-03-11 16:20 - 2015-02-20 08:56 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-03-11 16:20 - 2015-02-20 08:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-03-11 16:20 - 2015-02-20 08:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-03-11 16:20 - 2015-02-20 08:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-03-11 16:20 - 2015-02-20 08:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-03-11 16:20 - 2015-02-20 08:43 - 14398976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-03-11 16:20 - 2015-02-20 08:30 - 04300288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-03-11 16:20 - 2015-02-20 08:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-03-11 16:20 - 2015-02-20 08:29 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-03-11 16:20 - 2015-02-20 08:28 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-03-11 16:20 - 2015-02-20 08:26 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-03-11 16:20 - 2015-02-20 08:24 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-03-11 16:20 - 2015-02-20 08:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-03-11 16:20 - 2015-02-20 08:16 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-03-11 16:20 - 2015-02-20 08:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-03-11 16:20 - 2015-02-20 08:01 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-03-11 16:20 - 2015-02-20 07:57 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-03-11 16:20 - 2015-02-20 07:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-03-11 16:15 - 2015-02-04 06:58 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-03-11 16:15 - 2015-02-04 06:58 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-03-11 16:15 - 2015-02-04 06:58 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-03-11 16:15 - 2015-02-03 06:53 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-03-11 16:15 - 2015-02-03 06:53 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-03-11 16:15 - 2015-01-27 10:44 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-03-11 16:15 - 2015-01-24 08:51 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-03-11 16:14 - 2015-02-07 06:09 - 00396419 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-03-11 16:14 - 2015-01-23 14:17 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-03-11 16:14 - 2015-01-23 12:02 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-03-11 16:13 - 2015-03-06 09:53 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-03-11 16:13 - 2015-03-06 09:33 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-03-11 16:13 - 2015-02-26 06:26 - 04178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-03-11 16:13 - 2015-01-31 06:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-03-11 16:13 - 2015-01-31 06:29 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-03-11 16:13 - 2015-01-29 08:58 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-03-11 16:13 - 2015-01-29 08:29 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-03-11 16:12 - 2015-02-20 10:03 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-03-11 16:12 - 2015-02-20 09:58 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-03-11 16:12 - 2015-02-20 09:20 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-03-11 16:12 - 2015-02-20 09:15 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-03-11 16:12 - 2015-02-06 08:28 - 02257408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-03-11 16:12 - 2015-02-06 08:08 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-03-11 16:12 - 2015-02-06 03:24 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-03-11 16:12 - 2015-02-03 07:03 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-03-11 16:12 - 2015-02-03 07:02 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-03-11 16:12 - 2015-01-30 10:01 - 00097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-03-11 16:12 - 2015-01-30 10:00 - 00167424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2015-03-11 16:12 - 2015-01-30 09:03 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-03-11 16:12 - 2015-01-30 09:03 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-03-11 16:12 - 2015-01-30 08:44 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2015-03-11 16:12 - 2015-01-30 08:42 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2015-03-11 16:12 - 2015-01-30 08:29 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2015-03-11 16:12 - 2015-01-29 08:04 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-03-11 16:12 - 2015-01-29 08:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-03-11 16:12 - 2014-10-29 09:49 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-03-11 16:12 - 2014-10-29 09:46 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2015-03-11 16:12 - 2014-10-29 09:46 - 00053248 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2015-03-11 16:12 - 2014-10-29 09:45 - 01198080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-03-11 16:12 - 2014-10-29 09:44 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-03-11 16:12 - 2014-10-29 09:44 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-03-11 16:12 - 2014-10-29 09:43 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2015-03-11 16:12 - 2014-10-29 09:34 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-03-11 16:12 - 2014-10-29 09:04 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2015-03-11 16:12 - 2014-10-29 09:04 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-03-11 16:12 - 2014-10-29 09:03 - 00241152 ____C (Microsoft Corporation) C:\WINDOWS\system32\fsquirt.exe
2015-03-11 16:12 - 2014-10-29 09:00 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-03-11 16:12 - 2014-10-29 09:00 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-03-11 16:12 - 2014-10-29 08:58 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
2015-03-11 16:12 - 2014-10-29 08:52 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2015-03-11 16:12 - 2014-10-29 08:51 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-03-11 16:12 - 2014-10-29 08:45 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2015-03-11 16:12 - 2014-10-29 08:28 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2015-03-11 16:12 - 2014-10-29 08:28 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
2015-03-11 16:12 - 2014-10-29 08:20 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-03-11 16:12 - 2014-10-29 08:15 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2015-03-11 16:12 - 2014-10-29 07:55 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2015-03-11 16:12 - 2014-10-29 07:44 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2015-03-11 16:12 - 2014-10-29 07:41 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2015-03-11 16:12 - 2014-10-29 07:35 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2015-03-11 16:08 - 2015-01-29 08:11 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 16:08 - 2015-01-29 08:00 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 16:08 - 2015-01-29 07:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-03-11 16:08 - 2015-01-29 07:50 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-03-11 16:08 - 2014-10-29 09:34 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2015-03-11 16:08 - 2014-10-29 09:34 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2015-03-11 16:08 - 2014-10-29 08:13 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-03-11 16:08 - 2014-10-29 07:55 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-03-11 16:06 - 2015-01-31 06:20 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-03-11 16:06 - 2015-01-29 07:59 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-03-11 16:06 - 2015-01-29 07:49 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-03-11 16:06 - 2015-01-28 22:41 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-03-11 16:06 - 2015-01-28 22:41 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-03-11 16:06 - 2015-01-28 22:41 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-03-11 16:06 - 2015-01-28 09:24 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-03-11 16:06 - 2015-01-28 08:47 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-03-11 16:06 - 2015-01-27 11:22 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-03-11 16:06 - 2015-01-27 09:11 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-03-11 16:06 - 2014-10-29 10:56 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2015-03-11 16:06 - 2014-10-29 09:37 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2015-03-11 16:02 - 2015-01-30 09:02 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-03-11 16:02 - 2015-01-30 08:40 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-03-11 16:02 - 2015-01-30 08:37 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-03-11 16:02 - 2015-01-30 08:24 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-03-11 16:02 - 2015-01-30 08:24 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-03-11 16:02 - 2015-01-30 08:16 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-03-11 16:02 - 2015-01-30 08:08 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-03-11 16:02 - 2015-01-30 08:06 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-03-11 16:02 - 2014-10-29 08:19 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2015-03-11 16:02 - 2014-10-29 07:59 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2015-03-11 16:01 - 2015-02-13 00:40 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-03-11 16:01 - 2015-02-13 00:34 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-03-11 16:01 - 2015-01-30 01:45 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-03-11 16:01 - 2015-01-30 01:34 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-03-11 16:01 - 2014-12-11 12:36 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-03-11 16:00 - 2015-02-08 06:57 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-03-11 16:00 - 2015-02-08 06:49 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-03-11 16:00 - 2015-01-28 08:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-03-11 16:00 - 2015-01-28 08:11 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-03-11 16:00 - 2015-01-28 06:47 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-03-11 16:00 - 2015-01-28 06:41 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-03-11 16:00 - 2015-01-21 12:54 - 01384712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-03-11 16:00 - 2015-01-21 12:15 - 01123848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-03-11 13:09 - 2015-03-11 13:09 - 00000000 ____D () C:\ProgramData\GoBit Games
2015-03-11 13:07 - 2015-03-11 13:07 - 00000000 ____D () C:\Users\lenovo\AppData\Roaming\Ubisoft
2015-03-11 12:37 - 2015-03-15 15:39 - 00000000 ____D () C:\Users\lenovo\Desktop\Atom - Mini Games
2015-03-05 21:53 - 2015-03-13 23:49 - 00000000 ____D () C:\ProgramData\Avg_Update_0215tb
2015-03-04 11:14 - 2015-03-04 11:14 - 00000000 ____D () C:\Users\lenovo\Documents\Images - natalie
2015-03-04 11:13 - 2015-03-04 11:13 - 00000000 ____D () C:\Users\lenovo\Documents\Images - c
2015-02-28 12:29 - 2015-02-28 12:29 - 00000000 ____D () C:\Users\lenovo\AppData\Roaming\Apple Computer
2015-02-28 12:29 - 2015-02-28 12:29 - 00000000 ____D () C:\Users\lenovo\AppData\Local\Apple Computer
2015-02-28 10:41 - 2015-03-02 13:20 - 00000000 ____D () C:\Users\lenovo\Documents\FPS
2015-02-25 19:34 - 2015-02-25 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2015-02-25 19:34 - 2015-02-25 19:34 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2015-02-25 19:25 - 2015-02-26 10:49 - 00000000 ____D () C:\Program Files (x86)\NetCutDefender
2015-02-25 18:56 - 2014-12-14 04:28 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-02-25 18:56 - 2014-12-14 04:28 - 00513488 _____ () C:\WINDOWS\system32\locale.nls
2015-02-25 18:56 - 2014-10-29 08:27 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-02-25 18:56 - 2014-10-29 08:27 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2015-02-25 18:56 - 2014-10-29 08:04 - 00868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-02-25 18:56 - 2014-10-29 08:04 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-26 02:40 - 2013-12-19 14:59 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-26 02:34 - 2013-12-20 06:15 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-400893759-885556648-3021147256-1002
2015-03-26 02:28 - 2014-12-11 10:01 - 00000000 ____D () C:\Users\lenovo\OneDrive
2015-03-26 02:26 - 2014-09-24 14:20 - 01202240 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-26 02:20 - 2013-12-19 14:59 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-26 02:19 - 2014-12-11 08:57 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-26 02:19 - 2014-07-17 12:49 - 00000218 _____ () C:\WINDOWS\Tasks\AutoKMS.job
2015-03-26 02:19 - 2013-08-22 21:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-26 02:19 - 2013-08-22 21:44 - 05147560 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-26 02:17 - 2013-09-25 18:45 - 00031232 _____ () C:\WINDOWS\system32\VfService.trf
2015-03-26 02:17 - 2013-08-22 20:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-03-26 02:16 - 2014-08-12 04:50 - 00000000 ____D () C:\AdwCleaner
2015-03-26 02:08 - 2013-12-19 06:19 - 00000000 ____D () C:\Users\lenovo\AppData\Local\Adobe
2015-03-26 02:05 - 2013-12-19 06:17 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-26 02:00 - 2013-08-22 22:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-03-26 01:59 - 2013-12-19 14:20 - 00000000 ____D () C:\Users\lenovo\Downloads\Compressed
2015-03-26 01:13 - 2013-12-21 06:33 - 00000000 ____D () C:\Users\lenovo\AppData\Local\Avg2014
2015-03-25 22:56 - 2013-12-21 06:33 - 00000000 ____D () C:\ProgramData\MFAData
2015-03-25 20:58 - 2015-01-11 18:07 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6D8D47FD-E65A-4E5F-A20E-C70E4AB8F971}
2015-03-25 19:35 - 2014-02-22 09:56 - 00000132 _____ () C:\Users\lenovo\AppData\Roaming\Adobe PNG Format CS6 Prefs
2015-03-25 18:55 - 2013-12-19 05:59 - 00000000 ____D () C:\Users\lenovo\AppData\Roaming\Adobe
2015-03-25 15:58 - 2013-08-22 22:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-03-25 13:00 - 2012-07-26 14:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-03-25 12:59 - 2014-12-15 14:28 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-03-25 12:59 - 2014-09-24 16:58 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-03-24 16:57 - 2014-07-07 12:07 - 00000000 ____D () C:\Users\lenovo\.gimp-2.8
2015-03-24 16:34 - 2014-07-07 12:27 - 00000000 ____D () C:\Users\lenovo\AppData\Local\gtk-2.0
2015-03-24 12:48 - 2013-08-22 20:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-03-24 05:18 - 2013-12-19 14:20 - 00000000 ____D () C:\Users\lenovo\AppData\Roaming\DMCache
2015-03-23 17:09 - 2013-12-22 05:02 - 00000000 ____D () C:\Users\lenovo\AppData\Local\CAPCOM
2015-03-23 17:01 - 2014-12-13 04:01 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2015-03-23 16:10 - 2014-06-01 05:33 - 00000000 ____D () C:\Users\lenovo\AppData\Roaming\DAEMON Tools Lite
2015-03-22 15:42 - 2013-12-19 14:20 - 00000000 ____D () C:\Users\lenovo\Downloads\Video
2015-03-20 21:29 - 2014-08-04 05:37 - 00000000 ____D () C:\Users\lenovo\AppData\Roaming\uTorrent
2015-03-20 21:13 - 2012-07-26 15:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2015-03-18 01:23 - 2013-12-19 13:30 - 00000000 ____D () C:\Users\lenovo\AppData\Roaming\EVDO_Haier
2015-03-18 00:48 - 2014-02-04 10:18 - 00000517 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics
2015-03-16 01:31 - 2013-12-19 14:20 - 00000000 ____D () C:\Users\lenovo\AppData\Roaming\IDM
2015-03-15 22:51 - 2014-11-10 13:06 - 00000000 ____D () C:\Users\lenovo\AppData\Local\AVG Web TuneUp
2015-03-15 18:50 - 2015-01-31 02:14 - 00000000 ____D () C:\Program Files\AVG Web TuneUp
2015-03-15 18:50 - 2014-11-10 13:05 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2015-03-14 16:54 - 2013-08-22 22:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-03-14 16:33 - 2014-08-29 05:27 - 00000122 _____ () C:\Users\lenovo\Desktop\Hotspot.txt
2015-03-12 14:22 - 2013-08-22 22:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-03-11 23:41 - 2013-08-22 22:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-03-11 23:41 - 2013-08-22 22:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-11 23:41 - 2013-08-22 22:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-11 23:41 - 2013-08-22 22:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-11 23:41 - 2013-08-22 22:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-03-11 23:41 - 2013-08-22 22:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-11 23:41 - 2013-08-22 22:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-11 18:30 - 2013-12-27 07:59 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-11 18:23 - 2013-12-27 07:59 - 122905848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-03-11 18:22 - 2014-02-28 11:07 - 00000039 _____ () C:\WINDOWS\vbaddin.ini
2015-03-11 18:22 - 2013-12-19 06:09 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-11 16:27 - 2012-07-26 12:26 - 00000261 _____ () C:\WINDOWS\win.ini
2015-03-05 04:24 - 2014-12-15 14:34 - 00792032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-03-05 04:24 - 2014-12-15 14:34 - 00178144 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-03 18:08 - 2014-04-02 03:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-03-02 12:35 - 2015-02-17 13:29 - 00000000 ____D () C:\ProgramData\Unity
2015-02-28 12:33 - 2015-02-17 13:30 - 00000000 ____D () C:\Users\lenovo\AppData\Roaming\Unity
2015-02-28 10:41 - 2015-02-20 15:21 - 00000000 ____D () C:\Users\lenovo\Documents\SideScrollingGame
2015-02-28 10:31 - 2015-02-17 13:32 - 00000000 ____D () C:\Users\lenovo\Desktop\Unity
2015-02-27 12:19 - 2015-02-17 15:26 - 00000000 ____D () C:\Users\lenovo\Documents\2dTwinShooters
 
==================== Files in the root of some directories =======
 
2014-02-22 09:56 - 2015-03-25 19:35 - 0000132 _____ () C:\Users\lenovo\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-11-11 05:32 - 2014-11-21 04:43 - 0001456 _____ () C:\Users\lenovo\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-03-24 16:37 - 2015-03-24 16:37 - 0001547 _____ () C:\Users\lenovo\AppData\Local\recently-used.xbel
2014-12-06 18:00 - 2014-12-06 18:00 - 0007591 _____ () C:\Users\lenovo\AppData\Local\Resmon.ResmonCfg
2013-09-25 18:43 - 2013-09-25 18:43 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-03-22 23:38
 
==================== End Of Log ============================


#5 Sky9928

Sky9928
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:07:34 PM

Posted 25 March 2015 - 03:02 PM

Addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by lenovo at 2015-03-26 02:57:59
Running from C:\Users\lenovo\Downloads\Programs
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
"Child of Light" (HKLM-x32\...\{F6DFE348-0ACE-4858-8103-5A7136086EC5}_is1) (Version: 1.0.30640.0 - )
"Thief" (HKLM-x32\...\{7CEA3557-5E36-49EE-9CBF-504EEA99E0DE}_is1) (Version: 1.0.4107.3 (Update 1) - )
µTorrent (HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\uTorrent) (Version: 3.4.2.32691 - BitTorrent Inc.)
Academy of Magic (HKLM-x32\...\Academy of Magic) (Version: 1.3.2.199 - GameHouse, Inc.)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.1 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Alien Isolation, âåðñèÿ 1.0.0.0 (HKLM-x32\...\Alien Isolation_is1) (Version: 1.0.0.0 - RePack by SEYTER)
Alien Sky (HKLM-x32\...\Alien Sky) (Version:  - GameHouse, Inc.)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.100.1611.210 - Alps Electric)
Amnesia: A Machine for Pigs (HKLM-x32\...\Amnesia: A Machine for Pigs_is1) (Version:  - )
Atlantis (HKLM-x32\...\Atlantis) (Version:  - GameHouse, Inc.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4800 - AVG Technologies)
AVG 2014 (Version: 14.0.4311 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4800 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.1.0.411 - AVG Technologies)
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Behaviors SDK (XAML) for Visual Studio (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
BioShock Infinite Complete Edition (HKLM-x32\...\BioShock Infinite_is1) (Version: 1.1.23.631123 - 2K Games)
Bitmap Font Generator (HKLM-x32\...\BMFont) (Version:  - )
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Windows Phone 8.0 (x32 Version: 3.0.30924.0 - Microsoft Corporation) Hidden
BrightstarDB (HKLM-x32\...\{835fa27b-5b0b-48c3-b6a0-4ddfad5550a6}) (Version: 1.7.0.0 - BrightstarDB Project)
BrightstarDB 64-bit 1.7.0.0 (Version: 1.7.0.0 - BrightstarDB Project) Hidden
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Construct 2 r195 (HKLM\...\Construct 2_is1) (Version: 1.0.195.0 - Scirra)
Crysis3 Digital Deluxe (HKLM-x32\...\Crysis3 Digital Deluxe Michigan Games Edition_is1) (Version: 1.0.0.1 - Electronic Arts Inc)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Darksiders II (HKLM-x32\...\Darksiders II_is1) (Version:  - )
Dead Space 3 version 1.0.0.0 (HKLM-x32\...\Dead Space 3_is1) (Version: 1.0.0.0 - )
DMC Devi May Cry © Capcom version 1 (HKLM-x32\...\DMC Devi May Cry © Capcom_is1) (Version: 1 - )
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
DRAGON AGE ORIGINS TEU (HKLM-x32\...\DRAGON AGE ORIGINS *TEU* *ESP/ENG*_is1) (Version:  - )
DreadOut (HKLM-x32\...\DreadOut_is1) (Version:  - )
Emsisoft HiJackFree 4.5 (HKLM-x32\...\Emsisoft HiJackFree_is1) (Version: 4.5 - Emsisoft GmbH)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.28 - Lenovo)
Energy Manager (x32 Version: 1.0.0.28 - Lenovo) Hidden
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
Escape Dead Island ver. 1.0.0.0 (HKLM-x32\...\{50041179-92AZ-28DE-83U8-36FK6M446AC}_is1) (Version: 1.0.0.0 - Deep Silver)
Expresso (HKLM-x32\...\{81A1B78B-69B5-4F71-950D-598FA62FCB73}) (Version: 3.0.4750 - Ultrapico) <==== ATTENTION
Fences 2 (HKLM-x32\...\Fences 22.01) (Version: 2.01 - Stardock Corporation)
FFmpeg (Windows) for Audacity version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FINAL FANTASY XIII (HKLM-x32\...\FINAL FANTASY XIII_R.G. Gamblers_is1) (Version:  - R.G. Gamblers, Fanfar)
FreeRide Games (HKLM-x32\...\{6C26A305-4549-4A8A-9F03-25719C03B0FB}) (Version: 07.05.80.00 - Exent Technologies)
Game Dev Tycoon version 1.4.5 (HKLM-x32\...\{5BBB8682-1335-410F-A79F-8E5611A54BD0}_is1) (Version: 1.4.5 - Greenheart Games Pty. Ltd.)
GDR 2218 for SQL Server 2012 (KB2716442) (64-bit) (HKLM\...\KB2716442) (Version: 11.0.2218.0 - Microsoft Corporation)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
GlassFish Server Open Source Edition 4.0 (HKLM\...\nbi-glassfish-mod-4.0.0.89.0) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Inno Setup version 5.5.4 (HKLM-x32\...\Inno Setup 5_is1) (Version: 5.5.4 - jrsoftware.org)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.5.1367 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.4.1001 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel® Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java SE Development Kit 7 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
JavaFX Scene Builder 2.0 (HKLM-x32\...\{B4665EB1-1F7A-44F5-AD07-C20A938E8BC2}) (Version: 2.0 - Oracle)
JavaScript Tooling (Version: 12.0.21005 - Microsoft Corporation) Hidden
K-Lite Codec Pack 10.1.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.1.5 - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Launch4j 3.1.0-beta2 (HKLM-x32\...\Launch4j) (Version: 3.1.0-beta2 - Grzegorz Kowal)
Leap Motion Software (HKLM-x32\...\Leap Services) (Version: 2.0.2.16391 - Leap Motion)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.7000 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10233 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5108.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5108.52 - CyberLink Corp.) Hidden
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3423 - CyberLink Corp.) Hidden
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.59.132 - Lenovo)
LINE (HKLM-x32\...\LINE) (Version: 3.9.1.188 - LINE Corporation)
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us (x32 Version: 8.59.29989 - Microsoft) Hidden
LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Marvel Heroes Game (HKLM-x32\...\{ca6069b5-fc6b-4ce8-a03e-2304143706b7}_is1) (Version: 1.0 - Gazillion Entertainment)
Metal Gear Rising Revengeance (HKLM-x32\...\Metal Gear Rising Revengeance_is1) (Version:  - )
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft ASP.Net Web Frameworks 5.0 Security Update (KB2992080) (HKLM-x32\...\{3EC4A844-24F2-46DA-AEFB-FC3080C1BDB9}) (Version: 5.0.20821 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version:  - Microsoft)
Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{9CCE40CE-A9E6-4916-8729-B008558EEF3F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft Silverlight 5 Toolkit December 2011 (HKLM-x32\...\{EC35EE8E-87D1-4E3E-B5CC-D8B1544615F5}) (Version: 5.0.51209.1124 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Policies  (HKLM-x32\...\{DC487E40-046E-42A9-9C7C-5D2B1A7EB211}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 RS Add-in for SharePoint  (HKLM\...\{1527F893-FB8F-45D1-8B83-488E9F5C516C}) (Version: 11.0.2218.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM\...\{8CB0713F-CFE0-445D-BCB2-538465860E1A}) (Version: 11.1.3128.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{03A2AE02-CBC9-4746-A376-0F7BF6AF5F39}) (Version: 11.0.2218.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM\...\{CC8B009A-98C9-497F-99AF-CEBE35D8C0CF}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools – Database Projects – Web installer entry point (HKLM-x32\...\{F3BBC56F-2282-4464-952F-A89772181F30}) (Version: 10.3.20116.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Integrated) - ENU (HKLM-x32\...\{012D26C3-E12A-3BDA-8ECE-DF14E721A507}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications Design-Time 3.0 (HKLM-x32\...\{5A03C202-08B4-3F1D-9A60-A4F53EF1B636}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x64 Runtime 3.0 (HKLM\...\{F14401A9-F0A0-33CC-8444-F60823A60DEB}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 (HKLM-x32\...\{191A6F65-6878-398D-A272-EF011B80F371}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2013 (HKLM-x32\...\{cd09eea6-d0b3-4246-bb80-e047ceadf61f}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft Web Platform Installer 5.0 (HKLM\...\{4D84C195-86F0-4B34-8FDE-4A17EB41306A}) (Version: 5.0.50430.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Middle Earth - Shadow of Mordor (HKLM-x32\...\Middle Earth - Shadow of Mordor_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
NetBeans IDE 7.4 (HKLM\...\nbi-nb-base-7.4.0.0.201310111528) (Version: 7.4 - NetBeans.org)
Nitro Pro 8 (HKLM\...\{34BE77EE-B563-49D7-A8A0-FFD76D29BBD3}) (Version: 8.0.10.7 - Nitro)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
NVIDIA 3D Vision Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.0 - Lenovo)
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
Outlast: Whistleblower (HKLM-x32\...\T3V0bGFzdFdoaXN0bGVibG93ZXI=_is1) (Version: 1 - )
PakkISO 0.4 (HKLM-x32\...\PakkISO_is1) (Version: PakkISO 0.4 by zorted, installer by BitLooter - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Pro Evolution Soccer 2013 (HKLM-x32\...\{C2523AE6-F335-4D0B-BC15-1C07E4ACE629}) (Version: 1.00.0000 - KONAMI)
Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden
Quick Bridge 3.3 (remove only) (HKLM-x32\...\Quick Bridge 3.3) (Version:  - )
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.30158 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6954 - Realtek Semiconductor Corp.)
Resident Evil HD REMASTER (HKLM-x32\...\Resident Evil HD REMASTER_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Resident Evil Revelations (HKLM-x32\...\Resident Evil Revelations_is1) (Version: 1 - CAPCOM)
Resident Evil Revelations 2 - Complete version 1.0.0 (HKLM-x32\...\Resident Evil Revelations 2 - Complete_is1) (Version: 1.0.0 - Capcom)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SharePoint Client Components (Version: 15.0.4481.1505 - Microsoft Corporation) Hidden
Sherlock Holmes Crimes and Punishments (HKLM-x32\...\Sherlock Holmes Crimes and Punishments_is1) (Version:  - )
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Smartfren Connex CE682 UI (HKLM\...\Smartfren Connex CE682 UI_is1) (Version:  - )
South Park The Stick of Truth (HKLM-x32\...\South Park The Stick of Truth_is1) (Version:  - Ubisoft)
SQL Server 2012 Analysis Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 BI Development Studio (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Client Tools (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Common Files (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality client (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality service (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Distributed Replay (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Documentation Components (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Full text search (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Integration Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Management Studio (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Master Data Services (Version: 11.0.2218.0 - Microsoft Corporation) Hidden
SQL Server 2012 Reporting Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 RS_SharePoint_SharedService (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 SQL Data Quality Common (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.0.2100.60 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
Stardock Fences 2 (HKLM-x32\...\Stardock Fences 2) (Version: 2.12 - Stardock Software, Inc.)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
The Evil Within version 1.0.0 (HKLM-x32\...\The Evil Within_is1) (Version: 1.0.0 - 2K Games)
The Legend of Heroes - Trails in the Sky (HKLM-x32\...\The Legend of Heroes - Trails in the Sky_is1) (Version:  - Lyxer_Loader)
The Wolf Among Us (HKLM-x32\...\The Wolf Among Us_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Tiled - Tiled Map Editor (HKLM-x32\...\Tiled) (Version:  - )
Tomb Raider Survival Edition (HKLM-x32\...\Tomb Raider Survival Edition Michigan Games Edition_is1) (Version: 1.0.722.3 - Square Enix)
Transformers Fall of Cybertron (HKLM-x32\...\Transformers Fall of Cybertron_is1) (Version:  - )
Unity (HKLM-x32\...\Unity) (Version: 4.6.1f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
UserGuide (x32 Version: 1.0.0.15 - Lenovo) Hidden
Valiant Hearts The Great War (HKLM-x32\...\Valiant Hearts The Great War_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vs2012 Verification SDK (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Walking Dead (HKLM-x32\...\Walking Dead_is1) (Version:  - Audioslave)
Walking Dead 2 (HKLM-x32\...\Walking Dead 2_is1) (Version:  - Audioslave)
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Weka 3.6.11 (HKLM-x32\...\Weka 3.6.11) (Version: 3.6.11 - Machine Learning Group, University of Waikato, Hamilton, NZ)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Driver Package - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Speech Recognition Macros (HKLM-x32\...\{8DC197D6-F4AB-44E0-ACF7-210355E6F389}) (Version: 1.0.6862.19 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Workflow Manager Client 1.0 (Version: 2.0.30813.2 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.30725.1 - Microsoft Corporation) Hidden
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-2 - BitNami)
yWriter5 (HKLM-x32\...\yWriter5_is1) (Version:  - Spacejock Software)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-400893759-885556648-3021147256-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
 
==================== Restore Points  =========================
 
22-03-2015 23:31:58 Scheduled Checkpoint
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2012-07-26 12:26 - 2013-12-21 06:20 - 00000866 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 *.avg.com
127.0.0.1 www.avg.com
 
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0CA38F2A-CCE9-4BD4-A957-E6EED65F86DB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-19] (Google Inc.)
Task: {199879B3-DF8E-4841-8DE5-74319B8A6811} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-03-01] ()
Task: {3AE60A10-B27E-4510-9D20-04E9C0B82AA5} - System32\Tasks\KompasAV => C:\Users\lenovo\Downloads\KompasAV\KompasAV.exe
Task: {4D857D15-B806-45DC-99C6-AB1D834C5873} - System32\Tasks\Steam-S-1-8-22-9865GUI => C:\Users\lenovo\AppData\Roaming\Steam\Reversed\steam.exe <==== ATTENTION
Task: {681E8CC8-9D9B-4BD0-BD09-54B5DBBC2907} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-19] (Google Inc.)
Task: {6F663756-EC7E-443C-8F63-7840A4CADF7A} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-stevanus.w28@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {9B342A74-EBC3-49F1-A712-8199FF6462E0} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {9FE7A6F5-0A84-4CC1-8460-4745F6E3A714} - System32\Tasks\AutoKMS => C:\windows\AutoKMS.exe
Task: {B610D5CA-C17F-462A-8A6F-1737A01E724C} - System32\Tasks\{9D7FB23B-1F7A-44F0-AF2C-5BA1753ADD19} => pcalua.exe -a C:\Users\lenovo\Downloads\RagnaOk\Setup.exe -d C:\Users\lenovo\Downloads\RagnaOk
Task: {D87E4BD6-960D-4351-A671-44A82AB17B32} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-03-11] (Microsoft Corporation)
Task: {E6341426-7E2B-4FB1-99AC-28D1730BBD4F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-22] (Piriform Ltd)
Task: {EE0D6C4A-0E92-43DB-8E83-1A5DF7491BB8} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-03-01] ()
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\windows\AutoKMS.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2014-05-01 11:34 - 2014-11-13 07:20 - 00013120 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-12-11 08:57 - 2014-11-13 04:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-05-29 06:55 - 2013-05-29 06:55 - 00049368 _____ () C:\Program Files\Lenovo\Bluetooth Software\btwleapi.dll
2015-03-18 00:49 - 2011-09-06 18:50 - 00267776 _____ () C:\Program Files\Smartfren Connex CE682 UI\HEject.exe
2013-09-25 18:45 - 2013-09-25 18:45 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2013-09-25 18:45 - 2013-09-25 18:45 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2013-09-05 15:17 - 2013-09-05 15:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-21 06:23 - 2010-10-21 06:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2012-06-18 22:24 - 2012-06-18 22:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-01-02 10:01 - 2013-01-02 10:01 - 00228264 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbPc.DLL
2013-09-25 18:14 - 2013-05-16 09:09 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-03-22 01:45 - 2015-03-14 17:12 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libglesv2.dll
2015-03-22 01:45 - 2015-03-14 17:12 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libegl.dll
2014-05-01 11:34 - 2014-11-13 07:20 - 00010952 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-03-22 01:45 - 2015-03-14 17:12 - 09278792 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\pdf.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\lenovo\OneDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-400893759-885556648-3021147256-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\lenovo\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\success_desktop_wallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "Fences"
HKLM\...\StartupApproved\Run32: => "YouCam Tray"
HKLM\...\StartupApproved\Run32: => "WinampAgent"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "vProt"
HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\StartupApproved\Run: => "Speech Recognition"
HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\StartupApproved\Run: => "Leap Control Panel"
HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-400893759-885556648-3021147256-500 - Administrator - Disabled)
Guest (S-1-5-21-400893759-885556648-3021147256-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-400893759-885556648-3021147256-1011 - Limited - Enabled)
lenovo (S-1-5-21-400893759-885556648-3021147256-1002 - Administrator - Enabled) => C:\Users\lenovo
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
 
System errors:
=============
Error: (03/26/2015 02:58:27 AM) (Source: DCOM) (EventID: 10010) (User: IDEA-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (03/26/2015 02:57:57 AM) (Source: DCOM) (EventID: 10010) (User: IDEA-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (03/26/2015 02:57:27 AM) (Source: DCOM) (EventID: 10010) (User: IDEA-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (03/26/2015 02:56:57 AM) (Source: DCOM) (EventID: 10010) (User: IDEA-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (03/26/2015 02:56:27 AM) (Source: DCOM) (EventID: 10010) (User: IDEA-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (03/26/2015 02:55:57 AM) (Source: DCOM) (EventID: 10010) (User: IDEA-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (03/26/2015 02:55:27 AM) (Source: DCOM) (EventID: 10010) (User: IDEA-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (03/26/2015 02:54:57 AM) (Source: DCOM) (EventID: 10010) (User: IDEA-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (03/26/2015 02:54:27 AM) (Source: DCOM) (EventID: 10010) (User: IDEA-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (03/26/2015 02:53:57 AM) (Source: DCOM) (EventID: 10010) (User: IDEA-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
 
Microsoft Office Sessions:
=========================
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4702MQ CPU @ 2.20GHz
Percentage of memory in use: 58%
Total physical RAM: 3848.27 MB
Available physical RAM: 1586.52 MB
Total Pagefile: 7944.27 MB
Available Pagefile: 5517.95 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
 
==================== Drives ================================
 
Drive c: (Windows8_OS) (Fixed) (Total:200.13 GB) (Free:24.48 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:11.66 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:690.43 GB) (Free:129.79 GB) NTFS
Drive h: (STEV28) (Removable) (Total:1.88 GB) (Free:1.19 GB) FAT
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: EE1BDE5F)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 2 (Size: 1.9 GB) (Disk ID: 6F20736B)
No partition Table on disk 2.
Disk 2 is a removable device.
 
==================== End Of Log ============================


#6 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:34 AM

Posted 25 March 2015 - 06:05 PM

Hi,
 
Step 1

Please uninstall some programs:
  • Windows 8 w8.png: Hold down the Windows logo key and press X to open a menu at the lower-left area of the screen.
  • Select Programs and Features from the menu.
  • Search and select the following programs one by one and click on Uninstall: Expresso
  • Reboot your computer.
Step 2

v21logo.PNG

Please download and install Malwarebytes Anti-Malware.
  • Please open Malwarebytes Anti-Malware and update the database.
  • Click "Settings" [1] and go to "Detection and Protection" [2]
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard [3], then click on Scan Now [4] to start the scan.
    :exclame: If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt:
    m21p.png
  • Click on "Remove Selected" [5].
  • Then click "Save Results" [6] and select
    m21p4.png
  • Return to our forum. Paste your log into your next reply and then click Finish [7].
mbamv21.gif

Step 3

frst.pngfrstscan.png

Start FRST with administator privileges.
  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#7 Sky9928

Sky9928
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:07:34 PM

Posted 25 March 2015 - 11:40 PM

 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 3/26/2015
Scan Time: 10:39:08 AM
Logfile: 
Administrator: Yes
 
Version: 2.01.4.1018
Malware Database: v2015.03.09.05
Rootkit Database: v2015.02.25.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: lenovo
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 930468
Time Elapsed: 56 min, 52 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 2
Worm.AutoRun, C:\Users\Public\AccountPictures\AccountPictures.rar, Quarantined, [6c0d49fa48426cca74bfbaf5d729d729], 
Hijack.Host, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (127.0.0.1 www.avg.com), Replaced,[d0a98ab9414901351a1727f6a264817f]
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#8 Sky9928

Sky9928
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:07:34 PM

Posted 25 March 2015 - 11:50 PM

FRST:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by lenovo (administrator) on IDEA-PC on 26-03-2015 11:42:10
Running from C:\Users\lenovo\Downloads\Programs
Loaded Profiles: lenovo (Available profiles: lenovo & MsDtsServer110 & MSSQLServerOLAPService & ReportServer & MSSQLFDLauncher & MSSQLSERVER & Classic .NET AppPool & .NET v4.5 & DefaultAppPool & .NET v2.0 & .NET v4.5 Classic & .NET v2.0 Classic)
Platform: Windows 8.1 Single Language (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Arcai.com) C:\Program Files (x86)\NetCutDefender\services\aips.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
() C:\Program Files\Smartfren Connex CE682 UI\HEject.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Internet Download Manager, Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMIntegrator64.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\Smartfren Connex CE682 UI\App.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13626072 2013-06-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1311304 2013-06-05] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [683352 2013-06-27] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6339656 2013-05-15] (Realtek semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286704 2013-05-08] (Intel Corporation)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-15] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15794160 2013-09-25] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80368 2013-09-25] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [IgfxTray] => C:\windows\system32\igfxtray.exe [457616 2014-10-04] ()
HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [4031152 2013-11-26] (Stardock Corporation)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-31] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-06] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5188112 2014-12-16] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-06] (Adobe Systems Inc.)
HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3882576 2014-11-07] (Tonec Inc.)
HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\Run: [Speech Recognition] => C:\windows\Speech\Common\sapisvr.exe [44544 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\Run: [Leap Control Panel] => C:\Program Files (x86)\Leap Motion\Core Services\LeapControlPanel.exe [2658128 2014-06-06] (Leap Motion, Inc.)
HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\Run: [uTorrent] => C:\Users\lenovo\AppData\Roaming\uTorrent\uTorrent.exe [1936720 2014-08-04] (BitTorrent Inc.)
HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-22] (Piriform Ltd)
HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\RunOnce: [Adobe Speed Launcher] => 1427341013
HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\MountPoints2: {5b2857cd-87a2-11e3-be84-f82fa8f46a8c} - "G:\Setup.exe" 
HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\MountPoints2: {731c014a-6837-11e3-be75-f82fa8f46a8c} - "J:\Setup.exe" 
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [174856 2014-11-13] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [174856 2014-11-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [156840 2014-11-13] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fences.lnk
ShortcutTarget: Fences.lnk -> C:\Program Files (x86)\Stardock\Fences\Fences.exe (Stardock Corporation)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} =>  No File
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-400893759-885556648-3021147256-1002\Software\Microsoft\Internet Explorer\Main,Search Page = http://hi.ru/search/?q={searchTerms}
HKU\S-1-5-21-400893759-885556648-3021147256-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-400893759-885556648-3021147256-1002 -> {012007EE-26B6-4C6C-9383-A4BFFF2592F0} URL = 
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2014-11-07] (Internet Download Manager, Tonec Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\bin\ssv.dll [2014-01-15] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\bin\jp2ssv.dll [2014-01-15] (Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2014-11-07] (Internet Download Manager, Tonec Inc.)
BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2013-10-05] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-01-29] (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-06] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-01-29] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-06] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-06] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-400893759-885556648-3021147256-1002 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095} 
Hosts: 127.0.0.1 *.avg.com
Tcpip\..\Interfaces\{82DA6416-0AEF-42EF-9238-39D13422F009}: [NameServer] 8.8.8.8 8.8.4.4
 
FireFox:
========
FF ProfilePath: C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\njhm2646.default-1407796171145
FF DefaultSearchEngine: Google
FF NetworkProxy: "socks_remote_dns", true
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-03-06] ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> D:\bin\dtplugin\npDeployJava1.dll [2014-01-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> D:\bin\plugin2\npjp2.dll [2014-01-15] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-06] ()
FF Plugin-x32: @exent.com/npExentControl,version=7.1.0.1 -> C:\Program Files (x86)\FreeRide Games\npExentControl.dll [2010-10-19] (Exent Technologies Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-01-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-01-29] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-25] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2012-12-14] (Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-11-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-11-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-06] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-400893759-885556648-3021147256-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\lenovo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-27] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-06-28] (Nullsoft, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-02-21]
FF HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\lenovo\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\lenovo\AppData\Roaming\IDM\idmmzcc5 [2014-12-11]
FF HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\lenovo\AppData\Roaming\IDM\idmmzcc5
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://mysearch.avg.com?cid={4CBA4FC1-5E34-4DF7-9948-F8F5582EA259}&mid=48a512585fd547d39dc22966ee10837f-b713803a47fb529df0a45e1326720b63f387e49c&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-09 15:10:52&v=18.1.7.598&pid=safeguard&sg=&sap=hp
CHR StartupUrls: Default -> "hxxp://mysearch.avg.com?cid={4CBA4FC1-5E34-4DF7-9948-F8F5582EA259}&mid=48a512585fd547d39dc22966ee10837f-b713803a47fb529df0a45e1326720b63f387e49c&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-09 15:10:52&v=18.1.7.598&pid=safeguard&sg=&sap=hp"
CHR DefaultSuggestURL: Default -> https://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-19]
CHR Extension: (Google Drive) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-19]
CHR Extension: (YouTube) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-19]
CHR Extension: (Google Search) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-19]
CHR Extension: (IDM Integration Module) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2013-12-19]
CHR Extension: (GWT Developer Plugin) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpjpnpmbddbjkfaccnmhnkdgjideieim [2014-08-07]
CHR Extension: (Google Wallet) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-19]
CHR Extension: (Gmail) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-19]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-10-15]
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-10-15]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AIPS; C:\Program Files (x86)\NetCutDefender\services\AIPS.exe [262144 2011-07-28] (Arcai.com) [File not signed]
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3247120 2014-12-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-12-16] (AVG Technologies CZ, s.r.o.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-05] (Broadcom Corporation.)
S3 BrightstarDB; C:\Program Files\BrightstarDB\Service\BrightstarService.exe [25600 2014-08-10] () [File not signed]
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [958680 2013-05-29] (Broadcom Corporation.)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2014-12-11] (Microsoft Corporation)
R2 CDROM_Eject_H; C:\Program Files\Smartfren Connex CE682 UI\HEject.exe [267776 2011-09-06] () [File not signed]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-05-08] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-04] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-14] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-14] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-16] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe [14760 2013-01-02] (Microsoft Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-03-01] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-16] (Intel Corporation)
S3 LeapService; C:\Program Files (x86)\Leap Motion\Core Services\LeapSvc.exe [5529936 2014-06-06] (Leap Motion, Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 MsDtsServer110; C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe [218040 2012-06-13] (Microsoft Corporation)
S3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [49752 2012-02-11] (Microsoft Corporation)
S3 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [190904 2012-06-13] (Microsoft Corporation)
S3 MSSQLServerOLAPService; C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\msmdsrv.exe [61538744 2012-06-13] (Microsoft Corporation)
S3 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-12-14] (Nitro PDF Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 ReportServer; C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2348472 2012-06-13] (Microsoft Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-26] (CACE Technologies, Inc.)
S3 SQL Server Distributed Replay Client; C:\Program Files (x86)\Microsoft SQL Server\110\Tools\DReplayClient\DReplayClient.exe [137304 2012-02-12] (Microsoft Corporation)
S3 SQL Server Distributed Replay Controller; C:\Program Files (x86)\Microsoft SQL Server\110\Tools\DReplayController\DReplayController.exe [342104 2012-02-12] (Microsoft Corporation)
S3 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [608696 2012-06-13] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-20] (Adobe Systems Incorporated) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2013-09-25] ()
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-05] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-12-11] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [546304 2014-12-11] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [620056 2015-03-15] ()
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-05] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-07-01] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-22] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-25] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-10-30] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [270104 2014-07-01] (AVG Technologies CZ, s.r.o.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-05] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R3 btwpanfl; C:\WINDOWS\system32\drivers\btwpanfl.sys [44912 2013-01-20] (Broadcom Corporation.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-12-23] (Disc Soft Ltd)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-03-26] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-26] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S4 RsFx0200; C:\Windows\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8243528 2013-05-15] (Realtek Semiconductor Corp.)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 UsbModemDriver; C:\Windows\system32\DRIVERS\USB_MODEM_H.sys [28160 2011-04-08] ()
R3 USB_BusEnum_H; C:\Windows\System32\drivers\USB_BusEnum_H.sys [44544 2009-11-05] ()
R3 USB_ETS_H; C:\Windows\System32\drivers\USB_ETS_H.sys [21760 2008-05-31] (Via Telecom, Inc.)
R3 USB_WinMux_H; C:\Windows\system32\DRIVERS\USB_WinMux_H.sys [37376 2009-10-27] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
R2 X5XSEx_Pr148; C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys [56136 2012-08-03] (Exent Technologies Ltd.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-26 11:40 - 2015-03-26 11:40 - 00001268 _____ () C:\asd.txt
2015-03-26 10:38 - 2015-03-26 10:39 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-26 10:35 - 2015-03-26 10:35 - 00000376 _____ () C:\WINDOWS\PFRO.log
2015-03-26 10:26 - 2015-03-26 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-26 10:26 - 2015-03-26 10:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-26 10:26 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-03-26 10:26 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-03-26 10:26 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-03-26 02:56 - 2015-03-26 11:42 - 00000000 ____D () C:\FRST
2015-03-26 02:56 - 2015-03-26 02:58 - 00060058 _____ () C:\Users\lenovo\Downloads\FRST.txt
2015-03-26 02:39 - 2015-03-26 02:39 - 00074377 _____ () C:\Users\lenovo\Documents\Result.txt
2015-03-26 02:33 - 2015-03-26 02:33 - 00001828 _____ () C:\Users\lenovo\Documents\JRT.txt
2015-03-26 02:32 - 2015-03-26 02:32 - 00001828 _____ () C:\Users\lenovo\Desktop\JRT.txt
2015-03-26 01:41 - 2015-03-26 01:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft HiJackFree
2015-03-26 01:41 - 2015-03-26 01:41 - 00000000 ____D () C:\Program Files (x86)\Emsisoft HiJackFree
2015-03-25 18:56 - 2015-03-25 18:56 - 00003502 _____ () C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-stevanus.w28@gmail.com
2015-03-25 12:25 - 2015-03-11 09:38 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-03-25 12:25 - 2015-03-11 05:08 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-03-25 12:25 - 2015-03-11 05:08 - 00943104 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-03-25 12:25 - 2015-03-11 05:08 - 00760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-03-25 12:25 - 2015-03-11 05:08 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-03-25 12:25 - 2015-03-11 05:08 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-03-25 12:25 - 2015-03-11 05:08 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-03-24 16:37 - 2015-03-24 16:37 - 00001547 _____ () C:\Users\lenovo\AppData\Local\recently-used.xbel
2015-03-23 17:01 - 2015-03-23 17:05 - 00001164 _____ () C:\WINDOWS\DirectX.log
2015-03-23 17:01 - 2015-03-23 17:01 - 00000623 _____ () C:\Users\Public\Desktop\Play Resident Evil Revelations 2.lnk
2015-03-23 17:01 - 2015-03-23 17:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Capcom
2015-03-22 12:40 - 2015-03-22 12:43 - 77278590 _____ () C:\Users\lenovo\Downloads\Tonansub_Durarara_X2_Shou_11_480.mkv
2015-03-22 12:37 - 2015-03-22 12:39 - 74316093 _____ () C:\Users\lenovo\Downloads\oploverz_-_685_[mini]_[44F17F40].mkv
2015-03-20 20:39 - 2015-03-22 13:25 - 00000000 ____D () C:\Users\lenovo\Downloads\Interstellar (2014)
2015-03-20 20:35 - 2015-03-20 20:35 - 00011045 _____ () C:\Users\lenovo\Downloads\interstellar-2014-720p.torrent
2015-03-19 16:15 - 2015-03-20 00:32 - 00000000 ____D () C:\Users\lenovo\Downloads\The.Flash.2014.S01E15.HDTV.x264-LOL[ettv]
2015-03-18 00:49 - 2015-03-18 00:49 - 00000837 _____ () C:\Users\Public\Desktop\Smartfren Connex CE682 UI.lnk
2015-03-18 00:49 - 2015-03-18 00:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smartfren Connex CE682 UI
2015-03-18 00:49 - 2015-03-18 00:49 - 00000000 ____D () C:\Program Files\Smartfren Connex CE682 UI
2015-03-17 11:15 - 2015-03-17 11:15 - 00000000 ____D () C:\Users\lenovo\Downloads\HTML
2015-03-16 14:50 - 2015-03-16 14:50 - 00042152 _____ (Connectify) C:\WINDOWS\system32\Drivers\cnnctfy3.sys
2015-03-16 13:45 - 2015-03-16 13:45 - 00000000 ____D () C:\Users\lenovo\AppData\Local\Chris_Pietschmann_(http__
2015-03-16 13:39 - 2015-03-16 14:59 - 00000000 ____D () C:\Program Files (x86)\Virtual Router
2015-03-16 11:10 - 2015-03-26 10:35 - 00003104 _____ () C:\WINDOWS\setupact.log
2015-03-16 11:10 - 2015-03-16 11:10 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-03-15 15:42 - 2015-03-26 10:38 - 01422220 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-11 16:20 - 2015-02-21 08:16 - 25021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-03-11 16:20 - 2015-02-21 07:41 - 12827648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-03-11 16:20 - 2015-02-21 07:27 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-03-11 16:20 - 2015-02-21 07:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-03-11 16:20 - 2015-02-21 07:25 - 19720192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-03-11 16:20 - 2015-02-21 06:58 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-03-11 16:20 - 2015-02-21 06:32 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-03-11 16:20 - 2015-02-20 09:49 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-03-11 16:20 - 2015-02-20 09:48 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-03-11 16:20 - 2015-02-20 09:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-03-11 16:20 - 2015-02-20 09:35 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-03-11 16:20 - 2015-02-20 09:34 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-03-11 16:20 - 2015-02-20 09:32 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-03-11 16:20 - 2015-02-20 09:09 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-03-11 16:20 - 2015-02-20 09:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-03-11 16:20 - 2015-02-20 09:06 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-03-11 16:20 - 2015-02-20 09:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-03-11 16:20 - 2015-02-20 09:03 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-03-11 16:20 - 2015-02-20 08:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-03-11 16:20 - 2015-02-20 08:56 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-03-11 16:20 - 2015-02-20 08:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-03-11 16:20 - 2015-02-20 08:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-03-11 16:20 - 2015-02-20 08:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-03-11 16:20 - 2015-02-20 08:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-03-11 16:20 - 2015-02-20 08:43 - 14398976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-03-11 16:20 - 2015-02-20 08:30 - 04300288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-03-11 16:20 - 2015-02-20 08:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-03-11 16:20 - 2015-02-20 08:29 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-03-11 16:20 - 2015-02-20 08:28 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-03-11 16:20 - 2015-02-20 08:26 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-03-11 16:20 - 2015-02-20 08:24 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-03-11 16:20 - 2015-02-20 08:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-03-11 16:20 - 2015-02-20 08:16 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-03-11 16:20 - 2015-02-20 08:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-03-11 16:20 - 2015-02-20 08:01 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-03-11 16:20 - 2015-02-20 07:57 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-03-11 16:20 - 2015-02-20 07:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-03-11 16:15 - 2015-02-04 06:58 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-03-11 16:15 - 2015-02-04 06:58 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-03-11 16:15 - 2015-02-04 06:58 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-03-11 16:15 - 2015-02-03 06:53 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-03-11 16:15 - 2015-02-03 06:53 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-03-11 16:15 - 2015-01-27 10:44 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-03-11 16:15 - 2015-01-24 08:51 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-03-11 16:14 - 2015-02-07 06:09 - 00396419 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-03-11 16:14 - 2015-01-23 14:17 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-03-11 16:14 - 2015-01-23 12:02 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-03-11 16:13 - 2015-03-06 09:53 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-03-11 16:13 - 2015-03-06 09:33 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-03-11 16:13 - 2015-02-26 06:26 - 04178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-03-11 16:13 - 2015-01-31 06:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-03-11 16:13 - 2015-01-31 06:29 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-03-11 16:13 - 2015-01-29 08:58 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-03-11 16:13 - 2015-01-29 08:29 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-03-11 16:12 - 2015-02-20 10:03 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-03-11 16:12 - 2015-02-20 09:58 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-03-11 16:12 - 2015-02-20 09:20 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-03-11 16:12 - 2015-02-20 09:15 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-03-11 16:12 - 2015-02-06 08:28 - 02257408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-03-11 16:12 - 2015-02-06 08:08 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-03-11 16:12 - 2015-02-06 03:24 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-03-11 16:12 - 2015-02-03 07:03 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-03-11 16:12 - 2015-02-03 07:02 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-03-11 16:12 - 2015-01-30 10:01 - 00097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-03-11 16:12 - 2015-01-30 10:00 - 00167424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2015-03-11 16:12 - 2015-01-30 09:03 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-03-11 16:12 - 2015-01-30 09:03 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-03-11 16:12 - 2015-01-30 08:44 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2015-03-11 16:12 - 2015-01-30 08:42 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2015-03-11 16:12 - 2015-01-30 08:29 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2015-03-11 16:12 - 2015-01-29 08:04 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-03-11 16:12 - 2015-01-29 08:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-03-11 16:12 - 2014-10-29 09:49 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-03-11 16:12 - 2014-10-29 09:46 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2015-03-11 16:12 - 2014-10-29 09:46 - 00053248 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2015-03-11 16:12 - 2014-10-29 09:45 - 01198080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-03-11 16:12 - 2014-10-29 09:44 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-03-11 16:12 - 2014-10-29 09:44 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-03-11 16:12 - 2014-10-29 09:43 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2015-03-11 16:12 - 2014-10-29 09:34 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-03-11 16:12 - 2014-10-29 09:04 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2015-03-11 16:12 - 2014-10-29 09:04 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-03-11 16:12 - 2014-10-29 09:03 - 00241152 ____C (Microsoft Corporation) C:\WINDOWS\system32\fsquirt.exe
2015-03-11 16:12 - 2014-10-29 09:00 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-03-11 16:12 - 2014-10-29 09:00 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-03-11 16:12 - 2014-10-29 08:58 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
2015-03-11 16:12 - 2014-10-29 08:52 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2015-03-11 16:12 - 2014-10-29 08:51 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-03-11 16:12 - 2014-10-29 08:45 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2015-03-11 16:12 - 2014-10-29 08:28 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2015-03-11 16:12 - 2014-10-29 08:28 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
2015-03-11 16:12 - 2014-10-29 08:20 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-03-11 16:12 - 2014-10-29 08:15 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2015-03-11 16:12 - 2014-10-29 07:55 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2015-03-11 16:12 - 2014-10-29 07:44 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2015-03-11 16:12 - 2014-10-29 07:41 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2015-03-11 16:12 - 2014-10-29 07:35 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2015-03-11 16:08 - 2015-01-29 08:11 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 16:08 - 2015-01-29 08:00 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 16:08 - 2015-01-29 07:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-03-11 16:08 - 2015-01-29 07:50 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-03-11 16:08 - 2014-10-29 09:34 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2015-03-11 16:08 - 2014-10-29 09:34 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2015-03-11 16:08 - 2014-10-29 08:13 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-03-11 16:08 - 2014-10-29 07:55 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-03-11 16:06 - 2015-01-31 06:20 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-03-11 16:06 - 2015-01-29 07:59 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-03-11 16:06 - 2015-01-29 07:49 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-03-11 16:06 - 2015-01-28 22:41 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-03-11 16:06 - 2015-01-28 22:41 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-03-11 16:06 - 2015-01-28 22:41 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-03-11 16:06 - 2015-01-28 09:24 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-03-11 16:06 - 2015-01-28 08:47 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-03-11 16:06 - 2015-01-27 11:22 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-03-11 16:06 - 2015-01-27 09:11 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-03-11 16:06 - 2014-10-29 10:56 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2015-03-11 16:06 - 2014-10-29 09:37 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2015-03-11 16:02 - 2015-01-30 09:02 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-03-11 16:02 - 2015-01-30 08:40 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-03-11 16:02 - 2015-01-30 08:37 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-03-11 16:02 - 2015-01-30 08:24 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-03-11 16:02 - 2015-01-30 08:24 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-03-11 16:02 - 2015-01-30 08:16 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-03-11 16:02 - 2015-01-30 08:08 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-03-11 16:02 - 2015-01-30 08:06 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-03-11 16:02 - 2014-10-29 08:19 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2015-03-11 16:02 - 2014-10-29 07:59 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2015-03-11 16:01 - 2015-02-13 00:40 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-03-11 16:01 - 2015-02-13 00:34 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-03-11 16:01 - 2015-01-30 01:45 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-03-11 16:01 - 2015-01-30 01:34 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-03-11 16:01 - 2014-12-11 12:36 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-03-11 16:00 - 2015-02-08 06:57 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-03-11 16:00 - 2015-02-08 06:49 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-03-11 16:00 - 2015-01-28 08:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-03-11 16:00 - 2015-01-28 08:11 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-03-11 16:00 - 2015-01-28 06:47 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-03-11 16:00 - 2015-01-28 06:41 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-03-11 16:00 - 2015-01-21 12:54 - 01384712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-03-11 16:00 - 2015-01-21 12:15 - 01123848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-03-11 13:09 - 2015-03-11 13:09 - 00000000 ____D () C:\ProgramData\GoBit Games
2015-03-11 13:07 - 2015-03-11 13:07 - 00000000 ____D () C:\Users\lenovo\AppData\Roaming\Ubisoft
2015-03-11 12:37 - 2015-03-15 15:39 - 00000000 ____D () C:\Users\lenovo\Desktop\Atom - Mini Games
2015-03-05 21:53 - 2015-03-13 23:49 - 00000000 ____D () C:\ProgramData\Avg_Update_0215tb
2015-03-04 11:14 - 2015-03-04 11:14 - 00000000 ____D () C:\Users\lenovo\Documents\Images - natalie
2015-03-04 11:13 - 2015-03-04 11:13 - 00000000 ____D () C:\Users\lenovo\Documents\Images - c
2015-02-28 12:29 - 2015-02-28 12:29 - 00000000 ____D () C:\Users\lenovo\AppData\Roaming\Apple Computer
2015-02-28 12:29 - 2015-02-28 12:29 - 00000000 ____D () C:\Users\lenovo\AppData\Local\Apple Computer
2015-02-28 10:41 - 2015-03-02 13:20 - 00000000 ____D () C:\Users\lenovo\Documents\FPS
2015-02-25 19:34 - 2015-02-25 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2015-02-25 19:34 - 2015-02-25 19:34 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2015-02-25 19:25 - 2015-02-26 10:49 - 00000000 ____D () C:\Program Files (x86)\NetCutDefender
2015-02-25 18:56 - 2014-12-14 04:28 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-02-25 18:56 - 2014-12-14 04:28 - 00513488 _____ () C:\WINDOWS\system32\locale.nls
2015-02-25 18:56 - 2014-10-29 08:27 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-02-25 18:56 - 2014-10-29 08:27 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2015-02-25 18:56 - 2014-10-29 08:04 - 00868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-02-25 18:56 - 2014-10-29 08:04 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-26 11:40 - 2013-12-19 14:59 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-26 11:36 - 2015-01-11 18:07 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6D8D47FD-E65A-4E5F-A20E-C70E4AB8F971}
2015-03-26 11:02 - 2013-08-22 22:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-03-26 10:42 - 2013-12-20 06:15 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-400893759-885556648-3021147256-1002
2015-03-26 10:41 - 2014-12-11 10:01 - 00000000 ____D () C:\Users\lenovo\OneDrive
2015-03-26 10:36 - 2013-12-19 14:59 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-26 10:35 - 2014-12-11 08:57 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-26 10:35 - 2014-07-17 12:49 - 00000218 _____ () C:\WINDOWS\Tasks\AutoKMS.job
2015-03-26 10:35 - 2013-08-22 21:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-26 10:34 - 2013-09-25 18:45 - 00031232 _____ () C:\WINDOWS\system32\VfService.trf
2015-03-26 10:34 - 2013-08-22 20:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-03-26 10:31 - 2013-12-19 14:20 - 00000000 ____D () C:\Users\lenovo\AppData\Roaming\DMCache
2015-03-26 10:31 - 2012-07-26 14:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-03-26 10:14 - 2013-12-21 06:33 - 00000000 ____D () C:\ProgramData\MFAData
2015-03-26 03:20 - 2014-09-24 14:20 - 01202240 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-26 03:01 - 2013-12-21 06:34 - 00000000 ____D () C:\ProgramData\AVG2014
2015-03-26 02:19 - 2013-08-22 21:44 - 05147560 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-26 02:16 - 2014-08-12 04:50 - 00000000 ____D () C:\AdwCleaner
2015-03-26 02:08 - 2013-12-19 06:19 - 00000000 ____D () C:\Users\lenovo\AppData\Local\Adobe
2015-03-26 02:05 - 2013-12-19 06:17 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-26 01:59 - 2013-12-19 14:20 - 00000000 ____D () C:\Users\lenovo\Downloads\Compressed
2015-03-26 01:13 - 2013-12-21 06:33 - 00000000 ____D () C:\Users\lenovo\AppData\Local\Avg2014
2015-03-25 19:35 - 2014-02-22 09:56 - 00000132 _____ () C:\Users\lenovo\AppData\Roaming\Adobe PNG Format CS6 Prefs
2015-03-25 18:55 - 2013-12-19 05:59 - 00000000 ____D () C:\Users\lenovo\AppData\Roaming\Adobe
2015-03-25 15:58 - 2013-08-22 22:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-03-25 12:59 - 2014-12-15 14:28 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-03-25 12:59 - 2014-09-24 16:58 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-03-24 16:57 - 2014-07-07 12:07 - 00000000 ____D () C:\Users\lenovo\.gimp-2.8
2015-03-24 16:34 - 2014-07-07 12:27 - 00000000 ____D () C:\Users\lenovo\AppData\Local\gtk-2.0
2015-03-24 12:48 - 2013-08-22 20:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-03-23 17:09 - 2013-12-22 05:02 - 00000000 ____D () C:\Users\lenovo\AppData\Local\CAPCOM
2015-03-23 17:01 - 2014-12-13 04:01 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2015-03-23 16:10 - 2014-06-01 05:33 - 00000000 ____D () C:\Users\lenovo\AppData\Roaming\DAEMON Tools Lite
2015-03-22 15:42 - 2013-12-19 14:20 - 00000000 ____D () C:\Users\lenovo\Downloads\Video
2015-03-20 21:29 - 2014-08-04 05:37 - 00000000 ____D () C:\Users\lenovo\AppData\Roaming\uTorrent
2015-03-20 21:13 - 2012-07-26 15:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2015-03-18 01:23 - 2013-12-19 13:30 - 00000000 ____D () C:\Users\lenovo\AppData\Roaming\EVDO_Haier
2015-03-18 00:48 - 2014-02-04 10:18 - 00000517 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics
2015-03-16 01:31 - 2013-12-19 14:20 - 00000000 ____D () C:\Users\lenovo\AppData\Roaming\IDM
2015-03-15 22:51 - 2014-11-10 13:06 - 00000000 ____D () C:\Users\lenovo\AppData\Local\AVG Web TuneUp
2015-03-15 18:50 - 2015-01-31 02:14 - 00000000 ____D () C:\Program Files\AVG Web TuneUp
2015-03-15 18:50 - 2014-11-10 13:05 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2015-03-14 16:54 - 2013-08-22 22:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-03-14 16:33 - 2014-08-29 05:27 - 00000122 _____ () C:\Users\lenovo\Desktop\Hotspot.txt
2015-03-12 14:22 - 2013-08-22 22:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-03-11 23:41 - 2013-08-22 22:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-03-11 23:41 - 2013-08-22 22:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-11 23:41 - 2013-08-22 22:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-11 23:41 - 2013-08-22 22:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-11 23:41 - 2013-08-22 22:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-03-11 23:41 - 2013-08-22 22:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-11 23:41 - 2013-08-22 22:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-11 18:30 - 2013-12-27 07:59 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-11 18:23 - 2013-12-27 07:59 - 122905848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-03-11 18:22 - 2014-02-28 11:07 - 00000039 _____ () C:\WINDOWS\vbaddin.ini
2015-03-11 18:22 - 2013-12-19 06:09 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-11 16:27 - 2012-07-26 12:26 - 00000261 _____ () C:\WINDOWS\win.ini
2015-03-05 04:24 - 2014-12-15 14:34 - 00792032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-03-05 04:24 - 2014-12-15 14:34 - 00178144 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-03 18:08 - 2014-04-02 03:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-03-02 12:35 - 2015-02-17 13:29 - 00000000 ____D () C:\ProgramData\Unity
2015-02-28 12:33 - 2015-02-17 13:30 - 00000000 ____D () C:\Users\lenovo\AppData\Roaming\Unity
2015-02-28 10:41 - 2015-02-20 15:21 - 00000000 ____D () C:\Users\lenovo\Documents\SideScrollingGame
2015-02-28 10:31 - 2015-02-17 13:32 - 00000000 ____D () C:\Users\lenovo\Desktop\Unity
2015-02-27 12:19 - 2015-02-17 15:26 - 00000000 ____D () C:\Users\lenovo\Documents\2dTwinShooters
 
==================== Files in the root of some directories =======
 
2014-02-22 09:56 - 2015-03-25 19:35 - 0000132 _____ () C:\Users\lenovo\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-11-11 05:32 - 2014-11-21 04:43 - 0001456 _____ () C:\Users\lenovo\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-03-24 16:37 - 2015-03-24 16:37 - 0001547 _____ () C:\Users\lenovo\AppData\Local\recently-used.xbel
2014-12-06 18:00 - 2014-12-06 18:00 - 0007591 _____ () C:\Users\lenovo\AppData\Local\Resmon.ResmonCfg
2013-09-25 18:43 - 2013-09-25 18:43 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-03-26 03:31
 
==================== End Of Log ============================


#9 Sky9928

Sky9928
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:07:34 PM

Posted 26 March 2015 - 12:05 AM

Must i change my password for all my account in this computer?
 
 
Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by lenovo at 2015-03-26 11:43:26
Running from C:\Users\lenovo\Downloads\Programs
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
"Child of Light" (HKLM-x32\...\{F6DFE348-0ACE-4858-8103-5A7136086EC5}_is1) (Version: 1.0.30640.0 - )
"Thief" (HKLM-x32\...\{7CEA3557-5E36-49EE-9CBF-504EEA99E0DE}_is1) (Version: 1.0.4107.3 (Update 1) - )
µTorrent (HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\uTorrent) (Version: 3.4.2.32691 - BitTorrent Inc.)
Academy of Magic (HKLM-x32\...\Academy of Magic) (Version: 1.3.2.199 - GameHouse, Inc.)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.1 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Alien Isolation, âåðñèÿ 1.0.0.0 (HKLM-x32\...\Alien Isolation_is1) (Version: 1.0.0.0 - RePack by SEYTER)
Alien Sky (HKLM-x32\...\Alien Sky) (Version:  - GameHouse, Inc.)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.100.1611.210 - Alps Electric)
Amnesia: A Machine for Pigs (HKLM-x32\...\Amnesia: A Machine for Pigs_is1) (Version:  - )
Atlantis (HKLM-x32\...\Atlantis) (Version:  - GameHouse, Inc.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4800 - AVG Technologies)
AVG 2014 (Version: 14.0.4311 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4800 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.1.0.411 - AVG Technologies)
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Behaviors SDK (XAML) for Visual Studio (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
BioShock Infinite Complete Edition (HKLM-x32\...\BioShock Infinite_is1) (Version: 1.1.23.631123 - 2K Games)
Bitmap Font Generator (HKLM-x32\...\BMFont) (Version:  - )
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Windows Phone 8.0 (x32 Version: 3.0.30924.0 - Microsoft Corporation) Hidden
BrightstarDB (HKLM-x32\...\{835fa27b-5b0b-48c3-b6a0-4ddfad5550a6}) (Version: 1.7.0.0 - BrightstarDB Project)
BrightstarDB 64-bit 1.7.0.0 (Version: 1.7.0.0 - BrightstarDB Project) Hidden
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Construct 2 r195 (HKLM\...\Construct 2_is1) (Version: 1.0.195.0 - Scirra)
Crysis3 Digital Deluxe (HKLM-x32\...\Crysis3 Digital Deluxe Michigan Games Edition_is1) (Version: 1.0.0.1 - Electronic Arts Inc)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Darksiders II (HKLM-x32\...\Darksiders II_is1) (Version:  - )
Dead Space 3 version 1.0.0.0 (HKLM-x32\...\Dead Space 3_is1) (Version: 1.0.0.0 - )
DMC Devi May Cry © Capcom version 1 (HKLM-x32\...\DMC Devi May Cry © Capcom_is1) (Version: 1 - )
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
DRAGON AGE ORIGINS TEU (HKLM-x32\...\DRAGON AGE ORIGINS *TEU* *ESP/ENG*_is1) (Version:  - )
DreadOut (HKLM-x32\...\DreadOut_is1) (Version:  - )
Emsisoft HiJackFree 4.5 (HKLM-x32\...\Emsisoft HiJackFree_is1) (Version: 4.5 - Emsisoft GmbH)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.28 - Lenovo)
Energy Manager (x32 Version: 1.0.0.28 - Lenovo) Hidden
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
Escape Dead Island ver. 1.0.0.0 (HKLM-x32\...\{50041179-92AZ-28DE-83U8-36FK6M446AC}_is1) (Version: 1.0.0.0 - Deep Silver)
Fences 2 (HKLM-x32\...\Fences 22.01) (Version: 2.01 - Stardock Corporation)
FFmpeg (Windows) for Audacity version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FINAL FANTASY XIII (HKLM-x32\...\FINAL FANTASY XIII_R.G. Gamblers_is1) (Version:  - R.G. Gamblers, Fanfar)
FreeRide Games (HKLM-x32\...\{6C26A305-4549-4A8A-9F03-25719C03B0FB}) (Version: 07.05.80.00 - Exent Technologies)
Game Dev Tycoon version 1.4.5 (HKLM-x32\...\{5BBB8682-1335-410F-A79F-8E5611A54BD0}_is1) (Version: 1.4.5 - Greenheart Games Pty. Ltd.)
GDR 2218 for SQL Server 2012 (KB2716442) (64-bit) (HKLM\...\KB2716442) (Version: 11.0.2218.0 - Microsoft Corporation)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
GlassFish Server Open Source Edition 4.0 (HKLM\...\nbi-glassfish-mod-4.0.0.89.0) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Inno Setup version 5.5.4 (HKLM-x32\...\Inno Setup 5_is1) (Version: 5.5.4 - jrsoftware.org)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.5.1367 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.4.1001 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel® Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java SE Development Kit 7 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
JavaFX Scene Builder 2.0 (HKLM-x32\...\{B4665EB1-1F7A-44F5-AD07-C20A938E8BC2}) (Version: 2.0 - Oracle)
JavaScript Tooling (Version: 12.0.21005 - Microsoft Corporation) Hidden
K-Lite Codec Pack 10.1.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.1.5 - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Launch4j 3.1.0-beta2 (HKLM-x32\...\Launch4j) (Version: 3.1.0-beta2 - Grzegorz Kowal)
Leap Motion Software (HKLM-x32\...\Leap Services) (Version: 2.0.2.16391 - Leap Motion)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.7000 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10233 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5108.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5108.52 - CyberLink Corp.) Hidden
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3423 - CyberLink Corp.) Hidden
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.59.132 - Lenovo)
LINE (HKLM-x32\...\LINE) (Version: 3.9.1.188 - LINE Corporation)
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us (x32 Version: 8.59.29989 - Microsoft) Hidden
LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Marvel Heroes Game (HKLM-x32\...\{ca6069b5-fc6b-4ce8-a03e-2304143706b7}_is1) (Version: 1.0 - Gazillion Entertainment)
Metal Gear Rising Revengeance (HKLM-x32\...\Metal Gear Rising Revengeance_is1) (Version:  - )
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft ASP.Net Web Frameworks 5.0 Security Update (KB2992080) (HKLM-x32\...\{3EC4A844-24F2-46DA-AEFB-FC3080C1BDB9}) (Version: 5.0.20821 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version:  - Microsoft)
Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{9CCE40CE-A9E6-4916-8729-B008558EEF3F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft Silverlight 5 Toolkit December 2011 (HKLM-x32\...\{EC35EE8E-87D1-4E3E-B5CC-D8B1544615F5}) (Version: 5.0.51209.1124 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Policies  (HKLM-x32\...\{DC487E40-046E-42A9-9C7C-5D2B1A7EB211}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 RS Add-in for SharePoint  (HKLM\...\{1527F893-FB8F-45D1-8B83-488E9F5C516C}) (Version: 11.0.2218.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM\...\{8CB0713F-CFE0-445D-BCB2-538465860E1A}) (Version: 11.1.3128.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{03A2AE02-CBC9-4746-A376-0F7BF6AF5F39}) (Version: 11.0.2218.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM\...\{CC8B009A-98C9-497F-99AF-CEBE35D8C0CF}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools – Database Projects – Web installer entry point (HKLM-x32\...\{F3BBC56F-2282-4464-952F-A89772181F30}) (Version: 10.3.20116.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Integrated) - ENU (HKLM-x32\...\{012D26C3-E12A-3BDA-8ECE-DF14E721A507}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications Design-Time 3.0 (HKLM-x32\...\{5A03C202-08B4-3F1D-9A60-A4F53EF1B636}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x64 Runtime 3.0 (HKLM\...\{F14401A9-F0A0-33CC-8444-F60823A60DEB}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 (HKLM-x32\...\{191A6F65-6878-398D-A272-EF011B80F371}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2013 (HKLM-x32\...\{cd09eea6-d0b3-4246-bb80-e047ceadf61f}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft Web Platform Installer 5.0 (HKLM\...\{4D84C195-86F0-4B34-8FDE-4A17EB41306A}) (Version: 5.0.50430.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Middle Earth - Shadow of Mordor (HKLM-x32\...\Middle Earth - Shadow of Mordor_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
NetBeans IDE 7.4 (HKLM\...\nbi-nb-base-7.4.0.0.201310111528) (Version: 7.4 - NetBeans.org)
Nitro Pro 8 (HKLM\...\{34BE77EE-B563-49D7-A8A0-FFD76D29BBD3}) (Version: 8.0.10.7 - Nitro)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
NVIDIA 3D Vision Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.0 - Lenovo)
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
Outlast: Whistleblower (HKLM-x32\...\T3V0bGFzdFdoaXN0bGVibG93ZXI=_is1) (Version: 1 - )
PakkISO 0.4 (HKLM-x32\...\PakkISO_is1) (Version: PakkISO 0.4 by zorted, installer by BitLooter - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Pro Evolution Soccer 2013 (HKLM-x32\...\{C2523AE6-F335-4D0B-BC15-1C07E4ACE629}) (Version: 1.00.0000 - KONAMI)
Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden
Quick Bridge 3.3 (remove only) (HKLM-x32\...\Quick Bridge 3.3) (Version:  - )
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.30158 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6954 - Realtek Semiconductor Corp.)
Resident Evil HD REMASTER (HKLM-x32\...\Resident Evil HD REMASTER_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Resident Evil Revelations (HKLM-x32\...\Resident Evil Revelations_is1) (Version: 1 - CAPCOM)
Resident Evil Revelations 2 - Complete version 1.0.0 (HKLM-x32\...\Resident Evil Revelations 2 - Complete_is1) (Version: 1.0.0 - Capcom)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SharePoint Client Components (Version: 15.0.4481.1505 - Microsoft Corporation) Hidden
Sherlock Holmes Crimes and Punishments (HKLM-x32\...\Sherlock Holmes Crimes and Punishments_is1) (Version:  - )
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Smartfren Connex CE682 UI (HKLM\...\Smartfren Connex CE682 UI_is1) (Version:  - )
South Park The Stick of Truth (HKLM-x32\...\South Park The Stick of Truth_is1) (Version:  - Ubisoft)
SQL Server 2012 Analysis Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 BI Development Studio (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Client Tools (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Common Files (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality client (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality service (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Distributed Replay (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Documentation Components (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Full text search (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Integration Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Management Studio (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Master Data Services (Version: 11.0.2218.0 - Microsoft Corporation) Hidden
SQL Server 2012 Reporting Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 RS_SharePoint_SharedService (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 SQL Data Quality Common (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.0.2100.60 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
Stardock Fences 2 (HKLM-x32\...\Stardock Fences 2) (Version: 2.12 - Stardock Software, Inc.)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
The Evil Within version 1.0.0 (HKLM-x32\...\The Evil Within_is1) (Version: 1.0.0 - 2K Games)
The Legend of Heroes - Trails in the Sky (HKLM-x32\...\The Legend of Heroes - Trails in the Sky_is1) (Version:  - Lyxer_Loader)
The Wolf Among Us (HKLM-x32\...\The Wolf Among Us_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Tiled - Tiled Map Editor (HKLM-x32\...\Tiled) (Version:  - )
Tomb Raider Survival Edition (HKLM-x32\...\Tomb Raider Survival Edition Michigan Games Edition_is1) (Version: 1.0.722.3 - Square Enix)
Transformers Fall of Cybertron (HKLM-x32\...\Transformers Fall of Cybertron_is1) (Version:  - )
Unity (HKLM-x32\...\Unity) (Version: 4.6.1f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
UserGuide (x32 Version: 1.0.0.15 - Lenovo) Hidden
Valiant Hearts The Great War (HKLM-x32\...\Valiant Hearts The Great War_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vs2012 Verification SDK (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Walking Dead (HKLM-x32\...\Walking Dead_is1) (Version:  - Audioslave)
Walking Dead 2 (HKLM-x32\...\Walking Dead 2_is1) (Version:  - Audioslave)
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Weka 3.6.11 (HKLM-x32\...\Weka 3.6.11) (Version: 3.6.11 - Machine Learning Group, University of Waikato, Hamilton, NZ)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Driver Package - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Speech Recognition Macros (HKLM-x32\...\{8DC197D6-F4AB-44E0-ACF7-210355E6F389}) (Version: 1.0.6862.19 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Workflow Manager Client 1.0 (Version: 2.0.30813.2 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.30725.1 - Microsoft Corporation) Hidden
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-2 - BitNami)
yWriter5 (HKLM-x32\...\yWriter5_is1) (Version:  - Spacejock Software)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-400893759-885556648-3021147256-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
 
==================== Restore Points  =========================
 
22-03-2015 23:31:58 Scheduled Checkpoint
26-03-2015 10:26:53 Removed Expresso
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2012-07-26 12:26 - 2015-03-26 11:38 - 00000845 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 *.avg.com
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0CA38F2A-CCE9-4BD4-A957-E6EED65F86DB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-19] (Google Inc.)
Task: {199879B3-DF8E-4841-8DE5-74319B8A6811} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-03-01] ()
Task: {3AE60A10-B27E-4510-9D20-04E9C0B82AA5} - System32\Tasks\KompasAV => C:\Users\lenovo\Downloads\KompasAV\KompasAV.exe
Task: {4D857D15-B806-45DC-99C6-AB1D834C5873} - System32\Tasks\Steam-S-1-8-22-9865GUI => C:\Users\lenovo\AppData\Roaming\Steam\Reversed\steam.exe <==== ATTENTION
Task: {681E8CC8-9D9B-4BD0-BD09-54B5DBBC2907} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-19] (Google Inc.)
Task: {6F663756-EC7E-443C-8F63-7840A4CADF7A} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-stevanus.w28@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {9B342A74-EBC3-49F1-A712-8199FF6462E0} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {9FE7A6F5-0A84-4CC1-8460-4745F6E3A714} - System32\Tasks\AutoKMS => C:\windows\AutoKMS.exe
Task: {B610D5CA-C17F-462A-8A6F-1737A01E724C} - System32\Tasks\{9D7FB23B-1F7A-44F0-AF2C-5BA1753ADD19} => pcalua.exe -a C:\Users\lenovo\Downloads\RagnaOk\Setup.exe -d C:\Users\lenovo\Downloads\RagnaOk
Task: {D87E4BD6-960D-4351-A671-44A82AB17B32} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-03-11] (Microsoft Corporation)
Task: {E6341426-7E2B-4FB1-99AC-28D1730BBD4F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-22] (Piriform Ltd)
Task: {EE0D6C4A-0E92-43DB-8E83-1A5DF7491BB8} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-03-01] ()
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\windows\AutoKMS.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2014-05-01 11:34 - 2014-11-13 07:20 - 00013120 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-03-15 18:50 - 2015-03-15 18:50 - 00620056 ____N () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2014-12-11 08:57 - 2014-11-13 04:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-05-29 06:55 - 2013-05-29 06:55 - 00049368 _____ () C:\Program Files\Lenovo\Bluetooth Software\btwleapi.dll
2015-03-18 00:49 - 2011-09-06 18:50 - 00267776 _____ () C:\Program Files\Smartfren Connex CE682 UI\HEject.exe
2013-09-25 18:45 - 2013-09-25 18:45 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2013-09-25 18:45 - 2013-09-25 18:45 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2013-09-05 15:17 - 2013-09-05 15:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-21 06:23 - 2010-10-21 06:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-03-18 00:49 - 2011-09-06 18:51 - 02095616 _____ () C:\Program Files\Smartfren Connex CE682 UI\App.exe
2013-01-02 10:01 - 2013-01-02 10:01 - 00228264 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbPc.DLL
2013-09-25 18:14 - 2013-05-16 09:09 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2013-09-05 15:14 - 2013-09-05 15:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-21 06:45 - 2010-10-21 06:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-03-18 00:49 - 2011-09-06 18:50 - 00186368 _____ () C:\Program Files\Smartfren Connex CE682 UI\RasDial.dll
2015-03-18 00:49 - 2011-09-06 18:50 - 00324608 _____ () C:\Program Files\Smartfren Connex CE682 UI\pcmWave.dll
2015-03-18 00:49 - 2011-09-06 18:50 - 00403968 _____ () C:\Program Files\Smartfren Connex CE682 UI\ATManager.dll
2015-03-18 00:49 - 2011-09-06 18:50 - 00265216 _____ () C:\Program Files\Smartfren Connex CE682 UI\log.dll
2015-03-22 01:45 - 2015-03-14 17:12 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libglesv2.dll
2015-03-22 01:45 - 2015-03-14 17:12 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libegl.dll
2014-05-01 11:34 - 2014-11-13 07:20 - 00010952 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-03-22 01:45 - 2015-03-14 17:12 - 09278792 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\pdf.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\lenovo\OneDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-400893759-885556648-3021147256-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\lenovo\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\success_desktop_wallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "Fences"
HKLM\...\StartupApproved\Run32: => "YouCam Tray"
HKLM\...\StartupApproved\Run32: => "WinampAgent"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "vProt"
HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\StartupApproved\Run: => "Speech Recognition"
HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\StartupApproved\Run: => "Leap Control Panel"
HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-400893759-885556648-3021147256-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-400893759-885556648-3021147256-500 - Administrator - Disabled)
Guest (S-1-5-21-400893759-885556648-3021147256-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-400893759-885556648-3021147256-1011 - Limited - Enabled)
lenovo (S-1-5-21-400893759-885556648-3021147256-1002 - Administrator - Enabled) => C:\Users\lenovo
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/26/2015 11:25:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20689 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 724
 
Start Time: 01d0677c2f4d5fc7
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: 23242fa4-d370-11e4-bf7a-f82fa8f46a8c
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (03/26/2015 10:41:16 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20689 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 12ac
 
Start Time: 01d06775f92ebbd7
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: ed2f69f4-d369-11e4-bf7a-f82fa8f46a8c
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (03/26/2015 03:43:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.3.9600.17667, time stamp: 0x54c6f7c2
Faulting module name: DesktopDock64.dll, version: 2.12.0.3, time stamp: 0x5293a306
Exception code: 0xc000041d
Fault offset: 0x0000000000078797
Faulting process id: 0x1230
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
Faulting package full name: explorer.exe4
Faulting package-relative application ID: explorer.exe5
 
 
System errors:
=============
Error: (03/26/2015 10:38:33 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Routing and Remote Access service terminated with the following service-specific error: 
%%11004
 
Error: (03/26/2015 10:38:30 AM) (Source: RemoteAccess) (EventID: 20152) (User: )
Description: The currently configured authentication provider failed to load and initialize successfully. The requested name is valid, but no data of the requested type was found.
 
Error: (03/26/2015 10:33:39 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.
 
Error: (03/26/2015 10:33:09 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.
 
Error: (03/26/2015 10:31:19 AM) (Source: DCOM) (EventID: 10010) (User: IDEA-PC)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
 
Error: (03/26/2015 10:31:16 AM) (Source: DCOM) (EventID: 10010) (User: IDEA-PC)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
 
Error: (03/26/2015 10:31:14 AM) (Source: DCOM) (EventID: 10010) (User: IDEA-PC)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
 
Error: (03/26/2015 03:43:19 AM) (Source: DCOM) (EventID: 10010) (User: IDEA-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (03/26/2015 03:43:18 AM) (Source: DCOM) (EventID: 10010) (User: IDEA-PC)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
 
Error: (03/26/2015 03:43:18 AM) (Source: DCOM) (EventID: 10010) (User: IDEA-PC)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2015-03-26 10:40:47.011
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-03-26 10:13:48.190
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4702MQ CPU @ 2.20GHz
Percentage of memory in use: 48%
Total physical RAM: 3848.27 MB
Available physical RAM: 1965.27 MB
Total Pagefile: 7944.27 MB
Available Pagefile: 5437.89 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
 
==================== Drives ================================
 
Drive c: (Windows8_OS) (Fixed) (Total:200.13 GB) (Free:24.68 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:11.66 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:690.43 GB) (Free:129.79 GB) NTFS
Drive h: (Seagate Backup Plus Drive) (Fixed) (Total:931.51 GB) (Free:411.19 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: EE1BDE5F)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 1A8EE431)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#10 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:34 AM

Posted 26 March 2015 - 04:35 AM

Step 1

Upload File(s) to virustotal.png
I want you to upload the following file(s) to an online virus-scanner to scan.

  • Click the Choose File button.
  • Please copy/paste the following text into the 'File name:' box:
    C:\Users\lenovo\AppData\Roaming\Steam\Reversed\steam.exe 
  • Click Open then click the Scan it! button just below.
  • This will scan the file. Please be patient.
  • If you get a message saying File already analyzed: click Reanalyse
  • Copy and Paste the link of the result page in your reply;

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#11 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:34 AM

Posted 26 March 2015 - 05:33 AM

Please repeat the Malwarebytes Scan and follow the instructions:
 

Malware Database: v2015.03.09.05

 

Must i change my password for all my account in this computer

 
Online accounts? Better safe than sorry.
 
 
After virustotal upload above, please proceed with these steps:

Step 1

frst.pngfrstfix.png

Press the w8.png + R on your keyboard at the same time. Type notepad and click OK.

  • Copy the entire content of the codebox below and paste into the notepad document:
    CloseProcesses:
    Task: {3AE60A10-B27E-4510-9D20-04E9C0B82AA5} - System32\Tasks\KompasAV => C:\Users\lenovo\Downloads\KompasAV\KompasAV.exe
    Task: {4D857D15-B806-45DC-99C6-AB1D834C5873} - System32\Tasks\Steam-S-1-8-22-9865GUI => C:\Users\lenovo\AppData\Roaming\Steam\Reversed\steam.exe 
    Task: {9FE7A6F5-0A84-4CC1-8460-4745F6E3A714} - System32\Tasks\AutoKMS => C:\windows\AutoKMS.exe
    Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\windows\AutoKMS.exe
    C:\Users\lenovo\AppData\Roaming\Steam\Reversed\steam.exe 
    C:\windows\AutoKMS.exe
    C:\Users\lenovo\Downloads\KompasAV\
    HKLM-x32\...\Run: [] => [X]
    ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} =>  No File
    ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} =>  No File
    ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} =>  No File
    ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} =>  No File
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-21-400893759-885556648-3021147256-1002 -> {012007EE-26B6-4C6C-9383-A4BFFF2592F0} URL = 
    Toolbar: HKU\S-1-5-21-400893759-885556648-3021147256-1002 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
    EmptyTemp:
    
  • Click File, Save As and type fixlist.txt as the File Name.

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please post it to your reply.


Step 2

Please downloadesetlogo.pngOnline Scanner and save it to your Desktop.

  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start installer.pngwith administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Choose the following settings:

settings.png

  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log filelog.pngis created at logpath.png
    Copy and paste the content of this log file in your next reply.

esetlog.png
Note: Do not forget to re-enable your antivirus application after running the above scan!
eset.gif


Edited by deeprybka, 26 March 2015 - 05:36 AM.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#12 Sky9928

Sky9928
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:07:34 PM

Posted 26 March 2015 - 07:29 AM

I can't find the steam.exe in that folder. (I have try view hidden files and use attrib command)

But i find and scan the steam.comp (I am not sure this is the file).

 

https://www.virustotal.com/id/file/d0d025f8ae7412f12bf96de8f0ecd72754c674f8c1d47f1906baaa4e534b9a83/analysis/1427372650/



#13 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:34 AM

Posted 26 March 2015 - 07:32 AM

Please proceed with the next steps.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#14 Sky9928

Sky9928
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:07:34 PM

Posted 26 March 2015 - 08:16 AM

Wait, i have slow and not steady connection



#15 Sky9928

Sky9928
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:07:34 PM

Posted 26 March 2015 - 09:00 AM

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 3/26/2015
Scan Time: 8:18:14 PM
Logfile: 
Administrator: Yes
 
Version: 2.01.4.1018
Malware Database: v2015.03.26.04
Rootkit Database: v2015.02.25.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: lenovo
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 943956
Time Elapsed: 40 min, 45 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users