Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

need help removing trojan spy eyes


  • This topic is locked This topic is locked
8 replies to this topic

#1 Kevin Hill

Kevin Hill

  • Members
  • 190 posts
  • OFFLINE
  •  
  • Local time:09:00 PM

Posted 11 September 2015 - 08:51 AM

it keeps being caught by emsisoft emergency , but never gets quarantined, and keeps showing up, it is in the recycle bin



BC AdBot (Login to Remove)

 


m

#2 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:09:00 PM

Posted 11 September 2015 - 12:07 PM

Hello,

Please follow the instructions in ==>This Guide<== starting at step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then post them in a reply to this topic by using the Add Reply button.

If you can produce at least some of the logs, then please create the post and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the reply and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.


Edited by jntkwx, 11 September 2015 - 12:07 PM.

Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#3 Kevin Hill

Kevin Hill
  • Topic Starter

  • Members
  • 190 posts
  • OFFLINE
  •  
  • Local time:09:00 PM

Posted 11 September 2015 - 01:58 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version:10-09-2015 01
Ran by kjh71pc (2015-09-11 14:56:39)
Running from C:\Users\kjh71pc\Downloads
Windows 8.1 (X64) (2015-08-25 06:25:24)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2448382089-3538881294-790544520-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-2448382089-3538881294-790544520-501 - Limited - Disabled)
kjh71pc (S-1-5-21-2448382089-3538881294-790544520-1001 - Administrator - Enabled) => C:\Users\kjh71pc
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Anvi Smart Defender 2.4 (HKLM-x32\...\Anvi Smart Defender) (Version: 2.4 - Anvisoft)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Clean My Registry v5.3 (HKLM-x32\...\Clean My Registry_is1) (Version: 5.3 - Smart PC Solutions)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.5.3414 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fix-It Registry Optimizer v3.0 (HKLM-x32\...\Fix-It Registry Optimizer_is1) (Version: 3.0 - Smart PC Solutions)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
HP Connected Backup (HKLM-x32\...\{6BA5F6E7-6CC1-4117-816D-A549A06CE44E}) (Version: 8.7.0.0 - Autonomy)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1206 - Hewlett-Packard)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
Lotto Pro (HKLM-x32\...\{C7C6031B-9828-9CD3-8687-07A74048547C}) (Version: 8.33.0.0 - Data Solutions)
magicJack (HKU\S-1-5-21-2448382089-3538881294-790544520-1001\...\magicJack) (Version: 4.1.7574.5297 - magicJack L.P.)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
RAIDXpert (HKLM-x32\...\InstallShield_{8A4A80C2-87B1-44FB-BC24-9168930EB150}) (Version: 3.3.1540.28 - AMD)
RAIDXpert (x32 Version: 3.3.1540.28 - AMD) Hidden
Ralink Bluetooth Stack64 (HKLM\...\{95DF815D-BE2D-9118-F549-39794C5869CF}) (Version: 9.0.725.0 - Ralink Corporation)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.45.0 - Mediatek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.38.115.2015 - Realtek)
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
RegAlyzer (HKLM-x32\...\{296B2D8E-CE82-92AF-B2E8-A646E7CB78A2}_is1) (Version: 1.6.2.16 - Safer-Networking Ltd.)
Registrar Registry Manager 7.75 (HKLM\...\RegistrarHome_is1) (Version:  - Resplendence Software Projects Sp.)
RegRun Security Suite Platinum (HKLM-x32\...\RegRun Security Suite_is1) (Version: 7.77 release - Greatis Software)
Revo Uninstaller Pro 3.1.4 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.4 - VS Revo Group, Ltd.)
Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
SlimCleaner (HKLM-x32\...\{6B8D6199-EE44-4FD7-813A-6D8C62C9B384}) (Version: 4.0.30878 - SlimWare Utilities, Inc.)
SlimCleaner Plus (HKLM\...\{F09879E9-7CA4-460F-B14A-6E55FEFB34F7}) (Version: 2.2.1 - SlimWare Utilities, Inc.)
SlimDrivers (HKLM-x32\...\{746AB259-6474-4111-8966-1C62F9A6E063}) (Version: 2.3.1 - SlimWare Utilities, Inc.)
Smart Toolbar Remover v2.2 (HKLM-x32\...\Smart Toolbar Remover_is1) (Version: 2.2 - Smart PC Solutions)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.5.43 - Safer-Networking Ltd.)
StartIsBack+ (HKLM-x32\...\StartIsBack) (Version: 1.7.5 - startisback.com)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1204 - SUPERAntiSpyware.com)
Trojan Remover 6.9.2 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.2 - Simply Super Software)
UVK - Ultra Virus Killer (HKLM\...\UVK - Ultra virus killer) (Version: 7.3.7.0 - Carifred)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
31-08-2015 18:07:10 RegRun Virus Scan
05-09-2015 21:38:25 JRT Pre-Junkware Removal
06-09-2015 19:14:04 Revo Uninstaller Pro's restore point - redir.dll
08-09-2015 21:34:17 Revo Uninstaller Pro's restore point - amd64_microsoft-windows-d..ger-redir.resources_31bf3856ad364e35_6.3.9600.16384_en-us_d361d6a2d52d6c9f
08-09-2015 21:42:59 Revo Uninstaller Pro's restore point - {18165758-115C-4DC0-9EC2-FF89F725767F}
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2012-07-26 01:26 - 2015-08-28 11:38 - 00000747 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {014AFA22-BAE1-4DC5-A3AB-4DC9162DAEA8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {12DFDBDC-DF82-4F04-BDC1-482D46D87A98} - System32\Tasks\ASD_Main => C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASD2.exe [2014-11-23] (Anvisoft)
Task: {28A66FA1-3E6A-4ED8-990C-20DF0B19DF3B} - System32\Tasks\FixItRegistryOptimizer => C:\Program Files (x86)\Smart PC Solutions\Fix-It Registry Optimizer\ROptSchedule.exe [2014-12-12] (Smart PC Solutions)
Task: {3A6A5DCF-F117-4CFA-840C-0DC4841BD2B8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-21] (Google Inc.)
Task: {4CCF1832-C27F-411E-8F54-2192414CAD52} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {4E1615EC-6B70-40EE-84BA-81EAABE8858B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {51FA4561-7527-46E6-AA22-91F68A2F0DA2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-21] (Google Inc.)
Task: {5531C528-22D7-441E-8AA6-61ECB3376A2D} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe
Task: {5C0023CE-AA13-4990-A298-3C0104D6E859} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {6A550B78-0E03-4C3E-94B6-DEAA7029EE5F} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2015-07-27] (Symantec Corporation)
Task: {7A81C2F4-F4DD-4A6C-A9E6-A97AC5A64A69} - \SlimCleaner Run -> No File <==== ATTENTION
Task: {8DCFB963-06C5-4CE9-B79E-E455E4766F0B} - \SlimDrivers Startup -> No File <==== ATTENTION
Task: {BE1CDF6E-C6DB-4D5F-95C5-EB59AB972E7A} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {C4A4374F-0A34-4756-A817-C087FF31DC0D} - System32\Tasks\HPCeeScheduleForkjh71pc => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {E9DCA052-0B33-43A4-A50B-0709B698B25D} - System32\Tasks\RegRun WatchDog Schedule Task => C:\Program Files (x86)\Greatis\RegRunSuite\watchdog.exe [2015-07-21] (Greatis Software)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForkjh71pc.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2014-11-21 00:23 - 2014-11-21 00:23 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 09:08 - 2014-02-11 09:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 09:08 - 2014-02-11 09:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2014-11-21 00:23 - 2014-11-21 00:23 - 00127488 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2012-09-19 21:37 - 2012-09-19 21:37 - 00017160 _____ () C:\windows\system32\BsHelpCSps.dll
2012-09-19 21:37 - 2012-09-19 21:37 - 00062216 _____ () C:\windows\system32\BlueSoleilCSps.dll
2012-09-19 21:37 - 2012-09-19 21:37 - 00029960 _____ () C:\windows\system32\BsTrace.dll
2012-08-29 13:02 - 2012-08-29 13:02 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-08-29 13:02 - 2012-08-29 13:02 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-08-29 13:02 - 2012-08-29 13:02 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2015-08-25 02:26 - 2015-08-25 02:26 - 00120224 _____ () C:\Users\kjh71pc\AppData\Local\assembly\dl3\7LKTZA41.QKM\5OGAT13T.2G2\ba0df539\00ef7209_0886cd01\HPItunesModule.DLL
2014-11-18 03:15 - 2014-11-18 03:15 - 00493568 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\http_hook.dll
2012-09-06 12:10 - 2012-09-06 12:10 - 00536576 _____ () C:\Program Files (x86)\AMD\RAIDXpert\bin\libxml2.dll
2014-04-29 22:04 - 2014-04-29 22:04 - 00088080 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\libglog.dll
2014-11-20 04:17 - 2014-11-20 04:17 - 01026560 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASD2Engine.dll
2014-11-18 03:14 - 2014-11-18 03:14 - 00032768 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\fsmlib.dll
2014-04-29 21:27 - 2014-04-29 21:27 - 00649744 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\sqlite3.dll
2014-04-29 22:04 - 2014-04-29 22:04 - 00038928 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\fuzzy.dll
2014-04-29 22:04 - 2014-04-29 22:04 - 00093712 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\zlibwapi.dll
2014-11-18 03:15 - 2014-11-18 03:15 - 00125952 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ExtractImpl.dll
2014-11-18 03:15 - 2014-11-18 03:15 - 00021504 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\UnpackImpl.dll
2014-11-18 03:14 - 2014-11-18 03:14 - 00252928 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\pyunpacker.dll
2012-09-19 21:37 - 2012-09-19 21:37 - 00029960 _____ () C:\WINDOWS\SYSTEM32\BsTrace.dll
2012-09-24 17:27 - 2012-09-24 17:27 - 00335176 _____ () c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll
2012-05-02 20:28 - 2012-05-02 20:28 - 00012800 _____ () c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\AMP\IVTAMPRL.dll
2012-09-19 21:37 - 2012-09-19 21:37 - 00017160 _____ () C:\windows\SYSTEM32\BsHelpCSps.dll
2012-09-19 21:37 - 2012-09-19 21:37 - 00062216 _____ () C:\windows\SYSTEM32\BlueSoleilCSps.dll
2015-08-30 19:46 - 2014-05-13 15:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-08-30 19:46 - 2014-05-13 15:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-08-30 19:46 - 2014-05-13 15:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-08-30 19:46 - 2012-08-23 13:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-11-20 04:17 - 2014-11-20 04:17 - 00300032 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\UserProfile.dll
2014-11-20 04:18 - 2014-11-20 04:18 - 00773632 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\CoreScan.dll
2014-11-18 03:15 - 2014-11-18 03:15 - 00117760 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\FileSearcher.dll
2015-08-19 22:17 - 2012-06-07 23:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 14:34 - 2012-06-08 14:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-09-19 21:37 - 2012-09-19 21:37 - 00079624 _____ () C:\WINDOWS\SYSTEM32\BsProfilefunc.dll
2012-09-19 21:37 - 2012-09-19 21:37 - 00363784 _____ () C:\WINDOWS\SYSTEM32\BsExtendFunc.dll
2012-09-19 21:37 - 2012-09-19 21:37 - 00029960 _____ () C:\windows\SYSTEM32\BsTrace.dll
2015-09-02 16:16 - 2015-08-27 20:17 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libglesv2.dll
2015-09-02 16:16 - 2015-08-27 20:17 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libegl.dll
2015-09-02 16:16 - 2015-08-27 20:17 - 16393032 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:1F8C9007
AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9
AlternateDataStreams: C:\Users\kjh71pc\OneDrive:ms-properties
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2448382089-3538881294-790544520-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\kjh71pc\Pictures\Chrysoberyl cat's eye.gif
DNS Servers: 64.66.234.253 - 64.66.235.253
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{768E5ACA-C42C-44B6-9278-DA562E4DF454}] => (Block) C:\users\kjh71pc\appdata\roaming\mjusbsp\magicjack.exe
FirewallRules: [{7BD4774D-EB72-46E2-BE82-3A48DE972321}] => (Block) C:\users\kjh71pc\appdata\roaming\mjusbsp\magicjack.exe
FirewallRules: [UDP Query User{18BF0BC3-E4E0-4926-89BC-2B7B53A92D42}C:\users\kjh71pc\appdata\roaming\mjusbsp\magicjack.exe] => (Allow) C:\users\kjh71pc\appdata\roaming\mjusbsp\magicjack.exe
FirewallRules: [TCP Query User{EE2D4CD2-8CF1-4F07-89B7-64AC5C7ABCB6}C:\users\kjh71pc\appdata\roaming\mjusbsp\magicjack.exe] => (Allow) C:\users\kjh71pc\appdata\roaming\mjusbsp\magicjack.exe
FirewallRules: [{8C534475-B044-4C86-A0FC-3C40E2E099E5}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{BCA096C7-3053-4A0F-815B-CDB19A7655D9}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{4D500A6F-7A44-4737-8BEA-2B3F630122BD}] => (Allow) C:\Program Files\UVK - Ultra Virus Killer\UVK_en.exe
FirewallRules: [{8507B7AF-40B2-40EE-A4E6-F6BFD25A7AFB}] => (Allow) C:\Program Files\UVK - Ultra Virus Killer\UVK_en.exe
FirewallRules: [{A3027470-E857-488E-8082-38ED395CABD7}] => (Allow) LPort=1900
FirewallRules: [{F7F78406-8A19-470D-84A2-8A4111D47659}] => (Allow) LPort=2869
FirewallRules: [{E170664A-5F44-49A1-A13E-4217335067A7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{62E27E71-1A06-4D56-BE20-D8D90E355FBB}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{902F30CE-208A-4071-A6AE-863D0E4FF103}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{7D7FB916-A5F1-4C72-9326-F8A663347F14}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C5E2ED15-E5CE-49AB-ACBB-417DDDCAB2D4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{901D0D75-8E6B-4F19-80A1-C5CE17657075}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{94F15672-C360-413F-A929-3194E4DB6F76}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{52F00E57-5E4C-4324-959B-7AF72039D105}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{75EBA2B8-69AC-4006-A9F5-7BA7D9D029E6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{18049D36-4CAF-4344-A446-5F072DB6149A}] => (Allow) LPort=53000
FirewallRules: [{4C2B3374-7406-4A48-9555-00584E9A0E7B}] => (Allow) LPort=52000
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/11/2015 02:47:52 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=45.0.2454.85;lang=;guid=974EF81EBDA04B6FB12E1D0D7BA90D42;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\f28b4ccc-861e-4eac-9892-a14e488e368e.dmp
 
Error: (09/11/2015 01:24:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: PSIA.exe, version: 3.0.0.10004, time stamp: 0x54784a82
Faulting module name: PSIA.exe, version: 3.0.0.10004, time stamp: 0x54784a82
Exception code: 0xc0000409
Fault offset: 0x00093524
Faulting process id: 0x8a8
Faulting application start time: 0xPSIA.exe0
Faulting application path: PSIA.exe1
Faulting module path: PSIA.exe2
Report Id: PSIA.exe3
Faulting package full name: PSIA.exe4
Faulting package-relative application ID: PSIA.exe5
 
Error: (09/11/2015 12:35:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 45.0.2454.85 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: f38
 
Start Time: 01d0ecafd04751f3
 
Termination Time: 4294967295
 
Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
Report Id: 1c848501-58a3-11e5-be9b-6894237ee206
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (09/11/2015 12:24:46 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: KJH71CAN)
Description: HRESULT:0x8004FF6F
Description:You don’t need to install Microsoft Security Essentials. Your version of Windows includes an updated version of Windows Defender that provides the same level of protection as Microsoft Security Essentials, along with other significant improvements.  <a>For more information on the differences and improvements, see online Help</a>. Error code:0x8004FF6F.
 
Error: (09/11/2015 01:42:33 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
 
Error: (09/10/2015 09:22:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BlueSoleilCS.exe, version: 9.0.723.0, time stamp: 0x5062b290
Faulting module name: tl_filter.dll_unloaded, version: 0.0.0.0, time stamp: 0x505fc6a9
Exception code: 0xc0000094
Fault offset: 0x0000d53d
Faulting process id: 0x714
Faulting application start time: 0xBlueSoleilCS.exe0
Faulting application path: BlueSoleilCS.exe1
Faulting module path: BlueSoleilCS.exe2
Report Id: BlueSoleilCS.exe3
Faulting package full name: BlueSoleilCS.exe4
Faulting package-relative application ID: BlueSoleilCS.exe5
 
Error: (09/10/2015 08:49:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17840 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: dbc
 
Start Time: 01d0ec2b8ebdd5d4
 
Termination Time: 4294967295
 
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
 
Report Id: e20337b8-581e-11e5-be99-6894237ee206
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (09/10/2015 08:48:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 7c8
 
Start Time: 01d0ec2ad0324dc9
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: c426fe10-581e-11e5-be99-6894237ee206
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (09/10/2015 08:25:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 45.0.2454.85 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1340
 
Start Time: 01d0ec1d95ae1d4b
 
Termination Time: 4294967295
 
Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
Report Id: 9b64bc3e-581b-11e5-be99-6894237ee206
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (09/10/2015 06:49:04 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
 
 
System errors:
=============
Error: (09/11/2015 01:25:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Secunia PSI Agent service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (09/11/2015 01:23:20 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.
 
Error: (09/11/2015 01:23:19 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.
 
Error: (09/11/2015 01:23:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Support Assistant Service service failed to start due to the following error: 
%%2
 
Error: (09/11/2015 01:20:42 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 12:58:21 PM on ‎9/‎11/‎2015 was unexpected.
 
Error: (09/11/2015 10:20:45 AM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.
 
Error: (09/11/2015 10:20:44 AM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.
 
Error: (09/11/2015 10:20:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Support Assistant Service service failed to start due to the following error: 
%%2
 
Error: (09/11/2015 10:17:17 AM) (Source: DCOM) (EventID: 10010) (User: KJH71CAN)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
 
Error: (09/11/2015 10:17:16 AM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.
 
 
Microsoft Office:
=========================
Error: (09/11/2015 02:47:52 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=45.0.2454.85;lang=;guid=974EF81EBDA04B6FB12E1D0D7BA90D42;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\f28b4ccc-861e-4eac-9892-a14e488e368e.dmp
 
Error: (09/11/2015 01:24:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a82c0000409000935248a801d0ecb63a269e27C:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\Program Files (x86)\Secunia\PSI\PSIA.exeef5f6479-58a9-11e5-be9c-6894237ee206
 
Error: (09/11/2015 12:35:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe45.0.2454.85f3801d0ecafd04751f34294967295C:\Program Files (x86)\Google\Chrome\Application\chrome.exe1c848501-58a3-11e5-be9b-6894237ee206
 
Error: (09/11/2015 12:24:46 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: KJH71CAN)
Description: HRESULT:0x8004FF6F
Description:You don’t need to install Microsoft Security Essentials. Your version of Windows includes an updated version of Windows Defender that provides the same level of protection as Microsoft Security Essentials, along with other significant improvements.  <a>For more information on the differences and improvements, see online Help</a>. Error code:0x8004FF6F.
 
Error: (09/11/2015 01:42:33 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestc:\users\kjh71pc\downloads\esetsmartinstaller_enu.exe
 
Error: (09/10/2015 09:22:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: BlueSoleilCS.exe9.0.723.05062b290tl_filter.dll_unloaded0.0.0.0505fc6a9c00000940000d53d71401d0ec3041546c48C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exetl_filter.dll88b3d04d-5823-11e5-be9a-6894237ee206
 
Error: (09/10/2015 08:49:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17840dbc01d0ec2b8ebdd5d44294967295C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEe20337b8-581e-11e5-be99-6894237ee206
 
Error: (09/10/2015 08:48:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.209117c801d0ec2ad0324dc94294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exec426fe10-581e-11e5-be99-6894237ee206microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
 
Error: (09/10/2015 08:25:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe45.0.2454.85134001d0ec1d95ae1d4b4294967295C:\Program Files (x86)\Google\Chrome\Application\chrome.exe9b64bc3e-581b-11e5-be99-6894237ee206
 
Error: (09/10/2015 06:49:04 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\kjh71pc\Downloads\esetsmartinstaller_enu.exe
 
 
==================== Memory info =========================== 
 
Processor: AMD FX™-6120 Six-Core Processor 
Percentage of memory in use: 43%
Total physical RAM: 10031.31 MB
Available physical RAM: 5701.12 MB
Total Virtual: 10431.31 MB
Available Virtual: 5336.47 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:918.29 GB) (Free:864.81 GB) NTFS
Drive d: (Recovery Image) (Fixed) (Total:11.11 GB) (Free:1.32 GB) NTFS ==>[system with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.3 GB) (Disk ID: AAE0C9E5)
 
Partition: GPT.
 
==================== End of Addition.txt ============================
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-09-2015 01
Ran by kjh71pc (administrator) on KJH71CAN (11-09-2015 14:55:27)
Running from C:\Users\kjh71pc\Downloads
Loaded Profiles: kjh71pc (Available Profiles: kjh71pc & Administrator)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASD2Srv.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Smart PC Solutions) C:\Program Files (x86)\Smart PC Solutions\Fix-It Registry Optimizer\ROptSchedule.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASD2.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AMD) C:\Windows\SysWOW64\WinMsgBalloonServer.exe
(AMD) C:\Windows\SysWOW64\WinMsgBalloonClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\kjh71pc\Downloads\FRST64 (2).exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-08-10] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-11-20] (IDT, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [BtTray] => c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [371976 2012-09-19] (IVT Corporation)
HKLM-x32\...\Run: [TrojanScanner] => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [1911712 2015-05-14] (Simply Super Software)
HKLM-x32\...\Run: [@RegRunOnSecure] => C:\Program Files (x86)\Greatis\RegRunSuite\OnSecure.exe [61712 2015-01-27] (Greatis Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.)
HKLM-x32\...\runonceex: [Flags] =>
HKLM-x32\...\runonceex: [Title] => RegRun II Secure Start
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoDriveAutoRun-] 0
HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun-] 0
HKLM\...\Policies\Explorer: [NoToolbarCustomize] 0
HKLM\...\Policies\Explorer: [NoBandCustomize] 0
ShellExecuteHooks-x32: ShellObj Class - {F552DDE6-2090-4bf4-B924-6141E87789A5} - C:\Program Files (x86)\Greatis\RegRunSuite\RRShell.dll [335943 2009-04-06] (Greatis Software, LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2015-08-30]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
BootExecute: autocheck autochk * sdnclean64.exePartizan
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\..\Interfaces\{7EB516E3-B9E8-4A68-9710-7B280563BA23}: [NameServer] 64.66.234.253 64.66.235.253
Tcpip\..\Interfaces\{C1568F74-C9FC-4FC8-B155-F0713B624B12}: [DhcpNameServer] 209.222.18.222 209.222.18.218
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPCON13/19
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\windows\SysWow64\skype4com.dll [2012-09-19] (Skype Technologies)
 
FireFox:
========
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-27] (Google Inc.)
FF Plugin HKU\S-1-5-21-2448382089-3538881294-790544520-1001: anvisoft.com/AdblockPlugin -> C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll [2014-04-29] (Anvisoft)
 
Chrome: 
=======
CHR DefaultSearchKeyword: Default -> lp
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.824\_platform_specific\win_x86\widevinecdmadapter.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\PepperFlash\pepflashplayer.dll ()
CHR Profile: C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-21]
CHR Extension: (YouTube) - C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-21]
CHR Extension: (Google Search) - C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-21]
CHR Extension: (AddToAny: Share Anywhere) - C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffpgijchhhkhnokafdeklpllijgnbche [2015-08-22]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-08-22]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-21]
CHR Extension: (Webcam Toy) - C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2015-08-28]
CHR Extension: (AnviAdblock) - C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhmiofmipcpmhgihiecmpiekcacigpgb [2015-09-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-21]
CHR Extension: (Gmail) - C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-21]
CHR HKLM-x32\...\Chrome\Extension: [lhmiofmipcpmhgihiecmpiekcacigpgb] - C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\chrome.crx [2014-04-29]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2013-11-20] (Andrea Electronics Corporation) [File not signed]
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-21] (Advanced Micro Devices, Inc.) [File not signed]
R2 AMD_RAIDXpert; C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [61440 2012-09-06] (AMD) [File not signed]
R2 ASD2Svc; C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASD2Srv.exe [1187840 2014-11-23] (Anvisoft) [File not signed]
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1612552 2012-09-26] (IVT Corporation)
S2 BootlogService; C:\Program Files (x86)\Greatis\RegRunSuite\BootLogService.exe [65296 2015-07-21] (Greatis Software ©)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [146184 2012-09-19] (IVT Corporation)
U4 BthAvrcpTg; C:\Windows\System32\drivers\BthAvrcpTg.sys [36992 2013-08-22] (Microsoft Corporation)
U4 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [57856 2015-03-08] (Microsoft Corporation)
U4 bthhfhid; C:\Windows\System32\drivers\BthHFHid.sys [30720 2013-08-22] (Microsoft Corporation)
U4 BthHFSrv; C:\Windows\System32\svchost.exe [38792 2014-11-21] (Microsoft Corporation)
U4 BthHFSrv; C:\Windows\SysWOW64\svchost.exe [33088 2014-11-21] (Microsoft Corporation)
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.)
S2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-11-20] (IDT, Inc.) [File not signed]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-07-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 HP Support Assistant Service; "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2015-08-23] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 asd2fsm; C:\Windows\System32\DRIVERS\asd2fsm.sys [51608 2014-11-23] (Anvisoft)
R1 Asdids; C:\Windows\system32\DRIVERS\asdids.sys [50584 2014-11-23] (Anvisoft)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-12-20] (Advanced Micro Devices)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48608 2012-10-02] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 epp64; C:\EEK\bin\epp64.sys [138504 2015-09-08] (Emsisoft GmbH)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-07] (Malwarebytes Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 tilfilter; C:\Windows\System32\drivers\TIxHCIlfilter.sys [17672 2015-03-03] (Texas Instruments, Inc.)
R3 tiufilter; C:\Windows\System32\drivers\TIxHCIufilter.sys [23304 2015-03-03] (Texas Instruments, Inc.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-09-08] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-09-11 14:54 - 2015-09-11 14:54 - 02190848 _____ (Farbar) C:\Users\kjh71pc\Downloads\FRST64 (2).exe
2015-09-11 13:17 - 2015-09-11 13:20 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-09-11 13:17 - 2015-09-11 13:17 - 00003286 _____ C:\WINDOWS\System32\Tasks\ASD_Main
2015-09-11 13:17 - 2015-09-11 13:17 - 00001209 _____ C:\Users\Public\Desktop\Anvi Smart Defender.lnk
2015-09-11 13:17 - 2015-09-11 13:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
2015-09-11 13:17 - 2015-09-11 13:17 - 00000000 ____D C:\ProgramData\Anvisoft
2015-09-11 13:17 - 2015-09-11 13:17 - 00000000 ____D C:\Program Files (x86)\Anvisoft
2015-09-11 13:17 - 2014-11-23 21:40 - 00051608 _____ (Anvisoft) C:\WINDOWS\system32\Drivers\asd2fsm.sys
2015-09-11 13:14 - 2015-09-11 13:15 - 35947248 _____ (Anvisoft) C:\Users\kjh71pc\Downloads\asdsetup.exe
2015-09-11 12:24 - 2015-09-11 12:24 - 14243008 _____ (Microsoft Corporation) C:\Users\kjh71pc\Downloads\mseinstall.exe
2015-09-11 12:24 - 2015-09-11 12:24 - 00002259 _____ C:\WINDOWS\epplauncher.mif
2015-09-11 09:43 - 2015-09-11 09:49 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\NPE
2015-09-11 09:43 - 2015-09-11 09:43 - 03088296 _____ (Symantec Corporation) C:\Users\kjh71pc\Downloads\NPE.exe
2015-09-11 09:27 - 2015-09-11 09:27 - 00000237 _____ C:\Users\kjh71pc\Documents\black star.txt
2015-09-10 21:18 - 2015-09-11 10:17 - 00077312 _____ (Emsisoft GmbH) C:\WINDOWS\system32\eamclean.exe
2015-09-10 21:18 - 2015-09-11 10:17 - 00000382 _____ C:\WINDOWS\system32\eamclean.dat
2015-09-10 21:01 - 2015-09-10 21:01 - 00001005 _____ C:\Users\kjh71pc\Downloads\SuperDAT.log
2015-09-10 21:00 - 2015-09-10 21:00 - 00000346 _____ C:\Users\kjh71pc\Documents\mbr.txt
2015-09-10 20:59 - 2015-09-10 21:01 - 03723803 _____ C:\Users\kjh71pc\Downloads\epo5800eng.zip
2015-09-10 20:56 - 2015-09-10 21:00 - 94300600 _____ (McAfee, Inc.) C:\Users\kjh71pc\Downloads\7920xdat.exe
2015-09-10 16:55 - 2015-09-10 16:55 - 00001072 _____ C:\Users\kjh71pc\Downloads\tdsskiller (2).exe
2015-09-10 16:42 - 2015-09-10 16:43 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\kjh71pc\Downloads\tdsskiller (1).exe
2015-09-10 16:42 - 2015-09-10 16:42 - 00891392 _____ (Farbar) C:\Users\kjh71pc\Downloads\MiniToolBox (5).exe
2015-09-10 16:41 - 2015-09-11 14:55 - 00016212 _____ C:\Users\kjh71pc\Downloads\FRST.txt
2015-09-10 16:41 - 2015-09-11 14:55 - 00000000 ____D C:\FRST
2015-09-10 16:41 - 2015-09-10 16:41 - 00899072 _____ (Farbar) C:\Users\kjh71pc\Downloads\FSS (2).exe
2015-09-10 16:40 - 2015-09-10 16:40 - 02190848 _____ (Farbar) C:\Users\kjh71pc\Downloads\FRST64 (1).exe
2015-09-10 16:38 - 2015-09-10 16:39 - 02190848 _____ (Farbar) C:\Users\kjh71pc\Downloads\FRST64.exe
2015-09-09 14:01 - 2015-09-09 14:09 - 00001626 _____ C:\Users\kjh71pc\Documents\planet X december.txt
2015-09-09 11:38 - 2015-09-09 11:38 - 00000311 _____ C:\Users\kjh71pc\Documents\2013-2020.txt
2015-09-09 10:03 - 2015-09-09 10:03 - 00000486 _____ C:\Users\kjh71pc\Documents\different direction.txt
2015-09-08 22:20 - 2015-09-01 22:56 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-09-08 22:20 - 2015-09-01 22:55 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-08 22:20 - 2015-09-01 22:50 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-08 22:20 - 2015-09-01 22:17 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-08 22:20 - 2015-09-01 22:13 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-08 22:20 - 2015-08-22 14:19 - 25188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-08 22:20 - 2015-08-22 13:35 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-08 22:20 - 2015-08-22 13:34 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-08 22:20 - 2015-08-22 13:22 - 19856384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-08 22:20 - 2015-08-22 13:21 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-08 22:20 - 2015-08-22 13:20 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-08 22:20 - 2015-08-22 12:55 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-08 22:20 - 2015-08-22 12:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-08 22:20 - 2015-08-22 12:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-09-08 22:20 - 2015-08-22 12:45 - 00665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-08 22:20 - 2015-08-22 12:44 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-09-08 22:20 - 2015-08-22 12:41 - 14451712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-08 22:20 - 2015-08-22 12:41 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-09-08 22:20 - 2015-08-22 12:41 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-09-08 22:20 - 2015-08-22 12:41 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-09-08 22:20 - 2015-08-22 12:39 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-09-08 22:20 - 2015-08-22 12:28 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-08 22:20 - 2015-08-22 12:26 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-08 22:20 - 2015-08-22 12:23 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-09-08 22:20 - 2015-08-22 12:22 - 12857344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-08 22:20 - 2015-08-22 12:20 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-09-08 22:20 - 2015-08-22 12:18 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-09-08 22:20 - 2015-08-22 12:18 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-09-08 22:20 - 2015-08-22 12:18 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-09-08 22:20 - 2015-08-22 12:14 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-09-08 22:20 - 2015-08-22 12:01 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-09-08 22:20 - 2015-08-22 12:00 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-08 22:20 - 2015-08-22 11:56 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-09-08 22:20 - 2015-08-22 11:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-09-08 22:20 - 2015-07-30 13:18 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2015-09-08 22:20 - 2015-07-30 12:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2015-09-08 22:20 - 2015-07-22 10:34 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-08 22:20 - 2015-07-22 10:33 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-08 22:20 - 2015-07-22 10:25 - 02461184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-08 22:20 - 2015-07-22 10:25 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-08 22:20 - 2015-07-18 14:31 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-08 22:20 - 2015-07-18 14:29 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-08 22:20 - 2015-07-18 14:29 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-08 22:20 - 2015-07-18 14:27 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-08 22:19 - 2015-08-03 17:15 - 00074928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2015-09-08 22:19 - 2015-08-03 17:15 - 00065600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2015-09-08 22:19 - 2015-08-01 10:22 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2015-09-08 22:19 - 2015-07-31 23:47 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2015-09-08 22:19 - 2015-07-31 23:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2015-09-08 22:19 - 2015-07-31 23:38 - 01265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-08 22:19 - 2015-07-31 23:37 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2015-09-08 22:19 - 2015-07-31 23:37 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2015-09-08 22:16 - 2015-08-26 22:48 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-09-08 22:16 - 2015-08-26 14:00 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-09-08 22:16 - 2015-08-26 14:00 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-09-08 22:16 - 2015-08-26 14:00 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-09-08 22:16 - 2015-08-26 14:00 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-09-08 22:16 - 2015-08-26 10:46 - 03705344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-08 22:16 - 2015-08-26 10:29 - 02240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-09-08 22:16 - 2015-08-26 10:27 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-09-08 22:16 - 2015-08-26 10:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-09-08 22:16 - 2015-08-26 10:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-09-08 22:16 - 2015-08-26 10:26 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-09-08 22:16 - 2015-08-26 10:26 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-09-08 22:15 - 2015-09-02 22:18 - 02531400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-09-08 22:15 - 2015-09-02 22:17 - 01903848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-09-08 22:15 - 2015-09-02 14:48 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-09-08 22:15 - 2015-09-02 13:09 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-09-08 21:47 - 2015-09-08 21:48 - 01660416 _____ C:\Users\kjh71pc\Downloads\adwcleaner_5.007 (1).exe
2015-09-08 21:47 - 2015-09-08 21:48 - 00891392 _____ (Farbar) C:\Users\kjh71pc\Downloads\MiniToolBox (4).exe
2015-09-08 21:40 - 2015-09-08 21:40 - 00891392 _____ (Farbar) C:\Users\kjh71pc\Downloads\MiniToolBox (3).exe
2015-09-08 21:31 - 2015-09-08 21:32 - 00891392 _____ (Farbar) C:\Users\kjh71pc\Downloads\MiniToolBox (2).exe
2015-09-08 21:30 - 2015-09-08 21:31 - 01660416 _____ C:\Users\kjh71pc\Downloads\adwcleaner_5.007.exe
2015-09-08 21:08 - 2015-09-08 21:08 - 00153535 _____ C:\Users\kjh71pc\Documents\the-surprising-resurgence_b_8104486.html
2015-09-07 12:02 - 2015-09-07 12:02 - 00000495 _____ C:\Users\kjh71pc\Documents\sony xperia.txt
2015-09-06 13:39 - 2015-09-06 13:39 - 00000080 _____ C:\Users\kjh71pc\Documents\nibiru.txt
2015-09-05 21:42 - 2015-09-05 21:42 - 00001358 _____ C:\Users\kjh71pc\Desktop\JRT.txt
2015-09-05 21:38 - 2015-08-31 18:44 - 01799392 _____ (Malwarebytes Corporation) C:\Users\kjh71pc\Desktop\JRT.exe
2015-09-01 20:51 - 2015-09-08 20:07 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\Adobe
2015-09-01 20:24 - 2015-09-01 20:24 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\Titanium
2015-09-01 20:24 - 2015-09-01 20:24 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\Apple Computer
2015-09-01 20:24 - 2015-09-01 20:24 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\Apple Computer
2015-09-01 20:23 - 2015-09-11 13:21 - 00000000 ____D C:\Program Files\pia_manager
2015-09-01 20:23 - 2015-09-01 20:23 - 00031232 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys
2015-09-01 20:23 - 2015-09-01 20:23 - 00003162 _____ C:\WINDOWS\System32\Tasks\Private Internet Access Startup
2015-09-01 20:23 - 2015-09-01 20:23 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Private Internet Access
2015-09-01 20:21 - 2015-09-01 20:22 - 25723531 _____ C:\Users\kjh71pc\Downloads\installer_win (2).exe
2015-08-30 23:58 - 2015-08-30 23:58 - 00001816 _____ C:\Users\kjh71pc\Desktop\HP Support Assistant.lnk
2015-08-30 23:53 - 2015-08-30 23:53 - 45508096 _____ C:\HP Support Assistant.msi
2015-08-30 23:53 - 2015-08-30 23:52 - 00021494 _____ C:\0x0409.ini
2015-08-30 23:00 - 2015-08-30 23:00 - 00000135 _____ C:\Users\kjh71pc\Documents\planet x sept.txt
2015-08-30 20:23 - 2015-08-30 20:23 - 00001087 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2015-08-30 20:23 - 2015-08-30 20:23 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\Secunia PSI
2015-08-30 20:23 - 2015-08-30 20:23 - 00000000 ____D C:\Program Files (x86)\Secunia
2015-08-30 20:22 - 2015-08-30 20:23 - 05490752 _____ (Secunia) C:\Users\kjh71pc\Downloads\PSISetup.exe
2015-08-30 19:47 - 2015-08-30 19:47 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2015-08-30 19:46 - 2015-08-30 20:09 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-08-30 19:46 - 2015-08-30 19:46 - 00001405 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-08-30 19:46 - 2015-08-30 19:46 - 00001393 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-08-30 19:46 - 2015-08-30 19:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-08-30 19:46 - 2015-06-16 20:32 - 00020760 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean64.exe
2015-08-30 19:44 - 2015-09-10 21:29 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-30 19:34 - 2015-08-30 19:34 - 02097712 _____ C:\Users\kjh71pc\Downloads\AppManagerSetup_2.0 (1).exe
2015-08-30 19:33 - 2015-08-30 19:33 - 02097712 _____ C:\Users\kjh71pc\Downloads\AppManagerSetup_2.0.exe
2015-08-30 19:33 - 2015-08-30 19:33 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\gnupg
2015-08-30 19:31 - 2015-08-30 19:31 - 10758854 _____ C:\Users\kjh71pc\Downloads\Appupdater-2.2.exe
2015-08-30 19:28 - 2015-08-30 19:28 - 00302011 _____ C:\Users\kjh71pc\Downloads\WindowsUpdateDiagnostic (2).diagcab
2015-08-29 13:28 - 2015-08-29 13:28 - 00347816 _____ (Microsoft Corporation) C:\Users\kjh71pc\Downloads\MicrosoftFixit.IEAddon.FISC.136428921790027.1.3.Run.exe
2015-08-29 13:27 - 2015-08-29 13:27 - 00347816 _____ (Microsoft Corporation) C:\Users\kjh71pc\Downloads\MicrosoftFixit.Performance.FISC.136428921790027.1.2.Run.exe
2015-08-29 13:26 - 2015-08-29 13:26 - 00450352 _____ (Microsoft Corporation) C:\Users\kjh71pc\Downloads\FixitCenter_Run_2012.exe
2015-08-29 13:24 - 2015-08-29 13:24 - 00347816 _____ (Microsoft Corporation) C:\Users\kjh71pc\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.Run.exe
2015-08-28 23:35 - 2015-08-28 23:35 - 00001096 _____ C:\Users\kjh71pc\Documents\AntiMalwareScanset.a2s
2015-08-28 19:25 - 2015-08-28 19:31 - 103565472 _____ (Kaspersky Lab ZAO) C:\Users\kjh71pc\Downloads\KVRT (2).exe
2015-08-28 19:14 - 2015-08-28 19:14 - 00302011 _____ C:\Users\kjh71pc\Downloads\WindowsUpdateDiagnostic (1).diagcab
2015-08-28 11:53 - 2015-08-28 11:53 - 00001112 _____ C:\Users\kjh71pc\Documents\AdwCleaner[C2].txt
2015-08-28 11:41 - 2015-08-28 11:41 - 00008510 _____ C:\Users\kjh71pc\Documents\rk_2190.tmp.txt
2015-08-28 11:07 - 2015-08-28 11:47 - 00000000 ____D C:\WINDOWS\pss
2015-08-27 23:03 - 2015-08-27 23:03 - 00000000 ____D C:\ProgramData\Ralink Driver
2015-08-27 23:03 - 2014-03-29 17:18 - 02510536 _____ (Ralink Technology, Corp.) C:\WINDOWS\system32\Drivers\netr28x.sys
2015-08-27 23:03 - 2013-12-18 00:06 - 00332080 _____ (Ralink Technology, Inc.) C:\WINDOWS\system32\RaCoInstx.dll
2015-08-27 23:03 - 2013-12-17 17:41 - 00013973 _____ C:\WINDOWS\system32\RaCoInst.dat
2015-08-27 23:02 - 2015-08-27 23:02 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\InstallShield
2015-08-27 22:43 - 2015-08-27 22:43 - 00302011 _____ C:\Users\kjh71pc\Downloads\WindowsUpdateDiagnostic.diagcab
2015-08-27 22:01 - 2013-03-08 04:48 - 00058536 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\usbfilter.sys
2015-08-27 22:00 - 2015-08-27 22:00 - 00000000 ____D C:\Program Files\ATI Technologies
2015-08-27 21:18 - 1999-12-31 20:00 - 00881368 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys
2015-08-27 21:18 - 1999-12-31 20:00 - 00073800 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2015-08-27 19:03 - 2015-08-27 19:03 - 00069494 _____ C:\WINDOWS\SysWOW64\CCCInstall_201508271603280447.log
2015-08-27 19:03 - 2015-08-27 19:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-08-27 17:19 - 2015-08-27 17:19 - 00000488 _____ C:\Users\kjh71pc\Desktop\Ci-access - Shortcut.lnk
2015-08-27 17:05 - 2015-09-11 09:16 - 00003934 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A139336D-FC4A-4510-9661-9C6105663018}
2015-08-27 16:51 - 2015-08-27 16:51 - 00002483 _____ C:\Users\Public\Desktop\SlimCleaner.lnk
2015-08-27 16:51 - 2015-08-27 16:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimCleaner
2015-08-27 16:51 - 2015-08-27 16:51 - 00000000 ____D C:\Program Files (x86)\SlimCleaner
2015-08-27 15:52 - 2015-08-27 15:52 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-27 15:51 - 2015-08-27 15:59 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-08-27 15:51 - 2015-08-27 15:51 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-08-27 15:48 - 2015-09-11 13:20 - 00000250 _____ C:\WINDOWS\SysWOW64\PARTIZAN.TXT
2015-08-27 15:43 - 2015-08-27 15:43 - 00058610 _____ C:\WINDOWS\SysWOW64\CCCInstall_201508271243340445.log
2015-08-27 15:43 - 2015-08-27 15:43 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\Raptr
2015-08-27 15:43 - 2015-08-27 15:43 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-08-27 15:43 - 2015-08-27 15:43 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2015-08-27 15:40 - 2015-08-27 15:40 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-27 15:39 - 2015-08-27 19:02 - 00000000 ____D C:\Program Files\AMD
2015-08-27 15:37 - 2015-08-27 21:40 - 00000000 ____D C:\AMD
2015-08-27 15:09 - 2015-08-27 15:09 - 00000000 ____D C:\ProgramData\SlimWare Utilities, Inc
2015-08-27 15:07 - 2015-08-27 15:07 - 00002499 _____ C:\Users\Public\Desktop\SlimDrivers.lnk
2015-08-27 15:05 - 2015-08-27 15:05 - 00001324 _____ C:\Users\kjh71pc\Desktop\Clean My Registry.lnk
2015-08-27 15:05 - 2015-08-27 15:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clean My Registry
2015-08-27 15:04 - 2015-08-27 15:05 - 03111176 _____ (Smart PC Solutions ) C:\Users\kjh71pc\Downloads\driverupdater (1).exe
2015-08-27 15:04 - 2015-08-27 15:05 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\Smart PC Solutions
2015-08-27 15:04 - 2015-08-27 15:04 - 03111176 _____ (Smart PC Solutions ) C:\Users\kjh71pc\Downloads\driverupdater.exe
2015-08-27 15:04 - 2015-08-27 15:04 - 00003310 _____ C:\WINDOWS\System32\Tasks\FixItRegistryOptimizer
2015-08-27 15:04 - 2015-08-27 15:04 - 00001390 _____ C:\Users\kjh71pc\Desktop\Fix-It Registry Optimizer.lnk
2015-08-27 15:04 - 2015-08-27 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fix-It Registry Optimizer
2015-08-27 15:03 - 2015-08-27 15:05 - 00000000 ____D C:\Program Files (x86)\Smart PC Solutions
2015-08-27 15:03 - 2015-08-27 15:04 - 00001465 _____ C:\Users\kjh71pc\Desktop\Click To Find and Fix PC Errors.lnk
2015-08-27 15:03 - 2015-08-27 15:04 - 00001372 _____ C:\Users\kjh71pc\Desktop\Smart Toolbar Remover.lnk
2015-08-27 15:03 - 2015-08-27 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Toolbar Remover
2015-08-27 14:38 - 2015-08-27 14:38 - 00000000 ____D C:\$WINDOWS.~BT
2015-08-27 14:37 - 2015-08-27 14:37 - 19648448 _____ (Microsoft Corporation) C:\Users\kjh71pc\Downloads\MediaCreationToolx64.exe
2015-08-27 14:37 - 2015-08-27 14:37 - 00000000 ___HD C:\$Windows.~WS
2015-08-26 19:20 - 2015-08-26 21:19 - 00000146 _____ C:\Users\kjh71pc\Documents\my lottario.txt
2015-08-26 19:02 - 2015-08-26 19:02 - 00000053 _____ C:\Users\kjh71pc\Documents\geek for cheap.txt
2015-08-26 18:53 - 2015-08-26 18:53 - 00000070 _____ C:\Users\kjh71pc\Documents\lottario numbers.txt
2015-08-26 00:32 - 2015-07-30 10:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-26 00:32 - 2015-07-30 09:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-25 20:20 - 2014-04-15 19:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-08-25 20:20 - 2014-04-15 19:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-08-25 20:19 - 2015-01-05 23:01 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-08-25 20:19 - 2015-01-05 22:59 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-08-25 20:19 - 2015-01-05 21:12 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2015-08-25 20:19 - 2015-01-05 21:02 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2015-08-25 20:18 - 2015-03-14 04:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-08-25 20:18 - 2015-03-14 04:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-08-25 20:16 - 2015-07-22 10:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-08-25 20:16 - 2015-07-22 09:52 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-25 20:16 - 2015-07-17 10:15 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-08-25 20:16 - 2015-07-17 10:10 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-08-25 20:16 - 2015-07-03 17:51 - 01380056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-08-25 20:16 - 2015-07-03 10:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-08-25 20:16 - 2015-06-27 07:47 - 00118616 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2015-08-25 20:16 - 2015-04-30 21:13 - 06521800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2015-08-25 20:16 - 2015-04-30 21:13 - 01488000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-08-25 20:16 - 2015-04-30 21:13 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2015-08-25 20:16 - 2014-11-17 16:17 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-08-25 20:16 - 2014-11-17 16:17 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-08-25 20:16 - 2014-11-14 02:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-08-25 20:16 - 2014-11-14 02:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-08-25 20:16 - 2014-11-14 02:46 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-08-25 20:06 - 2015-07-13 15:10 - 00411455 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-25 20:06 - 2015-07-09 12:14 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-08-25 20:06 - 2015-06-19 13:07 - 02819072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-08-25 20:06 - 2014-11-15 15:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-08-25 20:06 - 2014-11-15 02:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-08-25 20:06 - 2014-11-14 02:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-25 20:06 - 2014-11-14 01:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-25 20:06 - 2014-11-10 14:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-08-25 20:06 - 2014-11-10 14:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-08-25 20:06 - 2014-11-09 22:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-08-25 20:06 - 2014-11-09 21:37 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-08-25 20:06 - 2014-11-09 21:34 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-08-25 20:06 - 2014-11-09 21:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-08-25 20:06 - 2014-11-09 21:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-08-25 20:06 - 2014-11-09 21:09 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-08-25 20:06 - 2014-11-09 21:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2015-08-25 20:06 - 2014-11-09 21:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-08-25 20:06 - 2014-11-09 20:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2015-08-25 20:06 - 2014-11-09 20:57 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-08-25 20:06 - 2014-11-08 00:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2015-08-25 20:06 - 2014-11-07 23:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2015-08-25 20:06 - 2014-11-07 23:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2015-08-25 20:06 - 2014-11-07 23:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2015-08-25 20:06 - 2014-11-07 23:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2015-08-25 20:06 - 2014-11-07 23:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2015-08-25 20:06 - 2014-11-07 23:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2015-08-25 20:06 - 2014-11-07 23:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2015-08-25 20:06 - 2014-11-07 23:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2015-08-25 20:06 - 2014-11-07 22:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2015-08-25 20:06 - 2014-11-07 22:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-08-25 20:06 - 2014-11-07 22:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-08-25 20:06 - 2014-11-07 22:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-08-25 20:06 - 2014-11-07 21:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-08-25 20:06 - 2014-11-07 21:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-08-25 20:06 - 2014-11-06 23:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-08-25 20:06 - 2014-11-06 23:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-08-25 20:06 - 2014-11-04 22:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2015-08-25 20:06 - 2014-11-04 22:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2015-08-25 20:06 - 2014-11-04 22:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2015-08-25 20:06 - 2014-11-04 21:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-08-25 20:06 - 2014-11-04 21:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-08-25 20:06 - 2014-11-04 21:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-08-25 20:06 - 2014-11-04 21:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2015-08-25 20:06 - 2014-11-04 21:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2015-08-25 20:06 - 2014-11-04 21:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2015-08-25 20:06 - 2014-11-04 21:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2015-08-25 20:06 - 2014-11-04 21:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-08-25 20:06 - 2014-11-04 21:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-08-25 20:06 - 2014-11-04 21:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2015-08-25 20:06 - 2014-11-04 21:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2015-08-25 20:06 - 2014-11-04 15:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-08-25 20:06 - 2014-11-04 02:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2015-08-25 20:06 - 2014-11-04 01:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2015-08-25 20:06 - 2014-10-30 19:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-08-25 20:06 - 2014-10-30 19:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-08-25 20:06 - 2014-10-28 23:05 - 00551232 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2015-08-25 20:06 - 2014-10-28 21:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2015-08-25 20:06 - 2014-10-28 21:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2015-08-25 20:06 - 2014-10-20 21:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2015-08-25 20:06 - 2014-10-20 21:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2015-08-25 20:06 - 2014-10-20 20:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2015-08-25 20:06 - 2014-10-20 20:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-08-25 20:06 - 2014-10-20 20:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2015-08-25 20:06 - 2014-10-20 20:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2015-08-25 20:06 - 2014-10-20 20:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2015-08-25 20:06 - 2014-10-17 00:56 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-08-25 20:06 - 2014-10-16 23:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-08-25 20:05 - 2015-07-13 23:27 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe
2015-08-25 20:05 - 2015-07-10 15:06 - 00118272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2015-08-25 20:05 - 2015-06-09 18:39 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2015-08-25 20:05 - 2015-06-09 18:39 - 00053248 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2015-08-25 20:05 - 2015-06-09 18:38 - 01201664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-08-25 17:54 - 2015-08-25 17:54 - 00000916 _____ C:\Users\kjh71pc\Desktop\Registrar Registry Manager.lnk
2015-08-25 17:54 - 2015-08-25 17:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registrar Registry Manager
2015-08-25 17:54 - 2015-08-25 17:54 - 00000000 ____D C:\Program Files\Registrar Registry Manager
2015-08-25 17:52 - 2015-08-25 17:52 - 05032752 _____ (Resplendence Software Projects Sp. ) C:\Users\kjh71pc\Downloads\RegistrarHomeV7.exe
2015-08-25 17:51 - 2015-08-25 17:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safer Networking
2015-08-25 17:51 - 2015-08-25 17:51 - 00000000 ____D C:\Program Files (x86)\Safer Networking
2015-08-25 17:50 - 2015-08-25 17:50 - 01752632 _____ (Safer-Networking Ltd. ) C:\Users\kjh71pc\Downloads\regalyz-1.6.2.16.exe
2015-08-25 17:00 - 2015-08-25 17:00 - 00000000 _RSHD C:\comment.htt
2015-08-25 15:30 - 2015-09-11 13:22 - 00000000 ____D C:\ProgramData\RegRun
2015-08-25 15:30 - 2015-08-25 15:30 - 00000002 RSHOT C:\WINDOWS\winstart.bat
2015-08-25 15:30 - 2015-08-25 15:30 - 00000002 RSHOT C:\WINDOWS\SysWOW64\CONFIG.NT
2015-08-25 15:30 - 2015-08-25 15:30 - 00000002 RSHOT C:\WINDOWS\SysWOW64\AUTOEXEC.NT
2015-08-25 15:29 - 2015-09-09 22:33 - 00000000 ____D C:\Users\Public\Documents\regruninfo
2015-08-25 15:29 - 2015-09-08 22:10 - 00000000 ____D C:\Users\kjh71pc\Documents\RegRun2
2015-08-25 15:29 - 2015-08-25 15:29 - 00043312 _____ (Greatis Software) C:\WINDOWS\system32\Partizan.exe
2015-08-25 15:29 - 2015-08-25 15:29 - 00003352 _____ C:\WINDOWS\System32\Tasks\RegRun WatchDog Schedule Task
2015-08-25 15:29 - 2015-08-25 15:29 - 00001188 _____ C:\Users\kjh71pc\Desktop\RegRun Control Center.lnk
2015-08-25 15:29 - 2015-08-25 15:29 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disabled Startup Items
2015-08-25 15:29 - 2015-08-25 15:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegRun Security Suite
2015-08-25 15:29 - 2015-08-25 15:29 - 00000000 ____D C:\Program Files (x86)\Greatis
2015-08-25 15:29 - 2015-07-21 20:41 - 01385232 _____ (Greatis Software) C:\WINDOWS\RunGuard.exe
2015-08-25 15:29 - 2015-07-21 20:41 - 00020240 _____ C:\WINDOWS\WinBait.org
2015-08-25 15:29 - 2015-07-21 20:41 - 00020240 _____ C:\WINDOWS\WinBait.exe
2015-08-25 15:29 - 2003-09-06 18:55 - 00057556 _____ C:\WINDOWS\guard.bmp
2015-08-25 15:26 - 2015-08-25 15:27 - 27019849 _____ C:\Users\kjh71pc\Downloads\regrunplat.zip
2015-08-25 15:26 - 2015-08-25 15:27 - 01679089 _____ C:\Users\kjh71pc\Downloads\shortcutantivirus.zip
2015-08-25 14:55 - 2015-08-25 14:55 - 00000975 _____ C:\WINDOWS\system32\Drivers\etc\hosts.trb
2015-08-25 14:49 - 2015-08-28 11:13 - 00001123 _____ C:\Users\Public\Desktop\Trojan Remover.lnk
2015-08-25 14:49 - 2015-08-28 11:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
2015-08-25 14:49 - 2015-08-28 11:13 - 00000000 ____D C:\Program Files (x86)\Trojan Remover
2015-08-25 14:49 - 2015-08-25 14:49 - 00000000 ____D C:\Users\kjh71pc\Documents\Simply Super Software
2015-08-25 14:49 - 2015-08-25 14:49 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\Simply Super Software
2015-08-25 14:49 - 2015-08-25 14:49 - 00000000 ____D C:\ProgramData\Simply Super Software
2015-08-25 14:45 - 2015-08-25 14:48 - 38982112 _____ (Simply Super Software ) C:\Users\kjh71pc\Downloads\trjsetup692 (1).exe
2015-08-25 14:40 - 2015-08-25 14:43 - 29376248 _____ (Simply Super Software ) C:\Users\kjh71pc\Downloads\trjsetup692.exe
2015-08-25 13:18 - 2015-04-29 19:22 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2015-08-25 13:18 - 2015-03-17 13:26 - 00467776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-08-25 13:17 - 2015-06-28 01:07 - 00442712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2015-08-25 13:17 - 2015-06-28 01:07 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-08-25 13:17 - 2015-06-28 01:06 - 01311960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-08-25 13:17 - 2015-06-28 01:06 - 00332120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2015-08-25 13:17 - 2015-06-27 12:42 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-08-25 13:17 - 2015-06-26 23:13 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2015-08-25 13:17 - 2015-06-26 23:12 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2015-08-25 13:17 - 2015-06-26 23:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2015-08-25 13:17 - 2015-06-26 22:40 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-08-25 13:17 - 2015-06-26 22:05 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-08-25 13:17 - 2015-06-26 22:00 - 00989184 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-08-25 13:17 - 2015-06-26 21:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-08-25 13:17 - 2015-06-26 21:26 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-08-25 13:17 - 2015-05-30 17:18 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-08-25 13:17 - 2015-05-30 15:36 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-08-25 13:17 - 2015-05-30 15:35 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-08-25 13:17 - 2015-03-30 01:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-08-25 13:17 - 2015-03-08 22:02 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-08-25 13:17 - 2015-01-26 23:44 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-08-25 13:17 - 2015-01-23 21:51 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-08-25 13:17 - 2015-01-23 03:17 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-08-25 13:17 - 2015-01-23 01:02 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-08-25 13:17 - 2014-12-08 15:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-08-25 13:17 - 2014-12-08 15:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-25 13:17 - 2014-12-08 15:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-08-25 13:17 - 2014-12-08 15:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-08-25 13:17 - 2014-12-08 15:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-08-25 13:17 - 2014-12-08 15:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-08-25 13:17 - 2014-12-08 15:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-08-25 13:17 - 2014-12-08 15:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-08-25 13:17 - 2014-11-09 22:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-08-25 13:17 - 2014-11-09 21:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-08-25 13:16 - 2015-07-09 14:40 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-08-25 13:16 - 2015-06-26 23:08 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-08-25 13:16 - 2015-06-26 23:08 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-08-25 13:16 - 2015-06-26 22:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-08-25 13:16 - 2015-06-15 18:41 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-08-25 13:16 - 2015-06-15 18:24 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-08-25 13:16 - 2015-06-15 17:16 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-08-25 13:16 - 2015-06-15 17:09 - 03607552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-08-25 13:16 - 2015-05-07 11:21 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2015-08-25 13:16 - 2015-05-07 11:05 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2015-08-25 13:16 - 2014-12-19 04:57 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-08-25 13:16 - 2014-12-19 04:25 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-08-25 13:16 - 2014-10-30 18:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-08-25 13:16 - 2014-10-30 18:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-08-25 13:13 - 2015-05-07 13:50 - 22292672 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-25 13:13 - 2015-05-07 13:00 - 03109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-08-25 13:13 - 2015-05-07 12:53 - 19734960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-25 13:13 - 2015-05-07 12:12 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-08-25 13:13 - 2015-04-30 19:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-08-25 13:13 - 2015-04-30 18:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-08-25 13:13 - 2015-04-09 20:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-25 13:13 - 2015-04-09 20:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-25 13:13 - 2015-01-28 21:58 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-08-25 13:13 - 2015-01-28 21:29 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-08-25 13:13 - 2014-12-08 23:45 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-08-25 13:13 - 2014-12-08 21:56 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-08-25 13:12 - 2015-03-19 23:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-08-25 13:12 - 2015-03-19 23:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-08-25 13:12 - 2015-03-19 22:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-08-25 13:12 - 2015-03-19 22:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-08-25 13:12 - 2015-03-19 21:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-08-25 13:12 - 2015-03-03 21:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-08-25 13:12 - 2015-03-03 21:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-08-25 13:12 - 2015-03-01 21:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-08-25 13:12 - 2015-03-01 21:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-08-25 13:12 - 2015-01-28 21:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-08-25 13:11 - 2015-07-15 20:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-25 13:11 - 2015-07-15 20:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-25 13:11 - 2015-07-15 20:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-25 13:11 - 2015-07-15 20:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-25 13:11 - 2015-07-10 13:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-25 13:11 - 2015-04-01 18:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-08-25 13:11 - 2015-04-01 18:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-08-25 13:11 - 2015-03-31 23:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-08-25 13:11 - 2015-03-31 22:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-08-25 13:11 - 2015-03-12 21:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-08-25 13:11 - 2015-03-12 20:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-08-25 13:11 - 2015-01-29 23:01 - 00097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-08-25 13:11 - 2015-01-29 23:00 - 00167424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2015-08-25 13:10 - 2015-04-08 18:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-08-25 13:10 - 2015-04-02 20:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-08-25 13:10 - 2015-04-02 20:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-08-25 13:10 - 2015-03-12 22:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-08-25 13:10 - 2014-12-11 22:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-08-25 13:10 - 2014-11-04 15:25 - 00059712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2015-08-25 13:10 - 2014-11-04 15:25 - 00051008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2015-08-25 13:10 - 2014-11-04 02:55 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-08-25 13:10 - 2014-11-04 02:54 - 00108544 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-08-25 13:10 - 2014-11-04 02:54 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-08-25 13:10 - 2014-11-04 02:54 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-08-25 10:38 - 2014-06-09 18:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-08-25 10:38 - 2014-06-09 18:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-08-25 10:37 - 2015-03-23 17:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-08-25 10:37 - 2015-03-23 17:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2015-08-25 10:37 - 2015-03-19 23:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-08-25 10:37 - 2015-03-19 22:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2015-08-25 10:36 - 2015-07-13 15:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-25 10:36 - 2015-07-13 15:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-25 10:36 - 2015-07-01 18:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-25 10:36 - 2015-07-01 18:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-25 10:36 - 2015-07-01 17:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-25 10:36 - 2015-07-01 17:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-25 10:36 - 2015-03-20 00:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-08-25 10:36 - 2015-03-20 00:10 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-08-25 10:36 - 2015-03-20 00:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-08-25 10:36 - 2014-10-28 21:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-08-25 10:36 - 2014-10-28 21:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-08-25 10:36 - 2014-10-28 21:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-08-25 10:36 - 2014-10-28 21:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-08-25 10:36 - 2014-10-28 21:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-08-25 10:36 - 2014-10-28 21:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-08-25 10:28 - 2015-07-28 19:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-25 10:28 - 2015-07-28 10:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-25 10:28 - 2015-07-28 10:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-25 10:28 - 2015-07-28 10:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-25 10:28 - 2015-07-28 10:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-25 10:28 - 2015-07-28 10:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-25 10:28 - 2015-07-28 10:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-25 10:28 - 2015-06-26 19:21 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-08-25 10:28 - 2015-05-21 09:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-08-25 10:27 - 2015-04-24 22:25 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2015-08-25 10:27 - 2015-04-09 20:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-25 10:27 - 2015-04-09 20:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-08-25 10:27 - 2015-03-05 22:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-08-25 10:27 - 2015-02-20 19:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-08-25 10:26 - 2015-05-03 11:09 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-25 10:26 - 2015-05-03 10:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-25 10:26 - 2015-05-03 10:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-08-25 10:26 - 2015-05-03 10:49 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-08-25 10:26 - 2015-04-13 18:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-08-25 10:26 - 2015-04-13 18:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-08-25 10:26 - 2015-04-08 18:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-08-25 10:26 - 2015-02-17 19:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-08-25 10:25 - 2015-07-07 05:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-25 10:25 - 2015-07-07 05:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-25 10:25 - 2015-07-07 05:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-25 10:25 - 2015-06-12 13:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-25 10:25 - 2015-06-12 12:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-25 10:25 - 2015-02-02 19:53 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-08-25 10:25 - 2015-02-02 19:53 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-08-25 10:24 - 2015-03-12 22:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-08-25 10:24 - 2015-03-12 22:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-08-25 10:24 - 2015-01-27 22:24 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-08-25 10:24 - 2015-01-27 21:47 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-08-25 10:24 - 2014-12-19 02:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-08-25 10:22 - 2015-02-02 20:03 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-08-25 10:22 - 2015-02-02 20:02 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-08-25 10:22 - 2015-01-29 22:03 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-08-25 10:22 - 2015-01-29 22:03 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-08-25 10:22 - 2015-01-29 21:44 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2015-08-25 10:22 - 2015-01-29 21:42 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2015-08-25 10:22 - 2015-01-29 21:29 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2015-08-25 10:20 - 2015-08-25 10:20 - 00007795 _____ C:\Users\kjh71pc\Downloads\msg0003.WAV
2015-08-25 10:05 - 2015-07-16 16:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-25 10:05 - 2015-07-16 16:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-25 10:05 - 2015-07-16 15:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-25 10:05 - 2015-07-16 15:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-25 10:05 - 2015-07-16 15:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-25 10:05 - 2015-07-16 15:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-25 10:05 - 2015-07-16 14:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-25 10:05 - 2015-06-15 18:38 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-08-25 10:05 - 2015-06-15 18:02 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2015-08-25 10:05 - 2015-06-15 17:58 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2015-08-25 10:05 - 2015-06-15 17:57 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-08-25 10:05 - 2015-06-15 17:55 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-08-25 10:05 - 2015-06-15 17:13 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-08-25 10:05 - 2015-06-15 16:47 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2015-08-25 10:05 - 2015-06-15 16:44 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2015-08-25 10:05 - 2015-06-15 16:43 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-08-25 10:05 - 2015-06-15 16:42 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-08-25 10:05 - 2015-06-15 16:41 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-08-25 10:05 - 2015-05-22 23:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-08-25 10:05 - 2015-05-22 14:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-08-25 10:05 - 2015-04-21 12:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-08-25 10:05 - 2015-01-11 22:21 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-08-25 10:05 - 2015-01-11 21:45 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-08-25 10:02 - 2015-07-29 10:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-25 10:02 - 2015-07-29 10:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-25 10:02 - 2015-07-29 10:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-25 10:02 - 2015-07-14 17:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-25 10:02 - 2015-07-14 17:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-25 10:02 - 2015-07-14 17:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-25 10:02 - 2015-07-10 14:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-25 10:02 - 2015-07-10 13:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-25 10:02 - 2015-07-10 13:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-25 10:02 - 2015-07-10 12:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-25 10:02 - 2015-07-09 13:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-25 10:02 - 2015-07-09 13:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-25 10:02 - 2015-07-09 12:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-25 10:02 - 2015-06-16 01:36 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2015-08-25 10:02 - 2015-06-16 01:36 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2015-08-25 10:02 - 2015-06-11 16:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-25 10:02 - 2015-06-11 16:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-25 10:02 - 2015-05-11 12:34 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2015-08-25 10:02 - 2015-04-28 09:13 - 00513480 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-08-25 10:02 - 2015-04-28 09:13 - 00513480 _____ C:\WINDOWS\system32\locale.nls
2015-08-25 10:02 - 2015-04-24 22:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-08-25 10:02 - 2015-04-24 22:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-08-25 10:02 - 2015-04-23 11:47 - 03084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-08-25 10:02 - 2015-04-23 11:16 - 02471424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-08-25 10:02 - 2015-04-16 02:17 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-08-25 10:02 - 2015-04-01 00:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-08-25 10:02 - 2015-04-01 00:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-08-25 10:02 - 2015-04-01 00:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-08-25 10:02 - 2015-03-31 23:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-08-25 10:02 - 2015-03-31 23:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-08-25 10:02 - 2015-03-31 23:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-08-25 10:02 - 2015-03-31 22:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-08-25 10:02 - 2015-03-31 22:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-08-25 10:02 - 2015-03-31 22:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-08-25 10:02 - 2015-03-31 22:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-08-25 10:02 - 2015-03-31 22:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-08-25 10:02 - 2015-03-13 00:03 - 00239424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-08-25 10:02 - 2015-03-13 00:03 - 00154432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-08-25 10:02 - 2015-03-05 23:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-08-25 10:02 - 2015-03-05 22:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-08-25 10:02 - 2015-03-04 06:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-08-25 10:02 - 2015-03-03 23:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-08-25 10:02 - 2015-03-03 22:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2015-08-25 10:02 - 2015-02-24 04:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-08-25 10:02 - 2015-01-30 19:20 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-08-25 10:02 - 2015-01-29 14:45 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-08-25 10:02 - 2015-01-29 14:34 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-08-25 10:02 - 2015-01-27 21:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-08-25 10:02 - 2015-01-27 21:11 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-08-25 10:02 - 2015-01-27 00:22 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-08-25 10:02 - 2015-01-26 22:11 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-08-25 10:02 - 2014-12-05 23:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-08-25 10:02 - 2014-12-05 21:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-08-25 10:01 - 2015-05-12 09:19 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-08-25 10:01 - 2015-05-07 12:47 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2015-08-25 10:01 - 2015-05-03 11:07 - 07784448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2015-08-25 10:01 - 2015-05-03 10:57 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2015-08-25 10:01 - 2015-03-13 21:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-08-25 10:01 - 2015-03-13 20:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-08-25 10:01 - 2015-03-10 21:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-08-25 10:01 - 2015-03-10 21:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-08-25 10:01 - 2015-02-07 19:57 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-08-25 10:01 - 2015-02-07 19:49 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-08-25 10:01 - 2015-01-29 22:02 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-08-25 10:01 - 2015-01-29 21:40 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-08-25 10:01 - 2015-01-29 21:37 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-08-25 10:01 - 2015-01-29 21:24 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-08-25 10:01 - 2015-01-29 21:24 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-08-25 10:01 - 2015-01-29 21:16 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-08-25 10:01 - 2015-01-29 21:08 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-08-25 10:01 - 2015-01-29 21:06 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-08-25 10:01 - 2015-01-27 19:47 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-08-25 10:01 - 2015-01-27 19:41 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-08-25 10:01 - 2014-12-11 01:36 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-08-25 10:01 - 2014-10-18 02:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-08-25 10:01 - 2014-07-23 23:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-08-25 10:01 - 2014-07-23 23:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-08-25 09:48 - 2015-08-28 16:41 - 00000252 _____ C:\WINDOWS\wininit.ini
2015-08-25 08:41 - 2015-08-25 17:47 - 00000000 __SHD C:\Users\kjh71pc\AppData\Local\EmieUserList
2015-08-25 08:41 - 2015-08-25 17:47 - 00000000 __SHD C:\Users\kjh71pc\AppData\Local\EmieSiteList
2015-08-25 08:41 - 2015-08-25 17:47 - 00000000 __SHD C:\Users\kjh71pc\AppData\Local\EmieBrowserModeList
2015-08-25 08:17 - 2015-09-10 21:18 - 00000000 __SHD C:\recycle.bin
2015-08-25 02:52 - 2015-08-27 17:09 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-25 02:52 - 2015-08-25 02:52 - 00000000 __SHD C:\Recovery
2015-08-25 02:51 - 2015-08-27 03:36 - 00000000 ____D C:\Windows.old
2015-08-25 02:50 - 2015-08-25 02:50 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2015-08-25 02:49 - 2015-08-25 02:49 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-08-25 02:49 - 2015-08-25 02:49 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-08-25 02:48 - 2015-08-25 02:48 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-08-25 02:48 - 2015-08-25 02:48 - 00000000 ____D C:\Program Files\MSBuild
2015-08-25 02:48 - 2015-08-25 02:48 - 00000000 ____D C:\inetpub
2015-08-25 02:48 - 2013-08-03 00:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-08-25 02:48 - 2013-08-03 00:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-08-25 02:29 - 2015-08-25 02:29 - 01199488 _____ (www.startisback.com) C:\Users\kjh71pc\Downloads\StartIsBackPlus_setup.exe
2015-08-25 02:28 - 2015-09-11 13:23 - 00000000 ____D C:\Users\kjh71pc\OneDrive
2015-08-25 02:25 - 2015-08-25 02:25 - 00001444 _____ C:\Users\kjh71pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-25 02:25 - 2015-08-25 02:25 - 00000020 ___SH C:\Users\kjh71pc\ntuser.ini
2015-08-25 02:23 - 2015-08-25 02:23 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-08-25 02:10 - 2015-08-25 02:10 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-08-25 02:10 - 2015-08-25 02:10 - 00000000 ____D C:\Users\Default\Documents\hp.system.package.metadata
2015-08-25 02:10 - 2015-08-25 02:10 - 00000000 ____D C:\Users\Default User\Documents\hp.system.package.metadata
2015-08-25 02:05 - 2015-08-25 02:05 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-08-25 02:04 - 2015-09-11 13:21 - 00000000 ____D C:\Users\kjh71pc
2015-08-25 02:04 - 2015-08-28 11:30 - 00000000 ____D C:\Users\Administrator
2015-08-25 02:04 - 2015-08-25 02:05 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-25 02:04 - 2015-08-25 02:05 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-25 02:04 - 2014-11-21 11:57 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-25 02:04 - 2014-11-21 11:57 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-25 02:04 - 2014-11-21 11:57 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-25 02:04 - 2014-11-21 11:57 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-25 02:04 - 2014-11-21 04:52 - 00000369 _____ C:\Users\kjh71pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-08-25 02:04 - 2014-11-21 04:52 - 00000369 _____ C:\Users\kjh71pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-08-25 02:04 - 2014-11-21 04:52 - 00000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-08-25 02:04 - 2014-11-21 04:52 - 00000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-08-25 02:04 - 2013-08-22 11:36 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-25 02:04 - 2013-08-22 11:36 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-25 02:03 - 2015-08-25 02:23 - 00028578 _____ C:\WINDOWS\diagwrn.xml
2015-08-25 02:03 - 2015-08-25 02:23 - 00028578 _____ C:\WINDOWS\diagerr.xml
2015-08-25 02:00 - 2015-09-11 13:42 - 01515200 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-25 02:00 - 2015-08-25 02:05 - 00012096 _____ C:\WINDOWS\iis.log
2015-08-25 02:00 - 2015-08-25 02:00 - 00930400 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-08-25 01:57 - 2015-08-27 23:03 - 00002700 _____ C:\WINDOWS\system32\RaCoInst.log
2015-08-25 01:57 - 2015-08-25 01:57 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2015-08-25 01:56 - 2015-08-25 01:56 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2015-08-25 01:56 - 2015-08-25 01:56 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2015-08-25 01:10 - 2015-08-25 02:23 - 00006705 _____ C:\WINDOWS\comsetup.log
2015-08-25 01:04 - 2015-08-25 01:05 - 01798576 _____ (Malwarebytes Corporation) C:\Users\kjh71pc\Downloads\JRT (2).exe
2015-08-25 00:59 - 2015-08-27 17:20 - 00000438 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2015-08-25 00:47 - 2015-08-27 21:18 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-08-25 00:45 - 2015-08-25 00:47 - 06907928 _____ (Hewlett-Packard Development Company, L.P. ) C:\Users\kjh71pc\Downloads\sp58624.exe
2015-08-25 00:35 - 2015-08-30 23:50 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\hpqlog
2015-08-24 21:05 - 2015-08-24 21:06 - 01798576 _____ (Malwarebytes Corporation) C:\Users\kjh71pc\Downloads\JRT (1).exe
2015-08-24 21:05 - 2015-08-24 21:05 - 00000650 _____ C:\RstHosts.txt
2015-08-24 21:04 - 2015-08-24 21:04 - 00353632 _____ C:\Users\kjh71pc\Downloads\rsthosts_2.0.exe
2015-08-24 21:04 - 2015-08-24 21:04 - 00217144 _____ C:\Users\kjh71pc\Downloads\tsclean_1.1.0.5.zip
2015-08-24 21:04 - 2015-08-24 21:04 - 00000000 ____D C:\Users\kjh71pc\Downloads\tsclean_1.1.0.5
2015-08-24 21:00 - 2015-08-24 21:00 - 01605632 _____ C:\Users\kjh71pc\Downloads\adwcleaner_5.003.exe
2015-08-24 20:40 - 2015-08-24 20:40 - 00000768 _____ C:\WINDOWS\system32\Drivers\etc\new hosts.txt
2015-08-24 20:05 - 2015-08-24 20:05 - 18772040 _____ C:\Users\kjh71pc\Downloads\RogueKiller (2).exe
2015-08-24 20:04 - 2015-08-24 20:04 - 18772040 _____ C:\Users\kjh71pc\Downloads\RogueKiller (1).exe
2015-08-24 19:58 - 2015-08-24 20:01 - 18772040 _____ C:\Users\kjh71pc\Downloads\RogueKiller.exe
2015-08-24 19:44 - 2015-08-24 19:44 - 00023829 _____ C:\ComboFix.txt
2015-08-24 19:21 - 2015-08-24 19:21 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\kjh71pc\Downloads\tdsskiller.exe
2015-08-24 16:18 - 2015-08-24 16:18 - 00891392 _____ (Farbar) C:\Users\kjh71pc\Downloads\MiniToolBox (1).exe
2015-08-24 15:51 - 2015-08-24 15:51 - 00000831 _____ C:\WINDOWS\system32\Drivers\etc\hosts.txt
2015-08-24 15:48 - 2015-08-24 15:48 - 00991232 _____ C:\Users\kjh71pc\Downloads\MicrosoftFixit50267.msi
2015-08-24 15:45 - 2015-09-08 21:41 - 00073140 _____ C:\Users\kjh71pc\Downloads\MTB.txt
2015-08-24 15:45 - 2015-08-24 15:45 - 00891392 _____ (Farbar) C:\Users\kjh71pc\Downloads\MiniToolBox.exe
2015-08-24 02:59 - 2015-08-25 00:33 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2015-08-24 02:13 - 2015-08-25 10:16 - 00000000 ____D C:\WINDOWS\system32\AutoUpdateLicense
2015-08-24 01:50 - 2015-08-24 02:59 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-24 01:10 - 2015-08-24 01:35 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\kjh71pc\Downloads\spybot-2.4.exe
2015-08-24 00:23 - 2015-08-24 00:39 - 102519968 _____ (Kaspersky Lab ZAO) C:\Users\kjh71pc\Downloads\KVRT (1).exe
2015-08-23 20:40 - 2015-03-04 03:26 - 00011105 ____N C:\WINDOWS\system32\AutoconfigV2.cab
2015-08-23 20:28 - 2015-08-23 20:30 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\kjh71pc\Downloads\mbam-setup-2.1.8.1057 (2).exe
2015-08-23 19:48 - 2015-09-07 07:12 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-23 19:48 - 2015-08-25 02:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-23 19:48 - 2015-08-23 19:49 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\kjh71pc\Downloads\mbam-setup-2.1.8.1057 (1).exe
2015-08-23 19:48 - 2015-08-23 19:48 - 00001104 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-08-23 19:48 - 2015-08-23 19:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-23 19:48 - 2015-08-23 19:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-23 19:48 - 2015-06-18 11:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-08-23 19:48 - 2015-06-18 11:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-08-23 19:48 - 2015-06-18 11:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-08-23 19:45 - 2015-08-23 19:45 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\kjh71pc\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-23 18:29 - 2015-08-23 18:29 - 00139264 _____ C:\Users\kjh71pc\Downloads\SystemLook.exe
2015-08-23 18:29 - 2015-08-23 18:29 - 00002258 _____ C:\Users\kjh71pc\Downloads\SystemLook.txt
2015-08-23 18:26 - 2015-08-23 18:26 - 00899072 _____ (Farbar) C:\Users\kjh71pc\Downloads\FSS (1).exe
2015-08-23 18:24 - 2015-09-10 17:28 - 00002886 _____ C:\Users\kjh71pc\Downloads\FSS.txt
2015-08-23 18:23 - 2015-08-23 18:23 - 00899072 _____ (Farbar) C:\Users\kjh71pc\Downloads\FSS.exe
2015-08-23 18:12 - 2015-08-23 18:16 - 00239439 _____ C:\Users\kjh71pc\Downloads\avgremover.log
2015-08-23 18:12 - 2015-08-23 18:12 - 02899344 _____ (AVG Technologies CZ, s.r.o.) C:\Users\kjh71pc\Downloads\avg_remover_stf_x64_2012_2125.exe
2015-08-23 17:55 - 2011-06-26 02:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2015-08-23 17:55 - 2010-11-07 13:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2015-08-23 17:55 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2015-08-23 17:55 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2015-08-23 17:55 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2015-08-23 17:55 - 2000-08-30 20:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2015-08-23 17:55 - 2000-08-30 20:00 - 00098816 _____ C:\WINDOWS\sed.exe
2015-08-23 17:55 - 2000-08-30 20:00 - 00080412 _____ C:\WINDOWS\grep.exe
2015-08-23 17:55 - 2000-08-30 20:00 - 00068096 _____ C:\WINDOWS\zip.exe
2015-08-23 17:54 - 2015-08-27 17:09 - 00000000 ____D C:\Qoobox
2015-08-23 17:54 - 2015-08-23 18:04 - 00000000 ____D C:\WINDOWS\erdnt
2015-08-23 17:53 - 2015-08-24 19:28 - 05635162 ____R (Swearware) C:\Users\kjh71pc\Downloads\ComboFix.exe
2015-08-23 17:12 - 2015-08-23 17:12 - 01798576 _____ (Malwarebytes Corporation) C:\Users\kjh71pc\Downloads\JRT.exe
2015-08-23 15:36 - 2015-08-23 15:36 - 00000117 _____ C:\WINDOWS\system32\netcfg-46296822.txt
2015-08-23 15:36 - 2015-08-23 15:36 - 00000117 _____ C:\WINDOWS\system32\netcfg-46284981.txt
2015-08-23 02:47 - 2015-08-23 02:47 - 00000117 _____ C:\WINDOWS\system32\netcfg-141680.txt
2015-08-23 02:47 - 2015-08-23 02:47 - 00000117 _____ C:\WINDOWS\system32\netcfg-141227.txt
2015-08-23 02:43 - 2015-08-23 02:43 - 00000117 _____ C:\WINDOWS\system32\netcfg-8563222.txt
2015-08-23 02:43 - 2015-08-23 02:43 - 00000117 _____ C:\WINDOWS\system32\netcfg-8562848.txt
2015-08-23 01:50 - 2015-08-23 01:50 - 00000117 _____ C:\WINDOWS\system32\netcfg-5415574.txt
2015-08-23 01:50 - 2015-08-23 01:50 - 00000117 _____ C:\WINDOWS\system32\netcfg-5415137.txt
2015-08-23 01:50 - 2015-08-23 01:50 - 00000117 _____ C:\WINDOWS\system32\netcfg-5387369.txt
2015-08-23 01:50 - 2015-08-23 01:50 - 00000117 _____ C:\WINDOWS\system32\netcfg-5375981.txt
2015-08-23 01:41 - 2015-08-23 01:41 - 00041985 _____ C:\Users\kjh71pc\Downloads\msg0002.WAV
2015-08-23 01:16 - 2015-08-27 15:43 - 00000000 ____D C:\ProgramData\AMD
2015-08-23 01:15 - 2015-09-09 16:05 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\CrashDumps
2015-08-23 01:13 - 2015-08-23 01:12 - 01187342 _____ C:\WINDOWS\system32\amdocl_as64.exe
2015-08-23 01:13 - 2015-08-23 01:12 - 01061902 _____ C:\WINDOWS\system32\amdocl_ld64.exe
2015-08-23 01:13 - 2015-08-23 01:12 - 00995342 _____ C:\WINDOWS\SysWOW64\amdocl_as32.exe
2015-08-23 01:13 - 2015-08-23 01:12 - 00798734 _____ C:\WINDOWS\SysWOW64\amdocl_ld32.exe
2015-08-23 01:13 - 2015-08-23 01:12 - 00332800 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2015-08-23 01:13 - 2015-08-23 01:12 - 00204952 _____ C:\WINDOWS\SysWOW64\ativvsvl.dat
2015-08-23 01:13 - 2015-08-23 01:12 - 00204952 _____ C:\WINDOWS\system32\ativvsvl.dat
2015-08-23 01:13 - 2015-08-23 01:12 - 00157144 _____ C:\WINDOWS\SysWOW64\ativvsva.dat
2015-08-23 01:13 - 2015-08-23 01:12 - 00157144 _____ C:\WINDOWS\system32\ativvsva.dat
2015-08-23 01:13 - 2015-08-23 01:12 - 00118784 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atibtmon.exe
2015-08-23 01:13 - 2015-08-23 01:12 - 00098744 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdW86.sys
2015-08-23 01:13 - 2015-08-23 01:12 - 00051200 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2015-08-23 01:13 - 2015-08-23 01:12 - 00021160 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmafd.sys
2015-08-23 01:13 - 2015-08-23 01:12 - 00003917 _____ C:\WINDOWS\SysWOW64\atipblag.dat
2015-08-23 01:13 - 2015-08-23 01:12 - 00003917 _____ C:\WINDOWS\system32\atipblag.dat
2015-08-23 01:13 - 2013-09-03 14:03 - 09464840 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2015-08-23 01:13 - 2013-09-03 14:03 - 01233080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2015-08-23 01:13 - 2013-09-03 14:03 - 00142792 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2015-08-23 00:23 - 2015-08-23 00:23 - 00000117 _____ C:\WINDOWS\system32\netcfg-152256.txt
2015-08-23 00:23 - 2015-08-23 00:23 - 00000117 _____ C:\WINDOWS\system32\netcfg-151960.txt
2015-08-23 00:15 - 2015-08-23 00:15 - 00000117 _____ C:\WINDOWS\system32\netcfg-4527913.txt
2015-08-23 00:15 - 2015-08-23 00:15 - 00000117 _____ C:\WINDOWS\system32\netcfg-4527554.txt
2015-08-22 23:02 - 2015-08-22 23:02 - 00000117 _____ C:\WINDOWS\system32\netcfg-142725.txt
2015-08-22 23:02 - 2015-08-22 23:02 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\bluesoleil
2015-08-22 23:01 - 2015-08-22 23:01 - 00000117 _____ C:\WINDOWS\system32\netcfg-85816.txt
2015-08-22 22:58 - 2015-08-22 22:58 - 00000117 _____ C:\WINDOWS\system32\netcfg-25200027.txt
2015-08-22 22:58 - 2015-08-22 22:58 - 00000117 _____ C:\WINDOWS\system32\netcfg-25199013.txt
2015-08-22 22:57 - 2015-08-22 22:57 - 00000117 _____ C:\WINDOWS\system32\netcfg-25168795.txt
2015-08-22 22:57 - 2015-08-22 22:57 - 00000117 _____ C:\WINDOWS\system32\netcfg-25157236.txt
2015-08-22 22:29 - 2015-08-22 22:29 - 00000117 _____ C:\WINDOWS\system32\netcfg-23447449.txt
2015-08-22 22:29 - 2015-08-22 22:29 - 00000117 _____ C:\WINDOWS\system32\netcfg-23445421.txt
2015-08-22 22:26 - 2015-09-08 21:52 - 00035064 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-08-22 22:26 - 2015-08-22 22:57 - 00000000 ____D C:\ProgramData\RogueKiller
2015-08-22 22:26 - 2015-08-22 22:26 - 00000117 _____ C:\WINDOWS\system32\netcfg-23301822.txt
2015-08-22 22:26 - 2015-08-22 22:26 - 00000117 _____ C:\WINDOWS\system32\netcfg-23300855.txt
2015-08-22 22:08 - 2015-08-22 22:08 - 00000317 _____ C:\WINDOWS\system32\netcfg-22224994.txt
2015-08-22 21:21 - 2015-09-11 13:22 - 00003620 _____ C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2015-08-22 21:21 - 2015-09-11 13:20 - 00000043 _____ C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2015-08-22 21:19 - 2015-08-22 21:19 - 00001099 _____ C:\WINDOWS\system32\netcfg-19267636.txt
2015-08-22 21:19 - 2015-08-22 21:19 - 00000160 _____ C:\WINDOWS\system32\netcfg-19266482.txt
2015-08-22 21:18 - 2015-08-22 21:19 - 00000745 _____ C:\Users\kjh71pc\Desktop\Start Emsisoft Emergency Kit.lnk
2015-08-22 21:17 - 2015-08-28 23:32 - 00000000 ____D C:\EEK
2015-08-22 21:16 - 2015-08-22 21:16 - 00000000 ____D C:\ProgramData\Ralink Bluetooth Stack
2015-08-22 21:16 - 2015-08-22 21:16 - 00000000 ____D C:\Program Files (x86)\Ralink Corporation
2015-08-22 21:13 - 2015-08-22 21:13 - 00000201 _____ C:\WINDOWS\system32\netcfg-18918054.txt
2015-08-22 21:13 - 2015-08-22 21:13 - 00000201 _____ C:\WINDOWS\system32\netcfg-18915651.txt
2015-08-22 21:05 - 2015-08-22 21:16 - 166475312 _____ C:\Users\kjh71pc\Downloads\EmsisoftEmergencyKit.exe
2015-08-22 20:44 - 2015-08-25 02:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-08-22 20:44 - 2015-08-22 20:44 - 00001810 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2015-08-22 20:44 - 2015-08-22 20:44 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\SUPERAntiSpyware.com
2015-08-22 20:44 - 2015-08-22 20:44 - 00000000 ____D C:\ProgramData\SUPERSetup
2015-08-22 20:44 - 2015-08-22 20:44 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2015-08-22 20:44 - 2015-08-22 20:44 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-08-22 20:33 - 2015-08-24 19:24 - 00000000 ____D C:\TDSSKiller_Quarantine
2015-08-22 19:09 - 2015-09-10 16:40 - 00000000 ____D C:\AdwCleaner
2015-08-22 18:29 - 2015-08-25 02:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2015-08-22 18:29 - 2015-08-22 18:29 - 00001079 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2015-08-22 18:29 - 2015-08-22 18:29 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\VS Revo Group
2015-08-22 18:29 - 2015-08-22 18:29 - 00000000 ____D C:\ProgramData\VS Revo Group
2015-08-22 18:29 - 2015-08-22 18:29 - 00000000 ____D C:\Program Files\VS Revo Group
2015-08-22 18:29 - 2009-12-30 14:21 - 00031800 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2015-08-22 18:27 - 2015-08-22 18:28 - 11069616 _____ (VS Revo Group ) C:\Users\kjh71pc\Downloads\RevoUninProSetup.exe
2015-08-22 18:05 - 2015-08-22 18:05 - 02870984 _____ (ESET) C:\Users\kjh71pc\Downloads\esetsmartinstaller_enu.exe
2015-08-22 18:05 - 2015-08-22 18:05 - 00000000 ____D C:\Program Files (x86)\ESET
2015-08-22 17:59 - 2015-08-25 02:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UVK - Ultra Virus Killer
2015-08-22 17:59 - 2015-08-23 23:22 - 00000000 ____D C:\Program Files\UVK - Ultra Virus Killer
2015-08-22 17:59 - 2015-08-22 20:30 - 00000000 ____D C:\ProgramData\UVK
2015-08-22 17:59 - 2015-08-22 17:59 - 00001808 _____ C:\Users\Public\Desktop\UVK - Ultra Virus Killer.lnk
2015-08-22 17:58 - 2015-08-22 17:59 - 05412864 _____ (Carifred) C:\Users\kjh71pc\Downloads\UVKSetup (1).exe
2015-08-22 16:05 - 2015-08-22 16:05 - 00000117 _____ C:\WINDOWS\system32\netcfg-450671.txt
2015-08-22 16:05 - 2015-08-22 16:05 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\tjnet
2015-08-22 16:00 - 2015-08-22 16:00 - 00000117 _____ C:\WINDOWS\system32\netcfg-129075.txt
2015-08-22 15:58 - 2015-08-22 15:58 - 00000117 _____ C:\WINDOWS\system32\netcfg-72367241.txt
2015-08-22 15:57 - 2015-08-22 15:57 - 00000117 _____ C:\WINDOWS\system32\netcfg-72358084.txt
2015-08-22 15:18 - 2015-08-31 18:05 - 00000358 _____ C:\WINDOWS\Tasks\HPCeeScheduleForkjh71pc.job
2015-08-22 15:18 - 2015-08-30 23:59 - 00003176 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForkjh71pc
2015-08-22 15:17 - 2007-07-27 07:41 - 00023040 _____ C:\WINDOWS\SysWOW64\BeepApp.exe
2015-08-22 15:14 - 2015-08-22 15:14 - 00298816 _____ (Advanced Micro Devices, Inc) C:\WINDOWS\system32\Drivers\ahcix64s.sys
2015-08-22 15:14 - 2015-08-22 15:14 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\WinBatch
2015-08-22 15:09 - 2015-08-29 15:04 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2015-08-22 14:43 - 2015-08-22 14:54 - 00000073 _____ C:\Users\kjh71pc\Documents\ontario lotto 49.txt
2015-08-22 14:39 - 2015-08-25 14:54 - 00000000 ____D C:\ProgramData\Licenses
2015-08-22 14:35 - 2015-08-25 02:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lotto Pro
2015-08-22 14:35 - 2015-08-23 19:48 - 00000000 ____D C:\Program Files (x86)\Windows Lotto Pro 2000
2015-08-22 14:35 - 2015-08-22 14:35 - 00001255 _____ C:\Users\Public\Desktop\Update Lotto Drawing Files.lnk
2015-08-22 14:35 - 2015-08-22 14:35 - 00001166 _____ C:\Users\Public\Desktop\Lotto Pro.lnk
2015-08-22 14:35 - 2015-08-22 14:35 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\Data Solutions
2015-08-22 14:35 - 2000-09-13 11:14 - 00155648 _____ (Vista Software) C:\WINDOWS\SysWOW64\Sde50.dll
2015-08-22 14:35 - 2000-09-13 10:14 - 00266240 _____ (Vista Software) C:\WINDOWS\SysWOW64\SdeNsx50.dll
2015-08-22 13:57 - 2015-08-22 13:58 - 17712624 _____ (Data Solutions) C:\Users\kjh71pc\Downloads\lotpro32 (1).exe
2015-08-22 13:53 - 2015-09-08 22:44 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-22 13:53 - 2015-08-26 18:37 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-22 13:30 - 2015-09-11 13:27 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2448382089-3538881294-790544520-1001
2015-08-22 13:25 - 2015-08-22 13:25 - 00945560 _____ (www.startisback.com) C:\Users\kjh71pc\Downloads\StartIsBack_setup (1).exe
2015-08-22 13:25 - 2015-08-22 13:25 - 00000000 ____D C:\Program Files (x86)\StartIsBack
2015-08-22 13:12 - 2015-09-11 10:19 - 00001007 _____ C:\Users\kjh71pc\Desktop\magicJack.lnk
2015-08-22 13:12 - 2015-09-11 10:19 - 00000993 _____ C:\Users\kjh71pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\magicJack.lnk
2015-08-22 13:12 - 2015-09-11 10:19 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\mjusbsp
2015-08-22 13:12 - 2015-08-22 13:12 - 00000000 ____D C:\ProgramData\magicJack
2015-08-22 13:11 - 2015-08-22 16:05 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\magicJack
2015-08-22 02:53 - 2015-08-22 02:53 - 00000117 _____ C:\WINDOWS\system32\netcfg-25281974.txt
2015-08-22 02:53 - 2015-08-22 02:53 - 00000117 _____ C:\WINDOWS\system32\netcfg-25281834.txt
2015-08-22 02:49 - 2015-08-25 00:57 - 00065536 _____ C:\WINDOWS\system32\Ikeext.etl
2015-08-21 22:35 - 2015-08-22 15:18 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\Hewlett-Packard
2015-08-21 21:53 - 2015-08-21 21:53 - 00000117 _____ C:\WINDOWS\system32\netcfg-7326274.txt
2015-08-21 21:53 - 2015-08-21 21:53 - 00000117 _____ C:\WINDOWS\system32\netcfg-7315027.txt
2015-08-21 20:38 - 2015-08-25 01:29 - 01690934 _____ C:\WINDOWS\WindowsUpdate (1).log
2015-08-21 20:12 - 2013-05-04 00:51 - 00014848 ____N (Microsoft) C:\WINDOWS\system32\rars.rs
2015-08-21 20:12 - 2013-05-04 00:10 - 00014848 ____N (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2015-08-21 20:08 - 2015-09-02 16:16 - 00002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-21 20:08 - 2015-08-25 02:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-21 20:05 - 2015-09-11 14:15 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-21 20:05 - 2015-09-11 13:22 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-21 20:05 - 2015-08-27 20:10 - 00003896 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-21 20:05 - 2015-08-27 20:10 - 00003660 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-21 20:05 - 2015-08-21 20:08 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\Google
2015-08-21 20:05 - 2015-08-21 20:07 - 00000000 ____D C:\Program Files (x86)\Google
2015-08-21 20:04 - 2015-08-21 20:04 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\IDT
2015-08-21 20:04 - 2015-08-21 20:04 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\ATI
2015-08-21 20:04 - 2015-08-21 20:04 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\ATI
2015-08-21 20:03 - 2015-08-21 20:03 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\Apps\2.0
2015-08-21 20:02 - 2015-08-21 20:02 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\Macromedia
2015-08-21 20:01 - 2015-08-21 20:01 - 00000117 _____ C:\WINDOWS\system32\netcfg-579418.txt
2015-08-21 20:01 - 2015-08-21 20:01 - 00000117 _____ C:\WINDOWS\system32\netcfg-575160.txt
2015-08-21 19:59 - 2015-08-21 19:59 - 00008530 _____ C:\Users\kjh71pc\Desktop\Removed Apps.html
2015-08-21 19:59 - 2015-08-21 19:59 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2015-08-21 19:59 - 2015-08-21 19:59 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\Power2Go8
2015-08-21 19:58 - 2015-08-22 15:07 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\Hewlett-Packard
2015-08-21 19:58 - 2015-08-21 19:58 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\Adobe
2015-08-21 19:57 - 2015-08-25 02:07 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
2015-08-21 19:55 - 2015-08-22 14:41 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\VirtualStore
2015-08-21 19:54 - 2015-08-21 19:54 - 00001351 _____ C:\Users\Administrator\AppData\Local\Application.xml
2015-08-21 19:53 - 2015-08-21 19:53 - 00000117 _____ C:\WINDOWS\system32\netcfg-84412.txt
2015-08-21 19:53 - 2015-08-21 19:53 - 00000000 ___HD C:\Users\kjh71pc\Documents\hp.system.package.metadata
2015-08-21 19:34 - 2015-08-22 04:28 - 00000000 ____D C:\sysreset
2015-08-21 18:28 - 2015-08-21 18:28 - 00000031 _____ C:\Users\kjh71pc\Desktop\ont 49.txt
2015-08-21 00:24 - 2015-08-21 00:26 - 25723531 _____ C:\Users\kjh71pc\Downloads\installer_win (1).exe
2015-08-21 00:15 - 2015-08-21 00:18 - 25723531 _____ C:\Users\kjh71pc\Downloads\installer_win.exe
2015-08-21 00:11 - 2015-08-21 00:11 - 00000000 ____D C:\Users\kjh71pc\Documents\ProcAlyzer Dumps
2015-08-20 18:18 - 2015-07-28 20:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-08-20 18:07 - 2015-08-20 18:09 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\kjh71pc\Downloads\spybot-2.4 (1).exe
2015-08-20 16:12 - 2015-08-20 16:13 - 17712624 _____ (Data Solutions) C:\Users\kjh71pc\Downloads\lotpro32.exe
2015-08-20 14:58 - 2015-08-20 15:04 - 35814095 _____ (PCPhoneSoft.com ) C:\Users\kjh71pc\Downloads\gvmateapp2setup.exe
2015-08-20 14:52 - 2015-08-20 14:53 - 13532192 _____ (magicJack L.P.) C:\Users\kjh71pc\Downloads\upgr980.exe
2015-08-20 04:02 - 2015-08-20 04:02 - 00000499 _____ C:\Users\kjh71pc\Desktop\shmita Jubilee.txt
2015-08-20 02:17 - 2015-08-20 02:19 - 18960760 _____ (Hewlett-Packard Development Company, L.P. ) C:\Users\kjh71pc\Downloads\sp58553.exe
2015-08-20 01:35 - 2015-08-21 00:18 - 00000000 ____D C:\Users\kjh71pc\Desktop\mbar
2015-08-20 01:31 - 2015-08-20 01:35 - 16563304 _____ (Malwarebytes Corp.) C:\Users\kjh71pc\Downloads\mbar-1.09.2.1008.exe
2015-08-20 01:26 - 2015-08-20 01:27 - 00945560 _____ (www.startisback.com) C:\Users\kjh71pc\Downloads\StartIsBack_setup.exe
2015-08-20 01:14 - 2015-08-20 01:14 - 00000000 ____D C:\KVRT_Data
2015-08-20 00:53 - 2015-08-20 01:14 - 101836960 _____ (Kaspersky Lab ZAO) C:\Users\kjh71pc\Downloads\KVRT.exe
2015-08-20 00:29 - 2015-08-20 00:38 - 28544408 _____ (LSoft Technologies Inc ) C:\Users\kjh71pc\Downloads\KillDiskSuiteFree-Setup.exe
2015-08-20 00:13 - 2015-08-20 00:15 - 05412864 _____ (Carifred) C:\Users\kjh71pc\Downloads\UVKSetup.exe
2015-08-19 23:32 - 2015-08-19 23:32 - 00000000 ____D C:\Users\kjh71pc\Documents\Bluetooth
2015-08-19 23:31 - 2015-08-19 22:28 - 00002213 _____ C:\Users\Public\Desktop\Snapfish.lnk
2015-08-19 23:30 - 2015-08-27 03:12 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\Packages
2015-08-19 22:41 - 2015-08-19 22:41 - 00000000 __RSH C:\OS
2015-08-19 22:39 - 2015-08-19 22:39 - 00000141 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2015-08-19 22:38 - 2015-08-19 22:38 - 00000142 _____ C:\WINDOWS\system32\netcfg-194408.txt
2015-08-19 22:37 - 2015-08-19 22:37 - 00000000 ____D C:\Users\Administrator\Documents\Bluetooth
2015-08-19 22:37 - 2015-08-19 22:37 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2015-08-19 22:37 - 2015-08-19 22:37 - 00000000 ____D C:\Users\Administrator\AppData\Local\Power2Go8
2015-08-19 22:33 - 2015-08-19 22:33 - 00000117 _____ C:\WINDOWS\system32\netcfg-2035095.txt
2015-08-19 22:32 - 2015-08-19 22:32 - 00000000 ____D C:\Users\Public\Symantec
2015-08-19 22:32 - 2015-08-19 22:32 - 00000000 ____D C:\Program Files (x86)\SymSilent
2015-08-19 22:32 - 2015-08-19 22:32 - 00000000 _____ C:\12NA3RR8605.restore
2015-08-19 22:31 - 2015-08-25 00:40 - 00000000 ____D C:\ProgramData\Norton
2015-08-19 22:30 - 2015-08-25 02:12 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2015-08-19 22:30 - 2015-08-21 19:57 - 00000000 ___RD C:\Program Files\Online Services
2015-08-19 22:29 - 2015-08-25 02:12 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-08-19 22:29 - 2015-08-25 02:12 - 00000000 ____D C:\WINDOWS\en
2015-08-19 22:29 - 2015-08-19 22:29 - 00001377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2015-08-19 22:29 - 2015-08-19 22:29 - 00001308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2015-08-19 22:29 - 2015-08-19 22:29 - 00000000 ____D C:\Program Files (x86)\Windows Live
2015-08-19 22:29 - 2015-08-19 22:29 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-08-19 22:28 - 2015-08-19 22:28 - 00000204 _____ C:\WINDOWS\DirectX.log
2015-08-19 22:28 - 2015-08-19 22:28 - 00000000 ____D C:\Users\Administrator\AppData\Local\Windows Live
2015-08-19 22:28 - 2009-09-04 20:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2015-08-19 22:28 - 2009-09-04 20:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2015-08-19 22:28 - 2009-09-04 20:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2015-08-19 22:28 - 2009-09-04 20:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2015-08-19 22:28 - 2006-11-29 16:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2015-08-19 22:28 - 2006-11-29 16:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2015-08-19 22:25 - 2015-08-19 22:25 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2015-08-19 22:25 - 2015-08-19 22:25 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2015-08-19 22:25 - 2015-08-19 22:25 - 00029480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2015-08-19 22:17 - 2012-06-25 13:24 - 00092536 _____ (CyberLink) C:\WINDOWS\system32\Drivers\CLVirtualDrive.sys
2015-08-19 22:16 - 2015-08-19 22:16 - 00001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Connected Music powered by Meridian.lnk
2015-08-19 22:16 - 2015-08-19 22:16 - 00001106 _____ C:\Users\Public\Desktop\Connected Music powered by Meridian.lnk
2015-08-19 22:16 - 2015-08-19 22:16 - 00000000 ____D C:\ProgramData\Apple
2015-08-19 22:16 - 2015-08-19 22:16 - 00000000 ____D C:\Program Files\Bonjour
2015-08-19 22:16 - 2015-08-19 22:16 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-08-19 22:16 - 2012-08-08 01:22 - 00355840 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpbprtmon.dll
2015-08-19 22:16 - 2012-08-08 01:21 - 00377344 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpbrprtmon.dll
2015-08-19 22:16 - 2012-08-08 01:18 - 00170496 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpbprtmonui.dll
2015-08-19 22:15 - 2015-08-25 02:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-08-19 22:15 - 2015-08-19 22:15 - 00002148 _____ C:\Users\Public\Desktop\Connected Backup.lnk
2015-08-19 22:15 - 2015-08-19 22:15 - 00000000 ____D C:\ProgramData\Autonomy
2015-08-19 22:15 - 2015-08-19 22:15 - 00000000 ____D C:\Program Files (x86)\Autonomy
2015-08-19 22:14 - 2015-08-28 21:18 - 00000000 ____D C:\Program Files (x86)\CyberLink
2015-08-19 22:14 - 2015-08-25 02:12 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-08-19 22:14 - 2015-08-22 14:50 - 00000000 ____D C:\ProgramData\CyberLink
2015-08-19 22:14 - 2015-08-21 19:57 - 00000000 ___RD C:\Program Files (x86)\Online Services
2015-08-19 22:14 - 2015-08-19 22:14 - 00002276 _____ C:\Users\Public\Desktop\Connected Remote.lnk
2015-08-19 22:13 - 2015-08-24 23:05 - 00000000 ____D C:\ProgramData\install_clap
2015-08-19 22:13 - 2015-08-19 22:13 - 00002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2015-08-19 22:13 - 2015-08-19 22:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-08-19 22:12 - 2015-08-25 02:07 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2015-08-19 22:11 - 2015-09-08 21:57 - 00000000 ____D C:\ProgramData\Temp
2015-08-19 22:11 - 2015-08-19 22:39 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Hewlett-Packard
2015-08-19 22:11 - 2015-08-19 22:11 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2015-08-19 22:11 - 2012-05-29 18:53 - 00027456 _____ (Windows ® Codename Longhorn DDK provider) C:\WINDOWS\system32\Drivers\cpqdfw.sys
2015-08-19 22:10 - 2015-08-30 23:58 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-08-19 22:10 - 2015-08-19 22:10 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\ATI
2015-08-19 22:10 - 2015-08-19 22:10 - 00000000 ____D C:\Users\Administrator\AppData\Local\ATI
2015-08-19 22:09 - 2015-08-25 02:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD
2015-08-19 22:09 - 2015-08-19 22:09 - 00000117 _____ C:\WINDOWS\system32\netcfg-611695.txt
2015-08-19 22:09 - 2015-08-19 22:09 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\hpqLog
2015-08-19 22:09 - 2010-12-24 17:57 - 00014416 ____R C:\WINDOWS\system32\WinIo64.sys
2015-08-19 22:08 - 2015-08-27 15:40 - 00000000 ____D C:\Program Files (x86)\AMD
2015-08-19 22:08 - 2015-08-22 15:15 - 00000000 ____D C:\WINDOWS\Downloaded Installations
2015-08-19 22:08 - 2015-08-19 22:08 - 00000325 _____ C:\WINDOWS\system32\netcfg-557422.txt
2015-08-19 22:08 - 2015-08-19 22:08 - 00000317 _____ C:\WINDOWS\system32\netcfg-527673.txt
2015-08-19 22:08 - 2015-08-19 22:08 - 00000117 _____ C:\WINDOWS\system32\netcfg-559060.txt
2015-08-19 22:07 - 2015-08-19 22:07 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_BtL2caScoIf_01009.Wdf
2015-08-19 22:06 - 2015-08-22 21:21 - 00000032 _____ C:\WINDOWS\0
2015-08-19 22:06 - 2015-08-19 22:06 - 00001099 _____ C:\WINDOWS\system32\netcfg-462464.txt
2015-08-19 22:06 - 2015-08-19 22:06 - 00000160 _____ C:\WINDOWS\system32\netcfg-463619.txt
2015-08-19 22:06 - 2015-08-19 22:06 - 00000000 _____ C:\WINDOWS\system32\0
2015-08-19 22:05 - 2015-08-19 22:05 - 00000000 ____D C:\Program Files\ATI
2015-08-19 22:05 - 2015-08-19 22:05 - 00000000 ____D C:\Program Files (x86)\AMD APP
2015-08-19 22:04 - 2015-08-30 23:51 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-08-19 22:04 - 2015-08-27 23:03 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-19 22:04 - 2015-08-25 20:25 - 00000000 ____D C:\Program Files\IDT
2015-08-19 22:02 - 2015-08-30 23:52 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-08-19 22:02 - 2015-08-19 22:46 - 00000010 _____ C:\WINDOWS\csup.txt
2015-08-19 22:02 - 2015-08-19 22:02 - 00000000 ___HD C:\Users\Administrator\Documents\hp.system.package.metadata
2015-08-19 22:02 - 2015-08-19 22:02 - 00000000 ____D C:\Program Files\Hewlett-Packard
2015-08-19 22:02 - 2011-08-23 16:52 - 00117248 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPMUIDir.exe
2015-08-19 22:01 - 2015-08-21 19:57 - 00000000 __RSH C:\WINDOWS\SysWOW64\Drivers\103C_HP_cPC_h8-1414_Y53316J_0U_Q4UJ241074B_E12NA3RR8605_4A_I2AC8_SGigabyte_V1.2_Bv8.10_T121203_W8101-0_L409_M10032_J1000_7AMD_8F12_93.50_#150819_N18143290;10EC8168_Z_G1002677B.MRK
2015-08-19 22:01 - 2015-08-21 19:57 - 00000000 __RSH C:\WINDOWS\system32\Drivers\103C_HP_cPC_h8-1414_Y53316J_0U_Q4UJ241074B_E12NA3RR8605_4A_I2AC8_SGigabyte_V1.2_Bv8.10_T121203_W8101-0_L409_M10032_J1000_7AMD_8F12_93.50_#150819_N18143290;10EC8168_Z_G1002677B.MRK
2015-08-19 22:01 - 2015-08-19 22:01 - 00000117 _____ C:\WINDOWS\system32\netcfg-108888.txt
2015-08-19 22:00 - 2015-08-19 22:00 - 00001033 _____ C:\WINDOWS\system32\netcfg-51885.txt
2015-08-19 21:59 - 2015-08-19 21:59 - 00000117 _____ C:\WINDOWS\system32\netcfg-37159.txt
2015-08-19 21:58 - 2015-08-25 20:25 - 00000000 ____D C:\ProgramData\SoundResearch
2015-08-19 21:58 - 2013-11-20 13:43 - 06101504 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll
2015-08-19 21:58 - 2013-11-20 13:43 - 01897984 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNC64.cpl
2015-08-19 21:58 - 2013-11-20 13:43 - 01703424 _____ (IDT, Inc.) C:\WINDOWS\sttray64.exe
2015-08-19 21:58 - 2013-11-20 13:43 - 00224768 _____ (IDT, Inc.) C:\WINDOWS\system32\HPToneCtrls64.dll
2015-08-19 21:58 - 2013-11-20 13:43 - 00090624 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTCo64.dll
2015-08-19 21:58 - 2013-11-20 13:43 - 00041664 _____ (Hewlett-Packard ) C:\WINDOWS\system32\Beats64.exe
2015-08-19 21:57 - 2015-08-19 21:58 - 00001135 _____ C:\WINDOWS\system32\netcfg-56409.txt
2015-08-19 21:57 - 2015-08-19 21:57 - 00001135 _____ C:\WINDOWS\system32\netcfg-54943.txt
2015-08-19 21:57 - 2015-08-19 21:57 - 00000196 _____ C:\WINDOWS\system32\netcfg-55926.txt
2015-08-19 21:57 - 2015-08-19 21:57 - 00000185 _____ C:\WINDOWS\system32\netcfg-46238.txt
2015-08-19 21:57 - 2015-08-19 21:57 - 00000164 _____ C:\WINDOWS\system32\netcfg-41355.txt
2015-08-19 21:57 - 2015-08-19 21:57 - 00000161 _____ C:\WINDOWS\system32\netcfg-46098.txt
2015-08-19 21:57 - 2015-08-19 21:57 - 00000160 _____ C:\WINDOWS\system32\netcfg-45817.txt
2015-08-19 21:57 - 2015-08-19 21:57 - 00000160 _____ C:\WINDOWS\system32\netcfg-45333.txt
2015-08-19 21:57 - 2015-08-19 21:57 - 00000160 _____ C:\WINDOWS\system32\netcfg-41059.txt
2015-08-19 21:57 - 2015-08-19 21:57 - 00000159 _____ C:\WINDOWS\system32\netcfg-45037.txt
2015-08-19 21:57 - 2015-08-19 21:57 - 00000157 _____ C:\WINDOWS\system32\netcfg-45567.txt
2015-08-19 21:57 - 2015-08-19 21:57 - 00000157 _____ C:\WINDOWS\system32\netcfg-41699.txt
2015-08-19 21:57 - 2015-08-19 21:57 - 00000150 _____ C:\WINDOWS\system32\netcfg-44787.txt
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-09-11 14:00 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-11 13:27 - 2014-11-21 04:44 - 00956476 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-11 13:24 - 2012-09-26 12:53 - 00000950 _____ C:\WINDOWS\SysWOW64\bscs.ini
2015-09-11 13:20 - 2013-08-22 10:46 - 00340805 _____ C:\WINDOWS\setupact.log
2015-09-11 13:20 - 2013-08-22 10:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-11 10:17 - 2013-08-22 09:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-09-11 07:54 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\tracing
2015-09-11 02:37 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\rescache
2015-09-09 22:32 - 2013-08-22 10:44 - 00351080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-09 22:29 - 2014-11-21 04:25 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-09 22:29 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-09-08 23:58 - 2012-07-26 03:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-04 22:44 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-30 23:50 - 2012-08-01 23:15 - 00000000 ____D C:\SWSETUP
2015-08-29 00:13 - 2014-11-21 04:34 - 00017726 _____ C:\WINDOWS\PFRO.log
2015-08-28 18:38 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\SystemResources
2015-08-27 18:01 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-27 16:00 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2015-08-27 16:00 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-08-27 15:59 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\setup
2015-08-27 15:59 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-08-27 15:53 - 2013-08-22 11:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-08-27 15:53 - 2013-08-22 11:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-27 15:53 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-RS
2015-08-27 15:53 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-CS
2015-08-27 15:52 - 2014-11-21 11:56 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-27 15:52 - 2013-08-22 11:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-08-27 15:52 - 2013-08-22 11:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-27 15:52 - 2013-08-22 11:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-27 15:52 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\WinStore
2015-08-27 15:52 - 2013-08-22 11:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-27 15:52 - 2013-08-22 11:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-27 15:52 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2015-08-27 15:51 - 2013-08-22 11:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-27 15:51 - 2013-08-22 11:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-25 10:05 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\restore
2015-08-25 02:51 - 2013-08-22 11:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2015-08-25 02:48 - 2014-11-21 05:16 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-08-25 02:48 - 2014-11-21 05:16 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-08-25 02:48 - 2014-11-21 05:16 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-08-25 02:48 - 2014-11-21 05:16 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-08-25 02:48 - 2014-11-21 05:16 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-08-25 02:48 - 2014-11-21 05:16 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-08-25 02:48 - 2014-11-21 05:16 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-08-25 02:48 - 2014-11-21 05:16 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-08-25 02:48 - 2014-11-21 05:16 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-08-25 02:48 - 2014-11-21 05:16 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-08-25 02:48 - 2014-11-21 05:16 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-08-25 02:48 - 2014-11-21 05:16 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-08-25 02:35 - 2013-08-22 11:36 - 00000000 __SHD C:\recycle
2015-08-25 02:24 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\Registration
2015-08-25 02:21 - 2013-08-22 11:36 - 00000000 __RSD C:\WINDOWS\Media
2015-08-25 02:21 - 2013-08-22 11:36 - 00000000 __RHD C:\Users\Public\Libraries
2015-08-25 02:12 - 2013-08-22 09:25 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-25 02:10 - 2014-11-21 04:00 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2015-08-25 02:10 - 2014-11-21 04:00 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-08-25 02:10 - 2014-11-21 04:00 - 00000000 ____D C:\WINDOWS\system32\WCN
2015-08-25 02:10 - 2013-08-22 11:37 - 00005217 _____ C:\WINDOWS\DtcInstall.log
2015-08-25 02:10 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-08-25 02:10 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-08-25 02:10 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-08-25 02:10 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\spool
2015-08-25 02:10 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-08-25 02:10 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2015-08-25 02:10 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-25 02:10 - 2012-07-26 01:37 - 00000000 ____D C:\Users\Default.migrated
2015-08-25 02:09 - 2013-08-22 11:43 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-08-25 02:09 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\IME
2015-08-25 02:09 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\Help
2015-08-25 02:07 - 2013-08-22 11:36 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-08-25 02:07 - 2013-08-22 11:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-08-25 02:07 - 2013-08-22 11:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-25 02:07 - 2012-08-01 22:05 - 00000000 ____D C:\ProgramData\PRICache
2015-08-25 02:05 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-08-25 02:04 - 2012-08-01 22:05 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages
2015-08-25 02:00 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-08-25 01:57 - 2013-08-22 10:46 - 00000084 _____ C:\WINDOWS\setuperr.log
2015-08-25 01:55 - 2013-08-22 09:36 - 00000000 __RHD C:\Users\Default
2015-08-25 00:46 - 2012-07-26 04:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2015-08-25 00:33 - 2012-07-26 04:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-08-24 19:40 - 2012-07-26 01:26 - 00000215 _____ C:\WINDOWS\system.ini
2015-08-23 00:25 - 2012-07-26 04:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-08-21 19:58 - 2012-08-01 05:57 - 00000000 ___RD C:\SYSTEM.SAV
2015-08-21 19:57 - 2012-09-10 10:31 - 00000000 ___RD C:\hp
 
==================== Files in the root of some directories =======
 
2015-08-19 22:39 - 2015-08-19 22:39 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-09-03 05:27
 
==================== End of FRST.txt ============================


#4 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:09:00 PM

Posted 11 September 2015 - 03:28 PM

I don't see any malware in the logs. Please post the log file from Emsisoft (it should list the file that it keeps detecting).
Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#5 Kevin Hill

Kevin Hill
  • Topic Starter

  • Members
  • 190 posts
  • OFFLINE
  •  
  • Local time:09:00 PM

Posted 11 September 2015 - 04:49 PM

malwarebytes keeps finding trojan spyeyes but doesn`t remove it



#6 Kevin Hill

Kevin Hill
  • Topic Starter

  • Members
  • 190 posts
  • OFFLINE
  •  
  • Local time:09:00 PM

Posted 11 September 2015 - 04:52 PM

trojan spyeyes mbytes

Attached Files



#7 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:09:00 PM

Posted 11 September 2015 - 05:38 PM

Do you see the $RCJ3117.exe file in the Recycle Bin?

 

Also, just double checking - you've restarted the computer after the Malwarebytes scan, correct?


Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#8 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:09:00 PM

Posted 16 September 2015 - 08:17 AM

Kevin,
 
It's been 5 days since my last post. Do you still need help?

If you do, please follow my previous instructions. :thumbup2:


Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#9 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:09:00 PM

Posted 18 September 2015 - 09:47 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users