Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

tooltip virus


  • This topic is locked This topic is locked
80 replies to this topic

#1 Kevin Hill

Kevin Hill

  • Members
  • 191 posts
  • OFFLINE
  •  
  • Local time:01:24 PM

Posted 19 September 2015 - 02:10 PM

i get a page at times that comes up tool tip



BC AdBot (Login to Remove)

 


#2 olgun52

olgun52

  • Malware Response Team
  • 3,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:24 PM

Posted 19 September 2015 - 02:46 PM

Hello Kevin Hill and Welcome to the BleepingComputer. :welcome:  
 
My name is Yılmaz and I'll help you with the cleanup of malware from your computer.

Before we move on, please read the following points carefully.

  • Please complete all steps in the specified order.
  • Even if tools don't find malware, I want you to post the logfiles anyway.
  • Please copy and paste the logfiles directly into your posts. Please do not attach them unless you are instructed to do so.
  • Read the instructions carefully. If you have problems, stop what you  were doing and describe the problems you encountered as precisely as  you can.
  • Don't install or uninstall software during the cleanup unless you are told to do so.
  • Ensure your external and/or USB drives are inserted during always the scan.
  • If you can't answer for the next few days, please let me know. If  you haven't answered within 5 days, I am assuming that you don't need  help anymore and your topic will be closed.
  • I can not guarantee that we will find and be able to remove all  malware. The cleaning process is not instant. Please continue to review  my answers until I tell you that your computer is clean
  • Please reply to this thread. Do not start a new topic
  • As my first language is not English, please do not use slang or idioms. It could be hard for me to understand.
  • Please open as administrator  the computer. How is open as administrator  the computer?
  • Disable your AntiVirus and AntiSpyware applications, as they will  interfere with our tools and the removal. If you are unsure how to do  this, please refer to get help here

Thanks
---------------------------------------------------------------------------------------------------------

 

 Please do the following.
 
Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

:hello:
 
Sincerely

 

 

 


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#3 Kevin Hill

Kevin Hill
  • Topic Starter

  • Members
  • 191 posts
  • OFFLINE
  •  
  • Local time:01:24 PM

Posted 19 September 2015 - 03:36 PM

a page shows up with tool tip a white page

 

when browsing



#4 Kevin Hill

Kevin Hill
  • Topic Starter

  • Members
  • 191 posts
  • OFFLINE
  •  
  • Local time:01:24 PM

Posted 19 September 2015 - 03:40 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
Ran by kjh71pc (administrator) on KJH71CAN (19-09-2015 16:35:09)
Running from C:\Users\kjh71pc\Downloads
Loaded Profiles: kjh71pc (Available Profiles: kjh71pc & Administrator)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Tempo Semiconductor Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(Tempo Semiconductor Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(magicJack L.P.) C:\Users\kjh71pc\AppData\Roaming\mjusbsp\magicJack.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(AMD) C:\Windows\SysWOW64\WinMsgBalloonServer.exe
(AMD) C:\Windows\SysWOW64\WinMsgBalloonClient.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe
() C:\Program Files\pia_manager\pia_manager.exe
(http://www.ruby-lang.org/) C:\Users\kjh71pc\AppData\Local\Temp\ocr1835.tmp\bin\rubyw.exe
() C:\Program Files\pia_manager\pia_manager.exe
(http://www.ruby-lang.org/) C:\Users\kjh71pc\AppData\Local\Temp\ocr1EDC.tmp\bin\rubyw.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\seccenter.exe
() C:\Program Files\pia_manager\pia_tray\pia_tray.exe
() C:\Program Files\pia_manager\openvpn.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.9.9.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.915.17170.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Informer Technologies, Inc.) C:\Program Files\Software Informer\softinfo.exe
(Informer Technologies, Inc.) C:\Program Files\Software Informer\softinfo.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\regedit.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Emsisoft Ltd) C:\EEK\bin\a2emergencykit.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\kjh71pc\Downloads\FRST64 (3).exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [50416 2015-06-30] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1712656 2015-06-30] (Tempo Semiconductor Inc.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe [1677704 2015-09-08] (Bitdefender)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [TrojanScanner] => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [3716624 2015-09-13] (Simply Super Software)
HKLM-x32\...\runonceex: [Flags] =>
HKLM\...\Policies\Explorer: [NoDriveAutoRun-] 0
HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun-] 0
HKLM\...\Policies\Explorer: [NoToolbarCustomize] 0
HKLM\...\Policies\Explorer: [NoBandCustomize] 0
HKU\S-1-5-21-2448382089-3538881294-790544520-1001\...\Run: [cdloader] => C:\Users\kjh71pc\AppData\Roaming\mjusbsp\cdloader2.exe [51592 2014-07-04] (magicJack L.P.)
HKU\S-1-5-21-2448382089-3538881294-790544520-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-2448382089-3538881294-790544520-1001\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe [1411976 2015-09-07] (Bitdefender)
HKU\S-1-5-21-2448382089-3538881294-790544520-1001\...\Run: [Software Informer] => C:\Program Files\Software Informer\softinfo.exe [1634304 2015-06-26] (Informer Technologies, Inc.)
HKU\S-1-5-21-2448382089-3538881294-790544520-1001\...\RunOnce: [Uninstall C:\Users\kjh71pc\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\kjh71pc\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2015-08-30]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 209.222.18.222 209.222.18.218
Tcpip\..\Interfaces\{7EB516E3-B9E8-4A68-9710-7B280563BA23}: [NameServer] 64.66.234.253 64.66.235.253
Tcpip\..\Interfaces\{d115f6a8-1ff6-40a4-a5cf-474c6732b059}: [DhcpNameServer] 209.222.18.222 209.222.18.218
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPCON13/19
HKU\S-1-5-21-2448382089-3538881294-790544520-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/HPCON13/19
BHO: Bitdefender Wallet  -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2015-09-02] (Bitdefender)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2015-09-02] (Bitdefender)
Toolbar: HKLM - Bitdefender Wallet  - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2015-09-02] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2015-09-02] (Bitdefender)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
 
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-2448382089-3538881294-790544520-1001: anvisoft.com/AdblockPlugin -> C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll No File
FF HKLM\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2016\bdwteff [2015-09-18]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext [2015-09-18]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff [2015-09-18]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
 
Chrome: 
=======
CHR DefaultSearchKeyword: Default -> lp
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.824\_platform_specific\win_x86\widevinecdmadapter.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\PepperFlash\pepflashplayer.dll ()
CHR Profile: C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-21]
CHR Extension: (YouTube) - C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-21]
CHR Extension: (Google Search) - C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-21]
CHR Extension: (AddToAny: Share Anywhere) - C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffpgijchhhkhnokafdeklpllijgnbche [2015-08-22]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-08-22]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-21]
CHR Extension: (Webcam Toy) - C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2015-08-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-21]
CHR Extension: (Gmail) - C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-21]
CHR HKLM-x32\...\Chrome\Extension: [dhhejlifdlcgcmogbggeomfodgklfaem] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lhmiofmipcpmhgihiecmpiekcacigpgb] - C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\chrome.crx <not found>
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-21] (Advanced Micro Devices, Inc.) [File not signed]
R2 AMD_RAIDXpert; C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [61440 2012-09-06] (AMD) [File not signed]
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [823840 2015-09-07] (Bitdefender)
S2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [350216 2015-06-30] (Tempo Semiconductor Inc.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe [87408 2015-09-08] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe [1565976 2015-09-07] (Bitdefender)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-09-14] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1369288 2015-05-28] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [271272 2015-05-29] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [747120 2015-05-28] (BitDefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107080 2012-10-29] (BitDefender LLC)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 epp64; C:\EEK\bin\epp64.sys [136456 2015-08-22] (Emsisoft GmbH)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160032 2015-04-29] (BitDefender LLC)
R0 ignis; C:\Windows\system32\DRIVERS\ignis.sys [246040 2015-08-26] (Bitdefender)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-16] (Malwarebytes Corporation)
R3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 STHDA; C:\Windows\system32\DRIVERS\stwrt64.sys [561672 2015-06-30] (Tempo Semiconductor Inc.)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16056 2015-09-14] (SlimWare Utilities, Inc.)
R3 tilfilter; C:\Windows\System32\drivers\TIxHCIlfilter.sys [17672 2015-03-03] (Texas Instruments, Inc.)
R3 tiufilter; C:\Windows\System32\drivers\TIxHCIufilter.sys [23304 2015-03-03] (Texas Instruments, Inc.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [477272 2015-06-02] (BitDefender S.R.L.)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
U5 usbfilter; C:\Windows\System32\Drivers\usbfilter.sys [58536 2013-03-08] (Advanced Micro Devices)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-09-19 16:34 - 2015-09-19 16:35 - 02191360 _____ (Farbar) C:\Users\kjh71pc\Downloads\FRST64 (3).exe
2015-09-19 16:07 - 2015-09-19 16:07 - 00000000 ____D C:\ProgramData\Informer Technologies, Inc
2015-09-19 16:06 - 2015-09-19 16:37 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\Software Informer
2015-09-19 16:06 - 2015-09-19 16:06 - 00003414 _____ C:\WINDOWS\System32\Tasks\SoftwareInformerService
2015-09-19 16:06 - 2015-09-19 16:06 - 00000918 _____ C:\Users\Public\Desktop\Software Informer.lnk
2015-09-19 16:06 - 2015-09-19 16:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Informer
2015-09-19 16:06 - 2015-09-19 16:06 - 00000000 ____D C:\Program Files\Software Informer
2015-09-19 16:02 - 2015-09-19 16:06 - 03602752 _____ (Informer Technologies, Inc. ) C:\Users\kjh71pc\Downloads\siinst.exe
2015-09-19 15:12 - 2015-09-19 15:35 - 84934656 _____ C:\Users\kjh71pc\Downloads\msert (1).exe
2015-09-19 15:12 - 2015-09-19 15:19 - 81277373 _____ C:\Users\kjh71pc\Downloads\msert (2).exe
2015-09-19 15:07 - 2015-09-19 15:07 - 01220954 _____ (My Company, Inc. ) C:\Users\kjh71pc\Downloads\RegistryQuick_install.exe
2015-09-19 15:06 - 2015-09-19 15:07 - 06291456 _____ C:\Users\kjh71pc\Downloads\msert.exe
2015-09-19 14:39 - 2015-09-19 14:39 - 00000064 _____ C:\Users\kjh71pc\Documents\web tips.txt
2015-09-19 13:32 - 2015-09-19 13:32 - 00016148 _____ C:\WINDOWS\system32\KJH71CAN_kjh71pc_HistoryPrediction.bin
2015-09-18 13:05 - 2015-09-18 13:05 - 00000000 ____D C:\Users\kjh71pc\AppData\Temp
2015-09-18 12:19 - 2015-09-18 12:19 - 00531497 _____ C:\ProgramData\1442590055.bdinstall.bin
2015-09-18 12:12 - 2015-09-18 12:12 - 00000385 _____ C:\Users\kjh71pc\AppData\Roaminguser_gensett.xml
2015-09-18 12:08 - 2015-09-18 12:08 - 00000385 _____ C:\WINDOWS\system32\user_gensett.xml
2015-09-18 12:07 - 2015-09-18 12:07 - 00002272 _____ C:\Users\Public\Desktop\Bitdefender 2016.lnk
2015-09-18 12:07 - 2015-09-18 12:07 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-09-18 12:07 - 2015-09-18 12:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2016
2015-09-18 12:07 - 2015-09-18 12:07 - 00000000 ____D C:\ProgramData\BDLogging
2015-09-18 12:07 - 2015-05-29 09:50 - 01730304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2015-09-18 12:07 - 2015-05-29 09:50 - 00271272 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avchv.sys
2015-09-18 12:07 - 2015-05-28 14:21 - 00747120 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2015-09-18 12:07 - 2015-05-28 13:37 - 01369288 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2015-09-18 12:07 - 2012-04-17 14:34 - 00076944 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys
2015-09-18 12:07 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
2015-09-18 12:06 - 2015-08-26 18:25 - 00246040 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2015-09-18 12:04 - 2015-09-18 12:17 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\Bitdefender
2015-09-18 12:02 - 2015-09-18 12:07 - 00000000 ____D C:\ProgramData\Bitdefender
2015-09-18 12:02 - 2015-09-18 12:02 - 00000000 ____D C:\Program Files\Bitdefender
2015-09-18 12:02 - 2015-06-02 15:21 - 00477272 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2015-09-18 12:02 - 2015-04-29 14:32 - 00160032 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2015-09-18 11:27 - 2015-09-18 12:02 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2015-09-18 11:27 - 2015-09-18 11:27 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\QuickScan
2015-09-18 10:27 - 2015-07-05 06:08 - 00300704 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-09-18 10:16 - 2015-09-18 10:16 - 00000000 ___HD C:\OneDriveTemp
2015-09-17 12:31 - 2015-09-19 16:20 - 00000000 ____D C:\Program Files\Bitdefender Agent
2015-09-17 12:31 - 2015-09-17 12:31 - 00000000 ____D C:\ProgramData\Bitdefender Agent
2015-09-17 12:30 - 2015-09-17 12:30 - 07211024 _____ C:\Users\kjh71pc\Downloads\bitdefender_tsecurity.exe
2015-09-16 19:47 - 2015-09-16 19:47 - 00000000 ___RD C:\Users\kjh71pc\3D Objects
2015-09-16 12:21 - 2015-09-16 12:21 - 00000827 _____ C:\Users\kjh71pc\Documents\trying years 1617.txt
2015-09-15 20:19 - 2015-09-15 20:19 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-09-15 16:53 - 2015-09-15 16:53 - 00034770 _____ C:\Users\kjh71pc\Downloads\msg0004.WAV
2015-09-15 11:04 - 2015-09-15 11:04 - 00028985 _____ C:\Users\kjh71pc\Downloads\msg0003 (1).WAV
2015-09-15 01:33 - 2015-09-15 01:33 - 00001329 _____ C:\Users\kjh71pc\Desktop\Norton Installation Files.lnk
2015-09-15 01:33 - 2015-09-15 01:33 - 00000000 ____D C:\Users\Public\Downloads\Norton
2015-09-14 22:19 - 2015-09-14 18:24 - 00000000 __SHD C:\Recovery
2015-09-14 22:18 - 2015-09-14 18:53 - 00000000 ___DC C:\WINDOWS\Panther
2015-09-14 22:15 - 2015-09-14 22:16 - 00000000 ____D C:\Windows.old
2015-09-14 22:14 - 2015-09-14 22:14 - 24594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 22324656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 21874688 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 19324416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 16706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 13024768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 08613200 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 08019296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 06878256 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 04048808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-14 22:14 - 2015-09-14 22:14 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 03527168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 02415104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 02225664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 02147080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 02116448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-09-14 22:14 - 2015-09-14 22:14 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01983840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-09-14 22:14 - 2015-09-14 22:14 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01916928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01867160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01820672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01771592 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01561872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-09-14 22:14 - 2015-09-14 22:14 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-09-14 22:14 - 2015-09-14 22:14 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01200400 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01178112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-09-14 22:14 - 2015-09-14 22:14 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01043872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 01025840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-09-14 22:14 - 2015-09-14 22:14 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00993104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-09-14 22:14 - 2015-09-14 22:14 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2015-09-14 22:14 - 2015-09-14 22:14 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-09-14 22:14 - 2015-09-14 22:14 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00918320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00896144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00877016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00705520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2015-09-14 22:14 - 2015-09-14 22:14 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00644128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-09-14 22:14 - 2015-09-14 22:14 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00583128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2015-09-14 22:14 - 2015-09-14 22:14 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00554744 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-09-14 22:14 - 2015-09-14 22:14 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-09-14 22:14 - 2015-09-14 22:14 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-09-14 22:14 - 2015-09-14 22:14 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00454000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00442208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2015-09-14 22:14 - 2015-09-14 22:14 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00413184 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00404480 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-09-14 22:14 - 2015-09-14 22:14 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-09-14 22:14 - 2015-09-14 22:14 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2015-09-14 22:14 - 2015-09-14 22:14 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00292856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00285632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00252768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00243800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00237392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2015-09-14 22:14 - 2015-09-14 22:14 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00200528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2015-09-14 22:14 - 2015-09-14 22:14 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-09-14 22:14 - 2015-09-14 22:14 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPermissions.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-09-14 22:14 - 2015-09-14 22:14 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00080720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2015-09-14 22:14 - 2015-09-14 22:14 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2015-09-14 22:14 - 2015-09-14 22:14 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-09-14 22:14 - 2015-09-14 22:14 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-09-14 22:14 - 2015-09-14 22:14 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00052264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2015-09-14 22:14 - 2015-09-14 22:14 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00046432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys
2015-09-14 22:14 - 2015-09-14 22:14 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2015-09-14 22:14 - 2015-09-14 22:14 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoiceActivationManager.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoiceActivationManager.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-09-14 22:14 - 2015-09-14 22:14 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList
2015-09-14 22:09 - 2015-09-14 22:09 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-09-14 22:07 - 2015-09-14 22:07 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-09-14 22:07 - 2015-09-14 22:07 - 00000000 ____D C:\Program Files\MSBuild
2015-09-14 22:07 - 2015-09-14 22:07 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-09-14 22:07 - 2015-09-14 22:07 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-09-14 22:07 - 2015-09-14 22:07 - 00000000 ____D C:\inetpub
2015-09-14 22:06 - 2015-06-17 22:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-09-14 22:06 - 2015-06-17 22:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-14 22:06 - 2015-06-17 22:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-09-14 22:06 - 2015-05-30 01:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-09-14 22:06 - 2015-05-30 01:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-09-14 22:06 - 2015-05-30 01:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-09-14 21:59 - 2015-06-30 04:38 - 01907208 _____ (Tempo Semiconductor Inc.) C:\WINDOWS\system32\IDTNC64.cpl
2015-09-14 21:58 - 2015-09-14 21:59 - 00000000 ____D C:\Program Files\IDT
2015-09-14 21:58 - 2015-06-30 04:39 - 02242320 _____ (Tempo Semiconductor Inc.) C:\WINDOWS\system32\stapo64.dll
2015-09-14 21:58 - 2015-06-30 04:39 - 01423128 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.DLL
2015-09-14 21:58 - 2015-06-30 04:39 - 00713960 ____N (Tempo Semiconductor Inc.) C:\WINDOWS\system32\stapi64.dll
2015-09-14 21:58 - 2015-06-30 04:39 - 00327632 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.DLL
2015-09-14 21:58 - 2015-06-30 04:39 - 00299192 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2015-09-14 21:58 - 2015-06-30 04:39 - 00299192 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.DLL
2015-09-14 21:58 - 2015-06-30 04:39 - 00217832 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTAC64.dll
2015-09-14 21:58 - 2015-06-30 04:38 - 00265736 _____ (Tempo Semiconductor Inc.) C:\WINDOWS\system32\st646504.dll
2015-09-14 21:49 - 2015-09-14 22:02 - 00000432 _____ C:\WINDOWS\Tasks\SlimDrivers Startup.job
2015-09-14 21:49 - 2015-09-14 21:49 - 00016056 _____ (SlimWare Utilities, Inc.) C:\WINDOWS\system32\Drivers\SWDUMon.sys
2015-09-14 21:49 - 2015-09-14 21:49 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\SlimWare Utilities Inc
2015-09-14 21:48 - 2015-09-14 21:59 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-09-14 21:48 - 2015-06-30 04:39 - 06217784 _____ (Tempo Semiconductor Inc.) C:\WINDOWS\system32\stlang64.dll
2015-09-14 21:48 - 2015-06-30 04:39 - 00236184 _____ (Tempo Semiconductor Inc.) C:\WINDOWS\system32\HPToneCtrls64.dll
2015-09-14 21:48 - 2015-06-30 04:39 - 00100376 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTCo64.dll
2015-09-14 21:48 - 2015-06-30 04:38 - 01712656 _____ (Tempo Semiconductor Inc.) C:\WINDOWS\sttray64.exe
2015-09-14 21:48 - 2015-06-30 04:38 - 00050416 _____ (Hewlett-Packard ) C:\WINDOWS\system32\Beats64.exe
2015-09-14 21:27 - 2015-09-14 21:29 - 02003192 _____ (Easeware ) C:\Users\kjh71pc\Downloads\HP_Downloader_For_sp58553 (1).exe
2015-09-14 21:26 - 2015-09-14 22:02 - 00000458 _____ C:\WINDOWS\Tasks\DriverNavigator Scheduled Scan.job
2015-09-14 21:26 - 2015-09-14 21:26 - 02003192 _____ (Easeware ) C:\Users\kjh71pc\Downloads\HP_Downloader_For_sp58553.exe
2015-09-14 21:26 - 2015-09-14 21:26 - 00003944 _____ C:\WINDOWS\System32\Tasks\DriverNavigator Scheduled Scan
2015-09-14 21:26 - 2015-09-14 21:26 - 00001074 _____ C:\Users\Public\Desktop\DriverNavigator.lnk
2015-09-14 21:26 - 2015-09-14 21:26 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\Easeware
2015-09-14 21:26 - 2015-09-14 21:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverNavigator
2015-09-14 21:26 - 2015-09-14 21:26 - 00000000 ____D C:\Program Files\Easeware
2015-09-14 21:14 - 2015-09-14 21:14 - 00002302 _____ C:\Users\kjh71pc\Desktop\HP Support Assistant.lnk
2015-09-14 21:11 - 2015-09-14 21:11 - 14119424 _____ C:\WINDOWS\SysWOW64\HP Support Assistant.msi
2015-09-14 21:11 - 2015-09-14 21:11 - 00022492 _____ C:\WINDOWS\SysWOW64\0x0409.ini
2015-09-14 21:10 - 2015-09-14 21:10 - 00000000 ____D C:\ProgramData\{ECA9D0D4-7782-4B7F-96E2-FDB0CF0A57D5}
2015-09-14 21:02 - 2015-09-14 21:03 - 03774136 _____ (Oleg N. Scherbakov) C:\Users\kjh71pc\Downloads\HPSupportSolutionsFramework-12.0.30.81.exe
2015-09-14 20:54 - 2015-09-14 20:54 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\MicrosoftEdge
2015-09-14 18:55 - 2015-09-14 18:55 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\NetworkTiles
2015-09-14 18:53 - 2015-09-15 18:54 - 00002342 _____ C:\Users\kjh71pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-14 18:52 - 2015-09-14 18:52 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-09-14 18:50 - 2015-09-14 18:50 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\Publishers
2015-09-14 18:49 - 2015-09-14 18:51 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\Comms
2015-09-14 18:48 - 2015-09-14 18:48 - 00000020 ___SH C:\Users\kjh71pc\ntuser.ini
2015-09-14 18:48 - 2015-09-14 18:48 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\TileDataLayer
2015-09-14 18:31 - 2015-09-14 18:31 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-09-14 18:31 - 2015-09-14 18:31 - 00000000 ____D C:\Users\Default\Documents\hp.system.package.metadata
2015-09-14 18:31 - 2015-09-14 18:31 - 00000000 ____D C:\Users\Default User\Documents\hp.system.package.metadata
2015-09-14 18:27 - 2015-09-14 18:27 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-09-14 18:26 - 2015-09-18 08:56 - 00000000 ____D C:\Users\kjh71pc
2015-09-14 18:26 - 2015-09-14 18:48 - 00000000 ___RD C:\Users\kjh71pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-14 18:26 - 2015-09-14 18:27 - 00000000 ___RD C:\Users\kjh71pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-14 18:26 - 2015-07-10 07:04 - 00000000 __RSD C:\Users\kjh71pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-09-14 18:26 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\kjh71pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-14 18:26 - 2015-07-10 07:04 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-14 18:25 - 2015-09-18 10:22 - 00968010 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-14 18:25 - 2015-09-14 22:15 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-14 18:25 - 2015-09-14 18:39 - 00000000 ____D C:\Users\Administrator
2015-09-14 18:25 - 2015-09-14 18:26 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-14 18:25 - 2015-09-14 18:25 - 00925184 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-09-14 18:25 - 2015-07-10 07:04 - 00000000 __RSD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-09-14 18:25 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-14 18:25 - 2015-07-10 07:04 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-14 18:24 - 2015-09-14 18:27 - 00010376 _____ C:\WINDOWS\iis.log
2015-09-14 18:23 - 2015-09-14 18:23 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2015-09-14 18:23 - 2015-07-10 06:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-09-14 18:22 - 2015-09-14 18:33 - 00000000 ____D C:\Program Files\AMD
2015-09-14 18:22 - 2015-09-14 18:22 - 00001751 _____ C:\WINDOWS\system32\RaCoInst.log
2015-09-14 18:22 - 2015-09-14 18:22 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2015-09-14 18:22 - 2015-09-14 18:22 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2015-09-14 18:20 - 2015-09-14 18:21 - 00037302 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-09-14 18:19 - 2015-09-18 10:15 - 00794306 _____ C:\WINDOWS\PFRO.log
2015-09-14 16:31 - 2015-09-14 16:31 - 00000230 _____ C:\Users\kjh71pc\Documents\preperation.txt
2015-09-14 16:28 - 2015-09-14 17:50 - 00000000 ___HD C:\$Windows.~BT
2015-09-14 16:28 - 2015-09-14 16:28 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\GWX
2015-09-14 14:22 - 2015-09-14 14:22 - 00000000 ___HD C:\$Windows.~WS
2015-09-14 14:12 - 2015-09-14 14:13 - 19733696 _____ (Microsoft Corporation) C:\Users\kjh71pc\Downloads\MediaCreationToolx64 (2).exe
2015-09-14 13:15 - 2015-09-14 20:58 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\Skype
2015-09-14 13:15 - 2015-09-14 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-14 13:15 - 2015-09-14 13:15 - 00002713 _____ C:\Users\Public\Desktop\Skype.lnk
2015-09-14 13:15 - 2015-09-14 13:15 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-14 13:15 - 2015-09-14 13:15 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\Skype
2015-09-14 13:14 - 2015-09-14 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-09-14 13:14 - 2015-09-14 13:14 - 00000000 ____D C:\ProgramData\Skype
2015-09-14 13:14 - 2015-09-14 13:14 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-09-14 13:14 - 2015-09-14 13:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-09-14 11:01 - 2015-09-14 11:01 - 00302011 _____ C:\Users\kjh71pc\Downloads\WindowsUpdateDiagnostic (3).diagcab
2015-09-14 10:59 - 2015-09-14 10:59 - 00080488 _____ C:\Users\kjh71pc\Downloads\GW10Appdiagnostic.diagcab
2015-09-14 10:09 - 2015-09-14 16:25 - 00000000 ____D C:\ESD
2015-09-13 12:12 - 2015-09-13 12:13 - 19733696 _____ (Microsoft Corporation) C:\Users\kjh71pc\Downloads\MediaCreationToolx64 (1).exe
2015-09-12 19:09 - 2015-09-14 18:33 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Private Internet Access
2015-09-12 19:01 - 2015-09-13 06:36 - 00001252 _____ C:\Users\kjh71pc\.pia_manager_crash.log
2015-09-11 20:07 - 2015-09-11 20:08 - 25952861 _____ C:\Users\kjh71pc\Downloads\installer_win (5).exe
2015-09-11 20:04 - 2015-09-11 20:05 - 25952861 _____ C:\Users\kjh71pc\Downloads\installer_win (4).exe
2015-09-11 20:00 - 2015-09-11 20:01 - 25952861 _____ C:\Users\kjh71pc\Downloads\installer_win (3).exe
2015-09-11 17:52 - 2015-09-11 17:52 - 00001357 _____ C:\Users\kjh71pc\Downloads\malwarebytes.txt
2015-09-11 17:51 - 2015-09-11 17:51 - 00001357 _____ C:\Users\kjh71pc\Documents\malwarebytes.txt
2015-09-11 17:50 - 2015-09-11 17:50 - 00001357 _____ C:\malwarebytes.txt
2015-09-11 14:56 - 2015-09-11 14:57 - 00036138 _____ C:\Users\kjh71pc\Downloads\Addition.txt
2015-09-11 14:54 - 2015-09-11 14:54 - 02190848 _____ (Farbar) C:\Users\kjh71pc\Downloads\FRST64 (2).exe
2015-09-11 13:17 - 2015-09-13 06:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
2015-09-11 13:17 - 2015-09-13 06:37 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-09-11 13:17 - 2015-09-11 13:17 - 00000000 ____D C:\ProgramData\Anvisoft
2015-09-11 13:17 - 2014-11-23 21:40 - 00051608 _____ (Anvisoft) C:\WINDOWS\system32\Drivers\asd2fsm.sys
2015-09-11 13:14 - 2015-09-11 13:15 - 35947248 _____ (Anvisoft) C:\Users\kjh71pc\Downloads\asdsetup.exe
2015-09-11 12:24 - 2015-09-11 12:24 - 14243008 _____ (Microsoft Corporation) C:\Users\kjh71pc\Downloads\mseinstall.exe
2015-09-11 12:24 - 2015-09-11 12:24 - 00002259 _____ C:\WINDOWS\epplauncher.mif
2015-09-11 09:43 - 2015-09-11 09:49 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\NPE
2015-09-11 09:43 - 2015-09-11 09:43 - 03088296 _____ (Symantec Corporation) C:\Users\kjh71pc\Downloads\NPE.exe
2015-09-11 09:27 - 2015-09-11 09:27 - 00000237 _____ C:\Users\kjh71pc\Documents\black star.txt
2015-09-10 21:18 - 2015-09-11 10:17 - 00077312 _____ (Emsisoft GmbH) C:\WINDOWS\system32\eamclean.exe
2015-09-10 21:18 - 2015-09-11 10:17 - 00000382 _____ C:\WINDOWS\system32\eamclean.dat
2015-09-10 21:01 - 2015-09-10 21:01 - 00001005 _____ C:\Users\kjh71pc\Downloads\SuperDAT.log
2015-09-10 21:00 - 2015-09-10 21:00 - 00000346 _____ C:\Users\kjh71pc\Documents\mbr.txt
2015-09-10 20:59 - 2015-09-10 21:01 - 03723803 _____ C:\Users\kjh71pc\Downloads\epo5800eng.zip
2015-09-10 20:56 - 2015-09-10 21:00 - 94300600 _____ (McAfee, Inc.) C:\Users\kjh71pc\Downloads\7920xdat.exe
2015-09-10 16:55 - 2015-09-10 16:55 - 00001072 _____ C:\Users\kjh71pc\Downloads\tdsskiller (2).exe
2015-09-10 16:42 - 2015-09-10 16:43 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\kjh71pc\Downloads\tdsskiller (1).exe
2015-09-10 16:42 - 2015-09-10 16:42 - 00891392 _____ (Farbar) C:\Users\kjh71pc\Downloads\MiniToolBox (5).exe
2015-09-10 16:41 - 2015-09-19 16:35 - 00018840 _____ C:\Users\kjh71pc\Downloads\FRST.txt
2015-09-10 16:41 - 2015-09-19 16:35 - 00000000 ____D C:\FRST
2015-09-10 16:41 - 2015-09-10 16:41 - 00899072 _____ (Farbar) C:\Users\kjh71pc\Downloads\FSS (2).exe
2015-09-10 16:40 - 2015-09-10 16:40 - 02190848 _____ (Farbar) C:\Users\kjh71pc\Downloads\FRST64 (1).exe
2015-09-10 16:38 - 2015-09-10 16:39 - 02190848 _____ (Farbar) C:\Users\kjh71pc\Downloads\FRST64.exe
2015-09-09 14:01 - 2015-09-09 14:09 - 00001626 _____ C:\Users\kjh71pc\Documents\planet X december.txt
2015-09-09 11:38 - 2015-09-09 11:38 - 00000311 _____ C:\Users\kjh71pc\Documents\2013-2020.txt
2015-09-09 10:03 - 2015-09-09 10:03 - 00000486 _____ C:\Users\kjh71pc\Documents\different direction.txt
2015-09-08 21:47 - 2015-09-08 21:48 - 01660416 _____ C:\Users\kjh71pc\Downloads\adwcleaner_5.007 (1).exe
2015-09-08 21:47 - 2015-09-08 21:48 - 00891392 _____ (Farbar) C:\Users\kjh71pc\Downloads\MiniToolBox (4).exe
2015-09-08 21:40 - 2015-09-08 21:40 - 00891392 _____ (Farbar) C:\Users\kjh71pc\Downloads\MiniToolBox (3).exe
2015-09-08 21:31 - 2015-09-08 21:32 - 00891392 _____ (Farbar) C:\Users\kjh71pc\Downloads\MiniToolBox (2).exe
2015-09-08 21:30 - 2015-09-08 21:31 - 01660416 _____ C:\Users\kjh71pc\Downloads\adwcleaner_5.007.exe
2015-09-08 21:08 - 2015-09-08 21:08 - 00153535 _____ C:\Users\kjh71pc\Documents\the-surprising-resurgence_b_8104486.html
2015-09-07 12:02 - 2015-09-07 12:02 - 00000495 _____ C:\Users\kjh71pc\Documents\sony xperia.txt
2015-09-06 13:39 - 2015-09-06 13:39 - 00000080 _____ C:\Users\kjh71pc\Documents\nibiru.txt
2015-09-05 21:42 - 2015-09-05 21:42 - 00001358 _____ C:\Users\kjh71pc\Desktop\JRT.txt
2015-09-05 21:38 - 2015-08-31 18:44 - 01799392 _____ (Malwarebytes Corporation) C:\Users\kjh71pc\Desktop\JRT.exe
2015-09-01 20:51 - 2015-09-08 20:07 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\Adobe
2015-09-01 20:24 - 2015-09-01 20:24 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\Titanium
2015-09-01 20:24 - 2015-09-01 20:24 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\Apple Computer
2015-09-01 20:24 - 2015-09-01 20:24 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\Apple Computer
2015-09-01 20:23 - 2015-09-14 18:44 - 00003272 _____ C:\WINDOWS\System32\Tasks\Private Internet Access Startup
2015-09-01 20:23 - 2015-09-13 06:42 - 00000000 ____D C:\Program Files\pia_manager
2015-09-01 20:23 - 2015-09-11 20:01 - 00027136 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys
2015-09-01 20:21 - 2015-09-01 20:22 - 25723531 _____ C:\Users\kjh71pc\Downloads\installer_win (2).exe
2015-08-30 23:53 - 2015-08-30 23:53 - 45508096 _____ C:\HP Support Assistant.msi
2015-08-30 23:53 - 2015-08-30 23:52 - 00021494 _____ C:\0x0409.ini
2015-08-30 23:00 - 2015-08-30 23:00 - 00000135 _____ C:\Users\kjh71pc\Documents\planet x sept.txt
2015-08-30 20:23 - 2015-08-30 20:23 - 00001087 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2015-08-30 20:23 - 2015-08-30 20:23 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\Secunia PSI
2015-08-30 20:23 - 2015-08-30 20:23 - 00000000 ____D C:\Program Files (x86)\Secunia
2015-08-30 20:22 - 2015-08-30 20:23 - 05490752 _____ (Secunia) C:\Users\kjh71pc\Downloads\PSISetup.exe
2015-08-30 19:47 - 2015-08-30 19:47 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2015-08-30 19:46 - 2015-09-18 10:14 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-08-30 19:44 - 2015-09-18 10:15 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-30 19:34 - 2015-08-30 19:34 - 02097712 _____ C:\Users\kjh71pc\Downloads\AppManagerSetup_2.0 (1).exe
2015-08-30 19:33 - 2015-08-30 19:33 - 02097712 _____ C:\Users\kjh71pc\Downloads\AppManagerSetup_2.0.exe
2015-08-30 19:33 - 2015-08-30 19:33 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\gnupg
2015-08-30 19:31 - 2015-08-30 19:31 - 10758854 _____ C:\Users\kjh71pc\Downloads\Appupdater-2.2.exe
2015-08-30 19:28 - 2015-08-30 19:28 - 00302011 _____ C:\Users\kjh71pc\Downloads\WindowsUpdateDiagnostic (2).diagcab
2015-08-29 13:28 - 2015-08-29 13:28 - 00347816 _____ (Microsoft Corporation) C:\Users\kjh71pc\Downloads\MicrosoftFixit.IEAddon.FISC.136428921790027.1.3.Run.exe
2015-08-29 13:27 - 2015-08-29 13:27 - 00347816 _____ (Microsoft Corporation) C:\Users\kjh71pc\Downloads\MicrosoftFixit.Performance.FISC.136428921790027.1.2.Run.exe
2015-08-29 13:26 - 2015-08-29 13:26 - 00450352 _____ (Microsoft Corporation) C:\Users\kjh71pc\Downloads\FixitCenter_Run_2012.exe
2015-08-29 13:24 - 2015-08-29 13:24 - 00347816 _____ (Microsoft Corporation) C:\Users\kjh71pc\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.Run.exe
2015-08-28 23:35 - 2015-08-28 23:35 - 00001096 _____ C:\Users\kjh71pc\Documents\AntiMalwareScanset.a2s
2015-08-28 19:25 - 2015-08-28 19:31 - 103565472 _____ (Kaspersky Lab ZAO) C:\Users\kjh71pc\Downloads\KVRT (2).exe
2015-08-28 19:14 - 2015-08-28 19:14 - 00302011 _____ C:\Users\kjh71pc\Downloads\WindowsUpdateDiagnostic (1).diagcab
2015-08-28 11:53 - 2015-08-28 11:53 - 00001112 _____ C:\Users\kjh71pc\Documents\AdwCleaner[C2].txt
2015-08-28 11:41 - 2015-08-28 11:41 - 00008510 _____ C:\Users\kjh71pc\Documents\rk_2190.tmp.txt
2015-08-28 11:07 - 2015-08-28 11:47 - 00000000 ____D C:\WINDOWS\pss
2015-08-27 23:03 - 2015-08-27 23:03 - 00000000 ____D C:\ProgramData\Ralink Driver
2015-08-27 23:02 - 2015-08-27 23:02 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\InstallShield
2015-08-27 22:43 - 2015-08-27 22:43 - 00302011 _____ C:\Users\kjh71pc\Downloads\WindowsUpdateDiagnostic.diagcab
2015-08-27 22:01 - 2013-03-08 04:48 - 00058536 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\usbfilter.sys
2015-08-27 22:00 - 2015-08-27 22:00 - 00000000 ____D C:\Program Files\ATI Technologies
2015-08-27 19:03 - 2015-08-27 19:03 - 00069494 _____ C:\WINDOWS\SysWOW64\CCCInstall_201508271603280447.log
2015-08-27 17:19 - 2015-08-27 17:19 - 00000488 _____ C:\Users\kjh71pc\Desktop\Ci-access - Shortcut.lnk
2015-08-27 17:05 - 2015-09-19 15:54 - 00004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A139336D-FC4A-4510-9661-9C6105663018}
2015-08-27 16:51 - 2015-09-14 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimCleaner
2015-08-27 16:51 - 2015-08-27 16:51 - 00002483 _____ C:\Users\Public\Desktop\SlimCleaner.lnk
2015-08-27 16:51 - 2015-08-27 16:51 - 00000000 ____D C:\Program Files (x86)\SlimCleaner
2015-08-27 15:43 - 2015-09-14 18:27 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2015-08-27 15:43 - 2015-08-27 15:43 - 00058610 _____ C:\WINDOWS\SysWOW64\CCCInstall_201508271243340445.log
2015-08-27 15:43 - 2015-08-27 15:43 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\Raptr
2015-08-27 15:43 - 2015-08-27 15:43 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-08-27 15:40 - 2015-08-27 15:40 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-27 15:37 - 2015-08-27 21:40 - 00000000 ____D C:\AMD
2015-08-27 15:09 - 2015-08-27 15:09 - 00000000 ____D C:\ProgramData\SlimWare Utilities, Inc
2015-08-27 15:07 - 2015-08-27 15:07 - 00002499 _____ C:\Users\Public\Desktop\SlimDrivers.lnk
2015-08-27 15:05 - 2015-09-14 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clean My Registry
2015-08-27 15:04 - 2015-09-14 18:44 - 00003420 _____ C:\WINDOWS\System32\Tasks\FixItRegistryOptimizer
2015-08-27 15:04 - 2015-09-14 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fix-It Registry Optimizer
2015-08-27 15:04 - 2015-08-27 15:05 - 03111176 _____ (Smart PC Solutions ) C:\Users\kjh71pc\Downloads\driverupdater (1).exe
2015-08-27 15:04 - 2015-08-27 15:05 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\Smart PC Solutions
2015-08-27 15:04 - 2015-08-27 15:04 - 03111176 _____ (Smart PC Solutions ) C:\Users\kjh71pc\Downloads\driverupdater.exe
2015-08-27 15:04 - 2015-08-27 15:04 - 00001390 _____ C:\Users\kjh71pc\Desktop\Fix-It Registry Optimizer.lnk
2015-08-27 15:03 - 2015-09-14 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Toolbar Remover
2015-08-27 15:03 - 2015-08-27 15:05 - 00000000 ____D C:\Program Files (x86)\Smart PC Solutions
2015-08-27 15:03 - 2015-08-27 15:04 - 00001465 _____ C:\Users\kjh71pc\Desktop\Click To Find and Fix PC Errors.lnk
2015-08-27 15:03 - 2015-08-27 15:04 - 00001372 _____ C:\Users\kjh71pc\Desktop\Smart Toolbar Remover.lnk
2015-08-27 14:37 - 2015-08-27 14:37 - 19648448 _____ (Microsoft Corporation) C:\Users\kjh71pc\Downloads\MediaCreationToolx64.exe
2015-08-26 19:20 - 2015-08-26 21:19 - 00000146 _____ C:\Users\kjh71pc\Documents\my lottario.txt
2015-08-26 19:02 - 2015-08-26 19:02 - 00000053 _____ C:\Users\kjh71pc\Documents\geek for cheap.txt
2015-08-26 18:53 - 2015-08-26 18:53 - 00000070 _____ C:\Users\kjh71pc\Documents\lottario numbers.txt
2015-08-25 20:16 - 2015-07-22 10:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-08-25 20:06 - 2014-11-07 22:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-08-25 17:54 - 2015-09-14 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registrar Registry Manager
2015-08-25 17:54 - 2015-08-25 17:54 - 00000916 _____ C:\Users\kjh71pc\Desktop\Registrar Registry Manager.lnk
2015-08-25 17:54 - 2015-08-25 17:54 - 00000000 ____D C:\Program Files\Registrar Registry Manager
2015-08-25 17:52 - 2015-08-25 17:52 - 05032752 _____ (Resplendence Software Projects Sp. ) C:\Users\kjh71pc\Downloads\RegistrarHomeV7.exe
2015-08-25 17:51 - 2015-09-14 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safer Networking
2015-08-25 17:51 - 2015-08-25 17:51 - 00000000 ____D C:\Program Files (x86)\Safer Networking
2015-08-25 17:50 - 2015-08-25 17:50 - 01752632 _____ (Safer-Networking Ltd. ) C:\Users\kjh71pc\Downloads\regalyz-1.6.2.16.exe
2015-08-25 17:00 - 2015-08-25 17:00 - 00000000 _RSHD C:\comment.htt
2015-08-25 15:30 - 2015-09-15 12:27 - 00000000 ____D C:\ProgramData\RegRun
2015-08-25 15:30 - 2015-08-25 15:30 - 00000002 RSHOT C:\WINDOWS\winstart.bat
2015-08-25 15:30 - 2015-08-25 15:30 - 00000002 RSHOT C:\WINDOWS\SysWOW64\CONFIG.NT
2015-08-25 15:30 - 2015-08-25 15:30 - 00000002 RSHOT C:\WINDOWS\SysWOW64\AUTOEXEC.NT
2015-08-25 15:29 - 2015-09-08 22:10 - 00000000 ____D C:\Users\kjh71pc\Documents\RegRun2
2015-08-25 15:29 - 2015-08-25 15:29 - 00043312 _____ (Greatis Software) C:\WINDOWS\system32\Partizan.exe
2015-08-25 15:29 - 2015-08-25 15:29 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disabled Startup Items
2015-08-25 15:26 - 2015-08-25 15:27 - 27019849 _____ C:\Users\kjh71pc\Downloads\regrunplat.zip
2015-08-25 15:26 - 2015-08-25 15:27 - 01679089 _____ C:\Users\kjh71pc\Downloads\shortcutantivirus.zip
2015-08-25 14:55 - 2015-08-25 14:55 - 00000975 _____ C:\WINDOWS\system32\Drivers\etc\hosts.trb
2015-08-25 14:49 - 2015-09-14 18:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
2015-08-25 14:49 - 2015-09-13 13:41 - 00000000 ____D C:\Program Files (x86)\Trojan Remover
2015-08-25 14:49 - 2015-08-28 11:13 - 00001123 _____ C:\Users\Public\Desktop\Trojan Remover.lnk
2015-08-25 14:49 - 2015-08-25 14:49 - 00000000 ____D C:\Users\kjh71pc\Documents\Simply Super Software
2015-08-25 14:49 - 2015-08-25 14:49 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\Simply Super Software
2015-08-25 14:49 - 2015-08-25 14:49 - 00000000 ____D C:\ProgramData\Simply Super Software
2015-08-25 14:45 - 2015-08-25 14:48 - 38982112 _____ (Simply Super Software ) C:\Users\kjh71pc\Downloads\trjsetup692 (1).exe
2015-08-25 14:40 - 2015-08-25 14:43 - 29376248 _____ (Simply Super Software ) C:\Users\kjh71pc\Downloads\trjsetup692.exe
2015-08-25 10:20 - 2015-08-25 10:20 - 00007795 _____ C:\Users\kjh71pc\Downloads\msg0003.WAV
2015-08-25 10:01 - 2015-03-13 21:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-08-25 09:48 - 2015-09-18 10:14 - 00000252 _____ C:\WINDOWS\wininit.ini
2015-08-25 08:41 - 2015-08-25 17:47 - 00000000 __SHD C:\Users\kjh71pc\AppData\Local\EmieUserList
2015-08-25 08:41 - 2015-08-25 17:47 - 00000000 __SHD C:\Users\kjh71pc\AppData\Local\EmieSiteList
2015-08-25 08:41 - 2015-08-25 17:47 - 00000000 __SHD C:\Users\kjh71pc\AppData\Local\EmieBrowserModeList
2015-08-25 02:29 - 2015-08-25 02:29 - 01199488 _____ (www.startisback.com) C:\Users\kjh71pc\Downloads\StartIsBackPlus_setup.exe
2015-08-25 02:28 - 2015-09-18 10:16 - 00000000 ____D C:\Users\kjh71pc\OneDrive
2015-08-25 02:23 - 2015-09-14 18:44 - 00022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-08-25 02:04 - 2014-11-21 04:52 - 00000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-08-25 02:04 - 2014-11-21 04:52 - 00000369 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-08-25 02:03 - 2015-09-14 18:46 - 00013338 _____ C:\WINDOWS\diagwrn.xml
2015-08-25 02:03 - 2015-09-14 18:46 - 00013338 _____ C:\WINDOWS\diagerr.xml
2015-08-25 02:00 - 2015-09-14 17:57 - 01183079 _____ C:\WINDOWS\WindowsUpdate (1).log
2015-08-25 01:10 - 2015-09-14 18:45 - 00013315 _____ C:\WINDOWS\comsetup.log
2015-08-25 01:04 - 2015-08-25 01:05 - 01798576 _____ (Malwarebytes Corporation) C:\Users\kjh71pc\Downloads\JRT (2).exe
2015-08-25 00:59 - 2015-08-27 17:20 - 00000438 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2015-08-25 00:47 - 2015-08-27 21:18 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-08-25 00:45 - 2015-08-25 00:47 - 06907928 _____ (Hewlett-Packard Development Company, L.P. ) C:\Users\kjh71pc\Downloads\sp58624.exe
2015-08-25 00:35 - 2015-08-30 23:50 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\hpqlog
2015-08-24 21:05 - 2015-08-24 21:06 - 01798576 _____ (Malwarebytes Corporation) C:\Users\kjh71pc\Downloads\JRT (1).exe
2015-08-24 21:05 - 2015-08-24 21:05 - 00000650 _____ C:\RstHosts.txt
2015-08-24 21:04 - 2015-08-24 21:04 - 00353632 _____ C:\Users\kjh71pc\Downloads\rsthosts_2.0.exe
2015-08-24 21:04 - 2015-08-24 21:04 - 00217144 _____ C:\Users\kjh71pc\Downloads\tsclean_1.1.0.5.zip
2015-08-24 21:04 - 2015-08-24 21:04 - 00000000 ____D C:\Users\kjh71pc\Downloads\tsclean_1.1.0.5
2015-08-24 21:00 - 2015-08-24 21:00 - 01605632 _____ C:\Users\kjh71pc\Downloads\adwcleaner_5.003.exe
2015-08-24 20:40 - 2015-08-24 20:40 - 00000768 _____ C:\WINDOWS\system32\Drivers\etc\new hosts.txt
2015-08-24 20:05 - 2015-08-24 20:05 - 18772040 _____ C:\Users\kjh71pc\Downloads\RogueKiller (2).exe
2015-08-24 20:04 - 2015-08-24 20:04 - 18772040 _____ C:\Users\kjh71pc\Downloads\RogueKiller (1).exe
2015-08-24 19:58 - 2015-08-24 20:01 - 18772040 _____ C:\Users\kjh71pc\Downloads\RogueKiller.exe
2015-08-24 19:44 - 2015-08-24 19:44 - 00023829 _____ C:\ComboFix.txt
2015-08-24 19:21 - 2015-08-24 19:21 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\kjh71pc\Downloads\tdsskiller.exe
2015-08-24 16:18 - 2015-08-24 16:18 - 00891392 _____ (Farbar) C:\Users\kjh71pc\Downloads\MiniToolBox (1).exe
2015-08-24 15:51 - 2015-08-24 15:51 - 00000831 _____ C:\WINDOWS\system32\Drivers\etc\hosts.txt
2015-08-24 15:48 - 2015-08-24 15:48 - 00991232 _____ C:\Users\kjh71pc\Downloads\MicrosoftFixit50267.msi
2015-08-24 15:45 - 2015-09-08 21:41 - 00073140 _____ C:\Users\kjh71pc\Downloads\MTB.txt
2015-08-24 15:45 - 2015-08-24 15:45 - 00891392 _____ (Farbar) C:\Users\kjh71pc\Downloads\MiniToolBox.exe
2015-08-24 02:13 - 2015-08-25 10:16 - 00000000 ____D C:\WINDOWS\system32\AutoUpdateLicense
2015-08-24 01:50 - 2015-08-24 02:59 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-24 01:10 - 2015-08-24 01:35 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\kjh71pc\Downloads\spybot-2.4.exe
2015-08-24 00:23 - 2015-08-24 00:39 - 102519968 _____ (Kaspersky Lab ZAO) C:\Users\kjh71pc\Downloads\KVRT (1).exe
2015-08-23 20:40 - 2015-03-04 03:26 - 00011105 _____ C:\WINDOWS\system32\AutoconfigV2.cab
2015-08-23 20:28 - 2015-08-23 20:30 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\kjh71pc\Downloads\mbam-setup-2.1.8.1057 (2).exe
2015-08-23 19:48 - 2015-09-16 10:25 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-23 19:48 - 2015-09-14 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-23 19:48 - 2015-08-23 19:49 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\kjh71pc\Downloads\mbam-setup-2.1.8.1057 (1).exe
2015-08-23 19:48 - 2015-08-23 19:48 - 00001104 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-08-23 19:48 - 2015-08-23 19:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-23 19:48 - 2015-08-23 19:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-23 19:48 - 2015-06-18 11:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-08-23 19:48 - 2015-06-18 11:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-08-23 19:48 - 2015-06-18 11:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-08-23 19:45 - 2015-08-23 19:45 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\kjh71pc\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-23 18:29 - 2015-08-23 18:29 - 00139264 _____ C:\Users\kjh71pc\Downloads\SystemLook.exe
2015-08-23 18:29 - 2015-08-23 18:29 - 00002258 _____ C:\Users\kjh71pc\Downloads\SystemLook.txt
2015-08-23 18:26 - 2015-08-23 18:26 - 00899072 _____ (Farbar) C:\Users\kjh71pc\Downloads\FSS (1).exe
2015-08-23 18:24 - 2015-09-10 17:28 - 00002886 _____ C:\Users\kjh71pc\Downloads\FSS.txt
2015-08-23 18:23 - 2015-08-23 18:23 - 00899072 _____ (Farbar) C:\Users\kjh71pc\Downloads\FSS.exe
2015-08-23 18:12 - 2015-08-23 18:16 - 00239439 _____ C:\Users\kjh71pc\Downloads\avgremover.log
2015-08-23 18:12 - 2015-08-23 18:12 - 02899344 _____ (AVG Technologies CZ, s.r.o.) C:\Users\kjh71pc\Downloads\avg_remover_stf_x64_2012_2125.exe
2015-08-23 17:55 - 2011-06-26 02:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2015-08-23 17:55 - 2010-11-07 13:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2015-08-23 17:55 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2015-08-23 17:55 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2015-08-23 17:55 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2015-08-23 17:55 - 2000-08-30 20:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2015-08-23 17:55 - 2000-08-30 20:00 - 00098816 _____ C:\WINDOWS\sed.exe
2015-08-23 17:55 - 2000-08-30 20:00 - 00080412 _____ C:\WINDOWS\grep.exe
2015-08-23 17:55 - 2000-08-30 20:00 - 00068096 _____ C:\WINDOWS\zip.exe
2015-08-23 17:54 - 2015-08-27 17:09 - 00000000 ____D C:\Qoobox
2015-08-23 17:54 - 2015-08-23 18:04 - 00000000 ____D C:\WINDOWS\erdnt
2015-08-23 17:53 - 2015-08-24 19:28 - 05635162 ____R (Swearware) C:\Users\kjh71pc\Downloads\ComboFix.exe
2015-08-23 17:12 - 2015-08-23 17:12 - 01798576 _____ (Malwarebytes Corporation) C:\Users\kjh71pc\Downloads\JRT.exe
2015-08-23 15:36 - 2015-08-23 15:36 - 00000117 _____ C:\WINDOWS\system32\netcfg-46296822.txt
2015-08-23 15:36 - 2015-08-23 15:36 - 00000117 _____ C:\WINDOWS\system32\netcfg-46284981.txt
2015-08-23 02:47 - 2015-08-23 02:47 - 00000117 _____ C:\WINDOWS\system32\netcfg-141680.txt
2015-08-23 02:47 - 2015-08-23 02:47 - 00000117 _____ C:\WINDOWS\system32\netcfg-141227.txt
2015-08-23 02:43 - 2015-08-23 02:43 - 00000117 _____ C:\WINDOWS\system32\netcfg-8563222.txt
2015-08-23 02:43 - 2015-08-23 02:43 - 00000117 _____ C:\WINDOWS\system32\netcfg-8562848.txt
2015-08-23 01:50 - 2015-08-23 01:50 - 00000117 _____ C:\WINDOWS\system32\netcfg-5415574.txt
2015-08-23 01:50 - 2015-08-23 01:50 - 00000117 _____ C:\WINDOWS\system32\netcfg-5415137.txt
2015-08-23 01:50 - 2015-08-23 01:50 - 00000117 _____ C:\WINDOWS\system32\netcfg-5387369.txt
2015-08-23 01:50 - 2015-08-23 01:50 - 00000117 _____ C:\WINDOWS\system32\netcfg-5375981.txt
2015-08-23 01:41 - 2015-08-23 01:41 - 00041985 _____ C:\Users\kjh71pc\Downloads\msg0002.WAV
2015-08-23 01:16 - 2015-08-27 15:43 - 00000000 ____D C:\ProgramData\AMD
2015-08-23 01:15 - 2015-09-15 13:12 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\CrashDumps
2015-08-23 01:13 - 2015-08-23 01:12 - 00098744 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdW86.sys
2015-08-23 00:23 - 2015-08-23 00:23 - 00000117 _____ C:\WINDOWS\system32\netcfg-152256.txt
2015-08-23 00:23 - 2015-08-23 00:23 - 00000117 _____ C:\WINDOWS\system32\netcfg-151960.txt
2015-08-23 00:15 - 2015-08-23 00:15 - 00000117 _____ C:\WINDOWS\system32\netcfg-4527913.txt
2015-08-23 00:15 - 2015-08-23 00:15 - 00000117 _____ C:\WINDOWS\system32\netcfg-4527554.txt
2015-08-22 23:02 - 2015-08-22 23:02 - 00000117 _____ C:\WINDOWS\system32\netcfg-142725.txt
2015-08-22 23:02 - 2015-08-22 23:02 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\bluesoleil
2015-08-22 23:01 - 2015-08-22 23:01 - 00000117 _____ C:\WINDOWS\system32\netcfg-85816.txt
2015-08-22 22:58 - 2015-08-22 22:58 - 00000117 _____ C:\WINDOWS\system32\netcfg-25200027.txt
2015-08-22 22:58 - 2015-08-22 22:58 - 00000117 _____ C:\WINDOWS\system32\netcfg-25199013.txt
2015-08-22 22:57 - 2015-08-22 22:57 - 00000117 _____ C:\WINDOWS\system32\netcfg-25168795.txt
2015-08-22 22:57 - 2015-08-22 22:57 - 00000117 _____ C:\WINDOWS\system32\netcfg-25157236.txt
2015-08-22 22:29 - 2015-08-22 22:29 - 00000117 _____ C:\WINDOWS\system32\netcfg-23447449.txt
2015-08-22 22:29 - 2015-08-22 22:29 - 00000117 _____ C:\WINDOWS\system32\netcfg-23445421.txt
2015-08-22 22:26 - 2015-09-08 21:52 - 00035064 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-08-22 22:26 - 2015-08-22 22:57 - 00000000 ____D C:\ProgramData\RogueKiller
2015-08-22 22:26 - 2015-08-22 22:26 - 00000117 _____ C:\WINDOWS\system32\netcfg-23301822.txt
2015-08-22 22:26 - 2015-08-22 22:26 - 00000117 _____ C:\WINDOWS\system32\netcfg-23300855.txt
2015-08-22 22:08 - 2015-08-22 22:08 - 00000317 _____ C:\WINDOWS\system32\netcfg-22224994.txt
2015-08-22 21:21 - 2015-09-14 17:57 - 00003620 _____ C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2015-08-22 21:21 - 2015-09-13 06:38 - 00000043 _____ C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2015-08-22 21:19 - 2015-08-22 21:19 - 00001099 _____ C:\WINDOWS\system32\netcfg-19267636.txt
2015-08-22 21:19 - 2015-08-22 21:19 - 00000160 _____ C:\WINDOWS\system32\netcfg-19266482.txt
2015-08-22 21:18 - 2015-09-12 19:27 - 00000757 _____ C:\Users\kjh71pc\Desktop\Start Emsisoft Emergency Kit.lnk
2015-08-22 21:17 - 2015-09-12 19:27 - 00000000 ____D C:\EEK
2015-08-22 21:16 - 2015-08-22 21:16 - 00000000 ____D C:\ProgramData\Ralink Bluetooth Stack
2015-08-22 21:13 - 2015-08-22 21:13 - 00000201 _____ C:\WINDOWS\system32\netcfg-18918054.txt
2015-08-22 21:13 - 2015-08-22 21:13 - 00000201 _____ C:\WINDOWS\system32\netcfg-18915651.txt
2015-08-22 21:05 - 2015-08-22 21:16 - 166475312 _____ C:\Users\kjh71pc\Downloads\EmsisoftEmergencyKit.exe
2015-08-22 20:44 - 2015-09-14 18:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-08-22 20:44 - 2015-08-22 20:44 - 00001810 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2015-08-22 20:44 - 2015-08-22 20:44 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\SUPERAntiSpyware.com
2015-08-22 20:44 - 2015-08-22 20:44 - 00000000 ____D C:\ProgramData\SUPERSetup
2015-08-22 20:44 - 2015-08-22 20:44 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2015-08-22 20:44 - 2015-08-22 20:44 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-08-22 20:33 - 2015-08-24 19:24 - 00000000 ____D C:\TDSSKiller_Quarantine
2015-08-22 19:09 - 2015-09-12 19:10 - 00000000 ____D C:\AdwCleaner
2015-08-22 18:29 - 2015-09-14 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2015-08-22 18:29 - 2015-08-22 18:29 - 00001079 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2015-08-22 18:29 - 2015-08-22 18:29 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\VS Revo Group
2015-08-22 18:29 - 2015-08-22 18:29 - 00000000 ____D C:\ProgramData\VS Revo Group
2015-08-22 18:29 - 2015-08-22 18:29 - 00000000 ____D C:\Program Files\VS Revo Group
2015-08-22 18:29 - 2009-12-30 14:21 - 00031800 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2015-08-22 18:27 - 2015-08-22 18:28 - 11069616 _____ (VS Revo Group ) C:\Users\kjh71pc\Downloads\RevoUninProSetup.exe
2015-08-22 18:05 - 2015-08-22 18:05 - 02870984 _____ (ESET) C:\Users\kjh71pc\Downloads\esetsmartinstaller_enu.exe
2015-08-22 18:05 - 2015-08-22 18:05 - 00000000 ____D C:\Program Files (x86)\ESET
2015-08-22 17:59 - 2015-09-14 18:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UVK - Ultra Virus Killer
2015-08-22 17:59 - 2015-08-23 23:22 - 00000000 ____D C:\Program Files\UVK - Ultra Virus Killer
2015-08-22 17:59 - 2015-08-22 20:30 - 00000000 ____D C:\ProgramData\UVK
2015-08-22 17:59 - 2015-08-22 17:59 - 00001808 _____ C:\Users\Public\Desktop\UVK - Ultra Virus Killer.lnk
2015-08-22 17:58 - 2015-08-22 17:59 - 05412864 _____ (Carifred) C:\Users\kjh71pc\Downloads\UVKSetup (1).exe
2015-08-22 16:05 - 2015-08-22 16:05 - 00000117 _____ C:\WINDOWS\system32\netcfg-450671.txt
2015-08-22 16:05 - 2015-08-22 16:05 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\tjnet
2015-08-22 16:00 - 2015-08-22 16:00 - 00000117 _____ C:\WINDOWS\system32\netcfg-129075.txt
2015-08-22 15:58 - 2015-08-22 15:58 - 00000117 _____ C:\WINDOWS\system32\netcfg-72367241.txt
2015-08-22 15:57 - 2015-08-22 15:57 - 00000117 _____ C:\WINDOWS\system32\netcfg-72358084.txt
2015-08-22 15:18 - 2015-09-14 18:44 - 00003286 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForkjh71pc
2015-08-22 15:18 - 2015-08-31 18:05 - 00000358 _____ C:\WINDOWS\Tasks\HPCeeScheduleForkjh71pc.job
2015-08-22 15:17 - 2007-07-27 07:41 - 00023040 _____ C:\WINDOWS\SysWOW64\BeepApp.exe
2015-08-22 15:14 - 2015-08-22 15:14 - 00298816 _____ (Advanced Micro Devices, Inc) C:\WINDOWS\system32\Drivers\ahcix64s.sys
2015-08-22 15:14 - 2015-08-22 15:14 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\WinBatch
2015-08-22 15:09 - 2015-09-15 18:29 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2015-08-22 14:43 - 2015-08-22 14:54 - 00000073 _____ C:\Users\kjh71pc\Documents\ontario lotto 49.txt
2015-08-22 14:39 - 2015-08-25 14:54 - 00000000 ____D C:\ProgramData\Licenses
2015-08-22 14:35 - 2015-09-14 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lotto Pro
2015-08-22 14:35 - 2015-08-23 19:48 - 00000000 ____D C:\Program Files (x86)\Windows Lotto Pro 2000
2015-08-22 14:35 - 2015-08-22 14:35 - 00001255 _____ C:\Users\Public\Desktop\Update Lotto Drawing Files.lnk
2015-08-22 14:35 - 2015-08-22 14:35 - 00001166 _____ C:\Users\Public\Desktop\Lotto Pro.lnk
2015-08-22 14:35 - 2015-08-22 14:35 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\Data Solutions
2015-08-22 14:35 - 2000-09-13 11:14 - 00155648 _____ (Vista Software) C:\WINDOWS\SysWOW64\Sde50.dll
2015-08-22 14:35 - 2000-09-13 10:14 - 00266240 _____ (Vista Software) C:\WINDOWS\SysWOW64\SdeNsx50.dll
2015-08-22 13:57 - 2015-08-22 13:58 - 17712624 _____ (Data Solutions) C:\Users\kjh71pc\Downloads\lotpro32 (1).exe
2015-08-22 13:53 - 2015-09-08 22:44 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-22 13:53 - 2015-08-26 18:37 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-22 13:30 - 2015-09-14 18:44 - 00003708 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2448382089-3538881294-790544520-1001
2015-08-22 13:25 - 2015-08-22 13:25 - 00945560 _____ (www.startisback.com) C:\Users\kjh71pc\Downloads\StartIsBack_setup (1).exe
2015-08-22 13:25 - 2015-08-22 13:25 - 00000000 ____D C:\Program Files (x86)\StartIsBack
2015-08-22 13:12 - 2015-09-18 10:17 - 00001044 _____ C:\Users\kjh71pc\Desktop\magicJack.lnk
2015-08-22 13:12 - 2015-09-18 10:17 - 00001030 _____ C:\Users\kjh71pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\magicJack.lnk
2015-08-22 13:12 - 2015-09-18 10:17 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\mjusbsp
2015-08-22 13:12 - 2015-08-22 13:12 - 00000000 ____D C:\ProgramData\magicJack
2015-08-22 13:11 - 2015-08-22 16:05 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\magicJack
2015-08-22 02:53 - 2015-08-22 02:53 - 00000117 _____ C:\WINDOWS\system32\netcfg-25281974.txt
2015-08-22 02:53 - 2015-08-22 02:53 - 00000117 _____ C:\WINDOWS\system32\netcfg-25281834.txt
2015-08-22 02:49 - 2015-08-25 00:57 - 00065536 _____ C:\WINDOWS\system32\Ikeext.etl
2015-08-21 22:35 - 2015-08-22 15:18 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\Hewlett-Packard
2015-08-21 21:53 - 2015-08-21 21:53 - 00000117 _____ C:\WINDOWS\system32\netcfg-7326274.txt
2015-08-21 21:53 - 2015-08-21 21:53 - 00000117 _____ C:\WINDOWS\system32\netcfg-7315027.txt
2015-08-21 20:08 - 2015-09-16 22:21 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-21 20:08 - 2015-09-14 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-21 20:05 - 2015-09-19 16:20 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-21 20:05 - 2015-09-19 11:20 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-21 20:05 - 2015-09-15 11:15 - 00003982 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-21 20:05 - 2015-09-15 11:15 - 00003750 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-21 20:05 - 2015-09-12 00:17 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\Google
2015-08-21 20:05 - 2015-08-21 20:07 - 00000000 ____D C:\Program Files (x86)\Google
2015-08-21 20:04 - 2015-08-21 20:04 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\IDT
2015-08-21 20:04 - 2015-08-21 20:04 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\ATI
2015-08-21 20:04 - 2015-08-21 20:04 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\ATI
2015-08-21 20:03 - 2015-08-21 20:03 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\Apps\2.0
2015-08-21 20:02 - 2015-08-21 20:02 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\Macromedia
2015-08-21 20:01 - 2015-08-21 20:01 - 00000117 _____ C:\WINDOWS\system32\netcfg-579418.txt
2015-08-21 20:01 - 2015-08-21 20:01 - 00000117 _____ C:\WINDOWS\system32\netcfg-575160.txt
2015-08-21 19:59 - 2015-08-21 19:59 - 00008530 _____ C:\Users\kjh71pc\Desktop\Removed Apps.html
2015-08-21 19:59 - 2015-08-21 19:59 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2015-08-21 19:59 - 2015-08-21 19:59 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\Power2Go8
2015-08-21 19:58 - 2015-08-22 15:07 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\Hewlett-Packard
2015-08-21 19:58 - 2015-08-21 19:58 - 00000000 ____D C:\Users\kjh71pc\AppData\Roaming\Adobe
2015-08-21 19:57 - 2015-09-14 18:27 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
2015-08-21 19:55 - 2015-08-22 14:41 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\VirtualStore
2015-08-21 19:54 - 2015-08-21 19:54 - 00001351 _____ C:\Users\Administrator\AppData\Local\Application.xml
2015-08-21 19:53 - 2015-08-21 19:53 - 00000117 _____ C:\WINDOWS\system32\netcfg-84412.txt
2015-08-21 19:53 - 2015-08-21 19:53 - 00000000 ___HD C:\Users\kjh71pc\Documents\hp.system.package.metadata
2015-08-21 19:34 - 2015-08-22 04:28 - 00000000 ____D C:\sysreset
2015-08-21 18:28 - 2015-08-21 18:28 - 00000031 _____ C:\Users\kjh71pc\Desktop\ont 49.txt
2015-08-21 00:24 - 2015-08-21 00:26 - 25723531 _____ C:\Users\kjh71pc\Downloads\installer_win (1).exe
2015-08-21 00:15 - 2015-08-21 00:18 - 25723531 _____ C:\Users\kjh71pc\Downloads\installer_win.exe
2015-08-21 00:11 - 2015-08-21 00:11 - 00000000 ____D C:\Users\kjh71pc\Documents\ProcAlyzer Dumps
2015-08-20 18:18 - 2015-07-28 20:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-08-20 18:07 - 2015-08-20 18:09 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\kjh71pc\Downloads\spybot-2.4 (1).exe
2015-08-20 16:12 - 2015-08-20 16:13 - 17712624 _____ (Data Solutions) C:\Users\kjh71pc\Downloads\lotpro32.exe
2015-08-20 14:58 - 2015-08-20 15:04 - 35814095 _____ (PCPhoneSoft.com ) C:\Users\kjh71pc\Downloads\gvmateapp2setup.exe
2015-08-20 14:52 - 2015-08-20 14:53 - 13532192 _____ (magicJack L.P.) C:\Users\kjh71pc\Downloads\upgr980.exe
2015-08-20 04:02 - 2015-08-20 04:02 - 00000499 _____ C:\Users\kjh71pc\Desktop\shmita Jubilee.txt
2015-08-20 02:17 - 2015-08-20 02:19 - 18960760 _____ (Hewlett-Packard Development Company, L.P. ) C:\Users\kjh71pc\Downloads\sp58553.exe
2015-08-20 01:35 - 2015-08-21 00:18 - 00000000 ____D C:\Users\kjh71pc\Desktop\mbar
2015-08-20 01:31 - 2015-08-20 01:35 - 16563304 _____ (Malwarebytes Corp.) C:\Users\kjh71pc\Downloads\mbar-1.09.2.1008.exe
2015-08-20 01:26 - 2015-08-20 01:27 - 00945560 _____ (www.startisback.com) C:\Users\kjh71pc\Downloads\StartIsBack_setup.exe
2015-08-20 01:14 - 2015-08-20 01:14 - 00000000 ____D C:\KVRT_Data
2015-08-20 00:53 - 2015-08-20 01:14 - 101836960 _____ (Kaspersky Lab ZAO) C:\Users\kjh71pc\Downloads\KVRT.exe
2015-08-20 00:29 - 2015-08-20 00:38 - 28544408 _____ (LSoft Technologies Inc ) C:\Users\kjh71pc\Downloads\KillDiskSuiteFree-Setup.exe
2015-08-20 00:13 - 2015-08-20 00:15 - 05412864 _____ (Carifred) C:\Users\kjh71pc\Downloads\UVKSetup.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-09-19 15:45 - 2015-07-10 08:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-19 15:44 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-19 10:45 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-18 13:32 - 2015-07-10 07:04 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2015-09-18 12:07 - 2015-07-10 08:20 - 00024927 _____ C:\WINDOWS\setupact.log
2015-09-18 10:15 - 2015-07-10 08:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-18 10:15 - 2015-07-10 05:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-09-17 15:11 - 2015-08-19 22:11 - 00000000 ____D C:\ProgramData\Temp
2015-09-17 13:02 - 2015-08-19 22:31 - 00000000 ____D C:\ProgramData\Norton
2015-09-17 13:00 - 2015-07-10 07:04 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-09-17 13:00 - 2015-07-10 05:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-09-16 15:31 - 2015-08-19 23:30 - 00000000 ____D C:\Users\kjh71pc\AppData\Local\Packages
2015-09-15 04:51 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\appcompat
2015-09-14 22:18 - 2015-07-10 07:04 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-09-14 22:15 - 2015-07-10 09:14 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-14 22:15 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-14 22:15 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-14 22:15 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-09-14 22:15 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-09-14 22:15 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-09-14 22:15 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-09-14 22:15 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-09-14 22:15 - 2015-07-10 05:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-09-14 22:15 - 2015-07-10 05:05 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-09-14 22:07 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-09-14 22:07 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-09-14 22:06 - 2015-07-10 07:01 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-09-14 22:06 - 2015-07-10 07:01 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-09-14 22:06 - 2015-07-10 07:01 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-09-14 22:06 - 2015-07-10 07:01 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-09-14 22:06 - 2015-07-10 07:01 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-09-14 22:06 - 2015-07-10 07:01 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-09-14 22:06 - 2015-07-10 07:00 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-09-14 22:06 - 2015-07-10 07:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-09-14 22:06 - 2015-07-10 07:00 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-09-14 22:06 - 2015-07-10 07:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-09-14 22:06 - 2015-07-10 07:00 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-09-14 22:06 - 2015-07-10 07:00 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-09-14 22:02 - 2015-07-10 08:20 - 00219768 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-14 21:59 - 2015-08-19 21:58 - 00000000 ____D C:\ProgramData\SoundResearch
2015-09-14 21:58 - 2012-08-01 23:15 - 00000000 ____D C:\SWSETUP
2015-09-14 21:37 - 2015-08-19 22:11 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2015-09-14 21:36 - 2015-08-19 22:04 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-09-14 21:14 - 2015-08-19 22:10 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-09-14 21:14 - 2015-08-19 22:04 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-14 21:13 - 2015-08-19 22:02 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-09-14 21:10 - 2015-07-10 06:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-14 21:03 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\restore
2015-09-14 18:49 - 2015-07-10 07:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-09-14 18:49 - 2015-07-10 07:04 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-09-14 18:49 - 2015-07-10 07:04 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-09-14 18:49 - 2015-07-10 07:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-09-14 18:47 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\rescache
2015-09-14 18:45 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\Registration
2015-09-14 18:41 - 2015-07-10 07:04 - 00000000 __RHD C:\Users\Public\Libraries
2015-09-14 18:34 - 2015-08-19 22:29 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-09-14 18:34 - 2015-08-19 22:29 - 00000000 ____D C:\WINDOWS\en
2015-09-14 18:34 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-09-14 18:33 - 2015-08-19 22:30 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2015-09-14 18:33 - 2015-08-19 22:14 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-09-14 18:31 - 2015-07-10 07:05 - 00004362 _____ C:\WINDOWS\DtcInstall.log
2015-09-14 18:31 - 2013-08-22 09:36 - 00000000 ____D C:\Users\Default.migrated
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HK
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\uk-UA
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\tr-TR
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\th-TH
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Latn-RS
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\sl-SI
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\sk-SK
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\ro-RO
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\hr-HR
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\he-IL
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\bg-BG
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\ar-SA
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\zh-HK
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\uk-UA
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\tr-TR
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\th-TH
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-RS
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\spool
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\sl-SI
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\sk-SK
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\ro-RO
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\IME
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\hr-HR
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\he-IL
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\et-EE
2015-09-14 18:29 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\en-GB
2015-09-14 18:29 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-09-14 18:29 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-09-14 18:28 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\bg-BG
2015-09-14 18:28 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\ar-SA
2015-09-14 18:28 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-09-14 18:28 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2015-09-14 18:27 - 2015-08-19 22:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-09-14 18:27 - 2015-08-19 22:12 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2015-09-14 18:27 - 2015-08-19 22:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD
2015-09-14 18:27 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-09-14 18:27 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\InputMethod
2015-09-14 18:27 - 2015-07-10 07:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-09-14 18:27 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\ADFS
2015-09-14 18:27 - 2012-08-01 22:05 - 00000000 ____D C:\ProgramData\PRICache
2015-09-14 18:26 - 2012-08-01 22:05 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages
2015-09-14 18:24 - 2015-07-10 05:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-09-14 18:19 - 2015-07-10 05:05 - 00000000 __RHD C:\Users\Default
2015-08-28 21:18 - 2015-08-19 22:14 - 00000000 ____D C:\Program Files (x86)\CyberLink
2015-08-27 15:53 - 2013-08-22 11:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-08-27 15:40 - 2015-08-19 22:08 - 00000000 ____D C:\Program Files (x86)\AMD
2015-08-25 02:35 - 2013-08-22 11:36 - 00000000 __SHD C:\recycle
2015-08-25 00:46 - 2012-07-26 04:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2015-08-24 23:05 - 2015-08-19 22:13 - 00000000 ____D C:\ProgramData\install_clap
2015-08-24 19:40 - 2012-07-26 01:26 - 00000215 _____ C:\WINDOWS\system.ini
2015-08-22 21:21 - 2015-08-19 22:06 - 00000032 _____ C:\WINDOWS\0
2015-08-22 15:15 - 2015-08-19 22:08 - 00000000 ____D C:\WINDOWS\Downloaded Installations
2015-08-22 14:50 - 2015-08-19 22:14 - 00000000 ____D C:\ProgramData\CyberLink
2015-08-21 19:58 - 2012-08-01 05:57 - 00000000 ___RD C:\SYSTEM.SAV
2015-08-21 19:57 - 2015-08-19 22:30 - 00000000 ___RD C:\Program Files\Online Services
2015-08-21 19:57 - 2015-08-19 22:14 - 00000000 ___RD C:\Program Files (x86)\Online Services
2015-08-21 19:57 - 2015-08-19 22:01 - 00000000 __RSH C:\WINDOWS\SysWOW64\Drivers\103C_HP_cPC_h8-1414_Y53316J_0U_Q4UJ241074B_E12NA3RR8605_4A_I2AC8_SGigabyte_V1.2_Bv8.10_T121203_W8101-0_L409_M10032_J1000_7AMD_8F12_93.50_#150819_N18143290;10EC8168_Z_G1002677B.MRK
2015-08-21 19:57 - 2015-08-19 22:01 - 00000000 __RSH C:\WINDOWS\system32\Drivers\103C_HP_cPC_h8-1414_Y53316J_0U_Q4UJ241074B_E12NA3RR8605_4A_I2AC8_SGigabyte_V1.2_Bv8.10_T121203_W8101-0_L409_M10032_J1000_7AMD_8F12_93.50_#150819_N18143290;10EC8168_Z_G1002677B.MRK
2015-08-21 19:57 - 2012-09-10 10:31 - 00000000 ___RD C:\hp
 
==================== Files in the root of some directories =======
 
2015-09-18 12:19 - 2015-09-18 12:19 - 0531497 _____ () C:\ProgramData\1442590055.bdinstall.bin
2015-08-19 22:39 - 2015-08-19 22:39 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-09-14 18:19
 
==================== End of FRST.txt ============================


#5 Kevin Hill

Kevin Hill
  • Topic Starter

  • Members
  • 191 posts
  • OFFLINE
  •  
  • Local time:01:24 PM

Posted 19 September 2015 - 03:45 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version:15-09-2015
Ran by kjh71pc (2015-09-19 16:42:40)
Running from C:\Users\kjh71pc\Downloads
Windows 10 Home (X64) (2015-09-14 22:47:53)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2448382089-3538881294-790544520-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2448382089-3538881294-790544520-503 - Limited - Disabled)
Guest (S-1-5-21-2448382089-3538881294-790544520-501 - Limited - Disabled)
kjh71pc (S-1-5-21-2448382089-3538881294-790544520-1001 - Administrator - Enabled) => C:\Users\kjh71pc
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.18.1035 - Bitdefender)
Bitdefender Total Security 2016 (HKLM\...\Bitdefender) (Version: 20.0.18.1037 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Clean My Registry v5.3 (HKLM-x32\...\Clean My Registry_is1) (Version: 5.3 - Smart PC Solutions)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.5.3414 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DriverNavigator 3.6.4 (HKLM\...\DriverNavigator_is1) (Version: 3.6.4.0 - Easeware)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fix-It Registry Optimizer v3.0 (HKLM-x32\...\Fix-It Registry Optimizer_is1) (Version: 3.0 - Smart PC Solutions)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.93 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HP Connected Backup (HKLM-x32\...\{6BA5F6E7-6CC1-4117-816D-A549A06CE44E}) (Version: 8.7.0.0 - Autonomy)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1206 - Hewlett-Packard)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.0.29.6 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{F6A11738-3EE4-4573-AEA5-6CD5D491C167}) (Version: 12.0.30.81 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6504.0 - IDT)
Lotto Pro (HKLM-x32\...\{C7C6031B-9828-9CD3-8687-07A74048547C}) (Version: 8.33.0.0 - Data Solutions)
magicJack (HKU\S-1-5-21-2448382089-3538881294-790544520-1001\...\magicJack) (Version: 4.1.7574.5297 - magicJack L.P.)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
RAIDXpert (HKLM-x32\...\InstallShield_{8A4A80C2-87B1-44FB-BC24-9168930EB150}) (Version: 3.3.1540.28 - AMD)
RAIDXpert (x32 Version: 3.3.1540.28 - AMD) Hidden
Ralink Bluetooth Stack64 (HKLM\...\{95DF815D-BE2D-9118-F549-39794C5869CF}) (Version: 9.0.725.0 - Ralink Corporation)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.45.0 - Mediatek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.38.115.2015 - Realtek)
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
RegAlyzer (HKLM-x32\...\{296B2D8E-CE82-92AF-B2E8-A646E7CB78A2}_is1) (Version: 1.6.2.16 - Safer-Networking Ltd.)
Registrar Registry Manager 7.75 (HKLM\...\RegistrarHome_is1) (Version:  - Resplendence Software Projects Sp.)
Revo Uninstaller Pro 3.1.4 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.4 - VS Revo Group, Ltd.)
Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
SlimCleaner (HKLM-x32\...\{6B8D6199-EE44-4FD7-813A-6D8C62C9B384}) (Version: 4.0.30878 - SlimWare Utilities, Inc.)
SlimCleaner Plus (HKLM\...\{F09879E9-7CA4-460F-B14A-6E55FEFB34F7}) (Version: 2.2.1 - SlimWare Utilities, Inc.)
SlimDrivers (HKLM-x32\...\{746AB259-6474-4111-8966-1C62F9A6E063}) (Version: 2.3.1 - SlimWare Utilities, Inc.)
Smart Toolbar Remover v2.2 (HKLM-x32\...\Smart Toolbar Remover_is1) (Version: 2.2 - Smart PC Solutions)
Software Informer 1.4.1303.0 (HKLM\...\Software Informer_is1) (Version:  - Informer Technologies, Inc.)
StartIsBack+ (HKLM-x32\...\StartIsBack) (Version: 1.7.5 - startisback.com)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1204 - SUPERAntiSpyware.com)
Trojan Remover 6.9.3.2939 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.3.2939 - Simply Super Software)
UVK - Ultra Virus Killer (HKLM\...\UVK - Ultra virus killer) (Version: 7.3.7.0 - Carifred)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
14-09-2015 21:03:41 Installed HP Support Solutions Framework
14-09-2015 21:51:11 SlimDrivers Installing Drivers
14-09-2015 21:59:29 Configured IDT Audio
17-09-2015 15:47:04 Revo Uninstaller Pro's restore point - Services
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2012-07-26 01:26 - 2015-09-19 16:08 - 00000805 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0B09384B-C33F-4A51-A5E6-2FC67C3FAD14} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {2461E83B-410D-46DE-8FBD-B5046D63B80D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {24B433B5-5C34-4F7A-90E5-B645F792B4AF} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {28A66FA1-3E6A-4ED8-990C-20DF0B19DF3B} - System32\Tasks\FixItRegistryOptimizer => C:\Program Files (x86)\Smart PC Solutions\Fix-It Registry Optimizer\ROptSchedule.exe
Task: {295DC5E9-D668-41DD-9632-5E0251C79B29} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {35588F71-A162-45FE-8AF3-6E7CD5C0154F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-06-24] (Hewlett-Packard)
Task: {3A6A5DCF-F117-4CFA-840C-0DC4841BD2B8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-21] (Google Inc.)
Task: {4F9A65E5-3EA5-4061-A4FD-93CEF0BC21A2} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {51FA4561-7527-46E6-AA22-91F68A2F0DA2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-21] (Google Inc.)
Task: {5531C528-22D7-441E-8AA6-61ECB3376A2D} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2015-09-13] ()
Task: {5E1066A0-D1D0-4167-A45A-330FD17238D9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {6249E7C9-1897-4DDF-9E9C-19FBA2932EB1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-06-19] (Hewlett-Packard)
Task: {6DC116D9-7409-448C-B0D8-AF9D9E9C1FFF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {70E8218C-3548-4FB8-9011-DA850D5A49EE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {7A81C2F4-F4DD-4A6C-A9E6-A97AC5A64A69} - \SlimCleaner Run -> No File <==== ATTENTION
Task: {7CB4EA68-2CF4-4ED0-A0C5-5DA096B1C69B} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation)
Task: {81568C8D-3CD8-4FA5-ADC9-BE984ADA7A38} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {8DCFB963-06C5-4CE9-B79E-E455E4766F0B} - \SlimDrivers Startup -> No File <==== ATTENTION
Task: {926DC656-7198-4321-96CA-690FB5897788} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {A3818073-26EB-4D78-8E4A-CE12DBE2C89A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
Task: {B5C1CF74-65B4-4D66-9481-4B25F87C9678} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-06-19] (Hewlett-Packard)
Task: {C22C01AE-3FB8-4880-A267-5136ED415F9B} - System32\Tasks\DriverNavigator Scheduled Scan => C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe [2015-06-19] (Easeware)
Task: {C4A4374F-0A34-4756-A817-C087FF31DC0D} - System32\Tasks\HPCeeScheduleForkjh71pc => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {C8C5F569-0D02-4E9D-B61F-FF611ED9B82C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E65ACB08-7899-49A1-92AC-50A12660DF0B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {F4F89064-3ED8-48C3-87B6-CA74EDB674A7} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [2015-06-26] (Informer Technologies, Inc.)
Task: {F8C9FDDE-9A0F-49BB-8876-AE8CA5C25D87} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\DriverNavigator Scheduled Scan.job => C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForkjh71pc.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-09-14 22:14 - 2015-09-14 22:14 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2014-11-21 00:23 - 2014-11-21 00:23 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 09:08 - 2014-02-11 09:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 09:08 - 2014-02-11 09:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2014-11-21 00:23 - 2014-11-21 00:23 - 00127488 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-10 06:59 - 2015-07-10 06:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 06:59 - 2015-07-10 06:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 00642048 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 07:00 - 2015-07-10 09:14 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-09-14 22:14 - 2015-09-14 22:14 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 07:00 - 2015-07-10 09:14 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-09-18 12:07 - 2015-09-07 22:31 - 00335120 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bdconnect.dll
2015-09-18 12:07 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bdmetrics.dll
2015-09-18 12:07 - 2015-09-04 17:39 - 00875352 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpbr.mdl
2015-09-18 12:07 - 2015-09-04 17:39 - 00741952 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpdsp.mdl
2015-09-18 12:07 - 2015-09-04 17:39 - 02800952 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpph.mdl
2015-09-18 12:07 - 2015-09-04 17:39 - 01413024 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttprbl.mdl
2015-09-13 06:42 - 2015-09-13 06:42 - 08817658 _____ () C:\Program Files\pia_manager\pia_manager.exe
2015-09-18 12:07 - 2015-09-08 18:47 - 00477784 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\intermsec.dll
2015-09-18 12:07 - 2015-09-08 18:49 - 00161792 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\ui\ltr\intermsec.ui
2015-09-18 12:07 - 2015-09-11 19:59 - 00030208 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\lang\en-US\intermsec.txtui
2015-09-18 12:07 - 2015-09-11 19:59 - 00004608 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\lang\en-US\bdaphconp.txtui
2015-09-18 12:07 - 2015-09-07 13:22 - 00051352 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bddpsp.dll
2015-09-01 20:23 - 2015-09-13 06:42 - 00184320 _____ () C:\Program Files\pia_manager\pia_tray\pia_tray.exe
2015-09-01 20:23 - 2015-09-13 06:42 - 00690176 _____ () C:\Program Files\pia_manager\openvpn.exe
2015-09-01 20:23 - 2015-09-13 06:42 - 00190317 _____ () C:\Program Files\pia_manager\liblzo2-2.dll
2015-09-01 20:23 - 2015-09-13 06:42 - 00108441 _____ () C:\Program Files\pia_manager\libpkcs11-helper-1.dll
2015-09-14 19:37 - 2015-09-14 19:38 - 08241152 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.9.9.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2015-09-14 19:37 - 2015-09-14 19:38 - 02238976 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.9.9.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2015-09-19 06:26 - 2015-09-19 06:26 - 00012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.915.17170.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-09-19 06:26 - 2015-09-19 06:26 - 10712576 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.915.17170.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-09-19 06:26 - 2015-09-19 06:26 - 00500224 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.915.17170.0_x64__8wekyb3d8bbwe\Lumia.SequencePlayer.UAP.dll
2012-09-06 12:10 - 2012-09-06 12:10 - 00536576 _____ () C:\Program Files (x86)\AMD\RAIDXpert\bin\libxml2.dll
2015-08-19 22:17 - 2012-06-07 23:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 14:34 - 2012-06-08 14:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-09-18 12:19 - 2015-09-18 12:19 - 00012800 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1835.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00009728 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1835.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00014848 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1835.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00094208 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1835.tmp\src\rgloader\rgloader193.mswin.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00009216 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1835.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00094208 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1835.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00126976 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1835.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00087552 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1835.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00016384 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1835.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00127316 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1835.tmp\bin\libffi-6.dll
2015-09-18 12:19 - 2015-09-18 12:19 - 00008704 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1835.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00013312 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1835.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00095744 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1835.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00026624 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1835.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00012800 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1EDC.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00009728 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1EDC.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00014848 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1EDC.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00094208 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1EDC.tmp\src\rgloader\rgloader193.mswin.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00094208 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1EDC.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00118784 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1EDC.tmp\lib\ruby\1.9.1\i386-mingw32\socket.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00069120 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1EDC.tmp\lib\ruby\1.9.1\i386-mingw32\zlib.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00083968 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1EDC.tmp\bin\zlib1.dll
2015-09-18 12:19 - 2015-09-18 12:19 - 00026624 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1EDC.tmp\lib\ruby\1.9.1\i386-mingw32\stringio.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00275968 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1EDC.tmp\lib\ruby\1.9.1\i386-mingw32\openssl.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00015360 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1EDC.tmp\lib\ruby\1.9.1\i386-mingw32\digest.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00008192 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1EDC.tmp\lib\ruby\1.9.1\i386-mingw32\fcntl.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00009216 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1EDC.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00023552 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1EDC.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\parser.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00008704 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1EDC.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16be.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00008704 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1EDC.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00008704 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1EDC.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32be.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00008704 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1EDC.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32le.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00036352 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1EDC.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\generator.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00126976 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1EDC.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00087552 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1EDC.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00016384 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1EDC.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00127316 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1EDC.tmp\bin\libffi-6.dll
2015-09-18 12:19 - 2015-09-18 12:19 - 00013312 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1EDC.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00095744 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1EDC.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2015-09-18 12:19 - 2015-09-18 12:19 - 00026624 _____ () C:\Users\kjh71pc\AppData\Local\Temp\ocr1EDC.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
2015-09-01 20:23 - 2015-09-13 06:42 - 00815104 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\khost.dll
2015-09-01 20:23 - 2015-09-13 06:42 - 01198592 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoFoundation.dll
2015-09-01 20:23 - 2015-09-13 06:42 - 00745472 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\CFLite.dll
2015-09-01 20:23 - 2015-09-13 06:42 - 01234944 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\libxml2.dll
2015-09-01 20:23 - 2015-09-13 06:42 - 00059904 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\zlib1.dll
2015-09-01 20:23 - 2015-09-13 06:42 - 00200704 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiapp\1.2.0.RC6d\tiappmodule.dll
2015-09-01 20:23 - 2015-09-13 06:42 - 00290816 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoUtil.dll
2015-09-01 20:23 - 2015-09-13 06:42 - 00511488 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoXML.dll
2015-09-01 20:23 - 2015-09-13 06:42 - 00180224 _____ () C:\Program Files\pia_manager\pia_tray\modules\tifilesystem\1.2.0.RC6d\tifilesystemmodule.dll
2015-09-01 20:23 - 2015-09-13 06:42 - 00344064 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiui\1.2.0.RC6d\tiuimodule.dll
2015-09-01 20:23 - 2015-09-13 06:42 - 00368640 _____ () C:\Program Files\pia_manager\pia_tray\modules\tinetwork\1.2.0.RC6d\tinetworkmodule.dll
2015-09-01 20:23 - 2015-09-13 06:42 - 00642048 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoNet.dll
2015-09-01 20:23 - 2015-09-13 06:42 - 00217088 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiprocess\1.2.0.RC6d\tiprocessmodule.dll
2015-09-16 22:20 - 2015-09-11 20:22 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\libglesv2.dll
2015-09-16 22:20 - 2015-09-11 20:22 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\libegl.dll
2015-09-16 22:20 - 2015-09-11 20:22 - 16393032 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:1F8C9007
AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9
AlternateDataStreams: C:\Users\kjh71pc\OneDrive:ms-properties
AlternateDataStreams: C:\Users\kjh71pc\Downloads\FRST64 (3).exe:BDU
AlternateDataStreams: C:\Users\kjh71pc\Downloads\msert (1).exe:BDU
AlternateDataStreams: C:\Users\kjh71pc\Downloads\msert (2).exe:BDU
AlternateDataStreams: C:\Users\kjh71pc\Downloads\msert.exe:BDU
AlternateDataStreams: C:\Users\kjh71pc\Downloads\RegistryQuick_install.exe:BDU
AlternateDataStreams: C:\Users\kjh71pc\Downloads\siinst.exe:BDU
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2448382089-3538881294-790544520-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\kjh71pc\Pictures\download.jpe
DNS Servers: 209.222.18.222 - 209.222.18.218
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{52F00E57-5E4C-4324-959B-7AF72039D105}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{94F15672-C360-413F-A929-3194E4DB6F76}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{901D0D75-8E6B-4F19-80A1-C5CE17657075}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C5E2ED15-E5CE-49AB-ACBB-417DDDCAB2D4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7D7FB916-A5F1-4C72-9326-F8A663347F14}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{902F30CE-208A-4071-A6AE-863D0E4FF103}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{62E27E71-1A06-4D56-BE20-D8D90E355FBB}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{E170664A-5F44-49A1-A13E-4217335067A7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F7F78406-8A19-470D-84A2-8A4111D47659}] => (Allow) LPort=2869
FirewallRules: [{A3027470-E857-488E-8082-38ED395CABD7}] => (Allow) LPort=1900
FirewallRules: [{8507B7AF-40B2-40EE-A4E6-F6BFD25A7AFB}] => (Allow) C:\Program Files\UVK - Ultra Virus Killer\UVK_en.exe
FirewallRules: [{4D500A6F-7A44-4737-8BEA-2B3F630122BD}] => (Allow) C:\Program Files\UVK - Ultra Virus Killer\UVK_en.exe
FirewallRules: [{BCA096C7-3053-4A0F-815B-CDB19A7655D9}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{8C534475-B044-4C86-A0FC-3C40E2E099E5}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [TCP Query User{EE2D4CD2-8CF1-4F07-89B7-64AC5C7ABCB6}C:\users\kjh71pc\appdata\roaming\mjusbsp\magicjack.exe] => (Allow) C:\users\kjh71pc\appdata\roaming\mjusbsp\magicjack.exe
FirewallRules: [UDP Query User{18BF0BC3-E4E0-4926-89BC-2B7B53A92D42}C:\users\kjh71pc\appdata\roaming\mjusbsp\magicjack.exe] => (Allow) C:\users\kjh71pc\appdata\roaming\mjusbsp\magicjack.exe
FirewallRules: [{7BD4774D-EB72-46E2-BE82-3A48DE972321}] => (Block) C:\users\kjh71pc\appdata\roaming\mjusbsp\magicjack.exe
FirewallRules: [{768E5ACA-C42C-44B6-9278-DA562E4DF454}] => (Block) C:\users\kjh71pc\appdata\roaming\mjusbsp\magicjack.exe
FirewallRules: [{172C1D2E-01A0-4354-8E60-BB8EE677CDB1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{18CD57D3-568E-450F-A562-8F228F8EBF34}] => (Allow) LPort=53000
FirewallRules: [{4B6DB6EE-1955-4B48-9F87-F02A793E9D30}] => (Allow) LPort=52000
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/18/2015 10:22:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: PSIA.exe, version: 3.0.0.10004, time stamp: 0x54784a82
Faulting module name: PSIA.exe, version: 3.0.0.10004, time stamp: 0x54784a82
Exception code: 0xc0000409
Fault offset: 0x00093524
Faulting process id: 0x8b0
Faulting application start time: 0xPSIA.exe0
Faulting application path: PSIA.exe1
Faulting module path: PSIA.exe2
Report Id: PSIA.exe3
Faulting package full name: PSIA.exe4
Faulting package-relative application ID: PSIA.exe5
 
Error: (09/18/2015 10:19:09 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (3708) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
 
Error: (09/18/2015 10:19:09 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (3708) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ".  The create file operation will fail with error -1032 (0xfffffbf8).
 
Error: (09/18/2015 10:18:58 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (3708) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
 
Error: (09/18/2015 10:18:58 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (3708) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ".  The create file operation will fail with error -1032 (0xfffffbf8).
 
Error: (09/18/2015 10:18:48 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (3708) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
 
Error: (09/18/2015 10:18:48 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (3708) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ".  The create file operation will fail with error -1032 (0xfffffbf8).
 
Error: (09/18/2015 10:18:38 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (3708) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
 
Error: (09/18/2015 10:18:38 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (3708) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ".  The create file operation will fail with error -1032 (0xfffffbf8).
 
Error: (09/18/2015 10:18:27 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (3708) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
 
 
System errors:
=============
Error: (09/18/2015 10:22:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Secunia PSI Agent service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (09/18/2015 10:18:18 AM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.
 
Error: (09/18/2015 10:18:09 AM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.
 
Error: (09/18/2015 10:15:03 AM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.
 
Error: (09/18/2015 10:15:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (09/18/2015 10:15:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (09/18/2015 10:15:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (09/18/2015 10:15:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (09/18/2015 09:05:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Secunia PSI Agent service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (09/18/2015 09:01:37 AM) (Source: DCOM) (EventID: 10016) (User: KJH71CAN)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}kjh71cankjh71pcS-1-5-21-2448382089-3538881294-790544520-1001LocalHost (Using LRPC)Microsoft.WindowsStore_2015.9.9.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157
 
 
==================== Memory info =========================== 
 
Processor: AMD FX™-6120 Six-Core Processor 
Percentage of memory in use: 54%
Total physical RAM: 10031.3 MB
Available physical RAM: 4571.01 MB
Total Virtual: 10431.3 MB
Available Virtual: 3643.66 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:918.29 GB) (Free:847.48 GB) NTFS
Drive d: (Recovery Image) (Fixed) (Total:11.11 GB) (Free:1.32 GB) NTFS ==>[system with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.3 GB) (Disk ID: AAE0C9E5)
 
Partition: GPT.
 
==================== End of Addition.txt ============================


#6 olgun52

olgun52

  • Malware Response Team
  • 3,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:24 PM

Posted 21 September 2015 - 08:25 AM

Hi Kevin Hill,

Sorry for the delay, had some internet issues.

----------------------------------------------------------------

 

I Would like you to do the following

We suggest uninstalling them via Add or Remove Programs in your Control Panel.

Also delete the following Folders if they still exist:

Clean My Registry v5.3
Fix-It Registry Optimizer v3.0
Registrar Registry Manager 7.75
SlimCleaner
Smart Toolbar Remover v2.2
Software Informer
Trojan Remover
UVK - Ultra Virus Killer
C:\Program Files (x86)\Spybot - Search & Destroy 2

 

Please now restart

--------------------------------------------------------------------------------

 

Please Let me know when you get that done.

 

Regards.


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#7 olgun52

olgun52

  • Malware Response Team
  • 3,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:24 PM

Posted 25 September 2015 - 01:53 PM

Hello,

 

4 Day Inactivity

This is the third day since my last post. Are you still there?

If you need more time, just let me know.

If you do not post within 24 hours, this thread will be closed due to inactivity.


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#8 Kevin Hill

Kevin Hill
  • Topic Starter

  • Members
  • 191 posts
  • OFFLINE
  •  
  • Local time:01:24 PM

Posted 26 September 2015 - 09:51 AM

ok done



#9 olgun52

olgun52

  • Malware Response Team
  • 3,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:24 PM

Posted 26 September 2015 - 05:26 PM

Hi Kevin Hill,

 

Please do the following.

 

 

Step1:

Please download AdwCleaner by Xplode onto your desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan, then Clean.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Step2:

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista / 7 / 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 

Have a nice day.

 


Edited by olgun52, 17 October 2015 - 05:33 PM.

Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#10 Kevin Hill

Kevin Hill
  • Topic Starter

  • Members
  • 191 posts
  • OFFLINE
  •  
  • Local time:01:24 PM

Posted 26 September 2015 - 08:33 PM

# AdwCleaner v5.003 - Logfile created 22/08/2015 at 16:09:11
# Updated 20/08/2015 by Xplode
# Database : 2015-08-20.1 [Server]
# Operating system : Windows 8  (x64)
# Username : kjh71pc - KJH71CAN
# Running from : C:\Program Files\UVK - Ultra Virus Killer\Third party\adwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
 
***** [ Files ] *****
 
File Found : C:\Users\Public\Desktop\eBay.lnk
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [571 bytes] ##########


#11 olgun52

olgun52

  • Malware Response Team
  • 3,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:24 PM

Posted 27 September 2015 - 09:05 AM

# AdwCleaner v5.003 - Logfile created 22/08/2015 at 16:09:11
# Updated 20/08/2015 by Xplode
# Database : 2015-08-20.1 [Server]

 

Please download and run the software again.

Running from : C:\Program Files\UVK - Ultra Virus Killer\Third party\adwCleaner.exe

Also., run from the desktop.


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#12 Kevin Hill

Kevin Hill
  • Topic Starter

  • Members
  • 191 posts
  • OFFLINE
  •  
  • Local time:01:24 PM

Posted 27 September 2015 - 09:12 AM

combo fix wont run on 8.1



#13 olgun52

olgun52

  • Malware Response Team
  • 3,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:24 PM

Posted 27 September 2015 - 09:36 AM

I am sorry.
 
Please do the following
 
Step 1:
FRST Script:
Please download this attached txt.gif  Fixlist.txt   17.67KB 0 downloads and save it in the same directory as FRST.

  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.

NOT : It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
and fixlist.txt are in the same location or the fix will not work.
 
Step 2:

Scan with Malwarebytes Antimalware:

Please download Malwarebytes Anti-Malware to your desktop.

  • Double-click the downloaded setup file and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply

Step 3:
Run Eset Online Scan

Please run this online scan to help look for remnants. Ensure your external and/or USB drives are inserted during the scan.

In Microsoft Windows Vista/Win7, you must open the Web browser via a right-click using the Run as Administrator command.

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option "Scan Archives" and Remove found threats is ticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.

Good work.

Attached Files


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#14 Kevin Hill

Kevin Hill
  • Topic Starter

  • Members
  • 191 posts
  • OFFLINE
  •  
  • Local time:01:24 PM

Posted 27 September 2015 - 10:57 AM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-09-2015
Ran by kjh71pc (administrator) on KJH71CAN (27-09-2015 11:52:35)
Running from C:\Users\kjh71pc\Downloads
Loaded Profiles: kjh71pc (Available Profiles: kjh71pc & Administrator)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Tempo Semiconductor Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(AMD) C:\Windows\SysWOW64\WinMsgBalloonServer.exe
(AMD) C:\Windows\SysWOW64\WinMsgBalloonClient.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(Tempo Semiconductor Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(magicJack L.P.) C:\Users\kjh71pc\AppData\Roaming\mjusbsp\magicJack.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Malwarebytes) C:\Users\kjh71pc\Desktop\JRT.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\kjh71pc\Downloads\FRST-OlderVersion\FRST64 (4).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [50416 2015-06-30] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1712656 2015-06-30] (Tempo Semiconductor Inc.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe [1677704 2015-09-08] (Bitdefender)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\runonceex: [Flags] =>
HKLM\...\Policies\Explorer: [NoDriveAutoRun-] 0
HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun-] 0
HKLM\...\Policies\Explorer: [NoToolbarCustomize] 0
HKLM\...\Policies\Explorer: [NoBandCustomize] 0
HKU\S-1-5-21-2448382089-3538881294-790544520-1001\...\Run: [cdloader] => C:\Users\kjh71pc\AppData\Roaming\mjusbsp\cdloader2.exe [51592 2014-07-04] (magicJack L.P.)
HKU\S-1-5-21-2448382089-3538881294-790544520-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-2448382089-3538881294-790544520-1001\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe [1411976 2015-09-07] (Bitdefender)
HKU\S-1-5-21-2448382089-3538881294-790544520-1001\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2429728 2015-04-08] (IObit)
HKU\S-1-5-21-2448382089-3538881294-790544520-1001\...\RunOnce: [Uninstall C:\Users\kjh71pc\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\kjh71pc\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-2448382089-3538881294-790544520-1001\...\Policies\Explorer: [NoDriveAutoRun-] 0
HKU\S-1-5-21-2448382089-3538881294-790544520-1001\...\Policies\Explorer: [NoDriveTypeAutoRun-] 0
HKU\S-1-5-21-2448382089-3538881294-790544520-1001\...\Policies\Explorer: [NoToolbarCustomize] 0
HKU\S-1-5-21-2448382089-3538881294-790544520-1001\...\Policies\Explorer: [NoBandCustomize] 0
HKU\S-1-5-21-2448382089-3538881294-790544520-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [232960 2015-07-10] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2015-08-30]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\kjh71pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Continue system repair.lnk [2015-09-21]
ShortcutTarget: Continue system repair.lnk -> C:\Program Files\UVK - Ultra Virus Killer\RebootExec.exe (No File)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\..\Interfaces\{7EB516E3-B9E8-4A68-9710-7B280563BA23}: [NameServer] 64.66.234.253 64.66.235.253
Tcpip\..\Interfaces\{d115f6a8-1ff6-40a4-a5cf-474c6732b059}: [DhcpNameServer] 209.222.18.222 209.222.18.218
 
Internet Explorer:
==================
HKU\S-1-5-21-2448382089-3538881294-790544520-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPCON13/19
HKU\S-1-5-21-2448382089-3538881294-790544520-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-21-2448382089-3538881294-790544520-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/HPCON13/19
HKU\S-1-5-21-2448382089-3538881294-790544520-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?ocid=iehp
BHO: Bitdefender Wallet  -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2015-09-02] (Bitdefender)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2015-09-02] (Bitdefender)
Toolbar: HKLM - Bitdefender Wallet  - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2015-09-02] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2015-09-02] (Bitdefender)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
 
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-2448382089-3538881294-790544520-1001: anvisoft.com/AdblockPlugin -> C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll No File
FF HKLM\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2016\bdwteff [2015-09-18]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext [2015-09-18]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff [2015-09-18]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
 
Chrome: 
=======
CHR DefaultSearchKeyword: Default -> lp
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.824\_platform_specific\win_x86\widevinecdmadapter.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\PepperFlash\pepflashplayer.dll ()
CHR Profile: C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-21]
CHR Extension: (YouTube) - C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-21]
CHR Extension: (Google Search) - C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-21]
CHR Extension: (AddToAny: Share Anywhere) - C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffpgijchhhkhnokafdeklpllijgnbche [2015-08-22]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-08-22]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-21]
CHR Extension: (Webcam Toy) - C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2015-08-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-21]
CHR Extension: (Gmail) - C:\Users\kjh71pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-21]
CHR HKLM-x32\...\Chrome\Extension: [dhhejlifdlcgcmogbggeomfodgklfaem] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lhmiofmipcpmhgihiecmpiekcacigpgb] - C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\chrome.crx <not found>
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [814880 2015-04-03] (IObit)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-21] (Advanced Micro Devices, Inc.) [File not signed]
R2 AMD_RAIDXpert; C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [61440 2012-09-06] (AMD) [File not signed]
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-31] (IObit)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [823840 2015-09-07] (Bitdefender)
S2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [350216 2015-06-30] (Tempo Semiconductor Inc.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe [87408 2015-09-08] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe [1565976 2015-09-07] (Bitdefender)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-09-14] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1369288 2015-05-28] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [271272 2015-05-29] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [747120 2015-05-28] (BitDefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107080 2012-10-29] (BitDefender LLC)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 epp64; C:\EEK\bin\epp64.sys [136456 2015-08-22] (Emsisoft GmbH)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160032 2015-04-29] (BitDefender LLC)
R0 ignis; C:\Windows\system32\DRIVERS\ignis.sys [246040 2015-08-26] (Bitdefender)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-20] (Malwarebytes Corporation)
R3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 STHDA; C:\Windows\system32\DRIVERS\stwrt64.sys [561672 2015-06-30] (Tempo Semiconductor Inc.)
R3 tilfilter; C:\Windows\System32\drivers\TIxHCIlfilter.sys [17672 2015-03-03] (Texas Instruments, Inc.)
R3 tiufilter; C:\Windows\System32\drivers\TIxHCIufilter.sys [23304 2015-03-03] (Texas Instruments, Inc.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [37624 2015-09-21] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [477272 2015-06-02] (BitDefender S.R.L.)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
U5 usbfilter; C:\Windows\System32\Drivers\usbfilter.sys [58536 2013-03-08] (Advanced Micro Devices)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)


#15 olgun52

olgun52

  • Malware Response Team
  • 3,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:24 PM

Posted 27 September 2015 - 05:09 PM

This is an incorrect log. Please run Fixlist


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users