WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93083 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Browser being redirected, etc. [Closed]

Started by tblank , Sep 13 2014 07:23 PM

This topic is locked

10 replies to this topic

#1 tblank

New Member

Authentic Member
13 posts

Posted 13 September 2014 - 07:23 PM

Adds and redirects everywhere. can't close Speed Cleaner app.

=======

OTL logfile created on: 9/13/2014 4:26:46 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\PC\Desktop\Cleanup
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17280)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.87 Gb Total Physical Memory | 1.72 Gb Available Physical Memory | 44.57% Memory free
7.73 Gb Paging File | 5.19 Gb Available in Paging File | 67.18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 435.66 Gb Total Space | 391.94 Gb Free Space | 89.96% Space Free | Partition Type: NTFS
Drive F: | 30.00 Gb Total Space | 12.87 Gb Free Space | 42.91% Space Free | Partition Type: NTFS

Computer Name: PC-PC | User Name: PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\PC\Desktop\Cleanup\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\ClearThink\bin\utilClearThink.exe ()
PRC - C:\Program Files (x86)\ClearThink\updateClearThink.exe ()
PRC - C:\Program Files (x86)\ClearThink\bin\ClearThink.BOASHelper.exe ()
PRC - C:\Program Files (x86)\ClearThink\bin\ClearThink.BOAS.exe ()
PRC - C:\Program Files (x86)\ClearThink\bin\ClearThink.BrowserAdapter.exe ()
PRC - C:\Program Files (x86)\ClearThink\bin\ClearThink.BRT.Helper.exe ()
PRC - C:\Program Files (x86)\YouTube Downloader Services\youtubeserv.exe (MicroTools)
PRC - C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe ()
PRC - C:\ProgramData\waciau\savSNMWBQ.exe (Acute Angle Solutions)
PRC - C:\Users\PC\AppData\Roaming\Gameo\gameo.exe ()
PRC - C:\Users\PC\AppData\Roaming\Search Protection\SearchProtection.exe (S p i g o t, I n c.)
PRC - C:\Users\PC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Win Application\applications.exe (DVS Studio)
PRC - C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe (iSkySoft)
PRC - C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe (AimerSoft)
PRC - C:\Users\PC\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
PRC - C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe ()
PRC - C:\Users\PC\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe ()
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe (Broadcom Corporation.)
PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe (FRISK Software International)
PRC - C:\Program Files (x86)\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe (FRISK Software International)
PRC - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)

========== Modules (No Company Name) ==========

MOD - C:\Users\PC\AppData\Local\Temp\nw4476_11385\plugins\NPSWF32_13_0_0_168.dll ()
MOD - c:\users\pc\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpougcrt.dll ()
MOD - C:\Users\PC\AppData\Local\Temp\nw4476_11385\node_modules\goldengate\build\Release\GOLDENGATE.dll ()
MOD - C:\Users\PC\AppData\Local\Temp\nw4476_11385\node_modules\gameo_utils\Build\Release\gameo_utils_node.node ()
MOD - C:\Users\PC\AppData\Local\Temp\nw4476_11385\node_modules\gameo_utils\Build\Release\gameo_utils.dll ()
MOD - C:\Users\PC\AppData\Local\Temp\nw4476_11385\node_modules\goldengate\build\Release\gg.node ()
MOD - C:\Program Files (x86)\ClearThink\bin\ClearThink.BOASHelper.exe ()
MOD - C:\Program Files (x86)\ClearThink\bin\ClearThink.BOAS.exe ()
MOD - C:\Program Files (x86)\ClearThink\bin\ClearThink.BrowserAdapter.exe ()
MOD - C:\Program Files (x86)\ClearThink\bin\ClearThink.BRT.Helper.exe ()
MOD - C:\Program Files (x86)\ClearThink\bin\ClearThinkDsp.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\e4eac16958537474bfcf541057eb2f6f\System.Xml.Linq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Security\4a58ac3c4f453c2573a9713b15f91df5\System.Security.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\c2d1735e9f72e974cd34063a714a309f\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\2d91f280276699ddb2602e9d020a1cdd\PresentationFramework-SystemXml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\9e81a02ee158fabc4643c960adbd166b\PresentationFramework-SystemXmlLinq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a7b877#\6b23b10afa0712c819862a4ec0c40757\PresentationFramework-SystemData.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\6976f69a2d353bbeaad544a34d83715b\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\26b50aa1e86a984a5c0d53f2bbf95798\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\349461c3a273efc2b4bd643c2645bd70\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2508b25b4d961a45659a8a8f128818a1\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3f2952ec748f60fbb5deacfc4db0a2a3\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8b7f86e5a6f0aa23f4b25dfeeaa6b318\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\3fad44f7fd9f6c117eb02265ab63f80d\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5bf56d6064af88d8812a3f78e0dfd376\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4c4507612d22786d45594a65a0213c1f\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\95854f4f1f37b8eab1b1e3d7103b48ef\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\1269ba2bee1b8587ae523e6d9abff484\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\38fdb5c1bcfbed498ea2db40ef6aa23e\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\936468ae0e65d704cc703aae22697cd9\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\94110ad15c57cfddf356ece3d307d533\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\b51470d7e909c4fab01a25fd1e1c42dc\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\28684b3f787d06edd1de8b574521d867\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\0e64e782ed0f5deb5c96661b74e9f15f\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\3c777eb7042798554bcf10134595273e\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\057cef93417231d7d4f8ed84841c12f1\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5ee6a5fbbf59e1c3ca14631ff12dd6ec\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\9b943fcb3af2101cfb3467161c6ac0ed\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsForm0b574481#\1ab52f8951c2ab97592ec25830dd5165\WindowsFormsIntegration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75b6a68103e1b76063d9f69b8275ae61\UIAutomationTypes.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\c94c36c9ae776de930f2aacb6dd51c38\UIAutomationProvider.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\4c8a153aa66fcd62db6fff269a2ef2b4\System.Numerics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Comp46f2b404#\2526b5a3ab48717e858a08c3a4a8000c\System.ComponentModel.DataAnnotations.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\75f8bc4cf08030c4a53b6d5e0ae20046\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Accessibility\e7e7e3b82e91028e6ed05189f837ea13\Accessibility.ni.dll ()
MOD - C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe ()
MOD - C:\Users\PC\AppData\Roaming\Gameo\gameo.exe ()
MOD - C:\Users\PC\AppData\Roaming\Gameo\libglesv2.dll ()
MOD - C:\Users\PC\AppData\Roaming\Gameo\ffmpegsumo.dll ()
MOD - C:\Users\PC\AppData\Roaming\Gameo\libegl.dll ()
MOD - C:\Users\PC\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll ()
MOD - C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\DAQExp.dll ()
MOD - C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\DAQExp.dll ()
MOD - C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\CBSCreateVC.dll ()
MOD - C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\CBSCreateVC.dll ()
MOD - C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe ()
MOD - C:\Users\PC\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe ()
MOD - C:\Users\PC\AppData\Roaming\Dropbox\bin\libcef.dll ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl ()

========== Services (SafeList) ==========

SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe (McAfee, Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AECLFilters) -- C:\Windows\SysNative\AECLSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (wltrysvc) -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE (Dell Inc.)
SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV:64bit: - (Intel® -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel® Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Util ClearThink) -- C:\Program Files (x86)\ClearThink\bin\utilClearThink.exe ()
SRV - (Update ClearThink) -- C:\Program Files (x86)\ClearThink\updateClearThink.exe ()
SRV - (YouTubeDownload) -- C:\Program Files (x86)\YouTube Downloader Services\youtubeserv.exe (MicroTools)
SRV - (savSNMWBQ) -- C:\ProgramData\waciau\savSNMWBQ.exe (Acute Angle Solutions)
SRV - (CltMngSvc) -- C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe ()
SRV - (Windows_Application) -- C:\Program Files (x86)\Win Application\applications.exe (DVS Studio)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (c2cautoupdatesvc) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation)
SRV - (c2cpnrsvc) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (FPAVServer) -- C:\Program Files (x86)\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe (FRISK Software International)
SRV - (YahooAUService) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)

========== Driver Services (SafeList) ==========

DRV:64bit: - ({c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64) -- C:\Windows\SysNative\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64.sys (StdLib)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (Disc Soft Ltd)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (CirrusLFD) -- C:\Windows\SysNative\drivers\CSLFDx64.sys (Cirrus Logic)
DRV:64bit: - (BCM42RLY) -- C:\Windows\SysNative\drivers\bcm42rly.sys (Broadcom Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (BcmVWL) -- C:\Windows\SysNative\drivers\bcmvwl64.sys (Broadcom Corporation)
DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
DRV:64bit: - (bcbtums) -- C:\Windows\SysNative\drivers\bcbtums.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (FPAV_RTP) -- C:\Windows\SysNative\drivers\FPAV_RTP.sys (FRISK Software International)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (UsbFltr) -- C:\Windows\SysNative\drivers\UsbFltr.sys (Waytech Development, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}: "URL" = http://astromenda.co...=1096027854&ir=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://search.yahoo...20029,0,99,6944
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 95 C4 DE CA 01 C7 CE 01 [binary data]
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = https://search.yahoo...35,20028,0,99,0
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IESR02
IE - HKCU\..\SearchScopes\{0F759064-0C11-438A-BC78-C5BB4CF7115A}: "URL" = https://search.yahoo...p={searchTerms}
IE - HKCU\..\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}: "URL" = http://astromenda.co...=1096027854&ir=
IE - HKCU\..\SearchScopes\{F797DA33-B945-45AB-ABA6-DCE488368F04}: "URL" = http://astromenda.co...=1492080581&ir=
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = file://C:\Program Files (x86)\ClearThink\bin\Pac9064.js

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo!"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.param.yahoo-fr: "w3i&type=W3i_DS,157,0_0,Search,20140835,20030,0,99,0"
FF - prefs.js..browser.search.selectedEngine: "Yahoo!"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://search.yahoo...5,20031,0,99,0"
FF - prefs.js..extensions.enabledAddons: %7Bc5e48979-bd7f-4cf7-9b73-2482a67a4f37%7D:1.0.1
FF - prefs.js..extensions.enabledAddons: %7B46eddf51-a4f6-4476-8d6c-31c5187b2a2f%7D:3.3
FF - prefs.js..extensions.enabledAddons: %7B84a93d51-b7a9-431e-8ff8-d60e5d7f5df1%7D:1.8
FF - prefs.js..extensions.enabledAddons: %7Bf894a29a-f065-40c3-bb19-da6057778493%7D:1.8
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - prefs.js..keyword.URL: "https://search.yahoo...type=242154&p="

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\PC\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{b9bfaf1c-a63f-47cd-0829-29526ced3775}: C:\Program Files (x86)\Mozilla Firefox\extension\\freeyoubutetomp3.xpi [2014/06/21 19:26:06 | 000,057,121 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ISVCU@iSkysoft.com: C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com\ [2014/08/29 23:42:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\Extensions\\{b9bfaf1c-a63f-47cd-0829-29526ced3775}: C:\Program Files (x86)\Mozilla Firefox\extension\\freeyoubutetomp3.xpi [2014/06/21 19:26:06 | 000,057,121 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{e4f94d1e-2f53-401e-8885-681602c0ddd8}: C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014/04/04 02:36:14 | 000,010,691 | ---- | M] ()

[2014/08/29 23:11:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Extensions
[2014/09/02 20:45:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\0bb6v9w5.default\extensions
[2014/06/21 19:26:06 | 000,057,121 | ---- | M] () (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\0bb6v9w5.default\extensions\{b9bfaf1c-a63f-47cd-0829-29526ced3775}.xpi
[2014/08/30 01:02:09 | 000,009,488 | ---- | M] () (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\0bb6v9w5.default\extensions\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}.xpi
[2014/08/30 00:19:46 | 000,002,827 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\0bb6v9w5.default\searchplugins\Astromenda.xml
[2014/08/29 23:44:10 | 000,001,073 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\0bb6v9w5.default\searchplugins\trovi-search.xml
[2014/09/08 13:43:19 | 000,008,141 | ---- | M] () -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\0bb6v9w5.default\searchplugins\yahoo_ff.xml
[2014/08/29 22:47:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extension
[2014/08/03 20:22:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/07/31 22:12:55 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\USERS\PC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0BB6V9W5.DEFAULT\EXTENSIONS\{46EDDF51-A4F6-4476-8D6C-31C5187B2A2F}
File not found (No name found) -- C:\USERS\PC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0BB6V9W5.DEFAULT\EXTENSIONS\{84A93D51-B7A9-431E-8FF8-D60E5D7F5DF1}
File not found (No name found) -- C:\USERS\PC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0BB6V9W5.DEFAULT\EXTENSIONS\{F894A29A-F065-40C3-BB19-DA6057778493}

O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (ClearThink) - {7e6d4e3e-fc66-4036-9799-ce5c625c4c56} - C:\Program Files (x86)\ClearThink\ClearThinkbho.dll (ClearThink)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (iSkysoft Video Converter Ultimate 5.1.0) - {AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE} - C:\ProgramData\iSkysoft\Video Converter Ultimate\WSBrowserAppMgr.dll (Wondershare)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [Dell Audio] C:\Program Files\Cirrus Logic Audio Panel\CirrusAudioPanel_Dell.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [Aimersoft Helper Compact.exe] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe (AimerSoft)
O4 - HKLM..\Run: [DelaypluginInstall] C:\ProgramData\iSkysoft\Video Converter Ultimate\DelayPluginI.exe ()
O4 - HKLM..\Run: [F-PROT Antivirus Tray application] C:\Program Files (x86)\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe (FRISK Software International)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [iSkysoft Helper Compact.exe] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe (iSkySoft)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [Speed Cleaner] C:\Program Files (x86)\Speed Cleaner\Speed Cleaner.exe ()
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [Amazon Cloud Player] C:\Users\PC\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe ()
O4 - HKCU..\Run: [BRS] C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [Dell Audio] File not found
O4 - HKCU..\Run: [Facebook Update] C:\Users\PC\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [Gameo] C:\Users\PC\AppData\Roaming\Gameo\gameo.exe ()
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKCU..\Run: [SearchProtection] C:\Users\PC\AppData\Roaming\Search Protection\SearchProtection.EXE (S p i g o t, I n c.)
O4 - HKCU..\Run: [WeatherBug] C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe ()
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_14_0_0_145_Plugin.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\PC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{19626A51-4FDB-4295-8082-EF91BCE5F7AF}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Handler\WSAMVCUchrome - No CLSID value found
O18:64bit: - Protocol\Handler\WSISVCUchrome - No CLSID value found
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\WSAMVCUchrome - No CLSID value found
O18 - Protocol\Handler\WSISVCUchrome - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll ()
O20 - AppInit_DLLs: (c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll) - c:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1e008ef4-32fb-11e3-8eb3-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1e008ef4-32fb-11e3-8eb3-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autoRcd.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2014/09/13 16:12:14 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\Cleanup
[2014/09/13 04:45:14 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\OfficeRecovery
[2014/09/13 04:07:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2014/09/13 01:25:03 | 000,000,000 | -HSD | C] -- C:\Users\PC\AppData\Local\EmieUserList
[2014/09/13 01:25:03 | 000,000,000 | -HSD | C] -- C:\Users\PC\AppData\Local\EmieSiteList
[2014/09/11 21:36:04 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/09/11 21:36:03 | 000,440,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/09/11 21:36:03 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/09/11 21:36:02 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/09/11 21:36:02 | 000,547,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/09/11 21:36:02 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/09/11 21:36:02 | 000,289,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/09/11 21:36:02 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/09/11 21:36:02 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/09/11 21:36:02 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/09/11 21:36:02 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/09/11 21:36:02 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/09/11 21:36:02 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/09/11 21:36:02 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/09/11 21:36:02 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/09/11 21:36:02 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/09/11 21:36:01 | 000,727,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/09/11 21:36:01 | 000,707,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/09/11 21:36:01 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/09/11 21:36:01 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/09/11 21:36:01 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/09/11 21:36:01 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/09/11 21:36:01 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/09/11 21:36:01 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/09/11 21:36:00 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/09/11 21:36:00 | 000,775,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/09/11 21:36:00 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/09/11 21:36:00 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/09/11 21:36:00 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/09/11 21:35:59 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/09/11 21:35:59 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/09/11 21:35:59 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/09/11 21:35:57 | 005,833,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/09/11 21:35:57 | 002,104,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/09/11 21:35:57 | 002,014,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/09/11 21:30:21 | 002,777,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2014/09/11 21:30:21 | 002,285,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2014/09/10 15:56:46 | 001,031,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll
[2014/09/10 15:56:46 | 000,793,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll
[2014/09/10 15:56:39 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/09/10 15:56:24 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/09/07 18:59:50 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\BRT
[2014/09/05 20:27:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser
[2014/09/03 12:04:08 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE
[2014/09/03 12:01:50 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2014/09/03 12:01:44 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2014/09/03 12:01:44 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2014/09/03 12:01:44 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014/09/03 12:01:43 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2014/09/03 12:01:43 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014/09/03 12:01:43 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/09/03 12:01:43 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2014/09/03 12:01:43 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2014/09/03 12:01:43 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2014/09/03 12:01:42 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2014/09/03 12:01:42 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2014/09/03 12:01:42 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2014/09/03 12:01:42 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2014/09/03 12:01:42 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2014/09/03 12:01:41 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/09/03 12:01:41 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014/09/03 12:01:41 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2014/09/03 12:01:41 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/09/03 12:01:41 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2014/09/03 12:01:41 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2014/09/03 12:01:41 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014/09/03 12:01:40 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2014/09/03 12:01:40 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2014/09/03 12:01:40 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014/09/03 12:01:39 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2014/09/03 12:01:39 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014/09/03 12:01:39 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/09/03 12:01:39 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2014/09/03 12:01:39 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/09/03 12:01:39 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2014/09/03 12:01:39 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2014/09/03 12:01:39 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2014/09/03 12:01:39 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2014/09/03 12:01:39 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014/09/03 12:01:38 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/09/03 12:01:38 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2014/09/03 12:01:38 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2014/09/03 12:01:38 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2014/09/03 12:01:38 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014/09/03 12:01:38 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2014/09/03 12:01:38 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2014/09/03 12:01:38 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2014/09/03 12:01:38 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2014/09/03 12:01:38 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014/09/03 12:00:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/09/03 12:00:28 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2014/09/03 12:00:28 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2014/09/03 12:00:28 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2014/09/03 12:00:28 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2014/09/03 12:00:28 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2014/09/03 12:00:28 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2014/09/03 12:00:28 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2014/09/03 12:00:28 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2014/09/03 12:00:28 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2014/09/03 12:00:28 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2014/09/03 12:00:28 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2014/09/03 12:00:28 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/09/03 12:00:28 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/09/03 12:00:28 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/09/03 12:00:28 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/09/03 12:00:28 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/09/03 12:00:28 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/09/03 12:00:28 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/09/03 12:00:28 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/09/03 12:00:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/09/03 12:00:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/09/03 12:00:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/09/03 12:00:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2014/09/03 12:00:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2014/09/03 12:00:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/09/03 12:00:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/09/03 12:00:28 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/09/03 12:00:28 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/09/03 12:00:27 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2014/09/03 12:00:27 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2014/09/03 12:00:27 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2014/09/03 11:54:24 | 000,000,000 | ---D | C] -- C:\ProgramData\374311380
[2014/09/02 18:19:07 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\Astromenda
[2014/08/31 20:59:41 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2014/08/31 20:59:41 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2014/08/31 20:59:40 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2014/08/31 20:59:39 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2014/08/31 20:54:13 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/08/31 20:23:54 | 001,389,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardagt.exe
[2014/08/31 20:23:54 | 000,619,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardagt.exe
[2014/08/31 20:23:54 | 000,171,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\infocardapi.dll
[2014/08/31 20:23:54 | 000,099,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardapi.dll
[2014/08/31 20:23:53 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardres.dll
[2014/08/31 20:23:53 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardres.dll
[2014/08/31 20:23:43 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TsWpfWrp.exe
[2014/08/31 20:23:43 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsWpfWrp.exe
[2014/08/30 21:02:10 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2014/08/30 20:18:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
[2014/08/30 17:34:39 | 000,000,000 | ---D | C] -- C:\Windows\en
[2014/08/30 17:34:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2014/08/30 17:33:42 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2014/08/30 17:33:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2014/08/30 16:34:56 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\avidemux
[2014/08/30 16:22:09 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2014/08/30 16:22:09 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2014/08/30 16:22:09 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2014/08/30 16:22:02 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2014/08/30 16:21:40 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2014/08/30 16:21:40 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2014/08/30 16:21:38 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2014/08/30 16:21:32 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
[2014/08/30 16:21:31 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2014/08/30 16:21:30 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2014/08/30 16:21:30 | 000,288,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014/08/30 16:21:30 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2014/08/30 16:21:28 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml6r.dll
[2014/08/30 16:21:28 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6r.dll
[2014/08/30 16:21:28 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/08/30 16:21:28 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/08/30 16:21:22 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2014/08/30 16:21:22 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2014/08/30 16:21:20 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2014/08/30 16:21:20 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2014/08/30 16:21:20 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2014/08/30 16:21:19 | 003,178,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2014/08/30 16:21:18 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2014/08/30 16:21:17 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2014/08/30 16:21:17 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2014/08/30 16:21:17 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2014/08/30 16:21:13 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014/08/30 16:21:13 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014/08/30 16:21:13 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014/08/30 16:21:13 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014/08/30 16:21:13 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014/08/30 16:21:13 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014/08/30 16:21:13 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014/08/30 16:21:13 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014/08/30 16:21:13 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014/08/30 16:21:12 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014/08/30 16:21:12 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014/08/30 16:21:12 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014/08/30 16:21:12 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014/08/30 16:21:12 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014/08/30 16:21:12 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014/08/30 16:21:12 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014/08/30 16:21:12 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014/08/30 16:21:03 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014/08/30 16:21:02 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/08/30 16:21:02 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/08/30 16:21:02 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014/08/30 16:19:34 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2014/08/30 16:19:33 | 003,241,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014/08/30 16:19:32 | 001,941,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014/08/30 16:19:32 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/08/30 16:19:32 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2014/08/30 16:19:32 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2014/08/30 16:19:32 | 000,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2014/08/30 16:19:25 | 005,550,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014/08/30 16:19:24 | 003,969,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014/08/30 16:19:24 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014/08/30 16:19:24 | 000,722,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\objsel.dll
[2014/08/30 16:19:24 | 000,538,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\objsel.dll
[2014/08/30 16:19:24 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2014/08/30 16:19:23 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/08/30 16:19:23 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cngprovider.dll
[2014/08/30 16:19:23 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adprovider.dll
[2014/08/30 16:19:23 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\capiprovider.dll
[2014/08/30 16:19:23 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpapiprovider.dll
[2014/08/30 16:19:23 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cngprovider.dll
[2014/08/30 16:19:23 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adprovider.dll
[2014/08/30 16:19:23 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\capiprovider.dll
[2014/08/30 16:19:23 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpapiprovider.dll
[2014/08/30 16:19:23 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll
[2014/08/30 16:19:23 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wincredprovider.dll
[2014/08/30 16:19:23 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll
[2014/08/30 16:19:23 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wincredprovider.dll
[2014/08/30 16:19:10 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014/08/30 16:18:56 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2014/08/30 16:18:56 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2014/08/30 16:18:56 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
[2014/08/30 16:18:56 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
[2014/08/30 16:18:53 | 000,190,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014/08/30 16:18:53 | 000,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2014/08/30 16:18:53 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iologmsg.dll
[2014/08/30 16:18:53 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iologmsg.dll
[2014/08/30 16:18:48 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2014/08/30 16:18:37 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2014/08/30 16:18:36 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2014/08/30 16:18:29 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/08/30 16:18:29 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2014/08/30 16:18:29 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2014/08/30 16:18:29 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2014/08/30 16:18:29 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2014/08/30 16:18:29 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2014/08/30 16:18:29 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2014/08/30 16:18:29 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2014/08/30 16:18:29 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2014/08/30 16:18:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2014/08/30 16:18:26 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2014/08/30 16:18:26 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2014/08/30 16:18:26 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2014/08/30 16:18:26 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2014/08/30 16:18:26 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2014/08/30 16:18:26 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2014/08/30 16:18:23 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2014/08/30 16:18:23 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2014/08/30 16:18:23 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2014/08/30 16:18:14 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014/08/30 16:18:06 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2014/08/30 16:18:05 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2014/08/30 16:18:05 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2014/08/30 16:18:05 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2014/08/30 16:18:05 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2014/08/30 16:18:04 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll
[2014/08/30 16:18:03 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2014/08/30 13:27:46 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\visi_coupon
[2014/08/30 10:12:37 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/08/30 10:12:37 | 000,058,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/08/30 10:12:37 | 000,044,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2014/08/30 10:12:25 | 000,700,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/08/30 10:12:25 | 000,581,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2014/08/30 10:12:25 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/08/30 10:12:25 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2014/08/30 10:12:25 | 000,038,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014/08/30 10:12:25 | 000,036,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2014/08/30 10:12:16 | 000,198,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/08/30 10:12:16 | 000,179,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2014/08/30 10:12:16 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/08/30 10:12:16 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2014/08/30 10:11:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Aimersoft
[2014/08/30 08:01:48 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Astromenda
[2014/08/30 00:56:51 | 000,000,000 | ---D | C] -- C:\Users\PC\Documents\Any Video Converter
[2014/08/30 00:56:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
[2014/08/30 00:56:43 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Anvsoft
[2014/08/30 00:56:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AnvSoft
[2014/08/30 00:42:37 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Search Protection
[2014/08/30 00:32:49 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\Windows Live
[2014/08/30 00:32:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2014/08/30 00:31:40 | 000,000,000 | -H-D | C] -- C:\Users\PC\AppData\Roaming\GoldenGate
[2014/08/30 00:31:23 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gameo
[2014/08/30 00:31:23 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\Gameo
[2014/08/30 00:31:05 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Gameo
[2014/08/30 00:22:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WeatherBug®
[2014/08/30 00:22:05 | 000,000,000 | ---D | C] -- C:\Program Files\Earth Networks
[2014/08/30 00:21:54 | 000,000,000 | -H-D | C] -- C:\ProgramData\{E0A9340B-C01B-42C1-9910-C307D7BE4756}
[2014/08/30 00:19:22 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\0T1M1P0A1E1E0M1T1G
[2014/08/29 23:58:40 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/08/29 23:57:37 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Systweak
[2014/08/29 23:55:34 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/08/29 23:47:54 | 000,061,072 | ---- | C] (StdLib) -- C:\Windows\SysNative\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64.sys
[2014/08/29 23:44:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ClearThink
[2014/08/29 23:44:22 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\WSE_Astromenda
[2014/08/29 23:44:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WSE_Astromenda
[2014/08/29 23:43:27 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
[2014/08/29 23:43:24 | 000,000,000 | ---D | C] -- C:\Users\PC\Documents\iSkysoft Video Converter Ultimate
[2014/08/29 23:42:20 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\iSkysoft
[2014/08/29 23:42:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\iSkysoft
[2014/08/29 23:42:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSkysoft
[2014/08/29 23:41:59 | 000,000,000 | ---D | C] -- C:\ProgramData\iSkysoft Video Converter Ultimate
[2014/08/29 23:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\iSkysoft
[2014/08/29 23:41:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iSkysoft
[2014/08/29 23:35:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\iSkysoft
[2014/08/29 23:31:11 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\Blasteroids
[2014/08/29 23:30:37 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\MPC-HC
[2014/08/29 23:23:02 | 000,000,000 | ---D | C] -- C:\Users\PC\Documents\Aimersoft Video Converter Ultimate
[2014/08/29 23:22:48 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\Aimersoft
[2014/08/29 23:22:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Aimersoft
[2014/08/29 23:22:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Aimersoft Video Converter Ultimate
[2014/08/29 23:22:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aimersoft
[2014/08/29 23:20:28 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\WMTools Downloaded Files
[2014/08/29 23:16:47 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Aimersoft
[2014/08/29 23:12:45 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\7-Zip
[2014/08/29 23:12:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2014/08/29 23:12:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Optimizer Pro
[2014/08/29 23:12:23 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\KeepMySettingsX
[2014/08/29 23:11:16 | 000,000,000 | ---D | C] -- C:\ProgramData\waciau
[2014/08/29 23:11:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Blasteroids
[2014/08/29 23:10:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2014/08/29 23:10:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2014/08/29 23:10:45 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Yahoo!
[2014/08/29 23:10:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2014/08/29 23:03:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2014/08/29 23:02:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2014/08/29 22:47:58 | 000,000,000 | ---D | C] -- C:\ProgramData\WinApplication
[2014/08/29 22:47:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Win Application
[2014/08/29 22:47:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Optimizer
[2014/08/29 22:47:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YouTube Downloader Services
[2014/08/29 22:47:33 | 000,518,064 | ---- | C] (Codejock Software) -- C:\Windows\SysWow64\framework.ocx
[2014/08/29 22:47:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker
[2014/08/29 22:47:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Movie Maker
[2014/08/22 13:04:41 | 000,000,000 | R--D | C] -- C:\Users\PC\Dropbox

========== Files - Modified Within 30 Days ==========

[2014/09/13 16:19:03 | 000,000,280 | ---- | M] () -- C:\Windows\tasks\WSE_Astromenda.job
[2014/09/13 16:19:03 | 000,000,065 | ---- | M] () -- C:\Users\PC\AppData\Roaming\WB.CFG
[2014/09/13 16:11:05 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/09/13 16:10:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/09/13 16:10:58 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3916436062-207176951-769512379-1000UA.job
[2014/09/13 05:11:50 | 000,781,790 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/09/13 05:11:50 | 000,662,310 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/09/13 05:11:50 | 000,122,146 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/09/13 05:11:46 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/09/13 05:11:46 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/09/13 05:04:02 | 3113,545,728 | -HS- | M] () -- C:\hiberfil.sys
[2014/09/12 21:49:28 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3916436062-207176951-769512379-1000Core.job
[2014/09/11 21:34:45 | 000,774,404 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/09/11 21:29:22 | 000,031,893 | ---- | M] () -- C:\Users\PC\Desktop\housekeeping.png
[2014/09/03 12:01:50 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2014/09/03 12:01:44 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2014/09/03 12:01:44 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2014/09/03 12:01:44 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014/09/03 12:01:43 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2014/09/03 12:01:43 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014/09/03 12:01:43 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/09/03 12:01:43 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2014/09/03 12:01:43 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2014/09/03 12:01:43 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2014/09/03 12:01:42 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2014/09/03 12:01:42 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2014/09/03 12:01:42 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2014/09/03 12:01:42 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2014/09/03 12:01:42 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2014/09/03 12:01:42 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/09/03 12:01:41 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/09/03 12:01:41 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014/09/03 12:01:41 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2014/09/03 12:01:41 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/09/03 12:01:41 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2014/09/03 12:01:41 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2014/09/03 12:01:41 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014/09/03 12:01:40 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2014/09/03 12:01:40 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2014/09/03 12:01:40 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014/09/03 12:01:39 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2014/09/03 12:01:39 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014/09/03 12:01:39 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/09/03 12:01:39 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2014/09/03 12:01:39 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/09/03 12:01:39 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2014/09/03 12:01:39 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2014/09/03 12:01:39 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2014/09/03 12:01:39 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2014/09/03 12:01:39 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2014/09/03 12:01:39 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014/09/03 12:01:38 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/09/03 12:01:38 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2014/09/03 12:01:38 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2014/09/03 12:01:38 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2014/09/03 12:01:38 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014/09/03 12:01:38 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2014/09/03 12:01:38 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2014/09/03 12:01:38 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2014/09/03 12:01:38 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2014/09/03 12:01:38 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014/09/03 12:00:29 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/09/03 12:00:28 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2014/09/03 12:00:28 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2014/09/03 12:00:28 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2014/09/03 12:00:28 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2014/09/03 12:00:28 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2014/09/03 12:00:28 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2014/09/03 12:00:28 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2014/09/03 12:00:28 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2014/09/03 12:00:28 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2014/09/03 12:00:28 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2014/09/03 12:00:28 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2014/09/03 12:00:28 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/09/03 12:00:28 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/09/03 12:00:28 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/09/03 12:00:28 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/09/03 12:00:28 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/09/03 12:00:28 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/09/03 12:00:28 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/09/03 12:00:28 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/09/03 12:00:28 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/09/03 12:00:28 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/09/03 12:00:28 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/09/03 12:00:28 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2014/09/03 12:00:28 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2014/09/03 12:00:28 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/09/03 12:00:28 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/09/03 12:00:28 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/09/03 12:00:28 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/09/03 12:00:27 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2014/09/03 12:00:27 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2014/09/03 12:00:27 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2014/09/01 13:56:28 | 000,062,896 | ---- | M] () -- C:\Users\PC\Desktop\1511020_10152392519808628_271192491_n.jpg
[2014/08/31 21:06:51 | 000,267,672 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/08/31 20:20:57 | 000,000,987 | ---- | M] () -- C:\Users\PC\Desktop\Windows Movie Maker 6.0.lnk
[2014/08/31 14:08:11 | 000,232,163 | ---- | M] () -- C:\Users\PC\Desktop\10294284_10152556303019523_4289388473332799404_n.jpg
[2014/08/30 20:45:11 | 000,018,944 | ---- | M] () -- C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/08/30 20:29:39 | 000,001,437 | ---- | M] () -- C:\Users\PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/08/30 19:56:09 | 000,015,074 | ---- | M] () -- C:\Users\PC\Documents\Shria take 1.wlmp
[2014/08/30 17:42:03 | 000,001,305 | ---- | M] () -- C:\Users\PC\Desktop\Movie Maker.lnk
[2014/08/30 00:56:48 | 000,001,199 | ---- | M] () -- C:\Users\PC\Desktop\Any Video Converter.lnk
[2014/08/30 00:19:39 | 000,001,135 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/08/29 23:42:10 | 000,001,344 | ---- | M] () -- C:\Users\PC\Application Data\Microsoft\Internet Explorer\Quick Launch\iSkysoft Video Converter Ultimate.lnk
[2014/08/29 22:47:33 | 000,001,089 | ---- | M] () -- C:\Users\PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Movie Maker.lnk
[2014/08/29 22:47:33 | 000,001,065 | ---- | M] () -- C:\Users\Public\Desktop\Windows Movie Maker.lnk
[2014/08/29 19:11:33 | 000,067,598 | ---- | M] () -- C:\Users\PC\Desktop\aXby8e6_700b.jpg
[2014/08/28 21:55:58 | 000,061,072 | ---- | M] (StdLib) -- C:\Windows\SysNative\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64.sys
[2014/08/28 20:59:32 | 101,221,376 | ---- | M] () -- C:\Users\PC\Desktop\Shira.avi.MOV
[2014/08/28 20:59:32 | 101,221,376 | ---- | M] () -- C:\Users\PC\Desktop\P1010511 (2).MOV
[2014/08/25 19:21:15 | 000,059,098 | ---- | M] () -- C:\Users\PC\Desktop\1919657_10204411550279394_4995041076150824933_n.jpg
[2014/08/22 18:07:00 | 000,404,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014/08/22 13:04:41 | 000,000,998 | ---- | M] () -- C:\Users\PC\Desktop\Dropbox.lnk
[2014/08/22 13:04:03 | 000,001,008 | ---- | M] () -- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/08/21 16:55:56 | 402,925,568 | ---- | M] () -- C:\Users\PC\Documents\P1010308.MOV
[2014/08/18 14:29:35 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/08/18 14:19:53 | 005,833,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/08/18 14:15:34 | 000,547,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/08/18 14:15:09 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/08/18 14:14:38 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/08/18 14:14:10 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/08/18 14:08:08 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/08/18 14:05:01 | 000,596,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/08/18 14:03:47 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/08/18 14:03:37 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/08/18 14:03:01 | 000,758,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/08/18 13:56:17 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/08/18 13:51:29 | 000,446,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/08/18 13:45:23 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/08/18 13:45:12 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/08/18 13:44:44 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/08/18 13:44:09 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/08/18 13:40:29 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/08/18 13:39:19 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/08/18 13:39:13 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/08/18 13:38:12 | 000,289,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/08/18 13:37:17 | 000,440,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/08/18 13:36:07 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/08/18 13:35:24 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/08/18 13:25:40 | 000,727,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/08/18 13:25:16 | 000,707,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/08/18 13:23:17 | 002,104,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/08/18 13:23:16 | 001,249,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/08/18 13:22:48 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/08/18 13:19:16 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/08/18 13:17:52 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/08/18 13:08:54 | 002,014,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/08/18 13:07:44 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/08/18 12:38:41 | 000,775,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/08/18 12:36:30 | 000,678,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/08/16 22:29:06 | 000,018,973 | ---- | M] () -- C:\Users\PC\Desktop\10367184_10150542592889945_3356063852384831709_n.jpg

========== Files Created - No Company Name ==========

[2014/09/11 21:29:22 | 000,031,893 | ---- | C] () -- C:\Users\PC\Desktop\housekeeping.png
[2014/09/03 12:01:42 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/09/03 12:01:39 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2014/09/01 13:56:28 | 000,062,896 | ---- | C] () -- C:\Users\PC\Desktop\1511020_10152392519808628_271192491_n.jpg
[2014/08/31 20:20:57 | 000,000,987 | ---- | C] () -- C:\Users\PC\Desktop\Windows Movie Maker 6.0.lnk
[2014/08/31 14:08:10 | 000,232,163 | ---- | C] () -- C:\Users\PC\Desktop\10294284_10152556303019523_4289388473332799404_n.jpg
[2014/08/30 21:02:11 | 000,000,987 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 6.0.lnk
[2014/08/30 20:18:52 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2014/08/30 19:56:09 | 000,015,074 | ---- | C] () -- C:\Users\PC\Documents\Shria take 1.wlmp
[2014/08/30 17:42:03 | 000,001,305 | ---- | C] () -- C:\Users\PC\Desktop\Movie Maker.lnk
[2014/08/30 17:34:26 | 000,001,305 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
[2014/08/30 17:34:14 | 000,001,374 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
[2014/08/30 10:11:40 | 000,000,065 | ---- | C] () -- C:\Users\PC\AppData\Roaming\WB.CFG
[2014/08/30 00:56:48 | 000,001,199 | ---- | C] () -- C:\Users\PC\Desktop\Any Video Converter.lnk
[2014/08/30 00:31:23 | 000,001,718 | ---- | C] () -- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gameo.lnk
[2014/08/30 00:31:23 | 000,000,168 | ---- | C] () -- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
[2014/08/29 23:57:35 | 000,020,328 | ---- | C] () -- C:\Windows\SysNative\roboot64.exe
[2014/08/29 23:44:23 | 000,000,280 | ---- | C] () -- C:\Windows\tasks\WSE_Astromenda.job
[2014/08/29 23:42:10 | 000,001,344 | ---- | C] () -- C:\Users\PC\Application Data\Microsoft\Internet Explorer\Quick Launch\iSkysoft Video Converter Ultimate.lnk
[2014/08/29 23:42:04 | 000,721,263 | ---- | C] () -- C:\Windows\SysWow64\ISCM64.dll
[2014/08/29 23:42:04 | 000,214,528 | ---- | C] () -- C:\Windows\SysWow64\ISCM32.dll
[2014/08/29 23:29:18 | 000,018,944 | ---- | C] () -- C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/08/29 23:03:02 | 000,260,696 | ---- | C] () -- C:\Windows\SysNative\unrar64.dll
[2014/08/29 23:03:02 | 000,218,200 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2014/08/29 22:51:49 | 101,221,376 | ---- | C] () -- C:\Users\PC\Desktop\P1010511 (2).MOV
[2014/08/29 22:51:35 | 101,221,376 | ---- | C] () -- C:\Users\PC\Desktop\Shira.avi.MOV
[2014/08/29 22:47:33 | 000,001,089 | ---- | C] () -- C:\Users\PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Movie Maker.lnk
[2014/08/29 22:47:33 | 000,001,065 | ---- | C] () -- C:\Users\Public\Desktop\Windows Movie Maker.lnk
[2014/08/29 19:11:32 | 000,067,598 | ---- | C] () -- C:\Users\PC\Desktop\aXby8e6_700b.jpg
[2014/08/25 19:21:14 | 000,059,098 | ---- | C] () -- C:\Users\PC\Desktop\1919657_10204411550279394_4995041076150824933_n.jpg
[2014/08/22 13:05:13 | 402,925,568 | ---- | C] () -- C:\Users\PC\Documents\P1010308.MOV
[2014/08/22 13:04:41 | 000,000,998 | ---- | C] () -- C:\Users\PC\Desktop\Dropbox.lnk
[2014/08/16 22:29:06 | 000,018,973 | ---- | C] () -- C:\Users\PC\Desktop\10367184_10150542592889945_3356063852384831709_n.jpg
[2014/07/24 20:35:21 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2013/10/11 20:06:21 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2013/10/11 20:06:19 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2013/10/11 20:06:10 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2013/02/15 20:06:16 | 000,774,404 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/12/14 02:42:30 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2012/12/14 02:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/12/14 02:42:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin

========== ZeroAccess Check ==========

[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/24 18:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 17:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 19:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/08/30 00:19:22 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\0T1M1P0A1E1E0M1T1G
[2014/08/30 00:56:51 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Anvsoft
[2014/08/30 08:01:48 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Astromenda
[2014/09/02 20:44:39 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\avidemux
[2014/09/07 18:59:52 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\BRT
[2013/10/11 21:58:15 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\DAEMON Tools Lite
[2014/09/13 16:12:00 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Dropbox
[2014/08/30 00:31:33 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Gameo
[2014/08/30 00:31:52 | 000,000,000 | -H-D | M] -- C:\Users\PC\AppData\Roaming\GoldenGate
[2014/08/29 23:13:28 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\KeepMySettingsX
[2014/08/29 23:30:37 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\MPC-HC
[2014/09/13 04:45:14 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\OfficeRecovery
[2014/08/30 00:42:37 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Search Protection
[2014/09/02 20:47:15 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Systweak
[2014/08/29 23:44:22 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\WSE_Astromenda
[2014/08/29 23:43:27 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}

========== Purity Check ==========

========== Custom Scans ==========

< %USERPROFILE%\..|smtmp;true;true;true /FP >

< %temp%\smtmp\*.* /s > >

< MD5 for: EXPLORER.ADML >
[2011/04/12 00:17:31 | 000,003,695 | ---- | M] () MD5=7A4C7F3CB156543113596988479CAFCE -- C:\Windows\PolicyDefinitions\en-US\Explorer.adml
[2011/04/12 00:17:31 | 000,003,695 | ---- | M] () MD5=7A4C7F3CB156543113596988479CAFCE -- C:\Windows\winsxs\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.1.7600.16385_en-us_7ef5713984067904\Explorer.adml

< MD5 for: EXPLORER.ADMX >
[2009/06/10 12:53:55 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\PolicyDefinitions\Explorer.admx
[2009/06/10 12:53:55 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\winsxs\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.1.7600.16385_none_71af9b5b0a86e6b7\Explorer.admx

< MD5 for: EXPLORER.EXE >
[2013/05/16 10:58:12 | 003,859,928 | ---- | M] (Safer-Networking Ltd.) MD5=03250DB0886A23B1F6C077C5D9F152B0 -- C:\Program Files (x86)\Spybot - Search & Destroy 2\explorer.exe
[2011/02/25 21:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/24 22:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/24 22:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/25 22:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 19:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/24 21:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/24 21:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 19:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: EXPLORER.EXE.MUI >
[2011/04/12 00:17:19 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=4B87EEFDC8E253F846A7DFB49A8E6C70 -- C:\Windows\en-US\explorer.exe.mui
[2011/04/12 00:17:19 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=4B87EEFDC8E253F846A7DFB49A8E6C70 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_en-us_61e778c48d52d19b\explorer.exe.mui
[2011/04/12 00:17:21 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B9F4B1CA23D60775736059D72BA48526 -- C:\Windows\SysWOW64\en-US\explorer.exe.mui
[2011/04/12 00:17:21 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B9F4B1CA23D60775736059D72BA48526 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_en-us_6c3c2316c1b39396\explorer.exe.mui

< MD5 for: EXPLORER.EXE-A80E4F97.PF >
[2014/09/13 16:11:28 | 000,247,402 | ---- | M] () MD5=CA0F2946B10D6001B107DD8469D8CFEF -- C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf

< MD5 for: IEXPLORE.EXE >
[2013/02/15 20:19:58 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=0100BCF23941C83462E4A70F94C3392E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16464_none_0d2c5bc980874648\iexplore.exe
[2014/03/07 17:59:00 | 000,811,728 | ---- | M] (Microsoft Corporation) MD5=0667ED9F8E905E1F73DB60ACCEDCBCA7 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17041_none_858ffb5bf711c81f\iexplore.exe
[2014/09/03 12:01:40 | 000,804,560 | ---- | M] (Microsoft Corporation) MD5=0685765C0CBE095BA0C6C8790BAE21EF -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16428_none_7b0d6f67c2d3f97a\iexplore.exe
[2014/07/24 05:48:04 | 000,775,312 | ---- | M] (Microsoft Corporation) MD5=2A2F3E1CE8550B215117081CAFA3C2CE -- C:\Windows\SoftwareDistribution\Download\4d6123a48abc9a60dcba5ad4ffac2386\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.17054_none_16c8c3f61e0e6ff1\iexplore.exe
[2014/07/31 15:41:41 | 000,810,176 | ---- | M] (Microsoft Corporation) MD5=31A7689F580F37B52F65B9653F8916D4 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17239_none_7b23faa7c2c2f1b7\iexplore.exe
[2013/09/22 02:59:54 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=45BDA923BE52906D1460BCB13AC2AB7A -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16514_none_17b7179db4bf79b5\iexplore.exe
[2014/07/24 05:30:50 | 000,775,312 | ---- | M] (Microsoft Corporation) MD5=53FBCDD9440A4C3822DADDECB29F5B29 -- C:\Windows\SoftwareDistribution\Download\4d6123a48abc9a60dcba5ad4ffac2386\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.21173_none_fff264ca37bc04a4\iexplore.exe
[2013/02/15 20:19:58 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=698EB1E5F8C66344D97C00B5699E871D -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16464_none_1781061bb4e80843\iexplore.exe
[2014/07/24 09:48:06 | 000,757,968 | ---- | M] (Microsoft Corporation) MD5=6EBFCE26DF05178D3AAB32A6A2E08380 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20674_none_17ffd4e0ce0dc125\iexplore.exe
[2013/09/22 07:05:44 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=6FE8A2A2E24D8BED324BA2EBE356488E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20625_none_0de23a7499838ccc\iexplore.exe
[2014/07/24 10:11:52 | 000,757,976 | ---- | M] (Microsoft Corporation) MD5=76F9BA272D99BB7859695A4F9207178E -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16563_none_178007b7b4e8ec13\iexplore.exe
[2010/11/20 19:24:43 | 000,695,056 | ---- | M] (Microsoft Corporation) MD5=86257731DDB311FBC283534CC0091634 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1196a9003b674a92\iexplore.exe
[2014/08/19 10:05:24 | 000,810,168 | ---- | M] (Microsoft Corporation) MD5=9540F3F5489747E71101E8AC9850CC79 -- C:\Program Files\Internet Explorer\iexplore.exe
[2014/08/19 10:05:24 | 000,810,168 | ---- | M] (Microsoft Corporation) MD5=9540F3F5489747E71101E8AC9850CC79 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17280_none_7b29c921c2bd89c1\iexplore.exe
[2014/07/24 11:34:13 | 000,763,600 | ---- | M] (Microsoft Corporation) MD5=AB1AA76879BFD6B1A14EAB9DD168C27D -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16563_none_0d2b5d6580882a18\iexplore.exe
[2014/07/24 03:06:04 | 000,770,704 | ---- | M] (Microsoft Corporation) MD5=AB2A8186FBD0B6931AF36CB5699DC583 -- C:\Windows\SoftwareDistribution\Download\4d6123a48abc9a60dcba5ad4ffac2386\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.21173_none_0a470f1c6c1cc69f\iexplore.exe
[2014/07/24 11:11:10 | 000,763,600 | ---- | M] (Microsoft Corporation) MD5=AF4DE20CA39ACF4E42D5B2AA98C86F1E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20674_none_0dab2a8e99acff2a\iexplore.exe
[2010/11/20 19:25:08 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1beb53526fc80c8d\iexplore.exe
[2014/09/03 12:01:44 | 000,806,096 | ---- | M] (Microsoft Corporation) MD5=C8A8321292A459B0A17FB39A782A5C74 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16428_none_856219b9f734bb75\iexplore.exe
[2014/07/31 15:16:35 | 000,812,224 | ---- | M] (Microsoft Corporation) MD5=CDF01A5C7927786A708EAEE91F14797B -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17239_none_8578a4f9f723b3b2\iexplore.exe
[2014/07/24 03:06:12 | 000,770,704 | ---- | M] (Microsoft Corporation) MD5=D50CB4EBA5FC732AB919AFC1F61F889B -- C:\Windows\SoftwareDistribution\Download\4d6123a48abc9a60dcba5ad4ffac2386\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.17054_none_211d6e48526f31ec\iexplore.exe
[2014/03/07 18:34:14 | 000,809,680 | ---- | M] (Microsoft Corporation) MD5=EA8386CA87165460D39A1D29FF11080B -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17041_none_7b3b5109c2b10624\iexplore.exe
[2014/08/19 09:39:25 | 000,812,216 | ---- | M] (Microsoft Corporation) MD5=EEA63B8CF19E59C4A51AD2D9A59DDA25 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
[2014/08/19 09:39:25 | 000,812,216 | ---- | M] (Microsoft Corporation) MD5=EEA63B8CF19E59C4A51AD2D9A59DDA25 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17280_none_857e7373f71e4bbc\iexplore.exe
[2013/09/22 04:14:29 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=F87E95A127E83277B9AE500D7A18C998 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20625_none_1836e4c6cde44ec7\iexplore.exe
[2013/09/22 07:48:47 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=F980F2E95E0434C8E0559B6504FE1D10 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16514_none_0d626d4b805eb7ba\iexplore.exe

< MD5 for: IEXPLORE.EXE.MUI >
[2014/09/03 12:01:45 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui
[2014/09/03 12:01:41 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2014/09/03 12:01:41 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_en-us_74ba04defa813a61\iexplore.exe.mui
[2014/09/03 12:01:45 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_en-us_7f0eaf312ee1fc5c\iexplore.exe.mui
[2013/02/15 20:19:58 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=17FAE936C452188D05852DE8D1082013 -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_en-us_07013012b816cb66\iexplore.exe.mui
[2013/02/15 20:19:58 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C71CCB3C8817185E67210856778831F -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_en-us_1155da64ec778d61\iexplore.exe.mui
[2009/07/13 18:29:20 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=C29BCFB504E33FEADDFA2D0183CEF62F -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_en-us_0b433e7773148b79\iexplore.exe.mui
[2009/07/13 18:05:06 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=FBA4CD95930248053A2C3F43CA70B986 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_en-us_1597e8c9a7754d74\iexplore.exe.mui

< MD5 for: SERVICES >
[2009/06/10 13:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services

< MD5 for: SERVICES.CFG >
[2014/05/08 05:48:48 | 000,560,495 | ---- | M] () MD5=12A7DDA9C7CA1AAA2C6F36BB1E24528B -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Services\Services.cfg
[2012/09/23 20:43:36 | 000,603,848 | R--- | M] () MD5=81B120EAEE296F0E54F66C16C5A21367 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744BA0000000010\11.0.0\services.cfg

< MD5 for: SERVICES.EXE >
[2009/07/13 17:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 17:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2011/04/12 00:17:17 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\SysNative\en-US\services.exe.mui
[2011/04/12 00:17:17 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui

< MD5 for: SERVICES.LNK >
[2009/07/13 20:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/13 20:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2009/06/10 12:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2009/06/10 12:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof

< MD5 for: SERVICES.MSC >
[2011/04/12 00:17:16 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2009/06/10 12:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2011/04/12 00:17:18 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 13:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2011/04/12 00:17:16 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 12:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2011/04/12 00:17:18 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 13:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PTXML >
[2009/07/13 12:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 12:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml

< MD5 for: WINLOGON.ADML >
[2011/04/12 00:17:31 | 000,008,013 | ---- | M] () MD5=CED0EAD8D152B3D0F114698DE2316C5E -- C:\Windows\PolicyDefinitions\en-US\WinLogon.adml
[2011/04/12 00:17:31 | 000,008,013 | ---- | M] () MD5=CED0EAD8D152B3D0F114698DE2316C5E -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.1.7600.16385_en-us_f0f9032ef6930070\WinLogon.adml

< MD5 for: WINLOGON.ADMX >
[2009/06/10 13:04:41 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\PolicyDefinitions\WinLogon.admx
[2009/06/10 13:04:41 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-adm_31bf3856ad364e35_6.1.7600.16385_none_d7024e6992f3424d\WinLogon.admx

< MD5 for: WINLOGON.EXE >
[2010/11/20 19:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014/03/04 03:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014/03/04 01:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\SysNative\winlogon.exe
[2014/03/04 01:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe

< MD5 for: WINLOGON.EXE.MUI >
[2011/04/12 00:17:16 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=34C7D2E30868EDAFB191341D963ABA5F -- C:\Windows\SysNative\en-US\winlogon.exe.mui
[2011/04/12 00:17:16 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=34C7D2E30868EDAFB191341D963ABA5F -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_en-us_291e96fa1ab5fc7b\winlogon.exe.mui

< MD5 for: WINLOGON.MFL >
[2011/04/12 00:17:17 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\SysNative\wbem\en-US\winlogon.mfl
[2011/04/12 00:17:17 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_en-us_84afd4fd38ffd276\winlogon.mfl

< MD5 for: WINLOGON.MOF >
[2009/07/13 12:30:01 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\SysNative\wbem\winlogon.mof
[2009/07/13 12:30:01 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.1.7600.16385_none_dc2dbb778f98e40f\winlogon.mof

< %SYSTEMDRIVE%\*.* >
[2014/09/13 05:04:02 | 3113,545,728 | -HS- | M] () -- C:\hiberfil.sys
[2014/09/13 05:04:02 | 4151,398,400 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\Fonts\*.com >
[2009/07/13 21:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/13 21:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/13 21:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/13 21:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/06/10 12:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2014/03/31 21:34:22 | 000,322,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >
[2014/01/02 20:26:23 | 000,001,670 | -HS- | M] () -- C:\Users\PC\AppData\Roaming\Microsoft\LastFlashConfig.wfc

< %PROGRAMFILES%\*.* >
[2009/07/13 20:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C has no label.
Volume Serial Number is 6E9F-069B
Directory of C:\
07/13/2009 09:08 PM    <JUNCTION>     Documents and Settings [C:\Users]
               0 File(s)              0 bytes
Directory of C:\ProgramData
07/13/2009 09:08 PM    <JUNCTION>     Application Data [C:\ProgramData]
07/13/2009 09:08 PM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
07/13/2009 09:08 PM    <JUNCTION>     Documents [C:\Users\Public\Documents]
07/13/2009 09:08 PM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
07/13/2009 09:08 PM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/13/2009 09:08 PM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
Directory of C:\Users
07/13/2009 09:08 PM    <SYMLINKD>     All Users [C:\ProgramData]
07/13/2009 09:08 PM    <JUNCTION>     Default User [C:\Users\Default]
               0 File(s)              0 bytes
Directory of C:\Users\All Users
07/13/2009 09:08 PM    <JUNCTION>     Application Data [C:\ProgramData]
07/13/2009 09:08 PM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
07/13/2009 09:08 PM    <JUNCTION>     Documents [C:\Users\Public\Documents]
07/13/2009 09:08 PM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
07/13/2009 09:08 PM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/13/2009 09:08 PM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
Directory of C:\Users\Default
07/13/2009 09:08 PM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Roaming]
07/13/2009 09:08 PM    <JUNCTION>     Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
07/13/2009 09:08 PM    <JUNCTION>     Local Settings [C:\Users\Default\AppData\Local]
07/13/2009 09:08 PM    <JUNCTION>     My Documents [C:\Users\Default\Documents]
07/13/2009 09:08 PM    <JUNCTION>     NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/13/2009 09:08 PM    <JUNCTION>     PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/13/2009 09:08 PM    <JUNCTION>     Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/13/2009 09:08 PM    <JUNCTION>     SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/13/2009 09:08 PM    <JUNCTION>     Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/13/2009 09:08 PM    <JUNCTION>     Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
Directory of C:\Users\Default\AppData\Local
07/13/2009 09:08 PM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Local]
07/13/2009 09:08 PM    <JUNCTION>     History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/13/2009 09:08 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
Directory of C:\Users\Default\Documents
07/13/2009 09:08 PM    <JUNCTION>     My Music [C:\Users\Default\Music]
07/13/2009 09:08 PM    <JUNCTION>     My Pictures [C:\Users\Default\Pictures]
07/13/2009 09:08 PM    <JUNCTION>     My Videos [C:\Users\Default\Videos]
               0 File(s)              0 bytes
Directory of C:\Users\PC
10/11/2013 07:05 PM    <JUNCTION>     Application Data [C:\Users\PC\AppData\Roaming]
10/11/2013 07:05 PM    <JUNCTION>     Cookies [C:\Users\PC\AppData\Roaming\Microsoft\Windows\Cookies]
10/11/2013 07:05 PM    <JUNCTION>     Local Settings [C:\Users\PC\AppData\Local]
10/11/2013 07:05 PM    <JUNCTION>     My Documents [C:\Users\PC\Documents]
10/11/2013 07:05 PM    <JUNCTION>     NetHood [C:\Users\PC\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/11/2013 07:05 PM    <JUNCTION>     PrintHood [C:\Users\PC\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/11/2013 07:05 PM    <JUNCTION>     Recent [C:\Users\PC\AppData\Roaming\Microsoft\Windows\Recent]
10/11/2013 07:05 PM    <JUNCTION>     SendTo [C:\Users\PC\AppData\Roaming\Microsoft\Windows\SendTo]
10/11/2013 07:05 PM    <JUNCTION>     Start Menu [C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu]
10/11/2013 07:05 PM    <JUNCTION>     Templates [C:\Users\PC\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
Directory of C:\Users\PC\AppData\Local
10/11/2013 07:05 PM    <JUNCTION>     Application Data [C:\Users\PC\AppData\Local]
10/11/2013 07:05 PM    <JUNCTION>     History [C:\Users\PC\AppData\Local\Microsoft\Windows\History]
10/11/2013 07:05 PM    <JUNCTION>     Temporary Internet Files [C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
Directory of C:\Users\PC\Documents
10/11/2013 07:05 PM    <JUNCTION>     My Music [C:\Users\PC\Music]
10/11/2013 07:05 PM    <JUNCTION>     My Pictures [C:\Users\PC\Pictures]
10/11/2013 07:05 PM    <JUNCTION>     My Videos [C:\Users\PC\Videos]
               0 File(s)              0 bytes
Directory of C:\Users\Public\Documents
07/13/2009 09:08 PM    <JUNCTION>     My Music [C:\Users\Public\Music]
07/13/2009 09:08 PM    <JUNCTION>     My Pictures [C:\Users\Public\Pictures]
07/13/2009 09:08 PM    <JUNCTION>     My Videos [C:\Users\Public\Videos]
               0 File(s)              0 bytes
Directory of C:\Windows\AppPatch
08/03/2014 08:19 PM    <SYMLINKD>     spbin [C:\PROGRA~2\SearchProtect\SearchProtect\bin]
               0 File(s)              0 bytes
     Total Files Listed:
               0 File(s)              0 bytes
              51 Dir(s) 420,752,928,768 bytes free

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2014/08/30 20:29:39 | 000,000,221 | -HS- | M] () -- C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >
[2014/08/14 20:49:22 | 000,001,136 | ---- | M] () -- C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\AppPatch\spbin] -> -> Unknown point type

< End of report >

OTL Extras logfile created on: 9/13/2014 4:26:46 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\PC\Desktop\Cleanup
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17280)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.87 Gb Total Physical Memory | 1.72 Gb Available Physical Memory | 44.57% Memory free
7.73 Gb Paging File | 5.19 Gb Available in Paging File | 67.18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 435.66 Gb Total Space | 391.94 Gb Free Space | 89.96% Space Free | Partition Type: NTFS
Drive F: | 30.00 Gb Total Space | 12.87 Gb Free Space | 42.91% Space Free | Partition Type: NTFS

Computer Name: PC-PC | User Name: PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3C40CD3F-A6AF-4617-A15B-82C9B62B4B97}" = lport=2048 | protocol=6 | dir=out | app=c:\program files\dell\dw wlan card\wfdsendtoexplorer.exe |
"{46FFFD11-FFD6-40EE-A4AA-4EC5DBBD0AC7}" = lport=2060 | protocol=6 | dir=out | app=c:\program files\dell\dw wlan card\wfdsendtoexplorer.exe |
"{52E7C4DF-D7E7-4F9B-A99F-4C94CB8FBB5E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{579795FD-5CDC-4543-9575-C749E0281BFF}" = lport=21 | protocol=6 | dir=in | app=c:\program files\dell\dw wlan card\wfdtray.exe |
"{76C5C4A9-C294-4571-BA64-5E8A0F6A33A4}" = lport=23 | protocol=17 | dir=in | app=c:\program files\dell\dw wlan card\wfdtray.exe |
"{ACEB68EA-9AAF-4C4F-A81F-00748EA28EA1}" = lport=1027 | protocol=17 | dir=out | app=c:\program files\dell\dw wlan card\wfdtray.exe |
"{B392FE35-4CDA-48F1-BE80-2A5A1399912D}" = lport=1024 | protocol=6 | dir=in | app=c:\program files\dell\dw wlan card\wfdtray.exe |
"{FF759EF8-348B-41A7-B463-1EE4D41D4F00}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1619E2C9-262E-4607-8D6A-147F8D60FAC5}" = protocol=6 | dir=in | app=c:\program files (x86)\clearthink\bin\clearthink.brt.helper.exe |
"{32588908-3520-4877-B113-6B413A897C4C}" = dir=in | app=c:\users\pc\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{7517D77F-498B-4928-9EBE-7B92603F294C}" = dir=in | app=c:\program files (x86)\youtube downloader services\youtubeserv.exe |
"{77A3667B-1C86-481A-B72F-4BFE7073F9D5}" = dir=in | app=c:\program files (x86)\youtube downloader services\powermgr.exe |
"{81C4D0FA-11C1-4071-8ECD-C853220B9D21}" = protocol=17 | dir=in | app=c:\program files (x86)\clearthink\bin\clearthink.brt.helper.exe |
"{90CE3BA8-69C0-496F-A181-32AD052A7841}" = protocol=6 | dir=in | app=c:\users\pc\appdata\roaming\dropbox\bin\dropbox.exe |
"{A6BA530A-36A8-48C4-A197-0FB23FFAFE47}" = protocol=17 | dir=in | app=c:\users\pc\appdata\roaming\dropbox\bin\dropbox.exe |
"{B49274B3-1C61-46A0-8936-35CE4CD5A552}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DAFBA21C-79F1-4576-9163-2CD01E4FEADF}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{53A67091-0218-42B1-9A68-AFFB833AB002}" = Cirrus Logic Audio x64
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}" = WIDCOMM Bluetooth Software
"{A7395F20-2B22-4CB8-8510-B452C0F47E02}" = Movie Maker 6.0 for Windows 7 (64-bit)
"{ac225167-00fc-452d-94c5-bb93600e7d9a}" = Buzzdock
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{E9F40FAA-C557-46CD-A2E1-39970AB7BE98}" = Cirrus Logic Audio Panel
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"ClearThink" = ClearThink
"DW WLAN Card Utility" = DW WLAN Card Utility
"McAfee Security Scan" = McAfee Security Scan Plus

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}" = Windows Live UX Platform
"{07AAB66E-4718-422D-9218-4AFB3C922A71}" = Photo Gallery
"{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}" = Windows Live Photo Common
"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
"{36EEE020-AD94-4A9C-BBD7-5CAD841F3C4E}" = Speed Cleaner
"{38F03569-A636-4CF3-BDDE-032C8C251304}" = Movie Maker
"{3A69FD31-5EE7-42C9-918B-81C07AA21043}" = Dell Audio
"{3CC29C1A-B5FE-457B-8F22-32A2winmovie}}_is1" = Windows Movie Maker 6.1
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{41C61308-6CFD-4D54-AB6A-7136ED08A18E}" = Windows Live Communications Platform
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6522F5F9-411B-4513-A75B-CEA00395F032}" = Windows Live UX Platform Language Pack
"{659CB81C-B54E-4DF1-B618-F35777393A54}" = Windows Live Installer
"{66B5819D-DE70-42BE-B40F-978FBA12452E}" = Windows Live Essentials
"{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.18
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.08)
"{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}" = Windows Live PIMT Platform
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{ba143c75-f154-4a74-9b6a-2a71890c9a4e}" = Speed Cleaner
"{C992FFE0-AC32-4FA9-BC9A-F1637B9E655D}" = Photo Gallery
"{CAA0F57A-BA8C-4AD8-AA03-F32B0E4F5623}" = Photo Common
"{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}" = Windows Live SOXE
"{D0C17D81-D40D-4C23-B8FA-95E817D0B7BE}" = F-PROT Antivirus for Windows x64
"{D1893000-EA77-493C-8DDD-E262436E959B}" = Windows Live SOXE Definitions
"{DD67BE4B-7E62-4215-AFA3-F123A800A389}" = Movie Maker
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® OpenCL CPU Runtime
"7-Zip 9.20" = 7-Zip 9.20
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Any Video Converter_is1" = Any Video Converter 5.6.6
"Blasteroids" = Blasteroids
"DAEMON Tools Lite" = DAEMON Tools Lite
"ffdshow_is1" = ffdshow v1.3.4532 [2014-07-17]
"free-for-download bundle" = free-for-download bundle
"iSkysoft Video Converter Ultimate_is1" = iSkysoft Video Converter Ultimate(Build 5.3.0.0)
"KeepMySettingsX" = KeepMySettingsX
"KLiteCodecPack_is1" = K-Lite Codec Pack 10.6.5 Full
"Mozilla Firefox 31.0 (x86 en-US)" = Mozilla Firefox 31.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"SearchProtect" = Search Protect
"WeatherBug®" = WeatherBug®
"WinLiveSuite" = Windows Live Essentials
"WSE_Astromenda" = WSE_Astromenda
"Yahoo! Companion" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Amazon Cloud Player" = Amazon Cloud Player
"Dropbox" = Dropbox
"Gameo" = Gameo
"Search Protection" = Search Protection
"Windows Live Movie Maker Packages" = Windows Live Movie Maker Packages

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 9/2/2014 8:08:47 PM | Computer Name = PC-PC | Source = Google Update | ID = 20
Description =

Error - 9/2/2014 9:37:03 PM | Computer Name = PC-PC | Source = Google Update | ID = 20
Description =

Error - 9/3/2014 12:36:42 AM | Computer Name = PC-PC | Source = Application Error | ID = 1000
Description = Faulting application name: pmropn.exe, version: 1.3.337.328, time
stamp: 0x53c414f8 Faulting module name: pmropn.exe, version: 1.3.337.328, time stamp:
0x53c414f8 Exception code: 0xc0000005 Fault offset: 0x000bf0aa Faulting process id:
0x17b4 Faulting application start time: 0x01cfc7242479e2fd Faulting application path:
C:\Program Files (x86)\PremierOpinion\pmropn.exe Faulting module path: C:\Program
Files (x86)\PremierOpinion\pmropn.exe Report Id: e674cd0d-3323-11e4-b3df-9c2a70be1172

Error - 9/3/2014 12:36:47 AM | Computer Name = PC-PC | Source = Google Update | ID = 20
Description =

Error - 9/3/2014 12:46:45 AM | Computer Name = PC-PC | Source = Application Hang | ID = 1002
Description = The program uninstaller.exe version 2.0.0.6 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel.    Process ID: 2a84    Start
Time: 01cfc732037b6d2a    Termination Time: 5    Application Path: C:\Program Files (x86)\sweetpacks
bundle uninstaller_Skype_1783226\uninstaller.exe    Report Id: 4c7f7c67-3325-11e4-b3df-9c2a70be1172

Error - 9/3/2014 7:41:24 AM | Computer Name = PC-PC | Source = Application Error | ID = 1000
Description = Faulting application name: pmropn.exe, version: 1.3.337.328, time
stamp: 0x53c414f8 Faulting module name: pmropn.exe, version: 1.3.337.328, time stamp:
0x53c414f8 Exception code: 0xc0000005 Fault offset: 0x000bf0aa Faulting process id:
0x1378 Faulting application start time: 0x01cfc730e032578c Faulting application path:
C:\Program Files (x86)\PremierOpinion\pmropn.exe Faulting module path: C:\Program
Files (x86)\PremierOpinion\pmropn.exe Report Id: 3ae94b75-335f-11e4-b3df-9c2a70be1172

Error - 9/3/2014 3:52:46 PM | Computer Name = PC-PC | Source = System Restore | ID = 8193
Description =

Error - 9/3/2014 3:52:56 PM | Computer Name = PC-PC | Source = Google Update | ID = 20
Description =

Error - 9/3/2014 3:54:01 PM | Computer Name = PC-PC | Source = Application Error | ID = 1000
Description = Faulting application name: pmropn.exe, version: 1.3.337.328, time
stamp: 0x53c414f8 Faulting module name: pmropn.exe, version: 1.3.337.328, time stamp:
0x53c414f8 Exception code: 0xc0000005 Fault offset: 0x000bf0aa Faulting process id:
0x1f20 Faulting application start time: 0x01cfc7b0b82586a0 Faulting application path:
C:\Program Files (x86)\PremierOpinion\pmropn.exe Faulting module path: C:\Program
Files (x86)\PremierOpinion\pmropn.exe Report Id: 0c968eb1-33a4-11e4-b3df-9c2a70be1172

Error - 9/4/2014 2:37:44 AM | Computer Name = PC-PC | Source = WinMgmt | ID = 10
Description =

[ Broadcom Wireless LAN Events ]
Error - 9/1/2014 3:19:23 AM | Computer Name = PC-PC | Source = WLAN-Tray | ID = 0
Description = 23:19:23, Sun, Aug 31, 14 Error - Unable to set enhanced country code

Error - 9/1/2014 4:50:59 AM | Computer Name = PC-PC | Source = WLAN-Tray | ID = 0
Description = 00:50:59, Mon, Sep 01, 14 Error - Unable to set enhanced country code

Error - 9/1/2014 6:38:39 AM | Computer Name = PC-PC | Source = WLAN-Tray | ID = 0
Description = 02:38:39, Mon, Sep 01, 14 Error - Unable to set enhanced country code

Error - 9/1/2014 6:38:39 AM | Computer Name = PC-PC | Source = WLAN-Tray | ID = 0
Description = 02:38:39, Mon, Sep 01, 14 Error - Unable to set enhanced country code

Error - 9/1/2014 1:04:33 PM | Computer Name = PC-PC | Source = WLAN-Tray | ID = 0
Description = 09:04:33, Mon, Sep 01, 14 Error - Unable to set enhanced country code

Error - 9/12/2014 2:14:19 AM | Computer Name = PC-PC | Source = WLAN-Tray | ID = 0
Description = 22:14:19, Thu, Sep 11, 14 Error - Unable to set enhanced country code

Error - 9/12/2014 2:14:36 AM | Computer Name = PC-PC | Source = WLAN-Tray | ID = 0
Description = 22:14:36, Thu, Sep 11, 14 Error - Unable to set enhanced country code

Error - 9/12/2014 2:09:58 PM | Computer Name = PC-PC | Source = WLAN-Tray | ID = 0
Description = 10:09:58, Fri, Sep 12, 14 Error - Unable to set enhanced country code

Error - 9/13/2014 8:11:26 PM | Computer Name = PC-PC | Source = WLAN-Tray | ID = 0
Description = 16:11:26, Sat, Sep 13, 14 Error - Unable to set enhanced country code

Error - 9/13/2014 8:11:37 PM | Computer Name = PC-PC | Source = WLAN-Tray | ID = 0
Description = 16:11:37, Sat, Sep 13, 14 Error - Unable to set enhanced country code

[ System Events ]
Error - 7/25/2014 1:46:24 PM | Computer Name = PC-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the btwdins service.

Error - 7/28/2014 6:18:27 AM | Computer Name = PC-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 8:16:03 PM on ?7/?25/?2014 was unexpected.

Error - 7/28/2014 1:06:56 PM | Computer Name = PC-PC | Source = BTHUSB | ID = 327697
Description = The local Bluetooth adapter has failed in an undetermined manner and
will not be used. The driver has been unloaded.

Error - 8/1/2014 1:38:53 PM | Computer Name = PC-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 8:22:29 AM on ?8/?1/?2014 was unexpected.

Error - 8/2/2014 5:53:44 PM | Computer Name = PC-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 2:45:29 AM on ?8/?2/?2014 was unexpected.

Error - 8/6/2014 12:49:54 PM | Computer Name = PC-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 6:41:12 AM on ?8/?6/?2014 was unexpected.

Error - 8/7/2014 2:04:09 AM | Computer Name = PC-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 8:14:16 PM on ?8/?6/?2014 was unexpected.

Error - 8/7/2014 5:25:41 AM | Computer Name = PC-PC | Source = cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 8/7/2014 5:25:57 AM | Computer Name = PC-PC | Source = cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 8/7/2014 5:26:03 AM | Computer Name = PC-PC | Source = cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

< End of report >

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:11:40 PM, on 9/13/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal

Running processes:
C:\Users\PC\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\PC\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe
C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe
C:\Users\PC\AppData\Roaming\Gameo\gameo.exe
C:\Users\PC\AppData\Roaming\Search Protection\SearchProtection.exe
C:\Program Files (x86)\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Users\PC\AppData\Roaming\Gameo\gameo.exe
C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
C:\Users\PC\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
C:\Users\PC\AppData\Roaming\Gameo\gameo.exe
C:\Users\PC\AppData\Roaming\Gameo\gameo.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\ClearThink\bin\ClearThink.BrowserAdapter.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\ClearThink\bin\ClearThink.BRT.Helper.exe
C:\Program Files (x86)\ClearThink\bin\ClearThink.BOASHelper.exe
C:\Program Files (x86)\ClearThink\bin\ClearThink.BOAS.exe
C:\Program Files (x86)\ClearThink\bin\ClearThink.BOAS.exe
C:\Program Files (x86)\ClearThink\bin\ClearThink.BOAS.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\ClearThink\bin\ClearThink.BOASPRT.exe
C:\Program Files (x86)\ClearThink\bin\ClearThink.BOAS.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Users\PC\Desktop\Cleanup\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.yahoo...20029,0,99,6944
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft..../?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = file://C:\Program Files (x86)\ClearThink\bin\Pac9064.js
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: ClearThink - {7e6d4e3e-fc66-4036-9799-ce5c625c4c56} - C:\Program Files (x86)\ClearThink\ClearThinkbho.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: iSkysoft Video Converter Ultimate 5.1.0 - {AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE} - C:\PROGRA~3\iSkysoft\VIDEOC~1\WSBROW~1.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [F-PROT Antivirus Tray application] C:\Program Files (x86)\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Speed Cleaner] C:\Program Files (x86)\Speed Cleaner\Speed Cleaner.exe
O4 - HKLM\..\Run: [Aimersoft Helper Compact.exe] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
O4 - HKLM\..\Run: [DelaypluginInstall] C:\ProgramData\iSkysoft\Video Converter Ultimate\DelayPluginI.exe
O4 - HKLM\..\Run: [iSkysoft Helper Compact.exe] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [Amazon Cloud Player] "C:\Users\PC\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\PC\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [BRS] C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe -runBRS
O4 - HKCU\..\Run: [WeatherBug] C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe
O4 - HKCU\..\Run: [Gameo] C:\Users\PC\AppData\Roaming\Gameo\gameo.exe "C:\Users\PC\AppData\Roaming\Gameo\gameo.dat" mode:minimized
O4 - HKCU\..\Run: [SearchProtection] "C:\Users\PC\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_14_0_0_145_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\PC\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Protocol: WSAMVCUchrome - (no CLSID) - (no file)
O18 - Protocol: WSISVCUchrome - {78A543EB-3A61-4ED3 - (no file)
O20 - AppInit_DLLs: c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea Cirrus Logic Filters Service (AECLFilters) - Unknown owner - C:\Windows\system32\AECLSr64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: F-PROT Antivirus for Windows system (FPAVServer) - FRISK Software International - C:\Program Files (x86)\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: savSNMWBQ - Acute Angle Solutions - C:\ProgramData\waciau\savSNMWBQ.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: Update ClearThink - Unknown owner - C:\Program Files (x86)\ClearThink\updateClearThink.exe
O23 - Service: Util ClearThink - Unknown owner - C:\Program Files (x86)\ClearThink\bin\utilClearThink.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Windows Application (Windows_Application) - DVS Studio - C:\Program Files (x86)\Win Application\applications.exe
O23 - Service: DW WLAN Tray Service (wltrysvc) - Dell Inc. - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
O23 - Service: YouTube Downloader Services (YouTubeDownload) - MicroTools - C:\Program Files (x86)\YouTube Downloader Services\youtubeserv.exe

--
End of file - 14553 bytes

.
DDS (Ver_11-03-05.01) - NTFS_AMD64
Run by PC at 17:14:44.32 on Sat 09/13/2014
Internet Explorer: 9.11.9600.17280
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.3959.1201 [GMT -8:00]
.
AV: F-PROT Antivirus for Windows *Enabled/Outdated* {31B7FFC6-2716-5A4E-528D-32786E690ED2}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\AECLSr64.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files (x86)\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\Win Application\applications.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\ProgramData\waciau\savSNMWBQ.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Cirrus Logic Audio Panel\CirrusAudioPanel_Dell.exe
C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\StikyNot.exe
C:\Users\PC\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\PC\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe
C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe
C:\Users\PC\AppData\Roaming\Gameo\gameo.exe
C:\Users\PC\AppData\Roaming\Search Protection\SearchProtection.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Users\PC\AppData\Roaming\Gameo\gameo.exe
C:\Program Files (x86)\Speed Cleaner\Speed Cleaner.exe
C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
C:\Users\PC\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
C:\Users\PC\AppData\Roaming\Gameo\gameo.exe
C:\Users\PC\AppData\Roaming\Gameo\gameo.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\YouTube Downloader Services\youtubeserv.exe
C:\Program Files (x86)\ClearThink\updateClearThink.exe
C:\Program Files (x86)\ClearThink\bin\utilClearThink.exe
C:\Program Files (x86)\ClearThink\bin\ClearThink.BrowserAdapter.exe
C:\Program Files (x86)\ClearThink\bin\ClearThink.BrowserAdapter64.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\ClearThink\bin\ClearThink.BRT.Helper.exe
C:\Program Files (x86)\ClearThink\bin\ClearThink.BOASHelper.exe
C:\Program Files (x86)\ClearThink\bin\ClearThink.BOAS.exe
C:\Program Files (x86)\ClearThink\bin\ClearThink.BOAS.exe
C:\Program Files (x86)\ClearThink\bin\ClearThink.BOAS.exe
C:\Windows\notepad.exe
C:\Windows\notepad.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\ClearThink\bin\ClearThink.BOAS.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\ClearThink\bin\ClearThink.BOASPRT.exe
C:\Program Files (x86)\ClearThink\bin\ClearThink.BOAS.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Program Files (x86)\ClearThink\bin\ClearThink.BOAS.exe
C:\Users\PC\Desktop\Cleanup\dds.scr
C:\Windows\system32\conhost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = https://search.yahoo...20029,0,99,6944
uURLSearchHooks: YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
mWinlogon: Userinit=userinit.exe
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
BHO: MSS+ Identifier: {0e8a89ad-95d7-40eb-8d9d-083ef7066a01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
BHO: ClearThink: {7e6d4e3e-fc66-4036-9799-ce5c625c4c56} - C:\Program Files (x86)\ClearThink\ClearThinkbho.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Click to Call for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: iSkysoft Video Converter Ultimate 5.1.0: {aeaf002f-e6d8-4a21-abd3-2b309b79a6ce} - C:\PROGRA~3\iSkysoft\VIDEOC~1\WSBROW~1.DLL
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
uRun: [Dell Audio]
uRun: [<NO NAME>]
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
uRun: [Amazon Cloud Player] "C:\Users\PC\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe"
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Facebook Update] "C:\Users\PC\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [BRS] C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe -runBRS
uRun: [WeatherBug] C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe
uRun: [Gameo] C:\Users\PC\AppData\Roaming\Gameo\gameo.exe "C:\Users\PC\AppData\Roaming\Gameo\gameo.dat" mode:minimized
uRun: [SearchProtection] "C:\Users\PC\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart
uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_14_0_0_145_Plugin.exe -update plugin
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [F-PROT Antivirus Tray application] C:\Program Files (x86)\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Speed Cleaner] C:\Program Files (x86)\Speed Cleaner\Speed Cleaner.exe
mRun: [Aimersoft Helper Compact.exe] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
mRun: [DelaypluginInstall] C:\ProgramData\iSkysoft\Video Converter Ultimate\DelayPluginI.exe
mRun: [iSkysoft Helper Compact.exe] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
StartupFolder: C:\Users\PC\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\PC\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
AppInit_DLLs: c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll
LSA: Notification Packages = scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
mASetup: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
BHO-X64:     SkypeIEPluginBHO - No File
mRun-x64: [Dell Audio] C:\Program Files\Cirrus Logic Audio Panel\CirrusAudioPanel_Dell.exe
mRun-x64: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe
mRun-x64: [IgfxTray] C:\Windows\system32\igfxtray.exe
mRun-x64: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe
AppInit_DLLs-X64: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\0bb6v9w5.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo!
FF - prefs.js: browser.startup.homepage - hxxps://search.yahoo.com/yhs/web?hspart=w3i&hsimp=yhs-syctransfer&type=W3i_SP,205,0_0,StartPage,20140835,20031,0,99,0
FF - prefs.js: keyword.URL - hxxps://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=242154&p=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\PC\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
user_pref(extensions.autoDisableScopes,14);
============= SERVICES / DRIVERS ===============
.
R1 {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64;{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64;C:\Windows\System32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64.sys [2014-8-29 61072]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-10-11 283064]
R1 FPAV_RTP;FPAV_RTP;C:\Windows\System32\drivers\FPAV_RTP.sys [2013-10-11 842144]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-5-8 65432]
R2 AECLFilters;Andrea Cirrus Logic Filters Service;C:\Windows\System32\AECLSr64.exe [2012-5-10 93696]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-7-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-7-14 1767520]
R2 FPAVServer;F-PROT Antivirus for Windows system;C:\Program Files (x86)\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe [2011-10-6 84136]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-10-11 13592]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-10-11 163608]
R2 savSNMWBQ;savSNMWBQ;C:\ProgramData\waciau\savSNMWBQ.exe [2014-8-29 2319744]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-10-11 1817560]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-10-11 1033688]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-10-11 171928]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-10-11 363800]
R2 Update ClearThink;Update ClearThink;C:\Program Files (x86)\ClearThink\updateClearThink.exe [2014-8-29 323312]
R2 Util ClearThink;Util ClearThink;C:\Program Files (x86)\ClearThink\bin\utilClearThink.exe [2014-8-29 323312]
R2 Windows_Application;Windows Application;C:\Program Files (x86)\Win Application\applications.exe [2014-8-29 2251856]
R2 YouTubeDownload;YouTube Downloader Services;C:\Program Files (x86)\YouTube Downloader Services\youtubeserv.exe [2014-8-29 2284128]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\System32\drivers\bcbtums.sys [2013-10-11 138280]
R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\System32\drivers\bcmvwl64.sys [2013-10-11 21568]
R3 btwampfl;btwampfl Bluetooth filter driver;C:\Windows\System32\drivers\btwampfl.sys [2013-10-11 615464]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2013-10-11 39976]
R3 CirrusLFD;CS42xxLowerFilter;C:\Windows\System32\drivers\CSLFDx64.sys [2012-5-10 35328]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-10-11 331264]
R3 MEIx64;Intel® Management Engine Interface ;C:\Windows\System32\drivers\HECIx64.sys [2012-7-17 62784]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2013-10-11 251496]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-10-11 676968]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-4 262320]
S3 cphs;Intel® Content Protection HECI Service;C:\Windows\SysWOW64\IntelCpHeciSvc.exe [2012-12-14 277616]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-9-11 111616]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-4-9 289256]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-11 119408]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-2-15 19456]
S3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-4-12 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2013-2-15 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-2-15 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-2-15 30208]
S3 tsusbhub;Remote Deskotop USB Hub;C:\Windows\System32\drivers\tsusbhub.sys [2011-4-12 117248]
S3 UsbFltr;WayTech USB Filter Driver;C:\Windows\System32\drivers\UsbFltr.sys [2007-4-9 12288]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-2-15 1255736]
S4 CltMngSvc;Search Protect Service;C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [2014-8-14 2991552]
.
=============== Created Last 30 ================
.
2014-09-13 12:48:57   11319192   ----a-w-   C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{4645083B-F99F-43D4-B6D8-807B163948FD}\mpengine.dll
2014-09-13 12:45:14   --------   d-----w-   C:\Users\PC\AppData\Roaming\OfficeRecovery
2014-09-13 12:07:49   --------   d-----w-   C:\Program Files (x86)\Avira
2014-09-13 09:25:03   --------   d-sh--w-   C:\Users\PC\AppData\Local\EmieUserList
2014-09-13 09:25:03   --------   d-sh--w-   C:\Users\PC\AppData\Local\EmieSiteList
2014-09-12 05:35:59   940032   ----a-w-   C:\Windows\System32\MsSpellCheckingFacility.exe
2014-09-12 05:30:21   2777088   ----a-w-   C:\Windows\System32\msmpeg2vdec.dll
2014-09-12 05:30:21   2285056   ----a-w-   C:\Windows\SysWow64\msmpeg2vdec.dll
2014-09-10 23:56:46   793600   ----a-w-   C:\Windows\SysWow64\TSWorkspace.dll
2014-09-10 23:56:46   1031168   ----a-w-   C:\Windows\System32\TSWorkspace.dll
2014-09-10 23:56:39   2565120   ----a-w-   C:\Windows\System32\d3d10warp.dll
2014-09-10 23:56:39   1987584   ----a-w-   C:\Windows\SysWow64\d3d10warp.dll
2014-09-10 23:56:24   96768   ----a-w-   C:\Windows\SysWow64\sspicli.dll
2014-09-10 23:56:24   728064   ----a-w-   C:\Windows\System32\kerberos.dll
2014-09-10 23:56:24   550912   ----a-w-   C:\Windows\SysWow64\kerberos.dll
2014-09-10 23:56:24   22016   ----a-w-   C:\Windows\SysWow64\secur32.dll
2014-09-10 23:56:24   1460736   ----a-w-   C:\Windows\System32\lsasrv.dll
2014-09-08 02:59:50   --------   d-----w-   C:\Users\PC\AppData\Roaming\BRT
2014-09-06 04:27:49   --------   d-----w-   C:\PROGRA~3\Browser
2014-09-03 20:00:29   4096   ---ha-w-   C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-09-03 19:54:24   --------   d-----w-   C:\PROGRA~3\374311380
2014-09-03 02:19:07   --------   d-----w-   C:\Users\PC\AppData\Local\Astromenda
2014-09-01 04:59:42   167424   ----a-w-   C:\Program Files\Windows Media Player\wmplayer.exe
2014-09-01 04:59:42   164864   ----a-w-   C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-09-01 04:59:41   12625920   ----a-w-   C:\Windows\System32\wmploc.DLL
2014-09-01 04:59:41   12625408   ----a-w-   C:\Windows\SysWow64\wmploc.DLL
2014-09-01 04:54:13   --------   d-----w-   C:\Windows\Migration
2014-09-01 04:23:54   99480   ----a-w-   C:\Windows\SysWow64\infocardapi.dll
2014-09-01 04:23:54   619672   ----a-w-   C:\Windows\SysWow64\icardagt.exe
2014-09-01 04:23:54   171160   ----a-w-   C:\Windows\System32\infocardapi.dll
2014-09-01 04:23:54   1389208   ----a-w-   C:\Windows\System32\icardagt.exe
2014-09-01 04:23:53   8856   ----a-w-   C:\Windows\SysWow64\icardres.dll
2014-09-01 04:23:53   8856   ----a-w-   C:\Windows\System32\icardres.dll
2014-09-01 04:23:43   35480   ----a-w-   C:\Windows\SysWow64\TsWpfWrp.exe
2014-09-01 04:23:43   35480   ----a-w-   C:\Windows\System32\TsWpfWrp.exe
2014-08-31 04:18:52   112640   ----a-w-   C:\Windows\SysWow64\ff_vfw.dll
2014-08-31 01:34:39   --------   d-----w-   C:\Windows\en
2014-08-31 01:34:06   --------   d-----w-   C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-08-31 01:33:42   --------   d-----w-   C:\Windows\PCHEALTH
2014-08-31 00:34:56   --------   d-----w-   C:\Users\PC\AppData\Roaming\avidemux
2014-08-31 00:22:09   48640   ----a-w-   C:\Windows\System32\wwanprotdim.dll
2014-08-31 00:22:09   335360   ----a-w-   C:\Windows\System32\msieftp.dll
2014-08-31 00:22:09   301568   ----a-w-   C:\Windows\SysWow64\msieftp.dll
2014-08-31 00:22:09   228864   ----a-w-   C:\Windows\System32\wwansvc.dll
2014-08-31 00:22:04   936960   ----a-w-   C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-08-31 00:22:04   1719296   ----a-w-   C:\Program Files\Windows Journal\NBDoc.DLL
2014-08-31 00:22:04   1389568   ----a-w-   C:\Program Files\Windows Journal\JNWDRV.dll
2014-08-31 00:22:04   1380864   ----a-w-   C:\Program Files\Windows Journal\JNTFiltr.dll
2014-08-31 00:22:04   1354240   ----a-w-   C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2014-08-31 00:22:02   801280   ----a-w-   C:\Windows\System32\usp10.dll
2014-08-31 00:22:02   626688   ----a-w-   C:\Windows\SysWow64\usp10.dll
2014-08-31 00:19:39   2048   ----a-w-   C:\Windows\SysWow64\tzres.dll
2014-08-31 00:18:56   878080   ----a-w-   C:\Windows\System32\advapi32.dll
2014-08-30 21:27:46   --------   d-----w-   C:\Users\PC\AppData\Local\visi_coupon
2014-08-30 18:11:35   --------   d-----w-   C:\PROGRA~3\Aimersoft
2014-08-30 16:01:48   --------   d-----w-   C:\Users\PC\AppData\Roaming\Astromenda
2014-08-30 08:56:43   --------   d-----w-   C:\Users\PC\AppData\Roaming\Anvsoft
2014-08-30 08:56:39   --------   d-----w-   C:\Program Files (x86)\AnvSoft
2014-08-30 08:42:37   --------   d-----w-   C:\Users\PC\AppData\Roaming\Search Protection
2014-08-30 08:38:02   89944   -c--a-w-   C:\Program Files (x86)\Common Files\Windows Live\.cache\b5635f521cfc42d05\DSETUP.dll
2014-08-30 08:38:02   537432   -c--a-w-   C:\Program Files (x86)\Common Files\Windows Live\.cache\b5635f521cfc42d05\DXSETUP.exe
2014-08-30 08:38:02   1801048   -c--a-w-   C:\Program Files (x86)\Common Files\Windows Live\.cache\b5635f521cfc42d05\dsetup32.dll
2014-08-30 08:37:27   94040   -c--a-w-   C:\Program Files (x86)\Common Files\Windows Live\.cache\a064762f1cfc42d03\DSETUP.dll
2014-08-30 08:37:27   525656   -c--a-w-   C:\Program Files (x86)\Common Files\Windows Live\.cache\a064762f1cfc42d03\DXSETUP.exe
2014-08-30 08:37:27   1691480   -c--a-w-   C:\Program Files (x86)\Common Files\Windows Live\.cache\a064762f1cfc42d03\dsetup32.dll
2014-08-30 08:35:45   89944   -c--a-w-   C:\Program Files (x86)\Common Files\Windows Live\.cache\63fd63741cfc42d01\DSETUP.dll
2014-08-30 08:35:45   537432   -c--a-w-   C:\Program Files (x86)\Common Files\Windows Live\.cache\63fd63741cfc42d01\DXSETUP.exe
2014-08-30 08:35:45   1801048   -c--a-w-   C:\Program Files (x86)\Common Files\Windows Live\.cache\63fd63741cfc42d01\dsetup32.dll
2014-08-30 08:32:49   --------   d-----w-   C:\Users\PC\AppData\Local\Windows Live
2014-08-30 08:32:01   --------   d-----w-   C:\Program Files (x86)\Common Files\Windows Live
2014-08-30 08:31:40   --------   d--h--w-   C:\Users\PC\AppData\Roaming\GoldenGate
2014-08-30 08:31:23   --------   d-----w-   C:\Users\PC\AppData\Local\Gameo
2014-08-30 08:31:05   --------   d-----w-   C:\Users\PC\AppData\Roaming\Gameo
2014-08-30 08:22:05   --------   d-----w-   C:\Program Files\Earth Networks
2014-08-30 08:21:54   --------   dc-h--w-   C:\PROGRA~3\{E0A9340B-C01B-42C1-9910-C307D7BE4756}
2014-08-30 08:19:22   --------   d-----w-   C:\Users\PC\AppData\Roaming\0T1M1P0A1E1E0M1T1G
2014-08-30 07:58:40   --------   d-----w-   C:\Program Files\AVAST Software
2014-08-30 07:57:37   --------   d-----w-   C:\Users\PC\AppData\Roaming\Systweak
2014-08-30 07:57:35   20328   ----a-w-   C:\Windows\System32\roboot64.exe
2014-08-30 07:55:34   --------   d-----w-   C:\PROGRA~3\AVAST Software
2014-08-30 07:47:54   61072   ----a-w-   C:\Windows\System32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64.sys
2014-08-30 07:44:56   --------   d-----w-   C:\Program Files (x86)\ClearThink
2014-08-30 07:44:22   --------   d-----w-   C:\Users\PC\AppData\Roaming\WSE_Astromenda
2014-08-30 07:44:09   --------   d-----w-   C:\Program Files (x86)\WSE_Astromenda
2014-08-30 07:43:27   --------   d-----w-   C:\Users\PC\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2014-08-30 07:42:20   --------   d-----w-   C:\Users\PC\AppData\Local\iSkysoft
2014-08-30 07:42:18   --------   d-----w-   C:\Program Files (x86)\Common Files\iSkysoft
2014-08-30 07:42:04   721263   ----a-w-   C:\Windows\SysWow64\ISCM64.dll
2014-08-30 07:42:04   214528   ----a-w-   C:\Windows\SysWow64\ISCM32.dll
2014-08-30 07:41:59   --------   d-----w-   C:\PROGRA~3\iSkysoft Video Converter Ultimate
2014-08-30 07:41:56   --------   d-----w-   C:\Program Files (x86)\iSkysoft
2014-08-30 07:41:56   --------   d-----w-   C:\PROGRA~3\iSkysoft
2014-08-30 07:31:11   --------   d-----w-   C:\Users\PC\AppData\Local\Blasteroids
2014-08-30 07:30:37   --------   d-----w-   C:\Users\PC\AppData\Roaming\MPC-HC
2014-08-30 07:22:48   --------   d-----w-   C:\Users\PC\AppData\Local\Aimersoft
2014-08-30 07:22:46   --------   d-----w-   C:\Program Files (x86)\Common Files\Aimersoft
2014-08-30 07:22:29   --------   d-----w-   C:\PROGRA~3\Aimersoft Video Converter Ultimate
2014-08-30 07:22:26   --------   d-----w-   C:\Program Files (x86)\Aimersoft
2014-08-30 07:20:28   --------   d-----w-   C:\Users\PC\AppData\Local\WMTools Downloaded Files
2014-08-30 07:12:42   --------   d-----w-   C:\Program Files (x86)\Optimizer Pro
2014-08-30 07:12:23   --------   d-----w-   C:\Users\PC\AppData\Roaming\KeepMySettingsX
2014-08-30 07:11:16   --------   d-----w-   C:\PROGRA~3\waciau
2014-08-30 07:11:12   --------   d-----w-   C:\PROGRA~3\Blasteroids
2014-08-30 07:10:44   --------   d-----w-   C:\Program Files (x86)\Yahoo!
2014-08-30 07:03:02   260696   ----a-w-   C:\Windows\System32\unrar64.dll
2014-08-30 07:03:02   218200   ----a-w-   C:\Windows\SysWow64\unrar.dll
2014-08-30 07:02:59   --------   d-----w-   C:\Program Files (x86)\K-Lite Codec Pack
2014-08-30 06:47:58   --------   d-----w-   C:\PROGRA~3\WinApplication
2014-08-30 06:47:57   --------   d-----w-   C:\Program Files (x86)\Win Application
2014-08-30 06:47:56   435200   ----a-w-   C:\Program Files (x86)\Mozilla Firefox\extension\installff.exe
2014-08-30 06:47:56   1393408   ----a-w-   C:\Program Files (x86)\Mozilla Firefox\extension\win-application.exe
2014-08-30 06:47:37   --------   d-----w-   C:\PROGRA~3\Optimizer
2014-08-30 06:47:36   --------   d-----w-   C:\Program Files (x86)\YouTube Downloader Services
2014-08-30 06:47:33   518064   ----a-w-   C:\Windows\SysWow64\framework.ocx
2014-08-30 06:47:32   --------   d-----w-   C:\Program Files (x86)\Windows Movie Maker
2014-08-22 21:04:41   --------   d-----r-   C:\Users\PC\Dropbox
.
==================== Find3M ====================
.
2014-09-03 20:00:28   9728   ---ha-w-   C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-08-23 02:07:00   404480   ----a-w-   C:\Windows\System32\gdi32.dll
2014-08-23 01:45:55   311808   ----a-w-   C:\Windows\SysWow64\gdi32.dll
2014-08-23 00:59:01   3163648   ----a-w-   C:\Windows\System32\win32k.sys
2014-08-18 22:29:49   2724864   ----a-w-   C:\Windows\System32\mshtml.tlb
2014-08-18 22:29:35   4096   ----a-w-   C:\Windows\System32\ieetwcollectorres.dll
2014-08-18 22:19:53   5833728   ----a-w-   C:\Windows\System32\jscript9.dll
2014-08-18 22:15:34   547328   ----a-w-   C:\Windows\System32\vbscript.dll
2014-08-18 22:15:09   66048   ----a-w-   C:\Windows\System32\iesetup.dll
2014-08-18 22:14:38   48640   ----a-w-   C:\Windows\System32\ieetwproxystub.dll
2014-08-18 22:14:10   83968   ----a-w-   C:\Windows\System32\MshtmlDac.dll
2014-08-18 22:08:55   4232704   ----a-w-   C:\Windows\SysWow64\jscript9.dll
2014-08-18 22:03:47   139264   ----a-w-   C:\Windows\System32\ieUnatt.exe
2014-08-18 22:03:37   111616   ----a-w-   C:\Windows\System32\ieetwcollector.exe
2014-08-18 22:03:01   758272   ----a-w-   C:\Windows\System32\jscript9diag.dll
2014-08-18 21:57:44   2724864   ----a-w-   C:\Windows\SysWow64\mshtml.tlb
2014-08-18 21:46:26   454656   ----a-w-   C:\Windows\SysWow64\vbscript.dll
2014-08-18 21:45:23   61952   ----a-w-   C:\Windows\SysWow64\iesetup.dll
2014-08-18 21:45:12   72704   ----a-w-   C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-08-18 21:44:44   51200   ----a-w-   C:\Windows\SysWow64\ieetwproxystub.dll
2014-08-18 21:44:09   61952   ----a-w-   C:\Windows\SysWow64\MshtmlDac.dll
2014-08-18 21:36:07   112128   ----a-w-   C:\Windows\SysWow64\ieUnatt.exe
2014-08-18 21:35:24   597504   ----a-w-   C:\Windows\SysWow64\jscript9diag.dll
2014-08-18 21:23:17   2104832   ----a-w-   C:\Windows\System32\inetcpl.cpl
2014-08-18 21:23:16   1249280   ----a-w-   C:\Windows\System32\mshtmlmedia.dll
2014-08-18 21:22:48   60416   ----a-w-   C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-08-18 21:15:13   2310656   ----a-w-   C:\Windows\System32\wininet.dll
2014-08-18 21:08:54   2014208   ----a-w-   C:\Windows\SysWow64\inetcpl.cpl
2014-08-18 21:07:44   1068032   ----a-w-   C:\Windows\SysWow64\mshtmlmedia.dll
2014-08-18 20:46:48   1812992   ----a-w-   C:\Windows\SysWow64\wininet.dll
2014-08-15 06:04:16   232896   ----a-w-   C:\Windows\apppatch\AppPatch64\SPVCLdr64.dll
2014-08-05 17:20:00   270496   ------w-   C:\Windows\System32\MpSigStub.exe
2014-07-25 10:35:46   875688   ----a-w-   C:\Windows\SysWow64\msvcr120_clr0400.dll
2014-07-25 07:47:06   869544   ----a-w-   C:\Windows\System32\msvcr120_clr0400.dll
2014-07-16 03:23:41   2048   ----a-w-   C:\Windows\System32\tzres.dll
2014-07-14 02:02:45   1216000   ----a-w-   C:\Windows\System32\rpcrt4.dll
2014-07-14 01:40:58   664064   ----a-w-   C:\Windows\SysWow64\rpcrt4.dll
2014-07-09 12:06:57   71344   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 12:06:57   699056   ----a-w-   C:\Windows\SysWow64\FlashPlayerApp.exe
2014-06-18 02:18:30   692736   ----a-w-   C:\Windows\System32\osk.exe
2014-06-18 01:51:32   646144   ----a-w-   C:\Windows\SysWow64\osk.exe
2014-06-16 02:10:19   985536   ----a-w-   C:\Windows\System32\drivers\dxgkrnl.sys
.
============= FINISH: 17:16:10.04 ===============

Advertisements

Register to Remove

#2 OCD

SuperHelper

Malware Team
5,574 posts

Posted 13 September 2014 - 08:02 PM

Hi tblank,

My name is OCD. I would be more than happy to take a look at your log and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
The fixes are specific to your problem and should only be used for the issues on this machine.
Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
It's often worth reading through these instructions and printing them for ease of reference.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.
Copy and Paste logs directly into the reply window. DO NOT attach the logs unless specifically instructed to do so.

IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your Operating System and losing all your programs and data.

Please stay with this topic until I let you know that your system appears to be "All Clear"

Important: All tools MUST be run from the Desktop.

=========================

Security Check

Download Security Check by screen317 from here or here.

Save it to your Desktop.
- Windows XP : Double click on the icon to run it.
- Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=========================

aswMBR

Download aswMBR.exe and save it to your desktop.

- Windows XP : Double click on the icon to run it.
- Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
When asked if you want to download Avast's virus definitions please select Yes.
Click Scan
Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.

=========================

AdwCleaner v3: Scan & Clean

- Windows XP : Double click on the icon to run it.
- Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
Click on the Scan button.
AdwCleaner will begin to scan your computer like it did before.
After the scan has finished...
Click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a log file report (AdwCleaner[S0].txt) will open automatically.
Copy and paste the contents of that log file in your next reply.
A copy of that log file will also be saved in the C:\AdwCleaner folder.

=========================

Junkware Removal Tool

Download Junkware Removal Tool to your desktop.

- Windows XP : Double click on the icon to run it.
- Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
Shut down your protection software now to avoid potential conflicts.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

=========================

Download Farbar Recovery Scan Tool and save to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Right click and select "Run as Administrator" to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply

=========================

In your next post please provide the following:

checkup.txt
aswMBR.txt
attach MBR.zip
AdwCleaner[S0].txt
JRT.txt
FRST.txt
Addition.txt

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days

If you are satisfied with the help you have received, please consider making a donation.

#3 tblank

New Member

Authentic Member
13 posts

Posted 15 September 2014 - 12:12 PM

Sorry, I don't see any way to attach the MBR zip to my reply. Here's everything else though.

Results of screen317's Security Check version 0.99.87
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
F-PROT Antivirus for Windows
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
Speed Cleaner
Adobe Flash Player 14.0.0.145
Adobe Reader XI
Mozilla Firefox (31.0)
````````Process Check: objlist.exe by Laurent````````
Spybot Teatimer.exe is disabled!
FRISK Software F-PROT Antivirus for Windows FPAVServer.exe
FRISK Software F-PROT Antivirus for Windows FProtTray.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 11% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-09-13 18:13:15
-----------------------------
18:13:16.003    OS Version: Windows x64 6.1.7601 Service Pack 1
18:13:16.003    Number of processors: 4 586 0x2A07
18:13:16.004    ComputerName: PC-PC UserName: PC
18:13:17.609    Initialize success
18:13:17.660    VM: initialized successfully
18:13:17.680    VM: Intel CPU supported
18:13:41.720    VM: supported disk I/O iaStor.sys
18:26:34.393    AVAST engine defs: 14091301
18:27:09.572    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:27:09.580    Disk 0 Vendor: TOSHIBA_ AM00 Size: 476940MB BusType: 3
18:27:09.720    VM: Disk 0 MBR read successfully
18:27:09.727    Disk 0 MBR scan
18:27:09.738    Disk 0 Windows 7 default MBR code
18:27:09.760    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
18:27:09.787    Disk 0 default boot code
18:27:09.822    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       446118 MB offset 206848
18:27:09.873    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        30719 MB offset 913856512
18:27:10.029    Disk 0 scanning C:\Windows\system32\drivers
18:27:21.118    Service scanning
18:27:58.430    Modules scanning
18:27:58.444    Disk 0 trace - called modules:
18:27:58.488    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
18:27:58.499    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006954060]
18:27:58.508    3 CLASSPNP.SYS[fffff88001c0943f] -> nt!IofCallDriver -> [0xfffffa80040a7620]
18:27:58.518    5 ACPI.sys[fffff88000f437a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80040fe050]
18:28:00.147    AVAST engine scan C:\Windows
18:28:02.585    AVAST engine scan C:\Windows\system32
18:33:46.545    AVAST engine scan C:\Windows\system32\drivers
18:34:00.946    AVAST engine scan C:\Users\PC
18:38:33.203    File: C:\Users\PC\Downloads\7zip_bimo(1).exe **INFECTED** Win32:Adware-gen [Adw]
18:38:33.647    File: C:\Users\PC\Downloads\7zip_bimo.exe **INFECTED** Win32:Adware-gen [Adw]
18:38:43.828    File: C:\Users\PC\Downloads\Skype_TSV4B9K1H.exe **INFECTED** Win32:Adware-gen [Adw]
18:39:01.509    AVAST engine scan C:\ProgramData
18:39:51.436    File: C:\ProgramData\Optimizer\program\windows_Test001.exe **INFECTED** Win32:Malware-gen
18:40:10.289    Scan finished successfully
18:41:10.368    Disk 0 MBR has been saved successfully to "C:\Users\PC\Desktop\MBR.dat"
18:41:10.375    The log file has been saved successfully to "C:\Users\PC\Desktop\aswMBR.txt"

# AdwCleaner v3.310 - Report created 15/09/2014 at 09:22:45
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : PC - PC-PC
# Running from : C:\Users\PC\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : CltMngSvc
[#] Service Deleted : Update ClearThink
[#] Service Deleted : Util ClearThink
Service Deleted : {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\374311380
Folder Deleted : C:\ProgramData\Aimersoft Video Converter Ultimate
Folder Deleted : C:\ProgramData\Blasteroids
Folder Deleted : C:\ProgramData\Browser
Folder Deleted : C:\Program Files (x86)\Optimizer Pro
Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\Program Files (x86)\wse_astromenda
Folder Deleted : C:\Program Files (x86)\ClearThink
Folder Deleted : C:\Users\PC\AppData\Local\Astromenda
Folder Deleted : C:\Users\PC\AppData\Local\Blasteroids
Folder Deleted : C:\Users\PC\AppData\Local\SearchProtect
Folder Deleted : C:\Users\PC\AppData\Local\visi_coupon
Folder Deleted : C:\Users\PC\AppData\Roaming\Astromenda
Folder Deleted : C:\Users\PC\AppData\Roaming\Search Protection
Folder Deleted : C:\Users\PC\AppData\Roaming\Systweak
Folder Deleted : C:\Users\PC\AppData\Roaming\wse_astromenda
Folder Deleted : C:\Users\PC\Documents\Aimersoft Video Converter Ultimate
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Windows\System32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64.sys
File Deleted : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\0bb6v9w5.default\searchplugins\astromenda.xml
File Deleted : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\0bb6v9w5.default\searchplugins\trovi-search.xml
File Deleted : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\0bb6v9w5.default\user.js

***** [ Scheduled Tasks ] *****

Task Deleted : WSE_Astromenda

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free-for-download bundle\free-for-download bundle.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BRS]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SearchProtection]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ClearThink_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ClearThink_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateClearThink_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateClearThink_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilClearThink_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilClearThink_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update ClearThink
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util ClearThink
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7e6d4e3e-fc66-4036-9799-ce5c625c4c56}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8972B0D-B0FB-4158-A567-365283693AD6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{06e035f9-c6b3-4ae7-a839-ba68791f5499}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7e6d4e3e-fc66-4036-9799-ce5c625c4c56}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7e6d4e3e-fc66-4036-9799-ce5c625c4c56}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8972B0D-B0FB-4158-A567-365283693AD6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Key Deleted : HKCU\Software\Astromenda
Key Deleted : HKCU\Software\BRS
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\WSE_Astromenda
Key Deleted : HKCU\Software\ClearThink
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\ClearThink
Key Deleted : HKCU\Software\AppDataLow\Software\DynConIE
Key Deleted : HKCU\Software\AppDataLow\Software\Search Protection
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\InstallCore
Key Deleted : HKLM\SOFTWARE\InstallIQ
Key Deleted : HKLM\SOFTWARE\SearchProtect
Key Deleted : HKLM\SOFTWARE\SweetIM
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\ClearThink
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Search Protection
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSE_Astromenda
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ac225167-00fc-452d-94c5-bb93600e7d9a}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ClearThink
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280

-\\ Mozilla Firefox v32.0.1 (x86 en-US)

[ File : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\0bb6v9w5.default\prefs.js ]

*************************

AdwCleaner[R0].txt - [10278 octets] - [15/09/2014 09:21:04]
AdwCleaner[S0].txt - [9118 octets] - [15/09/2014 09:22:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9178 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by PC on Mon 09/15/2014 at 9:33:07.88
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

~~~ Files

~~~ Folders

~~~ FireFox

Successfully deleted: [Folder] C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\0bb6v9w5.default\extensions\staged
Emptied folder: C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\0bb6v9w5.default\minidumps [88 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 09/15/2014 at 9:39:28.47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by PC (administrator) on PC-PC on 15-09-2014 09:55:39
Running from C:\Users\PC\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Andrea Electronics Corporation) C:\Windows\System32\AECLSr64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(FRISK Software International) C:\Program Files (x86)\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(DVS Studio) C:\Program Files (x86)\Win Application\applications.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(MicroTools) C:\Program Files (x86)\YouTube Downloader Services\youtubeserv.exe
(Acute Angle Solutions) C:\ProgramData\waciau\savSNMWBQ.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
() C:\Program Files\Cirrus Logic Audio Panel\CirrusAudioPanel_Dell.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
() C:\Users\PC\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe
() C:\Users\PC\AppData\Roaming\Gameo\gameo.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Dropbox, Inc.) C:\Users\PC\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\Speed Cleaner\Speed Cleaner.exe
(InstallX, LLC) C:\Users\PC\AppData\Roaming\KeepMySettingsX\keepmysettingsx.exe
() C:\Users\PC\AppData\Roaming\Gameo\gameo.exe
(AimerSoft) C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
(iSkySoft) C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
() C:\Users\PC\AppData\Roaming\Gameo\gameo.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
() C:\Users\PC\AppData\Roaming\Gameo\gameo.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft) C:\ProgramData\Browser\prompt.exe
(Microsoft) C:\ProgramData\bprompt.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Dell Audio] => C:\Program Files\Cirrus Logic Audio Panel\CirrusAudioPanel_Dell.exe [20567552 2012-05-10] ()
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [7520768 2012-04-26] (Dell Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [F-PROT Antivirus Tray application] => C:\Program Files (x86)\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe [1674016 2010-11-03] (FRISK Software International)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Speed Cleaner] => C:\Program Files (x86)\Speed Cleaner\Speed Cleaner.exe [1466784 2014-07-06] ()
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2014720 2014-08-05] (AimerSoft)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\iSkysoft\Video Converter Ultimate\DelayPluginI.exe [1953792 2014-05-16] ()
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2014208 2014-08-05] (iSkySoft)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3916436062-207176951-769512379-1000\...\Run: [Dell Audio] => [X]
HKU\S-1-5-21-3916436062-207176951-769512379-1000\...\Run: [] => [X]
HKU\S-1-5-21-3916436062-207176951-769512379-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKU\S-1-5-21-3916436062-207176951-769512379-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-3916436062-207176951-769512379-1000\...\Run: [Amazon Cloud Player] => C:\Users\PC\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3139072 2013-11-24] ()
HKU\S-1-5-21-3916436062-207176951-769512379-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-3916436062-207176951-769512379-1000\...\Run: [Facebook Update] => C:\Users\PC\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-08-03] (Facebook Inc.)
HKU\S-1-5-21-3916436062-207176951-769512379-1000\...\Run: [WeatherBug] => C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe [146736 2014-04-01] ()
HKU\S-1-5-21-3916436062-207176951-769512379-1000\...\Run: [Gameo] => C:\Users\PC\AppData\Roaming\Gameo\gameo.exe [41402880 2014-08-25] ()
HKU\S-1-5-21-3916436062-207176951-769512379-1000\...\MountPoints2: {1e008ef4-32fb-11e3-8eb3-806e6f6e6963} - D:\autoRcd.exe
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\PC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.yahoo...20029,0,99,6944
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x95C4DECA01C7CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
URLSearchHook: HKCU - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
SearchScopes: HKCU - {0F759064-0C11-438A-BC78-C5BB4CF7115A} URL = https://search.yahoo...p={searchTerms}
SearchScopes: HKCU - {DD049EAD-CA36-423D-9C6E-7009F9CF1508} URL = https://search.yahoo...35,20028,0,99,0
SearchScopes: HKCU - {F797DA33-B945-45AB-ABA6-DCE488368F04} URL = http://astromenda.co...=1492080581&ir=
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: iSkysoft Video Converter Ultimate 5.1.0 -> {AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE} -> C:\ProgramData\iSkysoft\Video Converter Ultimate\WSBrowserAppMgr.dll (Wondershare)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler: WSAMVCUchrome - No CLSID Value -
Handler: WSISVCUchrome - {78A543EB-3A61-4ED3 - No File
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: WSAMVCUchrome - No CLSID Value -
Handler-x32: WSISVCUchrome - {78A543EB-3A61-4ED3 - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\0bb6v9w5.default
FF DefaultSearchEngine: Yahoo
FF SearchEngineOrder.1: Yahoo
FF SearchEngineOrder.user_pref("browser.search.order.2", "");: user_pref("browser.search.order.2", "");
FF SelectedSearchEngine: Yahoo
FF Homepage: https://search.yahoo...35,20031,0,99,0
FF Keyword.URL: hxxp://search.yahoo.com/search?p={searchTerms}&ei=UTF-8&fr=w3i&type=W3i_DS,157,0_0,Search,20140835,20030,0,99,0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\PC\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\0bb6v9w5.default\searchplugins\yahoo_ff.xml
FF Extension: YouTube Downloader and Converter - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\0bb6v9w5.default\Extensions\{b9bfaf1c-a63f-47cd-0829-29526ced3775}.xpi [2014-08-29]
FF Extension: ClearThink - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\0bb6v9w5.default\Extensions\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}.xpi [2014-08-29]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-09-13]
FF HKLM-x32\...\Firefox\Extensions: [{b9bfaf1c-a63f-47cd-0829-29526ced3775}] - C:\Program Files (x86)\Mozilla Firefox\extension\\freeyoubutetomp3.xpi
FF Extension: YouTube Downloader and Converter - C:\Program Files (x86)\Mozilla Firefox\extension\\freeyoubutetomp3.xpi [2014-09-13]
FF HKLM-x32\...\Firefox\Extensions: [ISVCU@iSkysoft.com] - C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com
FF Extension: iSkysoft Video Converter Ultimate - C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com [2014-08-29]
FF HKLM-x32\...\Mozilla Firefox 30.0\Extensions: [{b9bfaf1c-a63f-47cd-0829-29526ced3775}] - C:\Program Files (x86)\Mozilla Firefox\extension\\freeyoubutetomp3.xpi
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [nomnoaehhnmbolpapbjeopogjfefdpnl] - C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com.crx [2014-08-29]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AECLFilters; C:\Windows\system32\AECLSr64.exe [93696 2012-05-10] (Andrea Electronics Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 FPAVServer; C:\Program Files (x86)\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe [84136 2011-10-06] (FRISK Software International)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [163608 2012-03-06] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 savSNMWBQ; C:\ProgramData\waciau\savSNMWBQ.exe [2319744 2014-08-29] (Acute Angle Solutions)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 Windows_Application; C:\Program Files (x86)\Win Application\applications.exe [2251856 2014-08-11] (DVS Studio) [File not signed]
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6292992 2012-04-26] (Dell Inc.) [File not signed]
R2 YouTubeDownload; C:\Program Files (x86)\YouTube Downloader Services\youtubeserv.exe [2284128 2014-09-05] (MicroTools)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 aswSP; No ImagePath
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [138280 2012-03-05] (Broadcom Corporation.)
R3 CirrusLFD; C:\Windows\System32\DRIVERS\CSLFDx64.sys [35328 2012-05-10] (Cirrus Logic)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-10-11] (Disc Soft Ltd)
R1 FPAV_RTP; C:\Windows\System32\DRIVERS\FPAV_RTP.sys [842144 2011-11-11] (FRISK Software International)
S3 nxebwgqf; No ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-15 09:55 - 2014-09-15 09:56 - 00018072 _____ () C:\Users\PC\Desktop\FRST.txt
2014-09-15 09:55 - 2014-09-15 09:55 - 00000000 ____D () C:\FRST
2014-09-15 09:54 - 2014-09-15 09:54 - 02105856 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2014-09-15 09:53 - 2014-09-15 09:54 - 00000000 ____D () C:\Users\PC\AppData\Local\Blasteroids
2014-09-15 09:39 - 2014-09-15 09:52 - 00001134 _____ () C:\Users\PC\Desktop\JRT.txt
2014-09-15 09:33 - 2014-09-15 09:33 - 00000000 ____D () C:\Windows\ERUNT
2014-09-15 09:32 - 2014-09-15 09:32 - 00029184 _____ (Microsoft) C:\ProgramData\bprompt.exe
2014-09-15 09:32 - 2014-09-15 09:32 - 00000000 ____D () C:\ProgramData\Browser
2014-09-15 09:31 - 2014-09-15 09:31 - 01016261 _____ (Thisisu) C:\Users\PC\Desktop\JRT.exe
2014-09-15 09:29 - 2014-09-15 09:29 - 00009302 _____ () C:\Users\PC\Desktop\AdwCleaner[S0].txt
2014-09-15 09:20 - 2014-09-15 09:22 - 00000000 ____D () C:\AdwCleaner
2014-09-15 09:20 - 2014-09-15 09:20 - 01373475 _____ () C:\Users\PC\Desktop\AdwCleaner.exe
2014-09-15 09:16 - 2014-09-15 09:16 - 00000571 _____ () C:\Users\PC\Desktop\MBR.zip
2014-09-13 20:12 - 2014-09-13 20:12 - 17903792 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-09-13 18:43 - 2014-09-13 18:43 - 00001097 _____ () C:\Users\PC\Desktop\checkup.txt
2014-09-13 18:41 - 2014-09-13 18:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-13 18:41 - 2014-09-13 18:41 - 00002577 _____ () C:\Users\PC\Desktop\aswMBR.txt
2014-09-13 18:41 - 2014-09-13 18:41 - 00000512 _____ () C:\Users\PC\Desktop\MBR.dat
2014-09-13 18:12 - 2014-09-13 18:12 - 05185536 _____ (AVAST Software) C:\Users\PC\Desktop\aswMBR.exe
2014-09-13 18:07 - 2014-09-13 18:08 - 00854417 _____ () C:\Users\PC\Desktop\SecurityCheck.exe
2014-09-13 16:12 - 2014-09-13 17:12 - 00000000 ____D () C:\Users\PC\Desktop\Cleanup
2014-09-13 04:45 - 2014-09-13 04:45 - 00000000 ____D () C:\Users\PC\AppData\Roaming\OfficeRecovery
2014-09-13 04:07 - 2014-09-13 04:59 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-13 01:25 - 2014-09-13 01:25 - 00000000 __SHD () C:\Users\PC\AppData\Local\EmieUserList
2014-09-13 01:25 - 2014-09-13 01:25 - 00000000 __SHD () C:\Users\PC\AppData\Local\EmieSiteList
2014-09-11 21:36 - 2014-08-19 10:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 21:36 - 2014-08-19 09:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 21:36 - 2014-08-18 15:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 21:36 - 2014-08-18 14:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 21:36 - 2014-08-18 14:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 21:36 - 2014-08-18 14:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-11 21:36 - 2014-08-18 14:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 21:36 - 2014-08-18 14:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-11 21:36 - 2014-08-18 14:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-11 21:36 - 2014-08-18 14:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 21:36 - 2014-08-18 14:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 21:36 - 2014-08-18 14:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 21:36 - 2014-08-18 14:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-11 21:36 - 2014-08-18 14:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-11 21:36 - 2014-08-18 13:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 21:36 - 2014-08-18 13:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 21:36 - 2014-08-18 13:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-11 21:36 - 2014-08-18 13:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 21:36 - 2014-08-18 13:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-11 21:36 - 2014-08-18 13:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-11 21:36 - 2014-08-18 13:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-11 21:36 - 2014-08-18 13:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 21:36 - 2014-08-18 13:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 21:36 - 2014-08-18 13:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 21:36 - 2014-08-18 13:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-11 21:36 - 2014-08-18 13:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 21:36 - 2014-08-18 13:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-11 21:36 - 2014-08-18 13:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-11 21:36 - 2014-08-18 13:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-11 21:36 - 2014-08-18 13:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 21:36 - 2014-08-18 13:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 21:36 - 2014-08-18 13:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 21:36 - 2014-08-18 13:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-11 21:36 - 2014-08-18 13:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 21:36 - 2014-08-18 13:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-11 21:36 - 2014-08-18 13:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 21:36 - 2014-08-18 13:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 21:36 - 2014-08-18 13:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 21:36 - 2014-08-18 12:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-11 21:36 - 2014-08-18 12:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-11 21:35 - 2014-08-18 14:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 21:35 - 2014-08-18 14:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 21:35 - 2014-08-18 14:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 21:35 - 2014-08-18 14:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 21:35 - 2014-08-18 14:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-11 21:35 - 2014-08-18 13:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-11 21:35 - 2014-08-18 13:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 21:35 - 2014-08-18 13:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 21:35 - 2014-08-18 13:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 21:35 - 2014-08-18 13:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 21:35 - 2014-08-18 13:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 21:35 - 2014-08-18 13:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 21:35 - 2014-08-18 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-11 21:35 - 2014-08-18 12:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 21:35 - 2014-08-18 12:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 21:35 - 2014-08-18 12:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 21:30 - 2014-06-26 18:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 21:30 - 2014-06-26 17:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 15:56 - 2014-08-01 03:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 15:56 - 2014-08-01 03:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 15:56 - 2014-07-06 18:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 15:56 - 2014-07-06 18:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 15:56 - 2014-07-06 17:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 15:56 - 2014-07-06 17:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 15:56 - 2014-07-06 17:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-10 15:56 - 2014-06-23 19:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 15:56 - 2014-06-23 18:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-07 18:59 - 2014-09-07 18:59 - 00000000 ____D () C:\Users\PC\AppData\Roaming\BRT
2014-09-03 12:04 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-09-03 12:01 - 2014-09-03 12:01 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-09-03 12:01 - 2014-09-03 12:01 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-09-03 12:01 - 2014-09-03 12:01 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-09-03 12:01 - 2014-09-03 12:01 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-09-03 12:01 - 2014-09-03 12:01 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-09-03 12:01 - 2014-09-03 12:01 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-09-03 12:01 - 2014-09-03 12:01 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-09-03 12:01 - 2014-09-03 12:01 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-09-03 12:01 - 2014-09-03 12:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-09-03 12:01 - 2014-09-03 12:01 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-09-03 12:01 - 2014-09-03 12:01 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-09-03 12:01 - 2014-09-03 12:01 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-09-03 12:01 - 2014-09-03 12:01 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-09-03 12:01 - 2014-09-03 12:01 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-09-03 12:01 - 2014-09-03 12:01 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-03 12:01 - 2014-09-03 12:01 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-09-03 12:01 - 2014-09-03 12:01 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-03 12:01 - 2014-09-03 12:01 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-09-03 12:00 - 2014-09-03 12:00 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-09-03 11:56 - 2014-09-03 12:04 - 00008858 _____ () C:\Windows\IE11_main.log
2014-08-31 20:59 - 2013-05-09 21:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-08-31 20:59 - 2013-05-09 21:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-08-31 20:59 - 2013-05-09 20:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-08-31 20:59 - 2013-05-09 20:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-08-31 20:23 - 2014-06-30 14:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-31 20:23 - 2014-06-30 14:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-31 20:23 - 2014-06-05 22:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-31 20:23 - 2014-06-05 22:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-31 20:23 - 2014-03-09 13:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-31 20:23 - 2014-03-09 13:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-31 20:23 - 2014-03-09 13:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-31 20:23 - 2014-03-09 13:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-31 20:20 - 2014-08-31 20:20 - 00000987 _____ () C:\Users\PC\Desktop\Windows Movie Maker 6.0.lnk
2014-08-30 21:02 - 2014-08-30 21:02 - 00000987 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 6.0.lnk
2014-08-30 21:02 - 2014-08-30 21:02 - 00000000 ____D () C:\Program Files\Movie Maker
2014-08-30 21:01 - 2014-08-30 21:01 - 11543552 _____ () C:\Users\PC\Downloads\wmm6_win7_64bit.msi
2014-08-30 20:18 - 2014-08-30 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
2014-08-30 20:18 - 2014-07-17 19:31 - 00112640 _____ () C:\Windows\SysWOW64\ff_vfw.dll
2014-08-30 20:17 - 2014-08-30 20:17 - 04765279 _____ (ffdshow ) C:\Users\PC\Downloads\ffdshow_rev4532_20140717_clsid.exe
2014-08-30 19:56 - 2014-08-30 19:56 - 00015074 _____ () C:\Users\PC\Documents\Shria take 1.wlmp
2014-08-30 19:41 - 2014-08-30 19:41 - 00347816 _____ (Microsoft Corporation) C:\Users\PC\Downloads\MicrosoftFixit.Codec.RNP.49332887045225640.1.1.Run.exe
2014-08-30 17:42 - 2014-08-30 17:42 - 00001305 _____ () C:\Users\PC\Desktop\Movie Maker.lnk
2014-08-30 17:34 - 2014-08-30 17:34 - 00001374 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-08-30 17:34 - 2014-08-30 17:34 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-08-30 17:34 - 2014-08-30 17:34 - 00000000 ____D () C:\Windows\en
2014-08-30 17:34 - 2014-08-30 17:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-08-30 17:33 - 2014-08-30 17:34 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-08-30 17:33 - 2014-08-30 17:33 - 00000000 ____D () C:\Windows\PCHEALTH
2014-08-30 17:28 - 2014-08-30 17:28 - 01239752 _____ (Microsoft Corporation) C:\Users\PC\Downloads\wlsetup-web.exe
2014-08-30 16:34 - 2014-09-02 20:44 - 00000000 ____D () C:\Users\PC\AppData\Roaming\avidemux
2014-08-30 16:24 - 2014-08-30 16:25 - 13039575 _____ () C:\Users\PC\Downloads\avidemux_2.6.1_win64.exe
2014-08-30 16:22 - 2014-04-24 18:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-08-30 16:22 - 2014-04-24 18:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-08-30 16:22 - 2014-01-27 18:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-08-30 16:22 - 2013-10-29 18:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-08-30 16:22 - 2013-10-29 18:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-08-30 16:22 - 2013-03-18 21:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-08-30 16:21 - 2014-06-17 18:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-08-30 16:21 - 2014-06-17 17:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-08-30 16:21 - 2014-06-06 02:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-08-30 16:21 - 2014-06-06 01:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-08-30 16:21 - 2014-05-29 22:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-08-30 16:21 - 2014-05-08 01:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-08-30 16:21 - 2014-05-08 01:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-08-30 16:21 - 2014-04-04 18:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-08-30 16:21 - 2014-04-04 18:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-08-30 16:21 - 2014-03-26 06:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-08-30 16:21 - 2014-03-26 06:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-08-30 16:21 - 2014-03-26 06:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-08-30 16:21 - 2014-03-26 06:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-08-30 16:21 - 2014-03-26 06:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-08-30 16:21 - 2014-03-26 06:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-08-30 16:21 - 2014-03-26 06:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-08-30 16:21 - 2014-03-26 06:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-08-30 16:21 - 2014-01-28 18:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-08-30 16:21 - 2014-01-28 18:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-08-30 16:21 - 2013-12-31 15:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-30 16:21 - 2013-12-31 15:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-08-30 16:21 - 2013-12-03 18:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-08-30 16:21 - 2013-12-03 18:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-08-30 16:21 - 2013-12-03 18:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-08-30 16:21 - 2013-12-03 18:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-08-30 16:21 - 2013-12-03 18:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-08-30 16:21 - 2013-12-03 18:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-08-30 16:21 - 2013-12-03 18:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-08-30 16:21 - 2013-12-03 18:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-08-30 16:21 - 2013-12-03 18:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-08-30 16:21 - 2013-12-03 18:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-08-30 16:21 - 2013-12-03 18:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-08-30 16:21 - 2013-12-03 18:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-08-30 16:21 - 2013-12-03 18:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-08-30 16:21 - 2013-12-03 18:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-08-30 16:21 - 2013-12-03 17:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-08-30 16:21 - 2013-12-03 17:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-08-30 16:21 - 2013-12-03 17:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-08-30 16:21 - 2013-12-03 17:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-08-30 16:21 - 2013-11-26 17:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-08-30 16:21 - 2013-11-26 17:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-08-30 16:21 - 2013-11-26 17:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-08-30 16:21 - 2013-11-26 17:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-08-30 16:21 - 2013-11-26 17:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-08-30 16:21 - 2013-11-26 17:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-08-30 16:21 - 2013-11-26 17:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-08-30 16:21 - 2013-11-26 03:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-08-30 16:21 - 2013-11-23 10:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-08-30 16:21 - 2013-11-23 09:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-08-30 16:21 - 2013-10-18 18:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-08-30 16:21 - 2013-10-18 17:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-08-30 16:21 - 2013-10-05 12:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-08-30 16:21 - 2013-10-05 11:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-08-30 16:21 - 2013-10-03 18:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-08-30 16:21 - 2013-10-03 18:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-08-30 16:21 - 2013-10-03 18:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-08-30 16:21 - 2013-10-03 17:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-08-30 16:21 - 2013-10-03 17:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-08-30 16:21 - 2013-10-03 17:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-08-30 16:21 - 2013-08-04 18:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-08-30 16:19 - 2014-07-15 19:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-30 16:19 - 2014-07-15 18:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-30 16:19 - 2014-06-15 18:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-30 16:19 - 2014-06-03 02:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-30 16:19 - 2014-06-03 02:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-30 16:19 - 2014-06-03 02:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-30 16:19 - 2014-06-03 02:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-30 16:19 - 2014-06-03 01:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-30 16:19 - 2014-06-03 01:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-30 16:19 - 2014-06-03 01:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-30 16:19 - 2014-03-04 01:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-08-30 16:19 - 2014-03-04 01:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-08-30 16:19 - 2014-03-04 01:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-08-30 16:19 - 2014-03-04 01:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-08-30 16:19 - 2014-03-04 01:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-08-30 16:19 - 2014-03-04 01:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-08-30 16:19 - 2014-03-04 01:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-08-30 16:19 - 2014-03-04 01:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-08-30 16:19 - 2014-03-04 01:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-08-30 16:19 - 2014-03-04 01:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-08-30 16:19 - 2014-03-04 01:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-08-30 16:19 - 2014-03-04 01:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-08-30 16:19 - 2014-03-04 01:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-08-30 16:19 - 2014-03-04 01:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-08-30 16:19 - 2014-03-04 01:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-08-30 16:19 - 2014-03-04 01:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-08-30 16:19 - 2014-03-04 01:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-08-30 16:19 - 2014-03-04 01:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-08-30 16:19 - 2014-03-04 01:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-08-30 16:19 - 2014-03-04 01:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-08-30 16:19 - 2013-11-26 00:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-08-30 16:19 - 2013-11-22 14:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-08-30 16:19 - 2013-09-07 18:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-08-30 16:19 - 2013-09-07 18:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-08-30 16:19 - 2013-07-04 04:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-08-30 16:19 - 2013-07-04 04:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-08-30 16:19 - 2013-07-04 03:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-08-30 16:19 - 2013-07-04 03:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-08-30 16:19 - 2013-07-04 02:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-08-30 16:18 - 2014-08-22 18:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-30 16:18 - 2014-08-22 17:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-30 16:18 - 2014-08-22 16:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-30 16:18 - 2014-07-13 18:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-30 16:18 - 2014-07-13 17:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-30 16:18 - 2014-06-24 18:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-30 16:18 - 2014-06-24 17:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-30 16:18 - 2014-05-30 00:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-08-30 16:18 - 2014-05-30 00:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-08-30 16:18 - 2014-05-30 00:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-08-30 16:18 - 2014-05-30 00:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-08-30 16:18 - 2014-05-30 00:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-08-30 16:18 - 2014-05-30 00:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-08-30 16:18 - 2014-05-29 23:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-08-30 16:18 - 2014-05-29 23:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-08-30 16:18 - 2014-05-29 23:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-08-30 16:18 - 2014-05-29 23:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-08-30 16:18 - 2014-05-29 23:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-08-30 16:18 - 2014-05-29 23:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-08-30 16:18 - 2014-04-11 18:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-08-30 16:18 - 2014-04-11 18:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-08-30 16:18 - 2014-04-11 18:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-08-30 16:18 - 2014-04-11 18:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-08-30 16:18 - 2014-04-11 18:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-08-30 16:18 - 2014-04-11 18:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-08-30 16:18 - 2014-03-04 01:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-08-30 16:18 - 2014-03-04 01:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-08-30 16:18 - 2014-03-04 01:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-08-30 16:18 - 2014-03-04 01:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-08-30 16:18 - 2014-03-04 01:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-08-30 16:18 - 2014-03-04 01:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-08-30 16:18 - 2014-03-04 01:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-08-30 16:18 - 2014-03-04 01:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-08-30 16:18 - 2014-03-04 01:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-08-30 16:18 - 2014-03-04 00:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-08-30 16:18 - 2014-03-04 00:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-08-30 16:18 - 2014-02-03 18:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-08-30 16:18 - 2014-02-03 18:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-08-30 16:18 - 2014-02-03 18:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-08-30 16:18 - 2014-02-03 18:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-08-30 16:18 - 2014-02-03 18:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-08-30 16:18 - 2014-02-03 18:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-08-30 16:18 - 2014-02-03 18:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-08-30 16:18 - 2014-01-23 18:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-08-30 16:18 - 2013-10-11 18:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-08-30 16:18 - 2013-10-11 18:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-08-30 16:18 - 2013-10-11 18:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-08-30 16:18 - 2013-10-11 18:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-08-30 16:18 - 2013-10-11 18:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-08-30 16:18 - 2013-10-11 18:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-08-30 16:18 - 2013-10-11 18:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-08-30 16:18 - 2013-10-11 18:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-08-30 16:18 - 2013-10-11 18:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-08-30 16:18 - 2013-10-11 17:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-08-30 16:18 - 2013-10-11 17:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-08-30 16:18 - 2013-10-11 17:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-08-30 16:18 - 2013-10-11 17:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-08-30 16:18 - 2013-08-28 18:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-08-30 16:18 - 2013-08-28 18:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-08-30 16:18 - 2013-08-28 18:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-08-30 16:18 - 2013-08-28 17:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-08-30 16:18 - 2013-08-28 17:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-08-30 16:18 - 2013-08-28 17:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-08-30 16:18 - 2013-08-27 17:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-08-30 16:18 - 2013-07-04 04:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-08-30 16:18 - 2013-05-09 21:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-08-30 16:18 - 2013-05-09 19:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-08-30 16:18 - 2013-01-23 22:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-08-30 10:12 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-30 10:12 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-30 10:12 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-30 10:12 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-30 10:12 - 2014-05-14 08:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-30 10:12 - 2014-05-14 08:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-30 10:12 - 2014-05-14 08:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-30 10:12 - 2014-05-14 08:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-30 10:12 - 2014-05-14 08:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-30 10:12 - 2014-05-14 08:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-30 10:12 - 2014-05-14 08:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-30 10:12 - 2014-05-14 08:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-30 10:12 - 2014-05-14 08:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-30 10:12 - 2014-05-14 08:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-30 10:11 - 2014-09-15 09:05 - 00000062 _____ () C:\Users\PC\AppData\Roaming\WB.CFG
2014-08-30 10:11 - 2014-08-30 10:11 - 00000000 ____D () C:\ProgramData\Aimersoft
2014-08-30 00:56 - 2014-08-30 00:56 - 00001199 _____ () C:\Users\PC\Desktop\Any Video Converter.lnk
2014-08-30 00:56 - 2014-08-30 00:56 - 00000000 ____D () C:\Users\PC\Documents\Any Video Converter
2014-08-30 00:56 - 2014-08-30 00:56 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Anvsoft
2014-08-30 00:56 - 2014-08-30 00:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
2014-08-30 00:56 - 2014-08-30 00:56 - 00000000 ____D () C:\Program Files (x86)\AnvSoft
2014-08-30 00:32 - 2014-08-30 17:40 - 00000000 ____D () C:\Users\PC\AppData\Local\Windows Live
2014-08-30 00:31 - 2014-09-15 09:29 - 00000000 ____D () C:\Users\PC\AppData\Local\Gameo
2014-08-30 00:31 - 2014-08-30 00:31 - 00001718 _____ () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gameo.lnk
2014-08-30 00:31 - 2014-08-30 00:31 - 00000168 _____ () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2014-08-30 00:31 - 2014-08-30 00:31 - 00000000 ___HD () C:\Users\PC\AppData\Roaming\GoldenGate
2014-08-30 00:31 - 2014-08-30 00:31 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gameo
2014-08-30 00:31 - 2014-08-30 00:31 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Gameo
2014-08-30 00:22 - 2014-08-30 00:22 - 00001919 _____ () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\WeatherBug®.lnk
2014-08-30 00:22 - 2014-08-30 00:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WeatherBug®
2014-08-30 00:22 - 2014-08-30 00:22 - 00000000 ____D () C:\Program Files\Earth Networks
2014-08-30 00:21 - 2014-08-30 00:22 - 00000000 __HDC () C:\ProgramData\{E0A9340B-C01B-42C1-9910-C307D7BE4756}
2014-08-30 00:19 - 2014-08-30 00:19 - 00000000 ____D () C:\Users\PC\AppData\Roaming\0T1M1P0A1E1E0M1T1G
2014-08-29 23:58 - 2014-08-29 23:58 - 00000000 ____D () C:\Program Files\AVAST Software
2014-08-29 23:55 - 2014-08-29 23:55 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-29 23:49 - 2014-08-29 23:49 - 00699016 _____ (CNET Download.com) C:\Users\PC\Downloads\cbsidlm-cbsi213-Any_Video_Converter_Freeware-ORG-10661456.exe
2014-08-29 23:43 - 2014-08-29 23:44 - 00000000 ____D () C:\Users\PC\Documents\iSkysoft Video Converter Ultimate
2014-08-29 23:43 - 2014-08-29 23:43 - 01239536 _____ (Microsoft Corporation) C:\Users\PC\Downloads\Windows Live Movie Maker-Installer.exe
2014-08-29 23:43 - 2014-08-29 23:43 - 00000000 ____D () C:\Users\PC\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2014-08-29 23:42 - 2014-08-29 23:42 - 00000000 ____D () C:\Users\PC\AppData\Local\iSkysoft
2014-08-29 23:42 - 2014-08-29 23:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSkysoft
2014-08-29 23:42 - 2013-08-23 13:36 - 00721263 _____ () C:\Windows\SysWOW64\ISCM64.dll
2014-08-29 23:42 - 2013-08-07 14:31 - 00214528 _____ () C:\Windows\SysWOW64\ISCM32.dll
2014-08-29 23:41 - 2014-08-30 10:11 - 00000000 ____D () C:\ProgramData\iSkysoft
2014-08-29 23:41 - 2014-08-30 00:15 - 00000000 ____D () C:\ProgramData\iSkysoft Video Converter Ultimate
2014-08-29 23:41 - 2014-08-29 23:41 - 00000000 ____D () C:\Program Files (x86)\iSkysoft
2014-08-29 23:39 - 2014-08-29 23:41 - 00782840 _____ ( ) C:\Users\PC\Downloads\Windows Live Movie Maker Download Manager.exe
2014-08-29 23:35 - 2014-08-29 23:41 - 00000000 ____D () C:\Users\Public\Documents\iSkysoft
2014-08-29 23:35 - 2014-08-29 23:35 - 01347936 _____ (iSkysoft) C:\Users\PC\Downloads\video-converter-ultimate-win_setup_full670.exe
2014-08-29 23:30 - 2014-08-29 23:30 - 00000000 ____D () C:\Users\PC\AppData\Roaming\MPC-HC
2014-08-29 23:29 - 2014-08-30 20:45 - 00018944 _____ () C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-29 23:22 - 2014-08-29 23:33 - 00000000 ____D () C:\Program Files (x86)\Aimersoft
2014-08-29 23:22 - 2014-08-29 23:22 - 00000000 ____D () C:\Users\PC\AppData\Local\Aimersoft
2014-08-29 23:20 - 2014-08-30 21:04 - 00000000 ____D () C:\Users\PC\AppData\Local\WMTools Downloaded Files
2014-08-29 23:16 - 2014-08-29 23:22 - 00000000 ____D () C:\Users\Public\Documents\Aimersoft
2014-08-29 23:16 - 2014-08-29 23:16 - 01239552 _____ (Aimersoft) C:\Users\PC\Downloads\aimer-video-ultimate_setup_full523.exe
2014-08-29 23:13 - 2014-08-29 23:13 - 00003018 _____ () C:\Windows\System32\Tasks\KeepMySettingsX
2014-08-29 23:12 - 2014-08-29 23:13 - 00000000 ____D () C:\Users\PC\AppData\Roaming\KeepMySettingsX
2014-08-29 23:12 - 2014-08-29 23:12 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-08-29 23:12 - 2014-08-29 23:12 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-08-29 23:11 - 2014-08-29 23:12 - 00000000 ____D () C:\ProgramData\waciau
2014-08-29 23:10 - 2014-08-29 23:10 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Yahoo!
2014-08-29 23:10 - 2014-08-29 23:10 - 00000000 ____D () C:\ProgramData\Yahoo! Companion
2014-08-29 23:10 - 2014-08-29 23:10 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-08-29 23:10 - 2014-08-29 23:10 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-08-29 23:08 - 2014-08-29 23:09 - 02045464 _____ (SafeInstall, LLC) C:\Users\PC\Downloads\7zip_bimo(1).exe
2014-08-29 23:08 - 2014-08-29 23:08 - 02045464 _____ (SafeInstall, LLC) C:\Users\PC\Downloads\7zip_bimo.exe
2014-08-29 23:03 - 2014-08-29 23:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2014-08-29 23:03 - 2014-06-14 06:03 - 00260696 _____ () C:\Windows\system32\unrar64.dll
2014-08-29 23:03 - 2014-06-14 06:03 - 00218200 _____ () C:\Windows\SysWOW64\unrar.dll
2014-08-29 23:02 - 2014-08-29 23:04 - 00000000 ____D () C:\Program Files (x86)\K-Lite Codec Pack
2014-08-29 22:57 - 2014-08-29 23:02 - 31099343 _____ ( ) C:\Users\PC\Downloads\K-Lite_Codec_Pack_1065_Full.exe
2014-08-29 22:51 - 2014-08-28 20:59 - 101221376 _____ () C:\Users\PC\Desktop\Shira.avi.MOV
2014-08-29 22:51 - 2014-08-28 20:59 - 101221376 _____ () C:\Users\PC\Desktop\P1010511 (2).MOV
2014-08-29 22:47 - 2014-09-13 16:13 - 00000000 ____D () C:\Program Files (x86)\YouTube Downloader Services
2014-08-29 22:47 - 2014-09-01 09:38 - 00000000 ____D () C:\ProgramData\Optimizer
2014-08-29 22:47 - 2014-08-29 22:47 - 00001065 _____ () C:\Users\Public\Desktop\Windows Movie Maker.lnk
2014-08-29 22:47 - 2014-08-29 22:47 - 00000000 ____D () C:\ProgramData\WinApplication
2014-08-29 22:47 - 2014-08-29 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker
2014-08-29 22:47 - 2014-08-29 22:47 - 00000000 ____D () C:\Program Files (x86)\Windows Movie Maker
2014-08-29 22:47 - 2014-08-29 22:47 - 00000000 ____D () C:\Program Files (x86)\Win Application
2014-08-29 22:47 - 2008-06-27 10:49 - 00518064 _____ (Codejock Software) C:\Windows\SysWOW64\framework.ocx
2014-08-29 22:43 - 2014-08-29 22:43 - 00937360 _____ () C:\Users\PC\Downloads\windows-movie-maker.exe
2014-08-22 13:05 - 2014-08-21 16:55 - 402925568 _____ () C:\Users\PC\Documents\P1010308.MOV
2014-08-22 13:04 - 2014-09-15 09:29 - 00000000 ___RD () C:\Users\PC\Dropbox
2014-08-22 13:04 - 2014-08-22 13:04 - 00000998 _____ () C:\Users\PC\Desktop\Dropbox.lnk
2014-08-22 13:02 - 2014-08-22 13:02 - 00323600 _____ (Dropbox, Inc.) C:\Users\PC\Downloads\DropboxInstaller(1).exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-15 09:56 - 2014-09-15 09:55 - 00018072 _____ () C:\Users\PC\Desktop\FRST.txt
2014-09-15 09:55 - 2014-09-15 09:55 - 00000000 ____D () C:\FRST
2014-09-15 09:54 - 2014-09-15 09:54 - 02105856 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2014-09-15 09:54 - 2014-09-15 09:53 - 00000000 ____D () C:\Users\PC\AppData\Local\Blasteroids
2014-09-15 09:52 - 2014-09-15 09:39 - 00001134 _____ () C:\Users\PC\Desktop\JRT.txt
2014-09-15 09:34 - 2009-07-13 20:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-15 09:34 - 2009-07-13 20:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-15 09:33 - 2014-09-15 09:33 - 00000000 ____D () C:\Windows\ERUNT
2014-09-15 09:33 - 2009-07-13 21:13 - 00781790 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-15 09:32 - 2014-09-15 09:32 - 00029184 _____ (Microsoft) C:\ProgramData\bprompt.exe
2014-09-15 09:32 - 2014-09-15 09:32 - 00000000 ____D () C:\ProgramData\Browser
2014-09-15 09:31 - 2014-09-15 09:31 - 01016261 _____ (Thisisu) C:\Users\PC\Desktop\JRT.exe
2014-09-15 09:30 - 2014-08-03 20:21 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Skype
2014-09-15 09:29 - 2014-09-15 09:29 - 00009302 _____ () C:\Users\PC\Desktop\AdwCleaner[S0].txt
2014-09-15 09:29 - 2014-08-30 00:31 - 00000000 ____D () C:\Users\PC\AppData\Local\Gameo
2014-09-15 09:29 - 2014-08-22 13:04 - 00000000 ___RD () C:\Users\PC\Dropbox
2014-09-15 09:29 - 2014-04-24 18:52 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Dropbox
2014-09-15 09:26 - 2013-10-11 20:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-15 09:26 - 2010-11-20 19:47 - 00017558 _____ () C:\Windows\PFRO.log
2014-09-15 09:26 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-15 09:26 - 2009-07-13 20:51 - 00067536 _____ () C:\Windows\setupact.log
2014-09-15 09:25 - 2013-10-11 19:06 - 01196555 _____ () C:\Windows\WindowsUpdate.log
2014-09-15 09:22 - 2014-09-15 09:20 - 00000000 ____D () C:\AdwCleaner
2014-09-15 09:22 - 2014-08-03 20:24 - 00000894 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3916436062-207176951-769512379-1000Core.job
2014-09-15 09:22 - 2014-08-03 20:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free-for-download bundle
2014-09-15 09:21 - 2009-07-13 18:34 - 00000505 _____ () C:\Windows\win.ini
2014-09-15 09:20 - 2014-09-15 09:20 - 01373475 _____ () C:\Users\PC\Desktop\AdwCleaner.exe
2014-09-15 09:16 - 2014-09-15 09:16 - 00000571 _____ () C:\Users\PC\Desktop\MBR.zip
2014-09-15 09:05 - 2014-08-30 10:11 - 00000062 _____ () C:\Users\PC\AppData\Roaming\WB.CFG
2014-09-15 09:04 - 2014-08-03 20:24 - 00000916 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3916436062-207176951-769512379-1000UA.job
2014-09-15 09:03 - 2013-11-04 20:36 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-13 20:12 - 2014-09-13 20:12 - 17903792 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-09-13 20:12 - 2013-11-04 20:36 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-13 20:12 - 2013-11-04 20:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-13 20:12 - 2013-11-04 20:36 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-13 18:43 - 2014-09-13 18:43 - 00001097 _____ () C:\Users\PC\Desktop\checkup.txt
2014-09-13 18:42 - 2014-09-13 18:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-13 18:41 - 2014-09-13 18:41 - 00002577 _____ () C:\Users\PC\Desktop\aswMBR.txt
2014-09-13 18:41 - 2014-09-13 18:41 - 00000512 _____ () C:\Users\PC\Desktop\MBR.dat
2014-09-13 18:12 - 2014-09-13 18:12 - 05185536 _____ (AVAST Software) C:\Users\PC\Desktop\aswMBR.exe
2014-09-13 18:08 - 2014-09-13 18:07 - 00854417 _____ () C:\Users\PC\Desktop\SecurityCheck.exe
2014-09-13 17:12 - 2014-09-13 16:12 - 00000000 ____D () C:\Users\PC\Desktop\Cleanup
2014-09-13 16:13 - 2014-08-29 22:47 - 00000000 ____D () C:\Program Files (x86)\YouTube Downloader Services
2014-09-13 04:59 - 2014-09-13 04:07 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-13 04:45 - 2014-09-13 04:45 - 00000000 ____D () C:\Users\PC\AppData\Roaming\OfficeRecovery
2014-09-13 01:25 - 2014-09-13 01:25 - 00000000 __SHD () C:\Users\PC\AppData\Local\EmieUserList
2014-09-13 01:25 - 2014-09-13 01:25 - 00000000 __SHD () C:\Users\PC\AppData\Local\EmieSiteList
2014-09-11 22:46 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-09-11 21:45 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-11 21:34 - 2013-02-15 20:06 - 00774404 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-11 21:33 - 2013-10-11 20:40 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 21:32 - 2013-02-15 20:20 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-07 18:59 - 2014-09-07 18:59 - 00000000 ____D () C:\Users\PC\AppData\Roaming\BRT
2014-09-05 10:22 - 2013-10-11 19:05 - 00001413 _____ () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-03 13:16 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-09-03 13:16 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-09-03 13:16 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-09-03 13:16 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-09-03 12:04 - 2014-09-03 11:56 - 00008858 _____ () C:\Windows\IE11_main.log
2014-09-03 12:01 - 2014-09-03 12:01 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-09-03 12:01 - 2014-09-03 12:01 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-09-03 12:01 - 2014-09-03 12:01 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-09-03 12:01 - 2014-09-03 12:01 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-09-03 12:01 - 2014-09-03 12:01 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-09-03 12:01 - 2014-09-03 12:01 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-09-03 12:01 - 2014-09-03 12:01 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-09-03 12:01 - 2014-09-03 12:01 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-09-03 12:01 - 2014-09-03 12:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-09-03 12:01 - 2014-09-03 12:01 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-09-03 12:01 - 2014-09-03 12:01 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-09-03 12:01 - 2014-09-03 12:01 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-09-03 12:01 - 2014-09-03 12:01 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-09-03 12:01 - 2014-09-03 12:01 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-09-03 12:01 - 2014-09-03 12:01 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-09-03 12:01 - 2014-09-03 12:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-03 12:01 - 2014-09-03 12:01 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-09-03 12:01 - 2014-09-03 12:01 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-03 12:01 - 2014-09-03 12:01 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-09-03 12:00 - 2014-09-03 12:00 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-09-03 12:00 - 2014-09-03 12:00 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-09-02 20:44 - 2014-08-30 16:34 - 00000000 ____D () C:\Users\PC\AppData\Roaming\avidemux
2014-09-01 09:38 - 2014-08-29 22:47 - 00000000 ____D () C:\ProgramData\Optimizer
2014-08-31 23:18 - 2009-07-13 21:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-08-31 21:49 - 2009-07-13 20:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-08-31 21:06 - 2009-07-13 20:45 - 00267672 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-31 21:04 - 2011-04-12 00:28 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-31 21:04 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-08-31 21:04 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-08-31 20:20 - 2014-08-31 20:20 - 00000987 _____ () C:\Users\PC\Desktop\Windows Movie Maker 6.0.lnk
2014-08-30 21:04 - 2014-08-29 23:20 - 00000000 ____D () C:\Users\PC\AppData\Local\WMTools Downloaded Files
2014-08-30 21:02 - 2014-08-30 21:02 - 00000987 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 6.0.lnk
2014-08-30 21:02 - 2014-08-30 21:02 - 00000000 ____D () C:\Program Files\Movie Maker
2014-08-30 21:01 - 2014-08-30 21:01 - 11543552 _____ () C:\Users\PC\Downloads\wmm6_win7_64bit.msi
2014-08-30 20:45 - 2014-08-29 23:29 - 00018944 _____ () C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-30 20:18 - 2014-08-30 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
2014-08-30 20:17 - 2014-08-30 20:17 - 04765279 _____ (ffdshow ) C:\Users\PC\Downloads\ffdshow_rev4532_20140717_clsid.exe
2014-08-30 19:56 - 2014-08-30 19:56 - 00015074 _____ () C:\Users\PC\Documents\Shria take 1.wlmp
2014-08-30 19:41 - 2014-08-30 19:41 - 00347816 _____ (Microsoft Corporation) C:\Users\PC\Downloads\MicrosoftFixit.Codec.RNP.49332887045225640.1.1.Run.exe
2014-08-30 17:42 - 2014-08-30 17:42 - 00001305 _____ () C:\Users\PC\Desktop\Movie Maker.lnk
2014-08-30 17:40 - 2014-08-30 00:32 - 00000000 ____D () C:\Users\PC\AppData\Local\Windows Live
2014-08-30 17:34 - 2014-08-30 17:34 - 00001374 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-08-30 17:34 - 2014-08-30 17:34 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-08-30 17:34 - 2014-08-30 17:34 - 00000000 ____D () C:\Windows\en
2014-08-30 17:34 - 2014-08-30 17:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-08-30 17:34 - 2014-08-30 17:33 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-08-30 17:33 - 2014-08-30 17:33 - 00000000 ____D () C:\Windows\PCHEALTH
2014-08-30 17:33 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-08-30 17:30 - 2013-02-15 20:01 - 00077618 _____ () C:\Windows\DirectX.log
2014-08-30 17:28 - 2014-08-30 17:28 - 01239752 _____ (Microsoft Corporation) C:\Users\PC\Downloads\wlsetup-web.exe
2014-08-30 16:25 - 2014-08-30 16:24 - 13039575 _____ () C:\Users\PC\Downloads\avidemux_2.6.1_win64.exe
2014-08-30 10:11 - 2014-08-30 10:11 - 00000000 ____D () C:\ProgramData\Aimersoft
2014-08-30 10:11 - 2014-08-29 23:41 - 00000000 ____D () C:\ProgramData\iSkysoft
2014-08-30 00:56 - 2014-08-30 00:56 - 00001199 _____ () C:\Users\PC\Desktop\Any Video Converter.lnk
2014-08-30 00:56 - 2014-08-30 00:56 - 00000000 ____D () C:\Users\PC\Documents\Any Video Converter
2014-08-30 00:56 - 2014-08-30 00:56 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Anvsoft
2014-08-30 00:56 - 2014-08-30 00:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
2014-08-30 00:56 - 2014-08-30 00:56 - 00000000 ____D () C:\Program Files (x86)\AnvSoft
2014-08-30 00:31 - 2014-08-30 00:31 - 00001718 _____ () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gameo.lnk
2014-08-30 00:31 - 2014-08-30 00:31 - 00000168 _____ () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2014-08-30 00:31 - 2014-08-30 00:31 - 00000000 ___HD () C:\Users\PC\AppData\Roaming\GoldenGate
2014-08-30 00:31 - 2014-08-30 00:31 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gameo
2014-08-30 00:31 - 2014-08-30 00:31 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Gameo
2014-08-30 00:22 - 2014-08-30 00:22 - 00001919 _____ () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\WeatherBug®.lnk
2014-08-30 00:22 - 2014-08-30 00:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WeatherBug®
2014-08-30 00:22 - 2014-08-30 00:22 - 00000000 ____D () C:\Program Files\Earth Networks
2014-08-30 00:22 - 2014-08-30 00:21 - 00000000 __HDC () C:\ProgramData\{E0A9340B-C01B-42C1-9910-C307D7BE4756}
2014-08-30 00:19 - 2014-08-30 00:19 - 00000000 ____D () C:\Users\PC\AppData\Roaming\0T1M1P0A1E1E0M1T1G
2014-08-30 00:19 - 2013-10-11 20:19 - 00001135 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-08-30 00:15 - 2014-08-29 23:41 - 00000000 ____D () C:\ProgramData\iSkysoft Video Converter Ultimate
2014-08-29 23:58 - 2014-08-29 23:58 - 00000000 ____D () C:\Program Files\AVAST Software
2014-08-29 23:55 - 2014-08-29 23:55 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-29 23:49 - 2014-08-29 23:49 - 00699016 _____ (CNET Download.com) C:\Users\PC\Downloads\cbsidlm-cbsi213-Any_Video_Converter_Freeware-ORG-10661456.exe
2014-08-29 23:44 - 2014-08-29 23:43 - 00000000 ____D () C:\Users\PC\Documents\iSkysoft Video Converter Ultimate
2014-08-29 23:43 - 2014-08-29 23:43 - 01239536 _____ (Microsoft Corporation) C:\Users\PC\Downloads\Windows Live Movie Maker-Installer.exe
2014-08-29 23:43 - 2014-08-29 23:43 - 00000000 ____D () C:\Users\PC\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2014-08-29 23:42 - 2014-08-29 23:42 - 00000000 ____D () C:\Users\PC\AppData\Local\iSkysoft
2014-08-29 23:42 - 2014-08-29 23:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSkysoft
2014-08-29 23:41 - 2014-08-29 23:41 - 00000000 ____D () C:\Program Files (x86)\iSkysoft
2014-08-29 23:41 - 2014-08-29 23:39 - 00782840 _____ ( ) C:\Users\PC\Downloads\Windows Live Movie Maker Download Manager.exe
2014-08-29 23:41 - 2014-08-29 23:35 - 00000000 ____D () C:\Users\Public\Documents\iSkysoft
2014-08-29 23:35 - 2014-08-29 23:35 - 01347936 _____ (iSkysoft) C:\Users\PC\Downloads\video-converter-ultimate-win_setup_full670.exe
2014-08-29 23:33 - 2014-08-29 23:22 - 00000000 ____D () C:\Program Files (x86)\Aimersoft
2014-08-29 23:30 - 2014-08-29 23:30 - 00000000 ____D () C:\Users\PC\AppData\Roaming\MPC-HC
2014-08-29 23:22 - 2014-08-29 23:22 - 00000000 ____D () C:\Users\PC\AppData\Local\Aimersoft
2014-08-29 23:22 - 2014-08-29 23:16 - 00000000 ____D () C:\Users\Public\Documents\Aimersoft
2014-08-29 23:16 - 2014-08-29 23:16 - 01239552 _____ (Aimersoft) C:\Users\PC\Downloads\aimer-video-ultimate_setup_full523.exe
2014-08-29 23:13 - 2014-08-29 23:13 - 00003018 _____ () C:\Windows\System32\Tasks\KeepMySettingsX
2014-08-29 23:13 - 2014-08-29 23:12 - 00000000 ____D () C:\Users\PC\AppData\Roaming\KeepMySettingsX
2014-08-29 23:12 - 2014-08-29 23:12 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-08-29 23:12 - 2014-08-29 23:12 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-08-29 23:12 - 2014-08-29 23:11 - 00000000 ____D () C:\ProgramData\waciau
2014-08-29 23:10 - 2014-08-29 23:10 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Yahoo!
2014-08-29 23:10 - 2014-08-29 23:10 - 00000000 ____D () C:\ProgramData\Yahoo! Companion
2014-08-29 23:10 - 2014-08-29 23:10 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-08-29 23:10 - 2014-08-29 23:10 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-08-29 23:09 - 2014-08-29 23:08 - 02045464 _____ (SafeInstall, LLC) C:\Users\PC\Downloads\7zip_bimo(1).exe
2014-08-29 23:08 - 2014-08-29 23:08 - 02045464 _____ (SafeInstall, LLC) C:\Users\PC\Downloads\7zip_bimo.exe
2014-08-29 23:04 - 2014-08-29 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2014-08-29 23:04 - 2014-08-29 23:02 - 00000000 ____D () C:\Program Files (x86)\K-Lite Codec Pack
2014-08-29 23:02 - 2014-08-29 22:57 - 31099343 _____ ( ) C:\Users\PC\Downloads\K-Lite_Codec_Pack_1065_Full.exe
2014-08-29 22:47 - 2014-08-29 22:47 - 00001065 _____ () C:\Users\Public\Desktop\Windows Movie Maker.lnk
2014-08-29 22:47 - 2014-08-29 22:47 - 00000000 ____D () C:\ProgramData\WinApplication
2014-08-29 22:47 - 2014-08-29 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker
2014-08-29 22:47 - 2014-08-29 22:47 - 00000000 ____D () C:\Program Files (x86)\Windows Movie Maker
2014-08-29 22:47 - 2014-08-29 22:47 - 00000000 ____D () C:\Program Files (x86)\Win Application
2014-08-29 22:43 - 2014-08-29 22:43 - 00937360 _____ () C:\Users\PC\Downloads\windows-movie-maker.exe
2014-08-29 22:43 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\Resources
2014-08-28 20:59 - 2014-08-29 22:51 - 101221376 _____ () C:\Users\PC\Desktop\Shira.avi.MOV
2014-08-28 20:59 - 2014-08-29 22:51 - 101221376 _____ () C:\Users\PC\Desktop\P1010511 (2).MOV
2014-08-26 08:26 - 2013-11-03 03:35 - 00000000 ____D () C:\Users\PC\AppData\Local\Microsoft Games
2014-08-26 08:15 - 2013-11-14 13:48 - 00000000 ____D () C:\Users\PC\Desktop\Misc
2014-08-26 08:14 - 2014-02-13 00:46 - 00000000 ____D () C:\Users\PC\Desktop\Diego n Shira
2014-08-22 18:07 - 2014-08-30 16:18 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-22 17:45 - 2014-08-30 16:18 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-22 16:59 - 2014-08-30 16:18 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 13:04 - 2014-08-22 13:04 - 00000998 _____ () C:\Users\PC\Desktop\Dropbox.lnk
2014-08-22 13:04 - 2013-10-11 19:05 - 00000000 ____D () C:\Users\PC
2014-08-22 13:03 - 2014-04-24 18:53 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-22 13:02 - 2014-08-22 13:02 - 00323600 _____ (Dropbox, Inc.) C:\Users\PC\Downloads\DropboxInstaller(1).exe
2014-08-21 16:55 - 2014-08-22 13:05 - 402925568 _____ () C:\Users\PC\Documents\P1010308.MOV
2014-08-19 10:05 - 2014-09-11 21:36 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 09:39 - 2014-09-11 21:36 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-18 15:01 - 2014-09-11 21:36 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-18 14:29 - 2014-09-11 21:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-18 14:29 - 2014-09-11 21:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-18 14:26 - 2014-09-11 21:35 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-18 14:20 - 2014-09-11 21:35 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-18 14:19 - 2014-09-11 21:35 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-18 14:15 - 2014-09-11 21:36 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-18 14:15 - 2014-09-11 21:36 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-18 14:14 - 2014-09-11 21:36 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-18 14:14 - 2014-09-11 21:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-18 14:08 - 2014-09-11 21:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-18 14:08 - 2014-09-11 21:36 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-18 14:08 - 2014-09-11 21:35 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-18 14:05 - 2014-09-11 21:36 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-18 14:03 - 2014-09-11 21:36 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-18 14:03 - 2014-09-11 21:36 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-18 14:03 - 2014-09-11 21:35 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-18 13:57 - 2014-09-11 21:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-18 13:56 - 2014-09-11 21:35 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-18 13:51 - 2014-09-11 21:36 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-18 13:46 - 2014-09-11 21:36 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-18 13:45 - 2014-09-11 21:36 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-18 13:45 - 2014-09-11 21:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-18 13:44 - 2014-09-11 21:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-18 13:44 - 2014-09-11 21:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-18 13:42 - 2014-09-11 21:35 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-18 13:40 - 2014-09-11 21:36 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-18 13:39 - 2014-09-11 21:36 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-18 13:39 - 2014-09-11 21:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-18 13:39 - 2014-09-11 21:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-18 13:38 - 2014-09-11 21:36 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-18 13:37 - 2014-09-11 21:36 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-18 13:36 - 2014-09-11 21:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-18 13:35 - 2014-09-11 21:36 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-18 13:27 - 2014-09-11 21:36 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-18 13:25 - 2014-09-11 21:36 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-18 13:25 - 2014-09-11 21:36 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-18 13:23 - 2014-09-11 21:36 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-18 13:23 - 2014-09-11 21:35 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-18 13:22 - 2014-09-11 21:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-18 13:19 - 2014-09-11 21:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-18 13:17 - 2014-09-11 21:36 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-18 13:17 - 2014-09-11 21:36 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-18 13:16 - 2014-09-11 21:35 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-18 13:15 - 2014-09-11 21:35 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-18 13:15 - 2014-09-11 21:35 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-18 13:09 - 2014-09-11 21:36 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-18 13:08 - 2014-09-11 21:35 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-18 13:07 - 2014-09-11 21:35 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-18 12:55 - 2014-09-11 21:35 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-18 12:46 - 2014-09-11 21:35 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-18 12:38 - 2014-09-11 21:36 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-18 12:38 - 2014-09-11 21:35 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-18 12:36 - 2014-09-11 21:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

Files to move or delete:
====================
C:\ProgramData\bprompt.exe

Some content of TEMP:
====================
C:\Users\PC\AppData\Local\Temp\avast_free_antivirus_setup_oem.exe
C:\Users\PC\AppData\Local\Temp\bitool.dll
C:\Users\PC\AppData\Local\Temp\dlLogic.exe
C:\Users\PC\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgmb1cj.dll
C:\Users\PC\AppData\Local\Temp\dsapi.exe
C:\Users\PC\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\PC\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\PC\AppData\Local\Temp\install_flashplayer11x32_mssa_aaa_aih.exe
C:\Users\PC\AppData\Local\Temp\nsi45B3.exe
C:\Users\PC\AppData\Local\Temp\nsn4007.exe
C:\Users\PC\AppData\Local\Temp\nsn9D96.exe
C:\Users\PC\AppData\Local\Temp\nsx90B9.exe
C:\Users\PC\AppData\Local\Temp\optprosetup.exe
C:\Users\PC\AppData\Local\Temp\Quarantine.exe
C:\Users\PC\AppData\Local\Temp\SPSetup.exe
C:\Users\PC\AppData\Local\Temp\spstub.exe
C:\Users\PC\AppData\Local\Temp\SymCCIS.dll
C:\Users\PC\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\PC\AppData\Local\Temp\System.Data.SQLite15573.dll
C:\Users\PC\AppData\Local\Temp\System.Data.SQLite21919.dll
C:\Users\PC\AppData\Local\Temp\System.Data.SQLite22651.dll
C:\Users\PC\AppData\Local\Temp\System.Data.SQLite28779.dll
C:\Users\PC\AppData\Local\Temp\System.Data.SQLite32316.dll
C:\Users\PC\AppData\Local\Temp\System.Data.SQLite33425.dll
C:\Users\PC\AppData\Local\Temp\System.Data.SQLite34024.dll
C:\Users\PC\AppData\Local\Temp\System.Data.SQLite36603.dll
C:\Users\PC\AppData\Local\Temp\System.Data.SQLite37200.dll
C:\Users\PC\AppData\Local\Temp\System.Data.SQLite53053.dll
C:\Users\PC\AppData\Local\Temp\System.Data.SQLite59154.dll
C:\Users\PC\AppData\Local\Temp\System.Data.SQLite62459.dll
C:\Users\PC\AppData\Local\Temp\System.Data.SQLite64000.dll
C:\Users\PC\AppData\Local\Temp\System.Data.SQLite65931.dll
C:\Users\PC\AppData\Local\Temp\System.Data.SQLite68567.dll
C:\Users\PC\AppData\Local\Temp\System.Data.SQLite71026.dll
C:\Users\PC\AppData\Local\Temp\System.Data.SQLite84462.dll
C:\Users\PC\AppData\Local\Temp\System.Data.SQLite87266.dll
C:\Users\PC\AppData\Local\Temp\System.Data.SQLite88762.dll
C:\Users\PC\AppData\Local\Temp\System.Data.SQLite91214.dll
C:\Users\PC\AppData\Local\Temp\System.Data.SQLite96548.dll
C:\Users\PC\AppData\Local\Temp\System.Data.SQLite99968.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-09-11 12:10

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by PC at 2014-09-15 09:57:21
Running from C:\Users\PC\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: F-PROT Antivirus for Windows (Enabled - Out of date) {31B7FFC6-2716-5A4E-528D-32786E690ED2}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip 9.20) (Version: - )
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.1.0.381 - Amazon Services LLC)
Any Video Converter 5.6.6 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Blasteroids (HKLM-x32\...\Blasteroids) (Version: 2.7.31 - Acute Angle Solutions)
Cirrus Logic Audio Panel (Version: 1.1.12.4 - Cirrus Logic) Hidden
Cirrus Logic Audio x64 (Version: 6.24.5.2 - Cirrus Logic) Hidden
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0337 - Disc Soft Ltd)
Dell Audio (HKLM-x32\...\{3A69FD31-5EE7-42C9-918B-81C07AA21043}) (Version: 6.24.5.2 - Cirrus Logic)
Dell Resource CD (HKLM-x32\...\{42929F0F-CE14-47AF-9FC7-FF297A603021}) (Version: 1.00.0000 - Dell Inc.)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 6.20.55.52 - Dell Inc.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
F-PROT Antivirus for Windows x64 (HKLM-x32\...\{D0C17D81-D40D-4C23-B8FA-95E817D0B7BE}) (Version: 6.0.9.6 - FRISK Software)
free-for-download bundle (HKLM-x32\...\free-for-download bundle) (Version: 2.0.0.5 - free-for-download)
Gameo (HKCU\...\Gameo) (Version: 0.9.1 - Fried Cookie Software)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iSkysoft Video Converter Ultimate(Build 5.3.0.0) (HKLM-x32\...\iSkysoft Video Converter Ultimate_is1) (Version: 5.3.0.0 - iSkysoft Software)
KeepMySettingsX (HKLM-x32\...\KeepMySettingsX) (Version: - InstallX, LLC) <==== ATTENTION
K-Lite Codec Pack 10.6.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.6.5 - )
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker 6.0 for Windows 7 (64-bit) (HKLM\...\{A7395F20-2B22-4CB8-8510-B452C0F47E02}) (Version: 6.0.0 - Microsoft Corporation)
Mozilla Firefox 32.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 en-US)) (Version: 32.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.53.216.2012 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.30132 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Speed Cleaner (HKLM-x32\...\{ba143c75-f154-4a74-9b6a-2a71890c9a4e}) (Version: 1.0.0.0 - OneBit IT)
Speed Cleaner (x32 Version: 1.0.0.0 - OneBit IT) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.1.21 - Safer-Networking Ltd.)
WeatherBug® (HKLM-x32\...\WeatherBug®) (Version: 10.0.7.4 - Earth Networks, Inc.)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2500 - Broadcom Corporation)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Movie Maker Packages (HKCU\...\Windows Live Movie Maker Packages) (Version: - ) <==== ATTENTION
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Movie Maker 6.1 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2winmovie}}_is1) (Version: - win-movie-maker-free)
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - Yahoo! Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3916436062-207176951-769512379-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\PC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3916436062-207176951-769512379-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3916436062-207176951-769512379-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3916436062-207176951-769512379-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3916436062-207176951-769512379-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3916436062-207176951-769512379-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3916436062-207176951-769512379-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3916436062-207176951-769512379-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3916436062-207176951-769512379-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points =========================

03-09-2014 19:57:40 Windows Modules Installer
03-09-2014 19:58:04 Windows Modules Installer
03-09-2014 21:14:54 Windows Update
06-09-2014 21:43:28 Windows Update
10-09-2014 23:56:08 Windows Update
12-09-2014 05:30:04 Windows Update
14-09-2014 00:29:32 OTL Restore Point - 9/13/2014 4:29:28 PM

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 18:34 - 2009-06-10 13:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1D74E23C-1CF8-4349-907E-8F06A5EDB51E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-13] (Adobe Systems Incorporated)
Task: {3F9D2257-5007-40A1-818D-248B78633B7A} - System32\Tasks\Amazon Music Helper => C:\Users\PC\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [2013-11-24] ()
Task: {5CA46230-7856-42D1-8FD8-D563187BC9DF} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3916436062-207176951-769512379-1000UA => C:\Users\PC\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-08-03] (Facebook Inc.)
Task: {6B538F19-26CC-47A5-B229-8C87C7DCF8B8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {86EBA3D3-3897-4898-ADC2-1C79396F367F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3916436062-207176951-769512379-1000Core => C:\Users\PC\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-08-03] (Facebook Inc.)
Task: {8D5975FC-EF5F-4261-9660-CE294BC22441} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {F37197EC-8701-4FBE-83BB-9701DAA5B47E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {F639E782-0018-43BC-AA5B-75719B0D96B5} - System32\Tasks\KeepMySettingsX => C:\Users\PC\AppData\Roaming\KeepMySettingsX\keepmysettingsx.exe [2014-08-29] (InstallX, LLC)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3916436062-207176951-769512379-1000Core.job => C:\Users\PC\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3916436062-207176951-769512379-1000UA.job => C:\Users\PC\AppData\Local\Facebook\Update\FacebookUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-05-10 16:47 - 2012-05-10 16:47 - 20567552 _____ () C:\Program Files\Cirrus Logic Audio Panel\CirrusAudioPanel_Dell.exe
2012-05-10 16:47 - 2012-05-10 16:47 - 03625472 _____ () C:\Program Files\Cirrus Logic Audio Panel\en-US\CirrusAudioPanel_Dell.resources.dll
2012-05-10 16:47 - 2012-05-10 16:47 - 00048128 _____ () C:\Program Files\Cirrus Logic Audio Panel\CoreAudioApi.dll
2012-05-10 16:47 - 2012-05-10 16:47 - 00013824 _____ () C:\Program Files\Cirrus Logic Audio Panel\LocalizationControlsLib.dll
2012-05-10 16:47 - 2012-05-10 16:47 - 00260096 _____ () C:\Program Files\Cirrus Logic Audio Panel\LocalizeLanguage.dll
2012-05-10 16:47 - 2012-05-10 16:47 - 00011776 _____ () C:\Program Files\Cirrus Logic Audio Panel\ExtendedWindowsControls.dll
2013-10-11 20:06 - 2012-03-27 08:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-11-10 14:32 - 2013-11-24 09:56 - 03139072 _____ () C:\Users\PC\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2014-08-30 00:22 - 2014-04-01 08:18 - 00146736 ____N () C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe
2014-08-30 00:31 - 2014-08-25 19:28 - 41402880 _____ () C:\Users\PC\AppData\Roaming\Gameo\gameo.exe
2014-07-06 03:25 - 2014-07-06 03:25 - 01466784 _____ () C:\Program Files (x86)\Speed Cleaner\Speed Cleaner.exe
2014-05-19 00:10 - 2014-05-19 00:10 - 00020480 _____ () C:\Program Files (x86)\Speed Cleaner\UrlHistoryLibrary.dll
2014-08-29 23:42 - 2013-08-23 13:36 - 00721263 _____ () C:\Windows\SysWOW64\ISCM64.dll
2013-10-11 21:57 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-10-11 21:57 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-10-11 21:57 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-10-11 21:57 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-10-11 21:57 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-09-15 09:28 - 2014-09-15 09:28 - 00043008 _____ () c:\users\pc\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgmb1cj.dll
2014-04-24 18:53 - 2013-08-23 11:01 - 25100288 _____ () C:\Users\PC\AppData\Roaming\Dropbox\bin\libcef.dll
2014-08-30 00:31 - 2014-08-25 19:28 - 00900096 _____ () C:\Users\PC\AppData\Roaming\Gameo\libglesv2.dll
2014-08-30 00:31 - 2014-08-25 19:28 - 00102400 _____ () C:\Users\PC\AppData\Roaming\Gameo\libegl.dll
2014-08-29 23:22 - 2014-08-05 10:22 - 01489408 _____ () C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\DAQExp.dll
2014-08-29 23:22 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\CBSCreateVC.dll
2014-08-29 23:42 - 2014-08-05 10:22 - 01489408 _____ () C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\DAQExp.dll
2014-08-29 23:42 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\CBSCreateVC.dll
2014-08-30 00:31 - 2014-08-25 19:28 - 00882176 _____ () C:\Users\PC\AppData\Roaming\Gameo\ffmpegsumo.dll
2014-09-15 09:28 - 2014-09-15 09:28 - 00271872 _____ () C:\Users\PC\AppData\Local\Temp\nw2672_23614\node_modules\gameo_utils\Build\Release\gameo_utils_node.node
2014-09-15 09:28 - 2014-09-15 09:28 - 00095232 _____ () C:\Users\PC\AppData\Local\Temp\nw2672_23614\node_modules\gameo_utils\Build\Release\gameo_utils.dll
2014-09-15 09:28 - 2014-09-15 09:28 - 00074752 _____ () C:\Users\PC\AppData\Local\Temp\nw2672_23614\node_modules\goldengate\build\Release\gg.node
2014-09-15 09:28 - 2014-09-15 09:28 - 00402432 _____ () C:\Users\PC\AppData\Local\Temp\nw2672_23614\node_modules\goldengate\build\Release\GOLDENGATE.dll
2014-09-11 21:54 - 2014-09-11 21:54 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\27372090b75ca919048606aad2206bf4\IsdiInterop.ni.dll
2013-10-11 19:14 - 2012-02-01 16:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2014-09-15 09:29 - 2014-09-15 09:29 - 16340144 _____ () C:\Users\PC\AppData\Local\Temp\nw2672_23614\plugins\NPSWF32_13_0_0_168.dll
2013-10-11 19:13 - 2012-03-06 14:27 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-09-13 18:41 - 2014-09-13 18:42 - 03716720 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-09-15 09:29 - 2014-09-15 09:29 - 01184128 _____ () C:\ProgramData\waciau\dat\FDrvUKoZPFI.dll
2014-09-13 20:12 - 2014-09-13 20:12 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\PC\Downloads\final longer.mp3:TOC.WMV

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FPAVServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FPAVServer => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

==================== Faulty Device Manager Devices =============

Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel® Core™ i3-2370M CPU @ 2.40GHz
Percentage of memory in use: 57%
Total physical RAM: 3959.08 MB
Available physical RAM: 1690.36 MB
Total Pagefile: 7916.34 MB
Available Pagefile: 5068.28 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:435.66 GB) (Free:390.75 GB) NTFS
Drive f: (New Volume) (Fixed) (Total:30 GB) (Free:12.87 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 7A9CB426)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=435.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=30 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#4 OCD

SuperHelper

Malware Team
5,574 posts

Posted 15 September 2014 - 02:02 PM

Hi tblank,

Total Fragmentation on Drive C: 11% Defragment your hard drive soon! (Do NOT defrag if SSD!)

Is your hard drive a Solid State Drive?
http://en.wikipedia....lid-state_drive

=========================

Uninstall via Programs and Features

Click Start > Control Panel > Programs and Features. Locate and select the following that are present on the list and click the Remove button:

Speed Cleaner
KeepMySettings

=========================

FRST Fix Script

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the desktop as fixlist.txt

Start
() C:\Program Files (x86)\Speed Cleaner\Speed Cleaner.exe
HKLM-x32\...\Run: [Speed Cleaner] => C:\Program Files (x86)\Speed Cleaner\Speed Cleaner.exe [1466784 2014-07-06] ()
2014-08-29 23:08 - 2014-08-29 23:09 - 02045464 _____ (SafeInstall, LLC) C:\Users\PC\Downloads\7zip_bimo(1).exe
2014-08-29 23:08 - 2014-08-29 23:08 - 02045464 _____ (SafeInstall, LLC) C:\Users\PC\Downloads\7zip_bimo.exe
2014-08-29 22:47 - 2014-09-01 09:38 - 00000000 ____D () C:\ProgramData\Optimizer
SearchScopes: HKCU - {F797DA33-B945-45AB-ABA6-DCE488368F04} URL = http://astromenda.co...=1492080581&ir=
2014-08-31 23:18 - 2009-07-13 21:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
C:\ProgramData\bprompt.exe
KeepMySettingsX (HKLM-x32\...\KeepMySettingsX) (Version:  - InstallX, LLC) <==== ATTENTION
Speed Cleaner (HKLM-x32\...\{ba143c75-f154-4a74-9b6a-2a71890c9a4e}) (Version: 1.0.0.0 - OneBit IT)
Speed Cleaner (x32 Version: 1.0.0.0 - OneBit IT) Hidden
Task: {F639E782-0018-43BC-AA5B-75719B0D96B5} - System32\Tasks\KeepMySettingsX => C:\Users\PC\AppData\Roaming\KeepMySettingsX\keepmysettingsx.exe [2014-08-29] (InstallX, LLC)
2014-07-06 03:25 - 2014-07-06 03:25 - 01466784 _____ () C:\Program Files (x86)\Speed Cleaner\Speed Cleaner.exe
2014-05-19 00:10 - 2014-05-19 00:10 - 00020480 _____ () C:\Program Files (x86)\Speed Cleaner\UrlHistoryLibrary.dll
2014-08-29 23:13 - 2014-08-29 23:13 - 00003018 _____ () C:\Windows\System32\Tasks\KeepMySettingsX
2014-08-29 23:13 - 2014-08-29 23:12 - 00000000 ____D () C:\Users\PC\AppData\Roaming\KeepMySettingsX
(InstallX, LLC) C:\Users\PC\AppData\Roaming\KeepMySettingsX\keepmysettingsx.exe
Empty Temp:
End

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST and press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) please post it to your reply.

=========================

In your next post please provide the following:

Fixlog.txt
How is the computer running at the moment?

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days

If you are satisfied with the help you have received, please consider making a donation.

#5 tblank

New Member

Authentic Member
13 posts

Posted 15 September 2014 - 03:03 PM

Running much better, but I did get a tab opening by itself trying to load something like blasteroids.com or something.

here's the fixlog

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014
Ran by PC at 2014-09-15 12:50:40 Run:1
Running from C:\Users\PC\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
() C:\Program Files (x86)\Speed Cleaner\Speed Cleaner.exe
HKLM-x32\...\Run: [Speed Cleaner] => C:\Program Files (x86)\Speed Cleaner\Speed Cleaner.exe [1466784 2014-07-06] ()
2014-08-29 23:08 - 2014-08-29 23:09 - 02045464 _____ (SafeInstall, LLC) C:\Users\PC\Downloads\7zip_bimo(1).exe
2014-08-29 23:08 - 2014-08-29 23:08 - 02045464 _____ (SafeInstall, LLC) C:\Users\PC\Downloads\7zip_bimo.exe
2014-08-29 22:47 - 2014-09-01 09:38 - 00000000 ____D () C:\ProgramData\Optimizer
SearchScopes: HKCU - {F797DA33-B945-45AB-ABA6-DCE488368F04} URL = http://astromenda.co...=1492080581&ir=
2014-08-31 23:18 - 2009-07-13 21:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
C:\ProgramData\bprompt.exe
KeepMySettingsX (HKLM-x32\...\KeepMySettingsX) (Version: - InstallX, LLC) <==== ATTENTION
Speed Cleaner (HKLM-x32\...\{ba143c75-f154-4a74-9b6a-2a71890c9a4e}) (Version: 1.0.0.0 - OneBit IT)
Speed Cleaner (x32 Version: 1.0.0.0 - OneBit IT) Hidden
Task: {F639E782-0018-43BC-AA5B-75719B0D96B5} - System32\Tasks\KeepMySettingsX => C:\Users\PC\AppData\Roaming\KeepMySettingsX\keepmysettingsx.exe [2014-08-29] (InstallX, LLC)
2014-07-06 03:25 - 2014-07-06 03:25 - 01466784 _____ () C:\Program Files (x86)\Speed Cleaner\Speed Cleaner.exe
2014-05-19 00:10 - 2014-05-19 00:10 - 00020480 _____ () C:\Program Files (x86)\Speed Cleaner\UrlHistoryLibrary.dll
2014-08-29 23:13 - 2014-08-29 23:13 - 00003018 _____ () C:\Windows\System32\Tasks\KeepMySettingsX
2014-08-29 23:13 - 2014-08-29 23:12 - 00000000 ____D () C:\Users\PC\AppData\Roaming\KeepMySettingsX
(InstallX, LLC) C:\Users\PC\AppData\Roaming\KeepMySettingsX\keepmysettingsx.exe
Empty Temp:
End
*****************

C:\Program Files (x86)\Speed Cleaner\Speed Cleaner.exe => No running process found
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Speed Cleaner => Value not found.
C:\Users\PC\Downloads\7zip_bimo(1).exe => Moved successfully.
C:\Users\PC\Downloads\7zip_bimo.exe => Moved successfully.
C:\ProgramData\Optimizer => Moved successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F797DA33-B945-45AB-ABA6-DCE488368F04}" => Key deleted successfully.
"HKCR\CLSID\{F797DA33-B945-45AB-ABA6-DCE488368F04}" => Key not found.
C:\Windows\System32\Tasks\WPD => Moved successfully.
"C:\ProgramData\bprompt.exe" => File/Directory not found.
KeepMySettingsX (HKLM-x32\...\KeepMySettingsX) (Version: - InstallX, LLC) <==== ATTENTION => Error: No automatic fix found for this entry.
Speed Cleaner (HKLM-x32\...\{ba143c75-f154-4a74-9b6a-2a71890c9a4e}) (Version: 1.0.0.0 - OneBit IT) => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\\SystemComponent => Value not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F639E782-0018-43BC-AA5B-75719B0D96B5}" => Key not found.
C:\Windows\System32\Tasks\KeepMySettingsX not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KeepMySettingsX" => Key not found.
"C:\Program Files (x86)\Speed Cleaner\Speed Cleaner.exe" => File/Directory not found.
"C:\Program Files (x86)\Speed Cleaner\UrlHistoryLibrary.dll" => File/Directory not found.
"C:\Windows\System32\Tasks\KeepMySettingsX" => File/Directory not found.
"C:\Users\PC\AppData\Roaming\KeepMySettingsX" => File/Directory not found.
C:\Users\PC\AppData\Roaming\KeepMySettingsX\keepmysettingsx.exe => No running process found
EmptyTemp: => Removed 1.3 GB temporary data.

The system needed a reboot.

==== End of Fixlog ====

#6 OCD

SuperHelper

Malware Team
5,574 posts

Posted 15 September 2014 - 05:27 PM

Hi tblank,

Please answer the previous question about your hard drive.

=========================

Uninstall via Programs and Features

Click Start > Control Panel > Programs and Features. Locate and select the following that are present on the list and click the Remove button:

Blasteroids

Start
(Acute Angle Solutions) C:\ProgramData\waciau\savSNMWBQ.exe
R2 savSNMWBQ; C:\ProgramData\waciau\savSNMWBQ.exe [2319744 2014-08-29] (Acute Angle Solutions)
Blasteroids (HKLM-x32\...\Blasteroids) (Version: 2.7.31 - Acute Angle Solutions)
End

- Windows XP : Double click on the icon to run it.
- Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.

=========================

In your next post please provide the following:

Fixlog.txt
new FRST.txt

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days

If you are satisfied with the help you have received, please consider making a donation.

#7 OCD

SuperHelper

Malware Team
5,574 posts

Posted 18 September 2014 - 11:16 PM

Hi tblank,

Just checking in to see if you still need help?

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days

If you are satisfied with the help you have received, please consider making a donation.

#8 tblank

New Member

Authentic Member
13 posts

Posted 19 September 2014 - 12:17 AM

I do. I'll be out of town for the next three days so I might not be able to post the logs you requested right away.

I have a standard HDD.

#9 OCD

SuperHelper

Malware Team
5,574 posts

Posted 19 September 2014 - 05:58 PM

:thumbup:

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days

If you are satisfied with the help you have received, please consider making a donation.

#10 OCD

SuperHelper

Malware Team
5,574 posts

Posted 23 September 2014 - 11:35 PM

Hi tblank,

Are you ready to continue?

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days

If you are satisfied with the help you have received, please consider making a donation.

#11 OCD

SuperHelper

Malware Team
5,574 posts

Posted 26 September 2014 - 08:26 PM

Due to inactivity this topic will be closed.
If you need help please start a new thread.

New members follow the instructions here http://forums.whatth...ed_t106388.html and start a new topic

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days

If you are satisfied with the help you have received, please consider making a donation.

Body Background

skin color theme