Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2014 01 Ran by Exhalation (administrator) on RAFAL on 26-07-2014 17:36:07 Running from G:\FRST-OlderVersion\FRST-OlderVersion Platform: Windows 8 Pro (X64) OS Language: English (United States) Internet Explorer Version 10 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe () C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe () C:\Windows\SysWOW64\PnkBstrA.exe () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [36352 2013-01-31] (Intel Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13519432 2013-04-09] (Realtek Semiconductor) HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [452608 2013-01-28] (Realtek Semiconductor Corporation) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2875728 2013-03-04] (ELAN Microelectronics Corp.) HKLM\...\Run: [VDownloader] => C:\Program Files\VDownloader\VDownloader.exe [882176 2014-01-28] (Vitzo) HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe [7715160 2014-06-03] () HKLM-x32\...\Run: [NCUpdateHelper] => C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [112856 2014-06-12] (VMware, Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-17] (AVAST Software) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2217388944-3831791737-893644498-1001\...\Run: [GoogleChromeAutoLaunch_EAF4019870FBFC211560BCD13F3413A7] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-04-24] (Google Inc.) HKU\S-1-5-21-2217388944-3831791737-893644498-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-2217388944-3831791737-893644498-1001\...\Run: [ChomikBox] => C:\Program Files (x86)\ChomikBox\chomikbox.exe [6033408 2014-03-11] ( ) HKU\S-1-5-21-2217388944-3831791737-893644498-1001\...\Run: [LoL Summoner Information] => C:\Program Files (x86)\LSI\LoLSummonerInfo.exe [20261888 2014-07-18] () HKU\S-1-5-21-2217388944-3831791737-893644498-1001\...\MountPoints2: {817f1ce6-f4bc-11e3-be76-240a64e9f04e} - "G:\AutoRun.exe" HKU\S-1-5-21-2217388944-3831791737-893644498-1001\...\MountPoints2: {8a63d890-ee4b-11e3-be74-240a64e9f04e} - "E:\FF7_v1.0.5.exe" AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-03-28] (NVIDIA Corporation) AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [201576 2013-03-28] (NVIDIA Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Qualcomm Atheros Killer Network Manager.lnk ShortcutTarget: Qualcomm Atheros Killer Network Manager.lnk -> C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe () Startup: C:\Users\Exhalation\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk ShortcutTarget: Curse.lnk -> C:\Users\Exhalation\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc) ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ShellIconOverlayIdentifiers-x32: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC27BD5029568CF01 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: deal2Dealit -> {B5BC2A24-CD19-2CEE-0BD6-53DD46482948} -> C:\ProgramData\deal2Dealit\8KebtIDL.x64.dll () BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 87.204.204.204 62.233.233.233 FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @ncsoft.com/Plugin - C:\Program Files (x86)\plaync\NCPlugin\npncllm3.dll No File FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation) FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-17] Chrome: ======= CHR HomePage: hxxp://www.sweet-page.com/?type=hp&ts=1399321749&from=cor&uid=HGSTXHTS541075A9E680_JD12021W05K6TK05K6TKX CHR StartupUrls: "hxxp://www.sweet-page.com/?type=hp&ts=1399321749&from=cor&uid=HGSTXHTS541075A9E680_JD12021W05K6TK05K6TKX" CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Exhalation\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll () CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll () CHR Plugin: (Battlelog Game Launcher) - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll No File CHR Plugin: ( "name": "",) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) CHR Plugin: ( "name": "",) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (NCSOFT Login Launcher Module) - C:\Program Files (x86)\plaync\NCPlugin\npncllm3.dll No File CHR Plugin: (thriXXX WebLaunch) - C:\Program Files (x86)\thriXXX\WebLaunch\Binaries\npWebLaunch.dll No File CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) CHR Extension: (Quick Sidebar) - C:\Users\Exhalation\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd [2014-07-25] CHR Extension: (Dokumenty Google) - C:\Users\Exhalation\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-05] CHR Extension: (Dysk Google) - C:\Users\Exhalation\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-05] CHR Extension: (Krople deszczu) - C:\Users\Exhalation\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcipapbfhdnmgihoimbjiadmhpcgcnil [2014-05-05] CHR Extension: (YouTube) - C:\Users\Exhalation\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-05] CHR Extension: (Striker Manager) - C:\Users\Exhalation\AppData\Local\Google\Chrome\User Data\Default\Extensions\chmachfiimeggafocgeldapnchdnoiib [2014-05-06] CHR Extension: (Szukaj w Google) - C:\Users\Exhalation\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-05] CHR Extension: (jQuerify) - C:\Users\Exhalation\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmifchmngifmadobkcpijhhldeeelkc [2014-06-29] CHR Extension: (AdBlock) - C:\Users\Exhalation\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-05] CHR Extension: (avast! Online Security) - C:\Users\Exhalation\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-18] CHR Extension: (Top Eleven) - C:\Users\Exhalation\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljphpjlafmmdmegmfbkacafhbegjfkkn [2014-05-06] CHR Extension: (Google Wallet) - C:\Users\Exhalation\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-05] CHR Extension: (Quick start) - C:\Users\Exhalation\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-07-25] CHR Extension: (Gmail) - C:\Users\Exhalation\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-05] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-17] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-17] (AVAST Software) R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [39424 2012-12-07] () [File not signed] R2 ETDService; C:\Program Files\Elantech\ETDService.exe [99664 2013-03-04] (ELAN Microelectronics Corp.) S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation) S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] () S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation) R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe [706864 2014-06-03] () R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-07-16] (LogMeIn, Inc.) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5226672 2014-01-22] (INCA Internet Co., Ltd.) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-10] () R2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [495616 2013-03-15] () [File not signed] R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14407384 2014-06-12] () S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-17] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-17] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-17] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-17] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-17] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-17] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-17] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-17] () R1 BdfNdisf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfndisf6.sys [97816 2014-04-22] (BitDefender LLC) R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [107080 2014-04-22] (BitDefender LLC) R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [74096 2013-03-15] (Qualcomm Atheros, Inc.) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-06-08] (Disc Soft Ltd) R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [150256 2014-04-22] (BitDefender LLC) R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-07-21] (LogMeIn Inc.) R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [174448 2013-03-15] (Qualcomm Atheros, Inc.) R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [524360 2013-01-30] (Realtek Semiconductor Corporation) R3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [448072 2013-02-01] (RTS Corporation) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1544704 2013-03-12] (Realtek Semiconductor Corporation ) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-05-11] (Duplex Secure Ltd.) S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-04-22] (BitDefender S.R.L.) R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.) R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.) U3 ah2nixga; C:\Windows\System32\Drivers\ah2nixga.sys [0 ] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-26 17:26 - 2014-07-26 17:26 - 00422192 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-26 17:25 - 2014-07-26 17:25 - 00000136 _____ () C:\Windows\system32\netcfg-129484.txt 2014-07-26 17:25 - 2014-07-26 17:25 - 00000134 _____ () C:\Windows\system32\netcfg-129046.txt 2014-07-26 17:25 - 2014-07-26 17:25 - 00000134 _____ () C:\Windows\system32\netcfg-127875.txt 2014-07-26 17:21 - 2014-07-26 17:29 - 00000000 ___RD () C:\Windows\BrowserChoice 2014-07-26 05:24 - 2014-03-28 10:23 - 19759104 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-07-26 05:24 - 2014-03-28 08:18 - 17562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-07-26 05:24 - 2013-01-10 01:26 - 01611776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe 2014-07-26 05:24 - 2013-01-10 01:26 - 00890880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2014-07-26 05:24 - 2013-01-10 01:23 - 02094592 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe 2014-07-26 05:24 - 2013-01-10 01:23 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll 2014-07-26 05:24 - 2013-01-10 01:23 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll 2014-07-26 05:24 - 2013-01-10 01:23 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\srmstormod.dll 2014-07-26 05:24 - 2013-01-10 01:22 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2014-07-26 05:24 - 2013-01-10 01:22 - 00820736 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll 2014-07-26 05:23 - 2014-06-18 01:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-07-26 05:23 - 2014-06-18 01:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-07-26 05:23 - 2014-06-11 06:18 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-07-26 05:23 - 2014-05-03 07:47 - 03246592 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2014-07-26 05:23 - 2014-05-03 05:34 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2014-07-26 05:23 - 2014-04-30 00:32 - 01301504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-07-26 05:23 - 2014-04-30 00:22 - 01023488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-07-26 05:23 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe 2014-07-26 05:23 - 2014-04-19 10:45 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2014-07-26 05:23 - 2014-04-19 10:45 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-07-26 05:23 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2014-07-26 05:23 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-07-26 05:23 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll 2014-07-26 05:23 - 2013-10-10 13:53 - 00096600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys 2014-07-26 05:23 - 2013-10-10 11:21 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2014-07-26 05:23 - 2013-10-10 11:20 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2014-07-26 05:23 - 2013-08-16 07:21 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll 2014-07-26 05:23 - 2013-07-06 02:15 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2014-07-26 05:23 - 2013-07-04 04:13 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2014-07-26 05:23 - 2013-06-10 21:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2014-07-26 05:23 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2014-07-26 05:23 - 2013-06-10 21:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2014-07-26 05:23 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2014-07-26 05:23 - 2013-01-10 03:53 - 00028904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpiowin32.sys 2014-07-26 05:23 - 2013-01-10 03:39 - 00194280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys 2014-07-26 05:23 - 2013-01-10 03:39 - 00124648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys 2014-07-26 05:23 - 2013-01-10 03:29 - 00091880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys 2014-07-26 05:23 - 2013-01-10 01:26 - 01752064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll 2014-07-26 05:23 - 2013-01-10 01:26 - 00436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL 2014-07-26 05:23 - 2013-01-10 01:26 - 00410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll 2014-07-26 05:23 - 2013-01-10 01:26 - 00278528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srm.dll 2014-07-26 05:23 - 2013-01-10 01:26 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll 2014-07-26 05:23 - 2013-01-10 01:26 - 00202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmstormod.dll 2014-07-26 05:23 - 2013-01-10 01:26 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaacmgr.exe 2014-07-26 05:23 - 2013-01-10 01:26 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll 2014-07-26 05:23 - 2013-01-10 01:25 - 00582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll 2014-07-26 05:23 - 2013-01-10 01:23 - 01886208 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll 2014-07-26 05:23 - 2013-01-10 01:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll 2014-07-26 05:23 - 2013-01-10 01:23 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll 2014-07-26 05:23 - 2013-01-10 01:23 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\srm.dll 2014-07-26 05:23 - 2013-01-10 01:23 - 00256000 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll 2014-07-26 05:23 - 2013-01-10 01:23 - 00240640 _____ (Microsoft Corporation) C:\Windows\system32\fsquirt.exe 2014-07-26 05:23 - 2013-01-10 01:23 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\wiaacmgr.exe 2014-07-26 05:23 - 2013-01-10 01:22 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll 2014-07-26 05:23 - 2013-01-10 01:22 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL 2014-07-26 05:23 - 2013-01-10 01:22 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll 2014-07-26 05:23 - 2013-01-09 05:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys 2014-07-26 05:23 - 2013-01-09 05:59 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS 2014-07-26 05:23 - 2013-01-09 05:58 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys 2014-07-26 05:23 - 2013-01-09 05:57 - 01175040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys 2014-07-26 05:23 - 2013-01-05 02:08 - 00386577 _____ () C:\Windows\system32\ApnDatabase.xml 2014-07-26 05:23 - 2012-11-26 06:21 - 00071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll 2014-07-26 05:23 - 2012-11-26 06:20 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll 2014-07-26 05:23 - 2012-11-02 07:19 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll 2014-07-26 05:23 - 2012-11-02 07:18 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll 2014-07-26 05:23 - 2012-11-02 07:18 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll 2014-07-26 05:23 - 2012-11-02 07:18 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\adhapi.dll 2014-07-26 05:23 - 2012-11-02 07:18 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\httpprxp.dll 2014-07-26 05:23 - 2012-11-02 07:18 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\keepaliveprovider.dll 2014-07-26 05:23 - 2012-10-12 10:08 - 00027880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys 2014-07-26 05:23 - 2012-10-12 08:14 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\srmclient.dll 2014-07-26 05:23 - 2012-10-12 08:14 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\srmscan.dll 2014-07-26 05:23 - 2012-10-12 08:14 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\srmshell.dll 2014-07-26 05:23 - 2012-10-12 08:14 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\adrclient.dll 2014-07-26 05:23 - 2012-10-12 08:14 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\srmtrace.dll 2014-07-26 05:23 - 2012-10-12 08:14 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll 2014-07-26 05:23 - 2012-10-12 08:14 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\srm_ps.dll 2014-07-26 05:23 - 2012-10-12 07:41 - 00987648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmclient.dll 2014-07-26 05:23 - 2012-10-12 07:41 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmscan.dll 2014-07-26 05:23 - 2012-10-12 07:41 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmshell.dll 2014-07-26 05:23 - 2012-10-12 07:41 - 00104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adrclient.dll 2014-07-26 05:23 - 2012-10-12 07:41 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmtrace.dll 2014-07-26 05:23 - 2012-10-12 07:41 - 00015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srm_ps.dll 2014-07-26 05:23 - 2012-10-10 09:04 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll 2014-07-26 05:23 - 2012-10-10 08:31 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll 2014-07-26 05:22 - 2013-10-19 07:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll 2014-07-26 05:22 - 2013-10-19 06:04 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll 2014-07-26 05:18 - 2014-03-28 21:19 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys 2014-07-26 05:18 - 2014-03-24 00:11 - 00269592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys 2014-07-26 05:18 - 2014-02-06 01:41 - 01257984 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-07-26 05:18 - 2014-02-06 01:19 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2014-07-26 05:18 - 2013-12-09 02:45 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-26 05:18 - 2013-12-09 01:59 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-07-26 05:18 - 2013-04-16 04:34 - 01455368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-07-26 05:18 - 2013-01-10 03:40 - 00303848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2014-07-26 05:16 - 2013-10-02 01:37 - 01569280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2014-07-26 05:16 - 2013-10-02 01:26 - 01890816 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2014-07-26 05:16 - 2013-07-06 00:02 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys 2014-07-26 05:16 - 2013-07-06 00:01 - 00210560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys 2014-07-26 05:16 - 2013-07-02 00:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys 2014-07-26 05:16 - 2013-06-29 05:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2014-07-26 05:16 - 2013-06-29 05:07 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2014-07-26 05:16 - 2013-06-22 07:45 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2014-07-26 05:16 - 2013-06-22 07:45 - 00054488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys 2014-07-26 05:16 - 2013-05-04 06:48 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys 2014-07-26 05:15 - 2014-06-19 04:12 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-26 05:15 - 2014-06-19 04:12 - 01366528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-26 05:15 - 2014-06-19 04:12 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll 2014-07-26 05:15 - 2014-06-19 04:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll 2014-07-26 05:15 - 2014-06-19 04:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-07-26 05:15 - 2014-06-19 04:11 - 19277312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-26 05:15 - 2014-06-19 04:11 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-07-26 05:15 - 2014-06-19 04:11 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-26 05:15 - 2014-06-19 04:10 - 15369728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-26 05:15 - 2014-06-19 04:10 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-26 05:15 - 2014-06-19 04:10 - 02650624 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-26 05:15 - 2014-06-19 04:10 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-07-26 05:15 - 2014-06-19 04:10 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-26 05:15 - 2014-06-19 04:10 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-26 05:15 - 2014-06-19 04:10 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-26 05:15 - 2014-06-19 04:10 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-07-26 05:15 - 2014-06-19 04:10 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-07-26 05:15 - 2014-06-19 04:10 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-07-26 05:15 - 2014-06-19 04:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-26 05:15 - 2014-06-19 04:10 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-07-26 05:15 - 2014-06-19 04:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-26 05:15 - 2014-06-19 02:53 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-26 05:15 - 2014-06-19 02:53 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-26 05:15 - 2014-06-19 02:53 - 01141760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-26 05:15 - 2014-06-19 02:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-26 05:15 - 2014-06-19 02:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-26 05:15 - 2014-06-19 02:53 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-26 05:15 - 2014-06-19 02:53 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll 2014-07-26 05:15 - 2014-06-19 02:52 - 13732352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-26 05:15 - 2014-06-19 02:52 - 02863616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-26 05:15 - 2014-06-19 02:52 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-26 05:15 - 2014-06-19 02:52 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-26 05:15 - 2014-06-19 02:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-07-26 05:15 - 2014-06-19 02:52 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-26 05:15 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-26 05:15 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-26 05:15 - 2014-06-19 02:52 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-07-26 05:15 - 2014-06-19 02:52 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-26 05:15 - 2014-06-19 02:52 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-26 05:15 - 2014-06-19 02:52 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-26 05:15 - 2014-06-19 02:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-26 05:15 - 2014-06-19 02:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-26 05:15 - 2014-06-19 00:05 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll 2014-07-26 05:13 - 2013-05-24 01:02 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2014-07-26 05:13 - 2013-05-24 00:25 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2014-07-26 05:12 - 2013-11-01 07:38 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll 2014-07-26 05:12 - 2013-11-01 05:49 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll 2014-07-26 05:12 - 2013-07-20 00:13 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2014-07-26 05:12 - 2013-07-20 00:13 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2014-07-26 05:12 - 2013-07-01 03:42 - 00623448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2014-07-26 05:12 - 2013-07-01 03:42 - 00498008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2014-07-26 05:12 - 2013-07-01 03:42 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2014-07-26 05:12 - 2013-07-01 03:42 - 00021848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2014-07-26 05:12 - 2013-06-29 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2014-07-26 05:12 - 2013-06-29 05:06 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2014-07-26 05:12 - 2013-05-27 01:17 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2014-07-26 05:12 - 2013-05-27 00:59 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2014-07-26 05:12 - 2013-05-25 05:15 - 00362496 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2014-07-26 05:12 - 2013-05-25 04:32 - 00300032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2014-07-26 05:12 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2014-07-26 05:12 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2014-07-26 05:12 - 2013-04-24 01:13 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe 2014-07-26 05:12 - 2013-04-24 01:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2014-07-26 05:12 - 2013-04-24 00:56 - 01255936 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe 2014-07-26 05:12 - 2013-04-24 00:55 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2014-07-26 05:12 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2014-07-26 05:12 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2014-07-26 05:12 - 2013-02-02 13:19 - 00329960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-07-26 05:12 - 2013-02-02 13:19 - 00061672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys 2014-07-26 05:12 - 2013-02-02 12:54 - 01933544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2014-07-26 05:12 - 2013-02-02 12:28 - 00993512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2014-07-26 05:12 - 2013-02-02 10:40 - 10792448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2014-07-26 05:12 - 2013-02-02 10:40 - 00410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlroamextension.dll 2014-07-26 05:12 - 2013-02-02 10:40 - 00370688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll 2014-07-26 05:12 - 2013-02-02 10:40 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll 2014-07-26 05:12 - 2013-02-02 10:40 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll 2014-07-26 05:12 - 2013-02-02 10:40 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll 2014-07-26 05:12 - 2013-02-02 10:40 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tasklist.exe 2014-07-26 05:12 - 2013-02-02 10:40 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskkill.exe 2014-07-26 05:12 - 2013-02-02 10:39 - 05090816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-07-26 05:12 - 2013-02-02 10:39 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll 2014-07-26 05:12 - 2013-02-02 10:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll 2014-07-26 05:12 - 2013-02-02 10:39 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll 2014-07-26 05:12 - 2013-02-02 10:39 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll 2014-07-26 05:12 - 2013-02-02 10:39 - 00015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlmproxy.dll 2014-07-26 05:12 - 2013-02-02 10:39 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlmsprep.dll 2014-07-26 05:12 - 2013-02-02 10:38 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\duser.dll 2014-07-26 05:12 - 2013-02-02 10:24 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\taskkill.exe 2014-07-26 05:12 - 2013-02-02 10:24 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\tasklist.exe 2014-07-26 05:12 - 2013-02-02 10:23 - 13643264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll 2014-07-26 05:12 - 2013-02-02 10:23 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll 2014-07-26 05:12 - 2013-02-02 10:23 - 00543232 _____ (Microsoft Corporation) C:\Windows\system32\wlroamextension.dll 2014-07-26 05:12 - 2013-02-02 10:23 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll 2014-07-26 05:12 - 2013-02-02 10:23 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll 2014-07-26 05:12 - 2013-02-02 10:23 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll 2014-07-26 05:12 - 2013-02-02 10:23 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll 2014-07-26 05:12 - 2013-02-02 10:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll 2014-07-26 05:12 - 2013-02-02 10:22 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll 2014-07-26 05:12 - 2013-02-02 10:21 - 05977600 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-07-26 05:12 - 2013-02-02 10:21 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll 2014-07-26 05:12 - 2013-02-02 10:21 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll 2014-07-26 05:12 - 2013-02-02 10:21 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll 2014-07-26 05:12 - 2013-02-02 10:20 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll 2014-07-26 05:12 - 2013-02-02 10:20 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\hotspotauth.dll 2014-07-26 05:12 - 2013-02-02 09:25 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys 2014-07-26 05:12 - 2013-02-02 09:25 - 00037632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys 2014-07-26 05:12 - 2012-11-27 05:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BtaMPM.sys 2014-07-26 05:12 - 2012-11-27 05:55 - 00029952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthhfHid.sys 2014-07-26 05:12 - 2012-11-20 06:56 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2014-07-26 05:12 - 2012-11-20 06:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidi2c.sys 2014-07-26 05:12 - 2012-11-08 06:24 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2014-07-26 05:12 - 2012-11-08 06:24 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2014-07-26 05:12 - 2012-11-08 06:20 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2014-07-26 05:12 - 2012-11-08 06:20 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2014-07-26 05:12 - 2012-11-08 06:02 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2014-07-26 05:12 - 2012-11-08 06:01 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2014-07-26 05:12 - 2012-09-20 08:32 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2014-07-26 05:12 - 2012-09-20 08:32 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll 2014-07-26 05:11 - 2014-06-03 00:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2014-07-26 05:11 - 2014-04-12 11:27 - 00172888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-07-26 05:11 - 2014-04-12 11:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-07-26 05:11 - 2014-04-12 11:09 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll 2014-07-26 05:11 - 2014-04-12 11:09 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll 2014-07-26 05:11 - 2014-04-12 11:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-07-26 05:11 - 2014-04-12 11:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-07-26 05:11 - 2014-04-12 11:08 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-07-26 05:11 - 2014-04-12 11:08 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-07-26 05:11 - 2014-04-12 11:08 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll 2014-07-26 05:11 - 2014-04-12 11:08 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-07-26 05:11 - 2014-04-12 11:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-07-26 05:11 - 2014-04-12 09:23 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll 2014-07-26 05:11 - 2014-04-12 09:23 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll 2014-07-26 05:11 - 2014-04-12 09:23 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-07-26 05:11 - 2014-04-12 09:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-07-26 05:11 - 2014-04-12 09:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-07-26 05:11 - 2014-04-12 09:22 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-07-26 05:11 - 2014-04-12 09:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-07-26 05:11 - 2014-04-12 08:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll 2014-07-26 05:11 - 2014-03-11 05:32 - 06987096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-07-26 05:11 - 2014-03-11 05:25 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2014-07-26 05:11 - 2014-03-11 02:41 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll 2014-07-26 05:11 - 2014-03-11 02:41 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-07-26 05:11 - 2014-03-11 02:41 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll 2014-07-26 05:11 - 2014-03-11 02:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2014-07-26 05:11 - 2014-03-11 02:38 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-07-26 05:11 - 2014-03-11 02:38 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2014-07-26 05:11 - 2014-03-11 02:38 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-07-26 05:11 - 2014-03-11 02:38 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll 2014-07-26 05:11 - 2014-03-11 02:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2014-07-26 05:11 - 2014-03-11 02:38 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2014-07-26 05:11 - 2014-03-11 02:38 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2014-07-26 05:11 - 2014-03-10 05:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2014-07-26 05:11 - 2014-03-10 03:27 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-07-26 05:11 - 2014-03-07 02:47 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-07-26 05:11 - 2014-03-07 02:08 - 01845760 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-07-26 05:11 - 2014-03-04 01:07 - 00570216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2014-07-26 05:11 - 2013-12-05 01:43 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll 2014-07-26 05:11 - 2013-12-05 01:37 - 00451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll 2014-07-26 05:11 - 2013-07-02 03:41 - 00447320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS 2014-07-26 05:11 - 2013-07-02 03:41 - 00337752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS 2014-07-26 05:11 - 2013-07-02 03:41 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS 2014-07-26 05:11 - 2013-04-27 07:20 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2014-07-26 05:11 - 2013-03-02 10:23 - 00375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll 2014-07-26 05:11 - 2013-03-02 10:22 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll 2014-07-26 05:11 - 2013-03-02 04:44 - 01011200 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll 2014-07-26 05:11 - 2013-03-02 04:44 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll 2014-07-26 05:11 - 2013-02-12 02:17 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys 2014-07-26 05:11 - 2013-02-06 00:31 - 00622080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2014-07-26 05:11 - 2013-02-06 00:29 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2014-07-26 05:11 - 2013-02-06 00:28 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2014-07-26 05:11 - 2013-02-06 00:28 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2014-07-26 05:11 - 2013-02-02 07:41 - 01437184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2014-07-26 05:11 - 2013-02-02 07:31 - 01690624 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2014-07-26 05:11 - 2012-12-15 06:55 - 00443392 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll 2014-07-26 05:11 - 2012-11-03 07:26 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\sysreset.exe 2014-07-26 05:11 - 2012-11-03 07:25 - 00945152 _____ (Microsoft Corporation) C:\Windows\system32\resetengmig.dll 2014-07-26 05:11 - 2012-11-01 06:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-07-26 05:11 - 2012-11-01 06:20 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-07-26 05:11 - 2012-10-24 05:25 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\ReAgentc.exe 2014-07-26 05:11 - 2012-10-24 04:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe 2014-07-26 05:11 - 2012-10-06 06:53 - 02893824 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-07-26 05:11 - 2012-10-06 06:15 - 02400256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2014-07-26 05:10 - 2014-06-06 16:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-07-26 05:10 - 2014-06-06 12:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-07-26 05:10 - 2014-05-30 00:24 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-07-26 05:10 - 2014-04-03 13:22 - 02233176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-07-26 05:10 - 2014-01-13 01:30 - 02238976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-07-26 05:10 - 2014-01-13 01:30 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-07-26 05:10 - 2013-11-20 02:15 - 03842560 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2014-07-26 05:10 - 2013-11-20 01:57 - 03288576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2014-07-26 05:10 - 2013-09-28 05:35 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2014-07-26 05:10 - 2013-08-07 07:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll 2014-07-26 05:10 - 2013-07-13 08:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2014-07-26 05:10 - 2013-07-13 08:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2014-07-26 05:10 - 2013-07-13 08:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll 2014-07-26 05:10 - 2013-07-13 08:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll 2014-07-26 05:10 - 2013-07-13 06:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2014-07-26 05:10 - 2013-07-13 06:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll 2014-07-26 05:10 - 2013-07-13 06:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll 2014-07-26 05:10 - 2013-03-02 11:59 - 00411880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-07-26 05:10 - 2012-11-10 06:23 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2014-07-26 05:10 - 2012-11-10 06:23 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2014-07-26 05:10 - 2012-11-10 06:22 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\RDWebAI.dll 2014-07-26 05:10 - 2012-11-10 06:22 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VmHostAI.dll 2014-07-26 05:10 - 2012-11-10 06:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\appserverai.dll 2014-07-26 05:10 - 2012-11-03 07:26 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe 2014-07-26 05:10 - 2012-11-03 07:26 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe 2014-07-26 05:10 - 2012-11-03 07:24 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll 2014-07-26 05:10 - 2012-11-03 07:24 - 00375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll 2014-07-26 05:10 - 2012-11-03 07:24 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll 2014-07-26 05:10 - 2012-11-03 07:24 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll 2014-07-26 05:10 - 2012-11-03 07:24 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\dpnhupnp.dll 2014-07-26 05:10 - 2012-11-03 07:24 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\dpnhpast.dll 2014-07-26 05:10 - 2012-11-03 07:24 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll 2014-07-26 05:10 - 2012-11-03 07:24 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll 2014-07-26 05:10 - 2012-11-03 07:04 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dpnlobby.dll 2014-07-26 05:10 - 2012-11-03 07:04 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll 2014-07-26 05:10 - 2012-11-03 07:00 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnlobby.dll 2014-07-26 05:10 - 2012-11-03 07:00 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll 2014-07-26 05:10 - 2012-11-01 06:41 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2014-07-26 05:10 - 2012-11-01 06:40 - 02361344 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2014-07-26 05:10 - 2012-11-01 06:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2014-07-26 05:10 - 2012-11-01 06:20 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2014-07-26 05:10 - 2012-10-24 05:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2014-07-26 05:10 - 2012-10-24 05:24 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2014-07-26 05:10 - 2012-10-24 05:24 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2014-07-26 05:10 - 2012-10-24 05:05 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2014-07-26 05:10 - 2012-10-11 09:02 - 01636672 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll 2014-07-26 05:09 - 2014-03-28 10:23 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll 2014-07-26 05:09 - 2014-01-31 02:48 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-07-26 05:09 - 2014-01-31 02:06 - 01628160 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-07-26 05:09 - 2013-11-23 08:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2014-07-26 05:09 - 2013-11-23 07:05 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2014-07-26 05:09 - 2013-10-10 11:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe 2014-07-26 05:09 - 2013-10-10 11:30 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll 2014-07-26 05:09 - 2013-10-10 11:30 - 00156160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll 2014-07-26 05:09 - 2013-10-10 11:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx 2014-07-26 05:09 - 2013-10-10 11:23 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe 2014-07-26 05:09 - 2013-10-10 11:22 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll 2014-07-26 05:09 - 2013-10-10 11:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll 2014-07-26 05:09 - 2013-10-02 01:37 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2014-07-26 05:09 - 2013-10-02 01:26 - 02304512 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-07-26 05:09 - 2013-08-23 09:22 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2014-07-26 05:09 - 2013-08-23 03:44 - 01711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2014-07-26 05:09 - 2013-08-02 08:28 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2014-07-26 05:09 - 2013-08-02 07:08 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2014-07-26 05:09 - 2013-04-03 01:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll 2014-07-26 05:09 - 2013-04-03 01:12 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll 2014-07-26 05:09 - 2013-03-22 05:49 - 02382336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll 2014-07-26 05:09 - 2013-03-22 00:47 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll 2014-07-26 05:09 - 2013-03-15 02:17 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2014-07-26 05:09 - 2013-03-02 12:39 - 00069864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys 2014-07-26 05:09 - 2013-03-02 04:43 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2014-07-26 05:09 - 2013-02-07 03:33 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2014-07-26 05:09 - 2012-12-13 06:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-07-26 05:09 - 2012-12-13 05:59 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-07-26 05:09 - 2012-10-11 07:45 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll 2014-07-26 05:09 - 2012-10-11 07:19 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys 2014-07-26 05:09 - 2012-10-11 07:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2014-07-26 05:03 - 2014-07-26 05:03 - 02313988 _____ () C:\Users\Exhalation\Downloads\esetsmartinstaller_plk.exe 2014-07-26 01:56 - 2014-05-10 05:13 - 03448880 _____ () C:\Users\Exhalation\Desktop\avg_remover_slt.exe 2014-07-26 00:38 - 2014-07-26 00:46 - 03437264 _____ () C:\Users\Exhalation\Desktop\avg_remover_slt.com 2014-07-25 19:39 - 2014-07-25 19:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-07-25 18:08 - 2014-07-25 18:08 - 00069494 _____ () C:\Users\Exhalation\Desktop\OTLExtras.Txt 2014-07-25 18:06 - 2014-07-25 18:06 - 00545288 _____ () C:\Users\Exhalation\Desktop\GMER.txt 2014-07-25 18:05 - 2014-07-25 18:05 - 00545288 _____ () C:\Users\Exhalation\Desktop\GMER.log 2014-07-25 17:55 - 2014-07-25 17:55 - 00000000 ____D () C:\ProgramData\Doctor Web 2014-07-25 17:51 - 2014-07-25 19:19 - 00000000 ____D () C:\Users\Exhalation\Doctor Web 2014-07-25 16:03 - 2014-07-26 17:36 - 00000000 ____D () C:\FRST 2014-07-25 15:52 - 2014-07-25 15:52 - 00000614 _____ () C:\DelFix.txt 2014-07-25 15:47 - 2014-07-25 15:47 - 00001078 _____ () C:\Windows\system32\netcfg-171718.txt 2014-07-25 15:47 - 2014-07-25 15:47 - 00000139 _____ () C:\Windows\system32\netcfg-180250.txt 2014-07-25 15:47 - 2014-07-25 15:47 - 00000139 _____ () C:\Windows\system32\netcfg-179890.txt 2014-07-25 15:47 - 2014-07-25 15:47 - 00000139 _____ () C:\Windows\system32\netcfg-179015.txt 2014-07-25 15:47 - 2014-07-25 15:47 - 00000139 _____ () C:\Windows\system32\netcfg-178843.txt 2014-07-25 15:47 - 2014-07-25 15:47 - 00000139 _____ () C:\Windows\system32\netcfg-167718.txt 2014-07-25 15:47 - 2014-07-25 15:47 - 00000132 _____ () C:\Windows\system32\netcfg-189984.txt 2014-07-25 15:47 - 2014-07-25 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2014-07-25 15:46 - 2014-07-25 15:47 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi 2014-07-25 15:42 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-07-23 00:33 - 2014-07-25 01:57 - 00000000 ____D () C:\ProgramData\Solidshield 2014-07-23 00:14 - 2014-07-23 00:14 - 00000000 ____D () C:\Users\Exhalation\Documents\Square Enix 2014-07-23 00:09 - 2014-07-23 00:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Square Enix 2014-07-22 23:50 - 2014-07-25 01:58 - 00000000 ____D () C:\bdac9cbf73796bf83651679213fd 2014-07-22 17:11 - 2014-07-22 17:11 - 00000000 ____D () C:\Users\Exhalation\AppData\Local\My Games 2014-07-22 17:07 - 2014-07-22 17:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Civilization 5 2014-07-22 03:17 - 2014-07-22 03:17 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2014-07-21 18:08 - 2014-07-21 18:08 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys 2014-07-20 18:02 - 2014-07-20 18:05 - 00000000 ____D () C:\Users\Exhalation\AppData\Roaming\RIFT 2014-07-20 18:02 - 2014-07-20 18:02 - 00000000 ____D () C:\Users\Exhalation\Documents\RIFT 2014-07-20 17:54 - 2014-07-25 20:42 - 00000000 ____D () C:\Users\Exhalation\AppData\Local\Glyph 2014-07-20 17:53 - 2014-07-20 17:53 - 00000000 ____D () C:\ProgramData\Glyph 2014-07-18 13:39 - 2014-07-18 13:39 - 00001078 _____ () C:\Windows\system32\netcfg-157750.txt 2014-07-18 13:39 - 2014-07-18 13:39 - 00000139 _____ () C:\Windows\system32\netcfg-165109.txt 2014-07-18 13:39 - 2014-07-18 13:39 - 00000139 _____ () C:\Windows\system32\netcfg-164984.txt 2014-07-18 13:39 - 2014-07-18 13:39 - 00000139 _____ () C:\Windows\system32\netcfg-164359.txt 2014-07-18 13:39 - 2014-07-18 13:39 - 00000139 _____ () C:\Windows\system32\netcfg-164218.txt 2014-07-18 13:39 - 2014-07-18 13:39 - 00000139 _____ () C:\Windows\system32\netcfg-156984.txt 2014-07-18 13:39 - 2014-07-18 13:39 - 00000132 _____ () C:\Windows\system32\netcfg-168781.txt 2014-07-17 19:39 - 2014-07-25 02:05 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-07-17 19:39 - 2014-07-17 19:39 - 00000000 ____D () C:\Users\Exhalation\AppData\Roaming\AVAST Software 2014-07-17 19:39 - 2014-07-17 19:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast 2014-07-17 19:38 - 2014-07-25 02:04 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-07-17 19:38 - 2014-07-17 19:39 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-07-17 19:38 - 2014-07-17 19:37 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-07-17 19:38 - 2014-07-17 19:37 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-07-17 19:38 - 2014-07-17 19:37 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-07-17 19:38 - 2014-07-17 19:37 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2014-07-17 19:38 - 2014-07-17 19:37 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-07-17 19:38 - 2014-07-17 19:37 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-07-17 19:38 - 2014-07-17 19:37 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-07-17 19:37 - 2014-07-17 19:37 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-07-17 19:37 - 2014-07-17 19:37 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-07-17 19:35 - 2014-07-17 19:35 - 00001190 _____ () C:\Windows\system32\netcfg-410109.txt 2014-07-17 19:35 - 2014-07-17 19:35 - 00000161 _____ () C:\Windows\system32\netcfg-415687.txt 2014-07-17 19:35 - 2014-07-17 19:35 - 00000161 _____ () C:\Windows\system32\netcfg-408609.txt 2014-07-17 19:35 - 2014-07-17 19:35 - 00000132 _____ () C:\Windows\system32\netcfg-410593.txt 2014-07-17 19:35 - 2014-06-12 18:23 - 00064728 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys 2014-07-17 19:35 - 2013-10-08 18:21 - 00073296 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vsock.sys 2014-07-17 19:35 - 2013-10-08 18:21 - 00067664 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll 2014-07-17 19:35 - 2013-10-08 18:21 - 00063568 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll 2014-07-17 19:34 - 2014-07-17 19:35 - 00000132 _____ () C:\Windows\system32\netcfg-405656.txt 2014-07-17 19:34 - 2014-07-17 19:34 - 00002127 _____ () C:\Users\Public\Desktop\VMware Workstation.lnk 2014-07-17 19:34 - 2014-07-17 19:34 - 00001190 _____ () C:\Windows\system32\netcfg-404953.txt 2014-07-17 19:34 - 2014-07-17 19:34 - 00001024 _____ () C:\Windows\SysWOW64\%TMP% 2014-07-17 19:34 - 2014-07-17 19:34 - 00000157 _____ () C:\Windows\system32\netcfg-393265.txt 2014-07-17 19:34 - 2014-07-17 19:34 - 00000000 ____D () C:\Program Files\AVAST Software 2014-07-17 19:34 - 2014-06-12 18:23 - 00359128 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe 2014-07-17 19:34 - 2014-06-12 18:22 - 00931032 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll 2014-07-17 19:34 - 2014-06-12 18:22 - 00437976 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe 2014-07-17 19:34 - 2014-06-12 18:22 - 00031448 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys 2014-07-17 19:34 - 2014-02-27 18:40 - 00054464 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys 2014-07-17 19:33 - 2014-07-17 19:34 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-07-17 19:32 - 2014-07-17 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware 2014-07-17 19:32 - 2014-07-17 19:32 - 00000000 ____D () C:\Program Files\Common Files\VMware 2014-07-17 19:31 - 2014-07-26 17:34 - 00000000 ____D () C:\ProgramData\VMware 2014-07-17 19:31 - 2014-07-17 19:31 - 00000000 ____D () C:\Users\Public\Documents\Shared Virtual Machines 2014-07-17 19:31 - 2014-07-17 19:31 - 00000000 ____D () C:\Program Files\SkanerOnline 2014-07-17 19:31 - 2014-07-17 19:31 - 00000000 ____D () C:\Program Files (x86)\VMware 2014-07-16 19:14 - 2014-07-16 19:14 - 00000000 ____D () C:\ProgramData\Riot Games 2014-07-12 00:48 - 2014-07-12 00:48 - 00000000 ____D () C:\Users\Exhalation\AppData\Local\OTLand 2014-07-11 00:45 - 2014-07-12 04:08 - 00000007 _____ () C:\Windows\core32.dll 2014-07-10 05:02 - 2014-07-10 05:03 - 00000000 ____D () C:\Users\Exhalation\Documents\XenoBot 2014-07-10 05:02 - 2014-07-10 05:02 - 00000954 _____ () C:\Users\Public\Desktop\Injector.exe.lnk 2014-07-10 05:02 - 2014-07-10 05:02 - 00000000 ____D () C:\Users\Exhalation\AppData\Roaming\MSDrvCfg 2014-07-10 05:02 - 2014-07-10 05:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XenoBot 2014-07-10 04:42 - 2014-07-16 04:54 - 00000000 ____D () C:\Users\Exhalation\AppData\Roaming\Tibia 2014-07-08 05:09 - 2014-07-08 05:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2014-07-08 05:07 - 2014-07-08 05:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server 2014-07-08 05:07 - 2014-07-08 05:07 - 00000000 ____D () C:\Windows\PCHEALTH 2014-07-08 05:07 - 2014-07-08 05:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-07-08 05:06 - 2014-07-08 05:10 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-07-08 05:06 - 2014-07-08 05:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office 2014-07-08 05:06 - 2014-07-08 05:06 - 00000000 ____D () C:\Users\Exhalation\AppData\Local\Microsoft Help 2014-07-08 05:06 - 2014-07-08 05:06 - 00000000 ____D () C:\Program Files\Microsoft Office 2014-07-08 05:06 - 2014-07-08 05:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services 2014-07-08 02:59 - 2014-07-08 02:59 - 00000000 __RHD () C:\MSOCache 2014-07-03 14:08 - 2014-07-03 14:08 - 00000000 ____D () C:\Users\Exhalation\AppData\Local\Intel_Corporation 2014-07-03 05:40 - 2014-07-03 05:40 - 00000000 ____D () C:\Users\Exhalation\Documents\C9 2014-07-03 05:37 - 2014-07-03 05:37 - 00001158 _____ () C:\Users\Exhalation\Desktop\C9.lnk 2014-07-03 05:37 - 2014-07-03 05:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\C9 2014-07-03 05:21 - 2014-07-03 05:21 - 00000000 ____D () C:\Program Files (x86)\WEBZEN 2014-07-03 03:47 - 2014-07-03 03:47 - 00000000 ____D () C:\ProgramData\WEBZEN 2014-06-29 15:25 - 2014-06-29 15:25 - 00000979 _____ () C:\Users\Public\Desktop\Winamp.lnk 2014-06-29 15:25 - 2014-06-29 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp 2014-06-29 15:24 - 2014-07-25 02:00 - 00000000 ____D () C:\Users\Exhalation\AppData\Roaming\Winamp 2014-06-29 15:24 - 2014-06-29 15:25 - 00000000 ____D () C:\Program Files (x86)\Winamp 2014-06-29 13:28 - 2014-07-17 21:27 - 00000000 ____D () C:\ProgramData\deal2Dealit ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-26 17:36 - 2014-07-25 16:03 - 00000000 ____D () C:\FRST 2014-07-26 17:36 - 2014-05-05 21:06 - 00004040 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-07-26 17:36 - 2014-05-05 21:06 - 00003804 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-07-26 17:36 - 2014-05-05 21:06 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-07-26 17:36 - 2014-05-05 21:06 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-07-26 17:35 - 2014-05-19 20:22 - 00000000 ____D () C:\Users\Exhalation\AppData\Local\LogMeIn Hamachi 2014-07-26 17:34 - 2014-07-17 19:31 - 00000000 ____D () C:\ProgramData\VMware 2014-07-26 17:34 - 2014-06-05 09:04 - 00002305 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk 2014-07-26 17:34 - 2014-05-05 21:07 - 00004761 _____ () C:\Users\Exhalation\AppData\Local\BTServer.log 2014-07-26 17:34 - 2014-05-05 21:05 - 00000000 ____D () C:\ProgramData\Realtek 2014-07-26 17:34 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-26 17:29 - 2014-07-26 17:21 - 00000000 ___RD () C:\Windows\BrowserChoice 2014-07-26 17:29 - 2014-05-05 20:51 - 00000000 ____D () C:\Users\Exhalation\AppData\Local\Packages 2014-07-26 17:29 - 2014-05-05 20:51 - 00000000 ____D () C:\ProgramData\PRICache 2014-07-26 17:26 - 2014-07-26 17:26 - 00422192 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-26 17:25 - 2014-07-26 17:25 - 00000136 _____ () C:\Windows\system32\netcfg-129484.txt 2014-07-26 17:25 - 2014-07-26 17:25 - 00000134 _____ () C:\Windows\system32\netcfg-129046.txt 2014-07-26 17:25 - 2014-07-26 17:25 - 00000134 _____ () C:\Windows\system32\netcfg-127875.txt 2014-07-26 17:25 - 2012-07-26 07:37 - 00000000 ____D () C:\Windows\servicing 2014-07-26 17:22 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI 2014-07-26 17:21 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData 2014-07-26 17:21 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-07-26 17:21 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-07-26 17:21 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-07-26 17:21 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-07-26 17:21 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore 2014-07-26 17:21 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender 2014-07-26 17:21 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-07-26 17:20 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates 2014-07-26 17:20 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-07-26 17:20 - 2012-07-26 09:52 - 00000000 ____D () C:\Program Files\Windows Journal 2014-07-26 17:17 - 2014-05-05 20:59 - 01532729 _____ () C:\Windows\WindowsUpdate.log 2014-07-26 17:17 - 2014-05-05 20:50 - 00000000 ____D () C:\Users\Exhalation 2014-07-26 17:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru 2014-07-26 06:31 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache 2014-07-26 06:21 - 2014-05-05 20:57 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2217388944-3831791737-893644498-1001 2014-07-26 06:21 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp 2014-07-26 05:26 - 2012-07-26 07:38 - 00000000 ____D () C:\Windows\system32\oobe 2014-07-26 05:03 - 2014-07-26 05:03 - 02313988 _____ () C:\Users\Exhalation\Downloads\esetsmartinstaller_plk.exe 2014-07-26 04:53 - 2014-05-05 20:46 - 00087070 _____ () C:\Windows\PFRO.log 2014-07-26 04:50 - 2014-05-06 01:28 - 00000000 ____D () C:\Users\Exhalation\AppData\Roaming\TS3Client 2014-07-26 03:57 - 2014-05-08 16:27 - 00000000 ____D () C:\Users\Exhalation\AppData\Local\PMB Files 2014-07-26 01:32 - 2012-07-26 07:26 - 00000219 _____ () C:\Windows\system.ini 2014-07-26 00:46 - 2014-07-26 00:38 - 03437264 _____ () C:\Users\Exhalation\Desktop\avg_remover_slt.com 2014-07-25 21:24 - 2014-05-05 22:02 - 00000000 ____D () C:\Users\Exhalation\Desktop\Football Manager 2014 2014-07-25 21:11 - 2014-05-05 22:19 - 00000000 ____D () C:\Users\Exhalation\AppData\Roaming\Azureus 2014-07-25 20:42 - 2014-07-20 17:54 - 00000000 ____D () C:\Users\Exhalation\AppData\Local\Glyph 2014-07-25 19:39 - 2014-07-25 19:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-07-25 19:30 - 2014-05-05 20:55 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-07-25 19:21 - 2014-06-20 02:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\plaync 2014-07-25 19:19 - 2014-07-25 17:51 - 00000000 ____D () C:\Users\Exhalation\Doctor Web 2014-07-25 19:19 - 2014-06-08 06:17 - 00000000 ____D () C:\Users\Exhalation\AppData\Local\PriceMeter Express 2014-07-25 18:08 - 2014-07-25 18:08 - 00069494 _____ () C:\Users\Exhalation\Desktop\OTLExtras.Txt 2014-07-25 18:06 - 2014-07-25 18:06 - 00545288 _____ () C:\Users\Exhalation\Desktop\GMER.txt 2014-07-25 18:05 - 2014-07-25 18:05 - 00545288 _____ () C:\Users\Exhalation\Desktop\GMER.log 2014-07-25 17:55 - 2014-07-25 17:55 - 00000000 ____D () C:\ProgramData\Doctor Web 2014-07-25 16:06 - 2012-07-26 09:28 - 00854258 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-25 15:52 - 2014-07-25 15:52 - 00000614 _____ () C:\DelFix.txt 2014-07-25 15:47 - 2014-07-25 15:47 - 00001078 _____ () C:\Windows\system32\netcfg-171718.txt 2014-07-25 15:47 - 2014-07-25 15:47 - 00000139 _____ () C:\Windows\system32\netcfg-180250.txt 2014-07-25 15:47 - 2014-07-25 15:47 - 00000139 _____ () C:\Windows\system32\netcfg-179890.txt 2014-07-25 15:47 - 2014-07-25 15:47 - 00000139 _____ () C:\Windows\system32\netcfg-179015.txt 2014-07-25 15:47 - 2014-07-25 15:47 - 00000139 _____ () C:\Windows\system32\netcfg-178843.txt 2014-07-25 15:47 - 2014-07-25 15:47 - 00000139 _____ () C:\Windows\system32\netcfg-167718.txt 2014-07-25 15:47 - 2014-07-25 15:47 - 00000132 _____ () C:\Windows\system32\netcfg-189984.txt 2014-07-25 15:47 - 2014-07-25 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2014-07-25 15:47 - 2014-07-25 15:46 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi 2014-07-25 15:47 - 2014-05-19 20:21 - 00000926 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk 2014-07-25 15:43 - 2014-05-06 00:32 - 00000000 ____D () C:\Users\Exhalation\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-07-25 15:43 - 2014-05-05 21:07 - 00001292 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-07-25 15:43 - 2014-05-05 21:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-07-25 15:43 - 2014-05-05 20:51 - 00000999 _____ () C:\Users\Exhalation\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-07-25 15:30 - 2014-05-08 16:27 - 00000000 ____D () C:\ProgramData\PMB Files 2014-07-25 02:05 - 2014-07-17 19:39 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-07-25 02:04 - 2014-07-17 19:38 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-07-25 02:04 - 2014-06-08 05:38 - 00000000 ____D () C:\Users\Exhalation\AppData\Local\ChomikBox 2014-07-25 02:04 - 2014-06-08 05:38 - 00000000 ____D () C:\Users\Exhalation\.gstreamer-0.10 2014-07-25 02:00 - 2014-06-29 15:24 - 00000000 ____D () C:\Users\Exhalation\AppData\Roaming\Winamp 2014-07-25 01:59 - 2014-06-08 01:32 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite 2014-07-25 01:59 - 2014-06-05 09:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus 2014-07-25 01:59 - 2014-05-05 21:04 - 00000000 ____D () C:\ProgramData\Bigfoot Networks 2014-07-25 01:58 - 2014-07-22 23:50 - 00000000 ____D () C:\bdac9cbf73796bf83651679213fd 2014-07-25 01:57 - 2014-07-23 00:33 - 00000000 ____D () C:\ProgramData\Solidshield 2014-07-25 01:57 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\registration 2014-07-24 23:05 - 2014-06-21 16:21 - 00000000 ____D () C:\Users\Exhalation\AppData\Roaming\BOL 2014-07-23 11:38 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent 2014-07-23 00:31 - 2014-05-05 22:14 - 00060511 _____ () C:\Windows\DirectX.log 2014-07-23 00:14 - 2014-07-23 00:14 - 00000000 ____D () C:\Users\Exhalation\Documents\Square Enix 2014-07-23 00:09 - 2014-07-23 00:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Square Enix 2014-07-22 17:11 - 2014-07-22 17:11 - 00000000 ____D () C:\Users\Exhalation\AppData\Local\My Games 2014-07-22 17:11 - 2014-06-11 16:49 - 00000000 ____D () C:\Users\Exhalation\Documents\My Games 2014-07-22 17:07 - 2014-07-22 17:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Civilization 5 2014-07-22 03:17 - 2014-07-22 03:17 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2014-07-22 03:17 - 2012-07-26 09:21 - 00015553 _____ () C:\Windows\setupact.log 2014-07-22 03:16 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\NDF 2014-07-21 19:38 - 2014-05-06 01:51 - 00000000 ____D () C:\Users\Exhalation\AppData\Roaming\vlc 2014-07-21 18:08 - 2014-07-21 18:08 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys 2014-07-20 18:05 - 2014-07-20 18:02 - 00000000 ____D () C:\Users\Exhalation\AppData\Roaming\RIFT 2014-07-20 18:02 - 2014-07-20 18:02 - 00000000 ____D () C:\Users\Exhalation\Documents\RIFT 2014-07-20 17:53 - 2014-07-20 17:53 - 00000000 ____D () C:\ProgramData\Glyph 2014-07-18 13:39 - 2014-07-18 13:39 - 00001078 _____ () C:\Windows\system32\netcfg-157750.txt 2014-07-18 13:39 - 2014-07-18 13:39 - 00000139 _____ () C:\Windows\system32\netcfg-165109.txt 2014-07-18 13:39 - 2014-07-18 13:39 - 00000139 _____ () C:\Windows\system32\netcfg-164984.txt 2014-07-18 13:39 - 2014-07-18 13:39 - 00000139 _____ () C:\Windows\system32\netcfg-164359.txt 2014-07-18 13:39 - 2014-07-18 13:39 - 00000139 _____ () C:\Windows\system32\netcfg-164218.txt 2014-07-18 13:39 - 2014-07-18 13:39 - 00000139 _____ () C:\Windows\system32\netcfg-156984.txt 2014-07-18 13:39 - 2014-07-18 13:39 - 00000132 _____ () C:\Windows\system32\netcfg-168781.txt 2014-07-18 13:36 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI(12) 2014-07-18 05:35 - 2014-05-05 21:09 - 00000000 ____D () C:\Program Files (x86)\TERA 2014-07-17 21:27 - 2014-06-29 13:28 - 00000000 ____D () C:\ProgramData\deal2Dealit 2014-07-17 21:27 - 2014-05-26 19:30 - 00000000 ____D () C:\temp 2014-07-17 19:39 - 2014-07-17 19:39 - 00000000 ____D () C:\Users\Exhalation\AppData\Roaming\AVAST Software 2014-07-17 19:39 - 2014-07-17 19:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast 2014-07-17 19:39 - 2014-07-17 19:38 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-07-17 19:37 - 2014-07-17 19:38 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-07-17 19:37 - 2014-07-17 19:38 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-07-17 19:37 - 2014-07-17 19:38 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-07-17 19:37 - 2014-07-17 19:38 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2014-07-17 19:37 - 2014-07-17 19:38 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-07-17 19:37 - 2014-07-17 19:38 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-07-17 19:37 - 2014-07-17 19:38 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-07-17 19:37 - 2014-07-17 19:37 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-07-17 19:37 - 2014-07-17 19:37 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-07-17 19:35 - 2014-07-17 19:35 - 00001190 _____ () C:\Windows\system32\netcfg-410109.txt 2014-07-17 19:35 - 2014-07-17 19:35 - 00000161 _____ () C:\Windows\system32\netcfg-415687.txt 2014-07-17 19:35 - 2014-07-17 19:35 - 00000161 _____ () C:\Windows\system32\netcfg-408609.txt 2014-07-17 19:35 - 2014-07-17 19:35 - 00000132 _____ () C:\Windows\system32\netcfg-410593.txt 2014-07-17 19:35 - 2014-07-17 19:34 - 00000132 _____ () C:\Windows\system32\netcfg-405656.txt 2014-07-17 19:34 - 2014-07-17 19:34 - 00002127 _____ () C:\Users\Public\Desktop\VMware Workstation.lnk 2014-07-17 19:34 - 2014-07-17 19:34 - 00001190 _____ () C:\Windows\system32\netcfg-404953.txt 2014-07-17 19:34 - 2014-07-17 19:34 - 00001024 _____ () C:\Windows\SysWOW64\%TMP% 2014-07-17 19:34 - 2014-07-17 19:34 - 00000157 _____ () C:\Windows\system32\netcfg-393265.txt 2014-07-17 19:34 - 2014-07-17 19:34 - 00000000 ____D () C:\Program Files\AVAST Software 2014-07-17 19:34 - 2014-07-17 19:33 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-07-17 19:34 - 2014-07-17 19:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware 2014-07-17 19:34 - 2014-05-05 20:57 - 00858960 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-07-17 19:32 - 2014-07-17 19:32 - 00000000 ____D () C:\Program Files\Common Files\VMware 2014-07-17 19:31 - 2014-07-17 19:31 - 00000000 ____D () C:\Users\Public\Documents\Shared Virtual Machines 2014-07-17 19:31 - 2014-07-17 19:31 - 00000000 ____D () C:\Program Files\SkanerOnline 2014-07-17 19:31 - 2014-07-17 19:31 - 00000000 ____D () C:\Program Files (x86)\VMware 2014-07-16 19:14 - 2014-07-16 19:14 - 00000000 ____D () C:\ProgramData\Riot Games 2014-07-16 04:54 - 2014-07-10 04:42 - 00000000 ____D () C:\Users\Exhalation\AppData\Roaming\Tibia 2014-07-12 04:08 - 2014-07-11 00:45 - 00000007 _____ () C:\Windows\core32.dll 2014-07-12 00:48 - 2014-07-12 00:48 - 00000000 ____D () C:\Users\Exhalation\AppData\Local\OTLand 2014-07-10 05:03 - 2014-07-10 05:02 - 00000000 ____D () C:\Users\Exhalation\Documents\XenoBot 2014-07-10 05:02 - 2014-07-10 05:02 - 00000954 _____ () C:\Users\Public\Desktop\Injector.exe.lnk 2014-07-10 05:02 - 2014-07-10 05:02 - 00000000 ____D () C:\Users\Exhalation\AppData\Roaming\MSDrvCfg 2014-07-10 05:02 - 2014-07-10 05:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XenoBot 2014-07-08 05:10 - 2014-07-08 05:06 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-07-08 05:09 - 2014-07-08 05:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2014-07-08 05:09 - 2012-07-26 09:52 - 00000000 ____D () C:\Windows\ShellNew 2014-07-08 05:08 - 2014-07-08 05:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server 2014-07-08 05:07 - 2014-07-08 05:07 - 00000000 ____D () C:\Windows\PCHEALTH 2014-07-08 05:07 - 2014-07-08 05:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-07-08 05:07 - 2014-07-08 05:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office 2014-07-08 05:07 - 2012-07-26 07:26 - 00000167 _____ () C:\Windows\win.ini 2014-07-08 05:06 - 2014-07-08 05:06 - 00000000 ____D () C:\Users\Exhalation\AppData\Local\Microsoft Help 2014-07-08 05:06 - 2014-07-08 05:06 - 00000000 ____D () C:\Program Files\Microsoft Office 2014-07-08 05:06 - 2014-07-08 05:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services 2014-07-08 05:06 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-07-08 02:59 - 2014-07-08 02:59 - 00000000 __RHD () C:\MSOCache 2014-07-03 20:36 - 2014-06-01 19:48 - 00000000 ____D () C:\Users\Exhalation\poke-evo 2014-07-03 14:08 - 2014-07-03 14:08 - 00000000 ____D () C:\Users\Exhalation\AppData\Local\Intel_Corporation 2014-07-03 05:40 - 2014-07-03 05:40 - 00000000 ____D () C:\Users\Exhalation\Documents\C9 2014-07-03 05:37 - 2014-07-03 05:37 - 00001158 _____ () C:\Users\Exhalation\Desktop\C9.lnk 2014-07-03 05:37 - 2014-07-03 05:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\C9 2014-07-03 05:21 - 2014-07-03 05:21 - 00000000 ____D () C:\Program Files (x86)\WEBZEN 2014-07-03 04:55 - 2014-06-20 04:18 - 00000000 ____D () C:\Download 2014-07-03 03:47 - 2014-07-03 03:47 - 00000000 ____D () C:\ProgramData\WEBZEN 2014-06-29 15:25 - 2014-06-29 15:25 - 00000979 _____ () C:\Users\Public\Desktop\Winamp.lnk 2014-06-29 15:25 - 2014-06-29 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp 2014-06-29 15:25 - 2014-06-29 15:24 - 00000000 ____D () C:\Program Files (x86)\Winamp 2014-06-29 13:29 - 2014-05-05 22:13 - 00000000 ____D () C:\ProgramData\51d7ac37be3ccf27 2014-06-28 19:46 - 2014-05-15 20:41 - 00000000 ____D () C:\Users\Exhalation\Desktop\New folder ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-18 07:30 ==================== End Of Log ============================