Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Backdoor.graybird virus + Unknown User Account [Solved]


  • This topic is locked This topic is locked

#1
queendom

queendom

    Member

  • Member
  • PipPip
  • 75 posts
Norton Internet Security detected the backdoor.graybird virus. It was unable to remove, but I was able to remove the infected file manually. I still noticed that the computer wasn't performing normally. It was slow, stalled frequently, and would indicate problems connecting to the internet even though it was properly connected to the wireless network. This happened for about 5-10 minutes following a reboot but would eventually resolve itself.

Because I assumed the virus was removed, I ran Windows 8 Refresh. No more internet connections after reboot.

Recently however, I noticed that a new, unknown user account is listed in file/folder security properties. The user account looks like "S-1-5-21-..." No such account is listed in the Control Panel user management section, and I only use one account on the computer. The guest account is disabled too. May just be a system account but I don't recall it being there in the past.

I installed and ran Malwarebytes which located/removed: PUP.Optional.OpenCandy and PUP.Optional.SmartBar.A. (Since I use Norton, I have uninstalled Malwarebytes.)

Lastly, my Norton has been acting strangely too. Updates will fail, requiring me to run remove/reinstall. Then, the problem seems resolved for maybe an hour before updates will fail again. I have had to run Norton Remove & Reinstall approximately 5-7 times this week.

Thanks for your help!!



OTL logfile created on: 11/1/2013 5:51:30 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ronak_000\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

9.94 Gb Total Physical Memory | 8.46 Gb Available Physical Memory | 85.06% Memory free
29.94 Gb Paging File | 28.36 Gb Available in Paging File | 94.71% Paging File free
Paging file location(s): c:\pagefile.sys 20480 40960 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 218.09 Gb Total Space | 47.39 Gb Free Space | 21.73% Space Free | Partition Type: NTFS
Drive D: | 18.57 Gb Total Space | 2.28 Gb Free Space | 12.26% Space Free | Partition Type: NTFS
Drive E: | 931.26 Gb Total Space | 873.91 Gb Free Space | 93.84% Space Free | Partition Type: NTFS

Computer Name: HERDESKTOP | User Name: ronak_000 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/01 05:50:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ronak_000\Desktop\OTL.exe
PRC - [2013/10/31 11:04:13 | 001,134,592 | ---- | M] (Zhorn Software) -- C:\Program Files (x86)\Stickies\stickies.exe
PRC - [2013/10/17 21:34:57 | 001,028,384 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013/10/10 15:25:58 | 001,056,264 | R--- | M] (Carbonite, Inc.) -- C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
PRC - [2013/10/08 08:28:15 | 000,275,696 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
PRC - [2013/10/01 08:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013/09/15 14:34:06 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2013/09/14 03:38:54 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2013/09/14 03:27:52 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe


========== Modules (No Company Name) ==========

MOD - [2013/10/31 11:04:13 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Stickies\shook70.dll
MOD - [2013/09/14 01:51:02 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
MOD - [2013/09/14 01:50:36 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
MOD - [2013/09/13 19:51:44 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/09/13 19:51:20 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/10/17 21:35:48 | 015,122,208 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013/10/10 15:12:18 | 007,627,784 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) [Auto | Running] -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe -- (CarboniteService)
SRV:64bit: - [2013/08/16 01:39:26 | 002,371,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/07/01 20:44:21 | 000,016,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/06/24 18:54:45 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/06/13 15:31:10 | 000,357,144 | ---- | M] (Logitech, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2013/06/01 05:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/05/04 02:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/05/04 02:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/04/09 00:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/03/29 03:52:10 | 000,332,800 | ---- | M] (IDT, Inc.) [Disabled | Stopped] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2013/03/01 22:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/03/01 22:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/01/09 19:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/01/09 19:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012/10/11 22:06:29 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/10/11 22:05:38 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/07/25 23:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/25 23:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/25 23:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/25 23:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/25 23:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/25 23:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/25 23:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/25 23:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/25 23:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/25 23:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/25 20:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/25 20:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/25 20:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/25 20:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/25 20:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/07/25 20:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012/04/20 17:16:12 | 000,635,104 | ---- | M] (Intel® Corporation) [Disabled | Stopped] -- c:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV - [2013/10/31 10:35:12 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/31 10:03:09 | 003,072,832 | ---- | M] (LogMeIn, Inc.) [Auto | Stopped] -- C:\Users\ronak_000\AppData\Local\Temp\LMIR0001.tmp\LMI_Rescue_srv.exe -- (LMIRescue_e5aafcb3-49eb-4603-8ecb-ebe321c6407c)
SRV - [2013/10/30 15:25:56 | 000,566,696 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/10/25 21:53:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/10/17 21:34:26 | 001,914,656 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/10/08 08:28:15 | 000,275,696 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe -- (NIS)
SRV - [2013/10/01 08:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/05 10:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/01/28 20:24:04 | 000,241,776 | ---- | M] (CyberLink) [Disabled | Stopped] -- c:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe -- (CLKMSVC10_38F51D56)
SRV - [2012/10/11 22:05:38 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/09/27 14:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/07/25 23:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/07/25 23:18:41 | 000,408,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2012/07/25 23:17:52 | 000,060,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2012/07/18 04:51:00 | 000,364,416 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/18 04:50:08 | 000,276,864 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/18 04:46:54 | 000,128,896 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2012/07/18 04:45:15 | 000,165,760 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/11/01 04:52:03 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013/10/30 14:42:16 | 000,119,528 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\L1C63x64.sys -- (L1C)
DRV:64bit: - [2013/09/27 19:01:44 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013/09/26 23:18:30 | 001,147,480 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\NISx64\1501000.012\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2013/09/26 22:45:56 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1501000.012\Ironx64.sys -- (SymIRON)
DRV:64bit: - [2013/09/26 22:26:03 | 000,858,200 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1501000.012\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013/09/25 23:28:00 | 000,590,936 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1501000.012\symnets.sys -- (SymNetS)
DRV:64bit: - [2013/09/25 22:50:25 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1501000.012\ccSetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2013/09/09 22:47:38 | 000,023,568 | R--- | M] (Symantec Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\NISx64\1501000.012\SymELAM.sys -- (SymELAM)
DRV:64bit: - [2013/09/09 22:47:26 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\NISx64\1501000.012\SymDS64.sys -- (SymDS)
DRV:64bit: - [2013/09/09 21:49:49 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1501000.012\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013/08/16 01:41:13 | 000,058,200 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/10 02:30:22 | 000,151,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/07/09 04:04:07 | 000,120,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/07/01 21:41:47 | 000,447,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/07/01 21:41:47 | 000,337,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/07/01 21:41:47 | 000,213,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/07/01 20:44:14 | 000,036,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/07/01 18:08:49 | 000,247,216 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/06/29 02:15:54 | 000,195,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/06/16 08:38:15 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/06/10 17:17:46 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/05/31 23:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/05/23 02:12:52 | 000,059,160 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2013/05/23 02:12:50 | 000,076,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2013/05/23 02:12:48 | 000,077,592 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2013/05/23 02:12:48 | 000,013,080 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2013/05/04 03:34:15 | 000,284,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/04/30 15:25:00 | 000,677,360 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2013/04/15 10:02:04 | 002,482,960 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2013/03/29 03:52:10 | 000,544,768 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2013/03/02 06:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/03/02 06:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/01/09 21:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/11/26 23:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/11/20 00:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/11/05 23:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/10/12 04:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/10/11 22:05:37 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/10/11 22:05:37 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/10/11 03:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/26 01:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/26 01:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/26 01:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/26 01:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/26 01:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/26 01:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/26 01:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/26 01:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/26 01:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/26 01:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/26 01:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/26 01:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/26 01:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/26 01:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/26 01:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/26 01:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/26 01:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/26 00:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/26 00:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/25 23:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/25 22:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/25 22:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/25 22:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/25 22:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/25 22:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/25 22:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/25 22:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/25 22:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/25 22:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/25 22:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/25 22:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/25 22:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/25 22:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/25 22:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/25 22:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/25 22:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/25 22:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/25 22:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/25 22:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/25 22:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/25 22:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/07/18 04:46:20 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/02 10:32:26 | 010,627,744 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/06/02 10:31:38 | 000,333,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\e1i63x64.sys -- (e1iexpress)
DRV:64bit: - [2009/12/30 14:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\revoflt.sys -- (Revoflt)
DRV - [2013/10/31 16:51:24 | 000,521,816 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20131031.001\IDSviA64.sys -- (IDSVia64)
DRV - [2013/10/31 01:00:00 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20131031.033\ex64.sys -- (NAVEX15)
DRV - [2013/10/31 01:00:00 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20131031.033\eng64.sys -- (NAVENG)
DRV - [2013/10/22 19:11:13 | 001,524,824 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20131022.001\BHDrvx64.sys -- (BHDrvx64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK13/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPDTDFJS
IE:64bit: - HKLM\..\SearchScopes\{F101994A-BBD4-4681-80A6-767B757D6E7C}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK13/1
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{F101994A-BBD4-4681-80A6-767B757D6E7C}: "URL" = http://www.amazon.co...s={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {B76D9129-8B8D-4650-957E-D4E2B97CBD62}
IE - HKCU\..\SearchScopes\{B76D9129-8B8D-4650-957E-D4E2B97CBD62}: "URL" = http://www.google.co...age={startPage}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20131030
FF - prefs.js..extensions.enabledAddons: %7B37fa1426-b82d-11db-8314-0800200c9a66%7D:3.3.9
FF - prefs.js..extensions.enabledAddons: openinie%40wittersworld.com:1.4
FF - prefs.js..extensions.enabledAddons: amznUWL2%40amazon.com:1.10
FF - prefs.js..extensions.enabledAddons: %7BBBDA0591-3099-440a-AA10-41764D9DB4DB%7D:12.0.3.2%20-%201
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\thehappycloud.com/HappyCloudPlugin: C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013/10/30 15:41:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013/11/01 04:52:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ [2013/11/01 05:41:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/10/31 17:56:03 | 000,000,000 | ---D | M]

[2013/10/31 10:27:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ronak_000\AppData\Roaming\Mozilla\Extensions
[2013/10/31 17:39:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ronak_000\AppData\Roaming\Mozilla\Firefox\Profiles\6wa1imod.default\extensions
[2013/10/31 10:49:09 | 000,000,000 | ---D | M] (FT DeepDark) -- C:\Users\ronak_000\AppData\Roaming\Mozilla\Firefox\Profiles\6wa1imod.default\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
[2013/10/31 10:49:35 | 000,000,000 | ---D | M] (WOT) -- C:\Users\ronak_000\AppData\Roaming\Mozilla\Firefox\Profiles\6wa1imod.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013/10/31 17:39:54 | 000,000,000 | ---D | M] (iCloud Bookmarks) -- C:\Users\ronak_000\AppData\Roaming\Mozilla\Firefox\Profiles\6wa1imod.default\extensions\firefoxdav@icloud.com
[2013/10/31 10:49:35 | 000,243,287 | ---- | M] () (No name found) -- C:\Users\ronak_000\AppData\Roaming\Mozilla\Firefox\Profiles\6wa1imod.default\extensions\amznUWL2@amazon.com.xpi
[2013/10/31 10:49:35 | 000,021,645 | ---- | M] () (No name found) -- C:\Users\ronak_000\AppData\Roaming\Mozilla\Firefox\Profiles\6wa1imod.default\extensions\openinie@wittersworld.com.xpi
[2013/10/31 10:49:35 | 000,217,340 | ---- | M] () (No name found) -- C:\Users\ronak_000\AppData\Roaming\Mozilla\Firefox\Profiles\6wa1imod.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi
[2013/10/31 07:56:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/10/31 07:56:46 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/11/01 04:52:13 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
[2013/06/13 20:45:42 | 000,034,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll

O1 HOSTS File: ([2012/07/26 01:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
O2:64bit: - BHO: (ClassicIEBHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O2 - BHO: (ClassicIEBHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [BeatsOSDApp] C:\Program Files\IDT\WDM\Beats64.exe (Hewlett-Packard )
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\WINDOWS\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
O4 - Startup: C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk = C:\Program Files (x86)\Stickies\stickies.exe (Zhorn Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra 'Tools' menuitem : Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe (IvoSoft)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe (IvoSoft)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]* in Local intranet)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.h...hpIdfPlugin.cab (GMNRev Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CE5EC543-607A-4404-846A-D8DCA026C6FC}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/11/01 05:50:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\ronak_000\Desktop\OTL.exe
[2013/11/01 04:52:03 | 000,177,752 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.SYS
[2013/11/01 04:51:55 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
[2013/11/01 04:51:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Internet Security
[2013/11/01 03:00:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2013/10/31 17:50:12 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Local\Windows Live
[2013/10/31 17:37:07 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Local\5BF0C2C5-597C-4B4F-B966-9AC3D60BE1F8.aplzod
[2013/10/31 17:34:22 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Local\CrashDumps
[2013/10/31 17:17:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2013/10/31 17:17:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013/10/31 17:17:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2013/10/31 17:17:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH
[2013/10/31 17:17:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2013/10/31 17:15:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2013/10/31 17:15:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2013/10/31 17:15:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/10/31 17:15:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013/10/31 16:34:58 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Roaming\e-academy Inc
[2013/10/31 16:34:58 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Local\e-academy Inc
[2013/10/31 16:24:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2013/10/31 16:18:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite
[2013/10/31 16:18:20 | 000,000,000 | ---D | C] -- C:\Program Files\Carbonite
[2013/10/31 16:18:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Carbonite
[2013/10/31 16:18:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Carbonite
[2013/10/31 16:16:45 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Roaming\Apple Computer
[2013/10/31 16:16:45 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Local\Apple Computer
[2013/10/31 16:16:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/10/31 16:16:35 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/10/31 16:16:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013/10/31 16:16:35 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/10/31 16:16:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013/10/31 16:16:35 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/10/31 16:16:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013/10/31 16:16:17 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Local\Apple
[2013/10/31 16:16:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013/10/31 16:16:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013/10/31 14:56:37 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\Documents\CCleaner Backups
[2013/10/31 14:52:36 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Local\TERA
[2013/10/31 14:51:10 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Local\Cyberlink
[2013/10/31 14:39:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2013/10/31 14:39:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2013/10/31 14:26:51 | 007,539,624 | ---- | C] (Symantec Corporation) -- C:\Users\ronak_000\Desktop\NRnR.exe
[2013/10/31 14:24:57 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Local\Microsoft Help
[2013/10/31 14:24:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013/10/31 12:40:16 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2013/10/31 12:16:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2013/10/31 12:04:31 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Roaming\NVIDIA
[2013/10/31 12:04:29 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Roaming\Firestorm
[2013/10/31 12:04:29 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Local\Firestorm
[2013/10/31 12:04:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firestorm-Beta
[2013/10/31 12:03:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Firestorm-Beta
[2013/10/31 11:28:11 | 000,000,000 | ---D | C] -- C:\ProgramData\PCSettings
[2013/10/31 11:08:20 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
[2013/10/31 11:08:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Everything
[2013/10/31 11:04:13 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Roaming\stickies
[2013/10/31 11:04:13 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stickies
[2013/10/31 11:04:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stickies
[2013/10/31 11:02:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2013/10/31 10:56:01 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Roaming\TeamViewer
[2013/10/31 10:48:39 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Local\Macromedia
[2013/10/31 10:41:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2013/10/31 10:41:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2013/10/31 10:20:51 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/10/31 10:17:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/10/31 10:16:17 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Local\LogMeIn Rescue Applet
[2013/10/31 09:46:14 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Roaming\hpqlog
[2013/10/31 07:56:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/10/31 06:30:00 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013/10/31 06:29:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2013/10/31 06:29:54 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Local\Google
[2013/10/31 06:29:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013/10/31 06:29:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2013/10/30 16:25:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\SRSLabs
[2013/10/30 16:25:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2013/10/30 16:19:16 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Roaming\webex
[2013/10/30 16:19:04 | 000,000,000 | ---D | C] -- C:\ProgramData\WebEx
[2013/10/30 16:17:36 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Roaming\Skype
[2013/10/30 16:17:34 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2013/10/30 16:17:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/10/30 16:17:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013/10/30 16:17:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2013/10/30 16:16:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013/10/30 16:15:45 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Local\Adobe
[2013/10/30 15:55:02 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Local\NPE
[2013/10/30 15:41:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Logishrd
[2013/10/30 15:41:17 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Roaming\Leadertech
[2013/10/30 15:41:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd
[2013/10/30 15:41:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2013/10/30 15:41:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Logishrd
[2013/10/30 15:40:56 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2013/10/30 15:40:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logishrd
[2013/10/30 15:39:43 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Roaming\Logitech
[2013/10/30 15:39:43 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Roaming\Logishrd
[2013/10/30 15:15:42 | 000,000,000 | ---D | C] -- C:\Windows.old
[2013/10/30 15:09:56 | 000,000,000 | ---D | C] -- C:\$WINDOWS.~BT
[2013/10/30 14:54:07 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TERA
[2013/10/30 14:53:45 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Happy Cloud
[2013/10/30 14:53:43 | 000,000,000 | ---D | C] -- C:\ProgramData\HappyCloud
[2013/10/30 14:49:14 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013/10/30 14:42:17 | 000,119,528 | ---- | C] (Qualcomm Atheros Co., Ltd.) -- C:\WINDOWS\SysNative\drivers\L1C63x64.sys
[2013/10/30 14:30:49 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Roaming\Mozilla
[2013/10/30 14:30:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/10/30 14:28:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013/10/30 14:28:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013/10/30 14:22:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013/10/30 14:22:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013/10/30 14:22:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/10/30 14:22:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013/10/30 14:22:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013/10/30 14:15:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hp
[2013/10/30 14:14:55 | 000,000,000 | -H-D | C] -- C:\WINDOWS\AxInstSV
[2013/10/30 14:13:48 | 000,000,000 | ---D | C] -- C:\Program Files\IDT
[2013/10/30 14:13:36 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Roaming\WinBatch
[2013/10/30 14:11:10 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Roaming\IDT
[2013/10/30 13:11:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/10/30 13:11:21 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/10/30 12:40:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\MRT
[2013/10/30 12:30:55 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Roaming\WebApp
[2013/10/30 12:30:14 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Roaming\CyberLink
[2013/10/30 12:28:33 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Roaming\ClassicShell
[2013/10/30 12:26:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
[2013/10/30 12:26:51 | 000,000,000 | ---D | C] -- C:\Program Files\Classic Shell
[2013/10/30 12:16:20 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Roaming\Adobe
[2013/10/30 12:15:35 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Local\Hewlett-Packard
[2013/10/30 12:00:49 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Local\Mozilla
[2013/10/30 11:59:04 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Local\VS Revo Group
[2013/10/30 11:59:03 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\WINDOWS\SysNative\drivers\revoflt.sys
[2013/10/30 11:59:03 | 000,000,000 | ---D | C] -- C:\ProgramData\VS Revo Group
[2013/10/30 11:59:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2013/10/30 11:59:02 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2013/10/30 11:58:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/10/30 11:43:16 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Roaming\Malwarebytes
[2013/10/30 11:43:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/10/30 11:43:04 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Local\Programs
[2013/10/30 11:28:31 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Roaming\Macromedia
[2013/10/30 11:27:45 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Local\Diagnostics
[2013/10/30 11:22:08 | 000,000,000 | R--D | C] -- C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/10/30 11:22:08 | 000,000,000 | R--D | C] -- C:\Users\ronak_000\Searches
[2013/10/30 11:22:08 | 000,000,000 | R--D | C] -- C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/10/30 11:22:08 | 000,000,000 | -H-D | C] -- C:\Users\ronak_000\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013/10/30 11:21:44 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Roaming\Hewlett-Packard
[2013/10/30 11:21:44 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Local\assembly
[2013/10/30 11:21:02 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Local\VirtualStore
[2013/10/30 11:21:00 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Local\Packages
[2013/10/30 11:20:59 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Uninstall Information
[2013/10/30 11:20:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2013/10/30 11:17:10 | 000,000,000 | -HSD | C] -- C:\Users\ronak_000\AppData\Local\Temporary Internet Files
[2013/10/30 11:17:10 | 000,000,000 | -HSD | C] -- C:\Users\ronak_000\Templates
[2013/10/30 11:17:10 | 000,000,000 | -HSD | C] -- C:\Users\ronak_000\Start Menu
[2013/10/30 11:17:10 | 000,000,000 | -HSD | C] -- C:\Users\ronak_000\SendTo
[2013/10/30 11:17:10 | 000,000,000 | -HSD | C] -- C:\Users\ronak_000\Recent
[2013/10/30 11:17:10 | 000,000,000 | -HSD | C] -- C:\Users\ronak_000\PrintHood
[2013/10/30 11:17:10 | 000,000,000 | -HSD | C] -- C:\Users\ronak_000\NetHood
[2013/10/30 11:17:10 | 000,000,000 | -HSD | C] -- C:\Users\ronak_000\Documents\My Videos
[2013/10/30 11:17:10 | 000,000,000 | -HSD | C] -- C:\Users\ronak_000\Documents\My Pictures
[2013/10/30 11:17:10 | 000,000,000 | -HSD | C] -- C:\Users\ronak_000\Documents\My Music
[2013/10/30 11:17:10 | 000,000,000 | -HSD | C] -- C:\Users\ronak_000\My Documents
[2013/10/30 11:17:10 | 000,000,000 | -HSD | C] -- C:\Users\ronak_000\Local Settings
[2013/10/30 11:17:10 | 000,000,000 | -HSD | C] -- C:\Users\ronak_000\AppData\Local\History
[2013/10/30 11:17:10 | 000,000,000 | -HSD | C] -- C:\Users\ronak_000\Cookies
[2013/10/30 11:17:10 | 000,000,000 | -HSD | C] -- C:\Users\ronak_000\Application Data
[2013/10/30 11:17:10 | 000,000,000 | -HSD | C] -- C:\Users\ronak_000\AppData\Local\Application Data
[2013/10/30 11:17:09 | 000,000,000 | --SD | C] -- C:\Users\ronak_000\AppData\Roaming\Microsoft
[2013/10/30 11:17:09 | 000,000,000 | R--D | C] -- C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2013/10/30 11:17:09 | 000,000,000 | R--D | C] -- C:\Users\ronak_000\Links
[2013/10/30 11:17:09 | 000,000,000 | R--D | C] -- C:\Users\ronak_000\Favorites
[2013/10/30 11:17:09 | 000,000,000 | R--D | C] -- C:\Users\ronak_000\Documents
[2013/10/30 11:17:09 | 000,000,000 | R--D | C] -- C:\Users\ronak_000\Desktop
[2013/10/30 11:17:09 | 000,000,000 | R--D | C] -- C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/10/30 11:17:09 | 000,000,000 | R--D | C] -- C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2013/10/30 11:17:09 | 000,000,000 | -H-D | C] -- C:\Users\ronak_000\Documents\hp.system.package.metadata
[2013/10/30 11:17:09 | 000,000,000 | -H-D | C] -- C:\Users\ronak_000\Documents\hp.applications.package.appdata
[2013/10/30 11:17:09 | 000,000,000 | -H-D | C] -- C:\Users\ronak_000\AppData
[2013/10/30 11:17:09 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Local\Temp
[2013/10/30 11:17:09 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Local\Microsoft
[2013/10/30 11:17:09 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/10/30 11:08:48 | 000,000,000 | -H-D | C] -- C:\$SysReset
[2013/10/24 00:17:47 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\Documents\C9
[2013/10/21 04:43:35 | 000,000,000 | R--D | C] -- C:\Users\ronak_000\SkyDrive
[2013/10/20 20:47:24 | 000,329,216 | ---- | C] (IvoSoft) -- C:\WINDOWS\SysNative\StartMenuHelper64.dll
[2013/10/20 20:46:56 | 000,268,288 | ---- | C] (IvoSoft) -- C:\WINDOWS\SysWow64\StartMenuHelper32.dll
[2013/10/16 13:13:59 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\Desktop\To Do
[2013/10/09 22:49:10 | 000,000,000 | ---D | C] -- C:\Users\ronak_000\Documents\Microsoft Corporation
[6 C:\Users\ronak_000\*.tmp files -> C:\Users\ronak_000\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/11/01 05:50:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ronak_000\Desktop\OTL.exe
[2013/11/01 05:45:25 | 000,876,558 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2013/11/01 05:45:25 | 000,726,998 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2013/11/01 05:45:25 | 000,150,826 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2013/11/01 05:41:58 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/11/01 05:40:00 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/01 05:39:55 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/11/01 05:39:48 | 4243,062,783 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/01 04:52:03 | 000,177,752 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.SYS
[2013/11/01 04:52:03 | 000,008,222 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.CAT
[2013/11/01 04:52:03 | 000,002,539 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2013/11/01 04:52:03 | 000,000,854 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.INF
[2013/11/01 04:39:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/01 04:07:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/10/31 17:17:54 | 002,464,687 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\Cat.DB
[2013/10/31 16:21:44 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2013/10/31 16:16:45 | 000,001,745 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/10/31 15:21:50 | 000,017,830 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\VT20131031.017
[2013/10/31 14:26:51 | 007,539,624 | ---- | M] (Symantec Corporation) -- C:\Users\ronak_000\Desktop\NRnR.exe
[2013/10/31 12:14:08 | 000,050,163 | ---- | M] () -- C:\Users\ronak_000\Desktop\error.PNG
[2013/10/31 11:04:13 | 000,001,027 | ---- | M] () -- C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk
[2013/10/31 11:04:13 | 000,000,835 | ---- | M] () -- C:\WINDOWS\uninstallstickies.bat
[2013/10/31 10:57:18 | 000,000,370 | ---- | M] () -- C:\WINDOWS\tasks\HPCeeScheduleForronak_000.job
[2013/10/30 16:25:22 | 002,463,569 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\1404000.028\Cat.DB
[2013/10/30 15:41:17 | 000,001,320 | ---- | M] () -- C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2013/10/30 14:42:16 | 000,119,528 | ---- | M] (Qualcomm Atheros Co., Ltd.) -- C:\WINDOWS\SysNative\drivers\L1C63x64.sys
[2013/10/30 13:11:22 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/10/30 12:29:38 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2013/10/30 11:59:03 | 000,001,103 | ---- | M] () -- C:\Users\ronak_000\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2013/10/30 11:56:13 | 000,015,248 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\1404000.028\VT20131016.019
[2013/10/30 11:28:28 | 000,001,430 | ---- | M] () -- C:\Users\ronak_000\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/10/30 11:21:47 | 000,000,000 | RHS- | M] () -- C:\WINDOWS\SysWow64\drivers\103C_HP_cPC_h9-1420t_Y53316J_0U_Q2MD3160BVT_E13NA1RC8602_4A_I2AD5_SPEGATRON CORPORATION_V1.03_B8.18_T130318_W8101-0_L409_M10179_J1000_7Intel_8472_93.40_#130422_N19691091;1814539B_Z_G10DE1185_Ohp BD E DH12E3SHB.MRK
[2013/10/30 11:21:47 | 000,000,000 | RHS- | M] () -- C:\WINDOWS\SysNative\drivers\103C_HP_cPC_h9-1420t_Y53316J_0U_Q2MD3160BVT_E13NA1RC8602_4A_I2AD5_SPEGATRON CORPORATION_V1.03_B8.18_T130318_W8101-0_L409_M10179_J1000_7Intel_8472_93.40_#130422_N19691091;1814539B_Z_G10DE1185_Ohp BD E DH12E3SHB.MRK
[2013/10/30 11:17:52 | 000,022,863 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2013/10/30 11:17:52 | 000,022,863 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2013/10/24 18:51:34 | 000,023,501 | ---- | M] () -- C:\Users\ronak_000\Documents\Hungry Hows - 3x.PNG
[2013/10/23 06:30:23 | 000,061,216 | ---- | M] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.dll
[2013/10/23 06:30:23 | 000,053,024 | ---- | M] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.dll
[2013/10/23 06:30:23 | 000,023,287 | ---- | M] () -- C:\WINDOWS\SysNative\nvinfo.pb
[2013/10/23 04:20:03 | 003,426,956 | ---- | M] () -- C:\WINDOWS\SysNative\nvcoproc.bin
[2013/10/20 20:47:24 | 000,329,216 | ---- | M] (IvoSoft) -- C:\WINDOWS\SysNative\StartMenuHelper64.dll
[2013/10/20 20:46:56 | 000,268,288 | ---- | M] (IvoSoft) -- C:\WINDOWS\SysWow64\StartMenuHelper32.dll
[2013/10/16 17:26:10 | 000,015,248 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\VT20131016.019
[2013/10/08 08:40:39 | 000,000,172 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\isolate.ini
[2013/10/03 02:13:14 | 000,008,192 | R--- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\srtsp64.cat
[6 C:\Users\ronak_000\*.tmp files -> C:\Users\ronak_000\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/11/01 04:52:03 | 000,008,222 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.CAT
[2013/11/01 04:52:03 | 000,002,539 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2013/11/01 04:52:03 | 000,000,854 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.INF
[2013/10/31 16:21:44 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2013/10/31 16:16:45 | 000,001,745 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/10/31 16:16:17 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013/10/31 12:14:08 | 000,050,163 | ---- | C] () -- C:\Users\ronak_000\Desktop\error.PNG
[2013/10/31 11:04:13 | 000,001,027 | ---- | C] () -- C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk
[2013/10/31 11:04:13 | 000,000,835 | ---- | C] () -- C:\WINDOWS\uninstallstickies.bat
[2013/10/31 10:41:31 | 000,001,140 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013/10/31 10:35:12 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/10/31 10:16:17 | 000,002,235 | ---- | C] () -- C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard (2).lnk
[2013/10/31 10:03:10 | 000,002,110 | ---- | C] () -- C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard.lnk
[2013/10/31 08:09:42 | 000,002,110 | ---- | C] () -- C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland).lnk
[2013/10/31 06:29:55 | 000,000,926 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/31 06:29:54 | 000,000,922 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/31 06:29:47 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013/10/30 15:41:17 | 000,001,320 | ---- | C] () -- C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2013/10/30 14:43:09 | 000,000,370 | ---- | C] () -- C:\WINDOWS\tasks\HPCeeScheduleForronak_000.job
[2013/10/30 14:30:43 | 000,001,125 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/10/30 13:11:22 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/10/30 12:55:21 | 000,386,923 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2013/10/30 12:29:38 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2013/10/30 12:28:38 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013/10/30 11:59:03 | 000,001,103 | ---- | C] () -- C:\Users\ronak_000\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2013/10/30 11:28:28 | 000,001,430 | ---- | C] () -- C:\Users\ronak_000\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/10/30 11:22:00 | 000,001,436 | ---- | C] () -- C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/10/30 11:21:47 | 000,000,000 | RHS- | C] () -- C:\WINDOWS\SysWow64\drivers\103C_HP_cPC_h9-1420t_Y53316J_0U_Q2MD3160BVT_E13NA1RC8602_4A_I2AD5_SPEGATRON CORPORATION_V1.03_B8.18_T130318_W8101-0_L409_M10179_J1000_7Intel_8472_93.40_#130422_N19691091;1814539B_Z_G10DE1185_Ohp BD E DH12E3SHB.MRK
[2013/10/30 11:21:47 | 000,000,000 | RHS- | C] () -- C:\WINDOWS\SysNative\drivers\103C_HP_cPC_h9-1420t_Y53316J_0U_Q2MD3160BVT_E13NA1RC8602_4A_I2AD5_SPEGATRON CORPORATION_V1.03_B8.18_T130318_W8101-0_L409_M10179_J1000_7Intel_8472_93.40_#130422_N19691091;1814539B_Z_G10DE1185_Ohp BD E DH12E3SHB.MRK
[2013/10/30 11:17:10 | 000,002,103 | ---- | C] () -- C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
[2013/10/30 11:17:10 | 000,000,352 | ---- | C] () -- C:\Users\ronak_000\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/10/30 11:17:10 | 000,000,334 | ---- | C] () -- C:\Users\ronak_000\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/10/30 11:17:03 | 000,022,863 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2013/10/30 11:17:03 | 000,022,863 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2013/10/30 11:16:48 | 4243,062,783 | -HS- | C] () -- C:\hiberfil.sys
[2013/10/24 18:51:34 | 000,023,501 | ---- | C] () -- C:\Users\ronak_000\Documents\Hungry Hows - 3x.PNG
[2012/08/10 19:56:12 | 000,915,038 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2012/07/26 04:13:10 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2012/07/26 04:13:09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2012/07/26 03:21:26 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/07/25 21:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2012/07/25 16:37:29 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2012/07/25 16:28:31 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2012/07/25 16:22:54 | 000,982,240 | ---- | C] () -- C:\WINDOWS\SysWow64\igkrng500.bin
[2012/07/25 16:22:54 | 000,439,308 | ---- | C] () -- C:\WINDOWS\SysWow64\igcompkrng500.bin
[2012/07/25 16:22:54 | 000,092,356 | ---- | C] () -- C:\WINDOWS\SysWow64\igfcg500m.bin
[2012/06/02 10:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2012/04/20 16:59:44 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2013/04/22 15:32:09 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/08/02 02:28:20 | 019,758,080 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/08/02 01:08:10 | 017,561,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/25 23:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/25 23:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/25 23:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/11/01 05:48:11 | 000,000,000 | ---D | M] -- C:\Users\ronak_000\AppData\Roaming\ClassicShell
[2013/10/31 16:34:58 | 000,000,000 | ---D | M] -- C:\Users\ronak_000\AppData\Roaming\e-academy Inc
[2013/10/31 12:04:38 | 000,000,000 | ---D | M] -- C:\Users\ronak_000\AppData\Roaming\Firestorm
[2013/10/30 14:11:10 | 000,000,000 | ---D | M] -- C:\Users\ronak_000\AppData\Roaming\IDT
[2013/10/30 15:41:17 | 000,000,000 | ---D | M] -- C:\Users\ronak_000\AppData\Roaming\Leadertech
[2013/11/01 05:40:16 | 000,000,000 | ---D | M] -- C:\Users\ronak_000\AppData\Roaming\stickies
[2013/10/31 14:29:07 | 000,000,000 | ---D | M] -- C:\Users\ronak_000\AppData\Roaming\TeamViewer
[2013/10/30 12:30:55 | 000,000,000 | ---D | M] -- C:\Users\ronak_000\AppData\Roaming\WebApp
[2013/10/30 20:53:52 | 000,000,000 | ---D | M] -- C:\Users\ronak_000\AppData\Roaming\webex
[2013/10/30 14:13:36 | 000,000,000 | ---D | M] -- C:\Users\ronak_000\AppData\Roaming\WinBatch

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 237 bytes -> C:\Users\ronak_000\SkyDrive:ms-properties

< End of report >

Edited by queendom, 03 November 2013 - 04:02 PM.

  • 0

Advertisements


#2
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello queendom,

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called (FRST.txt) in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run, it makes also another log (Addition.txt). Please also paste that into your reply.

  • 0

#3
queendom

queendom

    Member

  • Topic Starter
  • Member
  • PipPip
  • 75 posts
Hi emeraldnzl,

Thanks for offering up your assistance! Here are the logs.


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013
Ran by ronak_000 (administrator) on HERDESKTOP on 04-11-2013 10:16:23
Running from C:\Users\ronak_000\Desktop
Windows 8 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Zhorn Software) C:\Program Files (x86)\Stickies\stickies.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Carbonite, Inc.) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Microsoft Corporation) C:\PROGRA~1\MICROS~1\Office15\OUTLOOK.EXE
(Microsoft Corporation) C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BeatsOSDApp] - C:\Program Files\IDT\WDM\Beats64.exe [41664 2012-10-24] (Hewlett-Packard )
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-10-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1702912 2013-03-29] (IDT, Inc.)
Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1820584 2013-10-30] (Valve Corporation)
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-23] (Apple Inc.)
HKLM-x32\...\Run: [Carbonite Backup] - C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1056264 2013-10-10] (Carbonite, Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
Startup: C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
ShortcutTarget: Logitech . Product Registration.lnk -> C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
Startup: C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk
ShortcutTarget: Stickies.lnk -> C:\Program Files (x86)\Stickies\stickies.exe (Zhorn Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK13/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK13/1
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKLM - {F101994A-BBD4-4681-80A6-767B757D6E7C} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM-x32 - {F101994A-BBD4-4681-80A6-767B757D6E7C} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://nortonsafe.se...t=kwd&qsrc=2869
SearchScopes: HKCU - {F101994A-BBD4-4681-80A6-767B757D6E7C} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\ipsbho.dll (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.h...hpIdfPlugin.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\ronak_000\AppData\Roaming\Mozilla\Firefox\Profiles\6wa1imod.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF Extension: Dấu trang iCloud - C:\Users\ronak_000\AppData\Roaming\Mozilla\Firefox\Profiles\6wa1imod.default\Extensions\firefoxdav@icloud.com
FF Extension: FT DeepDark - C:\Users\ronak_000\AppData\Roaming\Mozilla\Firefox\Profiles\6wa1imod.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
FF Extension: WOT - C:\Users\ronak_000\AppData\Roaming\Mozilla\Firefox\Profiles\6wa1imod.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: amznUWL2 - C:\Users\ronak_000\AppData\Roaming\Mozilla\Firefox\Profiles\6wa1imod.default\Extensions\amznUWL2@amazon.com.xpi
FF Extension: openinie - C:\Users\ronak_000\AppData\Roaming\Mozilla\Firefox\Profiles\6wa1imod.default\Extensions\openinie@wittersworld.com.xpi
FF Extension: prefs - C:\Users\ronak_000\AppData\Roaming\Mozilla\Firefox\Profiles\6wa1imod.default\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\

==================== Services (Whitelisted) =================

S4 CLKMSVC10_38F51D56; c:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241776 2013-01-28] (CyberLink)
S4 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-17] (NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-01] (Microsoft Corporation)
S2 LMIRescue_e5aafcb3-49eb-4603-8ecb-ebe321c6407c; "C:\Users\RONAK_~1\AppData\Local\Temp\LMIR0001.tmp\LMI_Rescue_srv.exe" -service -sid e5aafcb3-49eb-4603-8ecb-ebe321c6407c [x]

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20131022.001\BHDrvx64.sys [1524824 2013-10-22] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-10-31] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-10-31] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20131101.001\IDSvia64.sys [521816 2013-10-31] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20131103.021\ENG64.SYS [126040 2013-10-31] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20131103.021\EX64.SYS [2099288 2013-10-31] (Symantec Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-09-27] (NVIDIA Corporation)
R3 SRTSP; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSP64.SYS [858200 2013-09-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1501000.012\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1501000.012\SYMEFA64.SYS [1147480 2013-09-26] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1501000.012\SymELAM.sys [23568 2013-09-09] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-01] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NISx64\1501000.012\SYMNETS.SYS [590936 2013-09-25] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-04 10:16 - 2013-11-04 10:16 - 00000000 ____D C:\FRST
2013-11-04 10:14 - 2013-11-04 10:14 - 01957098 _____ (Farbar) C:\Users\ronak_000\Desktop\FRST64.exe
2013-11-02 22:13 - 2013-11-02 22:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-11-02 22:13 - 2013-11-02 22:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-11-02 06:18 - 2013-11-02 06:18 - 00001932 _____ C:\Users\ronak_000\Desktop\TERA.lnk
2013-11-01 11:25 - 2013-11-01 11:25 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-11-01 04:54 - 2013-11-01 04:54 - 00156422 _____ C:\Users\ronak_000\Desktop\OTL.Txt
2013-11-01 04:50 - 2013-11-01 04:50 - 00602112 _____ (OldTimer Tools) C:\Users\ronak_000\Desktop\OTL.exe
2013-11-01 03:53 - 2013-11-01 03:53 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Internet Security
2013-11-01 03:52 - 2013-11-01 03:52 - 00177752 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2013-11-01 03:52 - 2013-11-01 03:52 - 00008222 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2013-11-01 03:52 - 2013-11-01 03:52 - 00002539 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2013-11-01 03:51 - 2013-11-01 03:51 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security
2013-10-31 16:55 - 2013-10-31 16:55 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-10-31 16:50 - 2013-11-01 18:53 - 00000000 ____D C:\Users\ronak_000\AppData\Local\Windows Live
2013-10-31 16:37 - 2013-11-04 09:22 - 00000000 ____D C:\Users\ronak_000\AppData\Local\5BF0C2C5-597C-4B4F-B966-9AC3D60BE1F8.aplzod
2013-10-31 16:34 - 2013-11-01 03:42 - 00000000 ____D C:\Users\ronak_000\AppData\Local\CrashDumps
2013-10-31 16:17 - 2013-11-02 06:05 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2013-10-31 16:17 - 2013-10-31 16:17 - 00000000 ____D C:\WINDOWS\PCHEALTH
2013-10-31 16:17 - 2013-10-31 16:17 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-10-31 16:17 - 2013-10-31 16:17 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-10-31 16:15 - 2013-11-02 06:03 - 00000000 ____D C:\Program Files\Microsoft Office
2013-10-31 16:15 - 2013-11-02 06:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-10-31 16:15 - 2013-10-31 16:15 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-10-31 16:15 - 2013-10-31 16:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-10-31 15:34 - 2013-10-31 15:34 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\e-academy Inc
2013-10-31 15:34 - 2013-10-31 15:34 - 00000000 ____D C:\Users\ronak_000\AppData\Local\e-academy Inc
2013-10-31 15:21 - 2013-10-31 15:21 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-10-31 15:18 - 2013-10-31 15:18 - 00004156 _____ C:\WINDOWS\System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4}
2013-10-31 15:18 - 2013-10-31 15:18 - 00000000 ____D C:\ProgramData\Carbonite
2013-10-31 15:18 - 2013-10-31 15:18 - 00000000 ____D C:\Program Files\Carbonite
2013-10-31 15:18 - 2013-10-31 15:18 - 00000000 ____D C:\Program Files (x86)\Carbonite
2013-10-31 15:16 - 2013-11-01 04:50 - 00000000 ____D C:\Users\ronak_000\AppData\Local\Apple
2013-10-31 15:16 - 2013-10-31 16:39 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Apple Computer
2013-10-31 15:16 - 2013-10-31 16:31 - 00000000 ____D C:\Users\ronak_000\AppData\Local\Apple Computer
2013-10-31 15:16 - 2013-10-31 15:24 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-10-31 15:16 - 2013-10-31 15:16 - 00001745 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-31 15:16 - 2013-10-31 15:16 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2013-10-31 15:16 - 2013-10-31 15:16 - 00000000 ____D C:\ProgramData\Apple Computer
2013-10-31 15:16 - 2013-10-31 15:16 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-31 15:16 - 2013-10-31 15:16 - 00000000 ____D C:\Program Files\iTunes
2013-10-31 15:16 - 2013-10-31 15:16 - 00000000 ____D C:\Program Files\iPod
2013-10-31 15:16 - 2013-10-31 15:16 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-31 15:16 - 2013-10-31 15:16 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-10-31 15:16 - 2012-08-21 12:01 - 00033240 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2013-10-31 13:56 - 2013-11-01 04:48 - 00000000 ____D C:\Users\ronak_000\Documents\CCleaner Backups
2013-10-31 13:52 - 2013-10-31 13:52 - 00000000 ____D C:\Users\ronak_000\AppData\Local\TERA
2013-10-31 13:51 - 2013-10-31 13:51 - 00000000 ____D C:\Users\ronak_000\AppData\Local\Cyberlink
2013-10-31 13:39 - 2013-11-01 03:52 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-10-31 13:27 - 2013-10-31 13:27 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-10-31 13:26 - 2013-10-31 13:26 - 07539624 _____ (Symantec Corporation) C:\Users\ronak_000\Desktop\NRnR.exe
2013-10-31 13:24 - 2013-11-03 08:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-31 13:24 - 2013-10-31 13:24 - 00000000 ____D C:\Users\ronak_000\AppData\Local\Microsoft Help
2013-10-31 11:40 - 2013-10-31 11:40 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-10-31 11:07 - 2013-10-31 11:07 - 00000000 _____ C:\Users\ronak_000\BITF25.tmp
2013-10-31 11:04 - 2013-11-03 19:27 - 00000000 ____D C:\Users\ronak_000\AppData\Local\Firestorm
2013-10-31 11:04 - 2013-11-01 19:08 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Firestorm
2013-10-31 11:04 - 2013-10-31 11:04 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\NVIDIA
2013-10-31 11:03 - 2013-10-31 11:04 - 00000000 ____D C:\Program Files (x86)\Firestorm-Beta
2013-10-31 10:28 - 2013-10-31 10:28 - 00000000 ____D C:\ProgramData\PCSettings
2013-10-31 10:08 - 2013-11-01 20:27 - 00000000 ____D C:\Program Files (x86)\Everything
2013-10-31 10:08 - 2013-10-31 10:08 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
2013-10-31 10:04 - 2013-11-03 12:05 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\stickies
2013-10-31 10:04 - 2013-10-31 10:04 - 00000835 _____ C:\WINDOWS\uninstallstickies.bat
2013-10-31 10:04 - 2013-10-31 10:04 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stickies
2013-10-31 10:04 - 2013-10-31 10:04 - 00000000 ____D C:\Program Files (x86)\Stickies
2013-10-31 10:03 - 2013-10-31 10:03 - 00000000 _____ C:\Users\ronak_000\BIT5249.tmp
2013-10-31 09:56 - 2013-10-31 13:29 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\TeamViewer
2013-10-31 09:48 - 2013-10-31 09:48 - 00000000 ____D C:\Users\ronak_000\AppData\Local\Macromedia
2013-10-31 09:41 - 2013-11-03 12:05 - 00000000 ____D C:\Program Files (x86)\Steam
2013-10-31 09:41 - 2013-10-31 09:41 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-10-31 09:35 - 2013-11-04 10:07 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-10-31 09:35 - 2013-10-31 09:35 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-10-31 09:20 - 2013-10-31 09:21 - 00000000 ____D C:\AdwCleaner
2013-10-31 09:17 - 2013-10-31 09:17 - 00000000 ____D C:\WINDOWS\ERUNT
2013-10-31 09:16 - 2013-10-31 09:57 - 00000000 ____D C:\Users\ronak_000\AppData\Local\LogMeIn Rescue Applet
2013-10-31 09:16 - 2013-10-31 09:16 - 00002235 _____ C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard (2).lnk
2013-10-31 09:03 - 2013-10-31 09:03 - 00002110 _____ C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard.lnk
2013-10-31 08:46 - 2013-10-31 08:46 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\hpqlog
2013-10-31 07:09 - 2013-10-31 07:09 - 00002110 _____ C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland).lnk
2013-10-31 06:56 - 2013-10-31 16:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-31 05:30 - 2013-10-31 05:30 - 00000000 ____D C:\Program Files\Google
2013-10-31 05:29 - 2013-11-04 09:39 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-31 05:29 - 2013-11-03 12:05 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-31 05:29 - 2013-10-31 05:34 - 00003898 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-31 05:29 - 2013-10-31 05:34 - 00003662 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-31 05:29 - 2013-10-31 05:30 - 00000000 ____D C:\ProgramData\Google
2013-10-31 05:29 - 2013-10-31 05:30 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-31 05:29 - 2013-10-31 05:29 - 00000000 ____D C:\Users\ronak_000\AppData\Local\Google
2013-10-31 05:29 - 2013-10-31 05:29 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-30 15:26 - 2013-10-30 15:26 - 00000000 _____ C:\Users\ronak_000\BITAE00.tmp
2013-10-30 15:25 - 2013-10-30 15:25 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2013-10-30 15:19 - 2013-11-03 19:54 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\webex
2013-10-30 15:19 - 2013-10-30 19:53 - 00000000 ____D C:\ProgramData\WebEx
2013-10-30 15:17 - 2013-11-03 17:54 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Skype
2013-10-30 15:17 - 2013-10-30 15:17 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-30 15:17 - 2013-10-30 15:17 - 00000000 ____D C:\ProgramData\Skype
2013-10-30 15:16 - 2013-10-31 05:29 - 00000000 ____D C:\ProgramData\Adobe
2013-10-30 15:15 - 2013-10-31 09:27 - 00000000 ____D C:\Users\ronak_000\AppData\Local\Adobe
2013-10-30 15:10 - 2013-10-30 15:10 - 00000000 _____ C:\Users\ronak_000\BITA5E6.tmp
2013-10-30 14:55 - 2013-11-01 04:39 - 00000000 ____D C:\Users\ronak_000\AppData\Local\NPE
2013-10-30 14:41 - 2013-10-30 14:41 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2013-10-30 14:41 - 2013-10-30 14:41 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Leadertech
2013-10-30 14:41 - 2013-10-30 14:41 - 00000000 ____D C:\Users\Public\Documents\Logishrd
2013-10-30 14:41 - 2013-10-30 14:41 - 00000000 ____D C:\ProgramData\Logishrd
2013-10-30 14:40 - 2013-10-30 14:41 - 00000000 ____D C:\Program Files\Common Files\Logishrd
2013-10-30 14:40 - 2013-10-30 14:40 - 00000000 ____D C:\Program Files\Logitech
2013-10-30 14:39 - 2013-10-30 14:41 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Logitech
2013-10-30 14:39 - 2013-10-30 14:39 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Logishrd
2013-10-30 14:15 - 2013-10-30 14:15 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-10-30 14:15 - 2013-10-30 14:11 - 00000000 ____D C:\Windows.old
2013-10-30 14:13 - 2013-10-30 14:13 - 00000000 _____ C:\Users\ronak_000\BITB0FF.tmp
2013-10-30 14:09 - 2013-10-30 14:09 - 00000000 ____D C:\$WINDOWS.~BT
2013-10-30 13:54 - 2013-10-30 14:05 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TERA
2013-10-30 13:54 - 2013-10-30 13:54 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2013-10-30 13:54 - 2007-04-04 20:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2013-10-30 13:53 - 2013-11-02 06:18 - 00000000 ____D C:\ProgramData\HappyCloud
2013-10-30 13:53 - 2013-10-30 13:53 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Happy Cloud
2013-10-30 13:49 - 2013-10-30 13:49 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-10-30 13:43 - 2013-10-31 09:57 - 00000370 _____ C:\WINDOWS\Tasks\HPCeeScheduleForronak_000.job
2013-10-30 13:43 - 2013-10-31 09:26 - 00003192 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForronak_000
2013-10-30 13:43 - 2013-10-30 13:43 - 00000000 _____ C:\Users\ronak_000\BITE8FB.tmp
2013-10-30 13:42 - 2013-10-30 13:42 - 00119528 _____ (Qualcomm Atheros Co., Ltd.) C:\WINDOWS\system32\Drivers\L1C63x64.sys
2013-10-30 13:30 - 2013-11-01 23:50 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Mozilla
2013-10-30 13:30 - 2013-10-30 13:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-30 13:29 - 2013-10-17 20:36 - 01063200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2013-10-30 13:29 - 2013-10-17 20:36 - 00955168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2013-10-30 13:28 - 2013-10-30 13:28 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-10-30 13:27 - 2013-10-23 05:30 - 30344480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2013-10-30 13:27 - 2013-10-23 05:30 - 25257248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2013-10-30 13:27 - 2013-10-23 05:30 - 22933792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2013-10-30 13:27 - 2013-10-23 05:30 - 18199872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2013-10-30 13:27 - 2013-10-23 05:30 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2013-10-30 13:27 - 2013-10-23 05:30 - 15855568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2013-10-30 13:27 - 2013-10-23 05:30 - 15212336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2013-10-30 13:27 - 2013-10-23 05:30 - 12572960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2013-10-30 13:27 - 2013-10-23 05:30 - 11426568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2013-10-30 13:27 - 2013-10-23 05:30 - 11374520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2013-10-30 13:27 - 2013-10-23 05:30 - 09524088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2013-10-30 13:27 - 2013-10-23 05:30 - 09480328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2013-10-30 13:27 - 2013-10-23 05:30 - 03131680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2013-10-30 13:27 - 2013-10-23 05:30 - 03124512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2013-10-30 13:27 - 2013-10-23 05:30 - 02946848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2013-10-30 13:27 - 2013-10-23 05:30 - 02747168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2013-10-30 13:27 - 2013-10-23 05:30 - 02695200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2013-10-30 13:27 - 2013-10-23 05:30 - 01884448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433165.dll
2013-10-30 13:27 - 2013-10-23 05:30 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433165.dll
2013-10-30 13:27 - 2013-10-23 05:30 - 01241376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2013-10-30 13:27 - 2013-10-23 05:30 - 00696096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2013-10-30 13:27 - 2013-10-23 05:30 - 00655136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2013-10-30 13:27 - 2013-10-23 05:30 - 00599840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2013-10-30 13:27 - 2013-10-23 05:30 - 00560416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2013-10-30 13:27 - 2013-10-23 05:30 - 00479520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2013-10-30 13:27 - 2013-10-23 05:30 - 00405280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2013-10-30 13:27 - 2013-10-23 05:30 - 00317472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2013-10-30 13:27 - 2013-10-23 05:30 - 00266984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2013-10-30 13:27 - 2013-10-23 05:30 - 00168616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2013-10-30 13:27 - 2013-10-23 05:30 - 00141336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2013-10-30 13:27 - 2013-09-27 18:01 - 00039200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2013-10-30 13:27 - 2013-09-27 18:01 - 00029984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2013-10-30 13:27 - 2013-09-27 18:01 - 00028960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2013-10-30 13:27 - 2013-06-16 07:38 - 00196384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2013-10-30 13:27 - 2013-06-16 07:38 - 00031520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2013-10-30 13:27 - 2013-01-29 03:35 - 01510176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco64.dll
2013-10-30 13:22 - 2013-10-30 13:22 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2013-10-30 13:22 - 2013-10-30 13:22 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2013-10-30 13:22 - 2013-10-30 13:22 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2013-10-30 13:22 - 2013-10-30 13:22 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2013-10-30 13:22 - 2013-10-30 13:22 - 00000000 ____D C:\ProgramData\Sun
2013-10-30 13:22 - 2013-10-30 13:22 - 00000000 ____D C:\ProgramData\Oracle
2013-10-30 13:22 - 2013-10-30 13:22 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-30 13:15 - 2013-10-30 13:15 - 00000000 ____D C:\Program Files (x86)\Hp
2013-10-30 13:14 - 2013-10-30 13:15 - 00000000 ___HD C:\WINDOWS\AxInstSV
2013-10-30 13:13 - 2013-10-30 15:25 - 00000000 ____D C:\Program Files\IDT
2013-10-30 13:13 - 2013-10-30 13:13 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\WinBatch
2013-10-30 13:11 - 2013-10-30 13:11 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\IDT
2013-10-30 13:11 - 2013-09-13 20:15 - 00059416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2013-10-30 13:11 - 2013-09-13 17:36 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2013-10-30 13:11 - 2013-09-13 17:36 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ubpm.dll
2013-10-30 13:11 - 2013-09-13 17:36 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2013-10-30 13:11 - 2013-09-13 17:36 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2013-10-30 13:11 - 2013-09-13 17:36 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2013-10-30 13:11 - 2013-09-13 17:34 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2013-10-30 13:11 - 2013-09-13 17:33 - 03279360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2013-10-30 13:11 - 2013-09-13 17:33 - 01622016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2013-10-30 13:11 - 2013-09-13 17:33 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2013-10-30 13:11 - 2013-09-13 17:33 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2013-10-30 13:11 - 2013-09-13 17:33 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2013-10-30 13:11 - 2013-09-13 17:33 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2013-10-30 13:11 - 2013-09-13 17:33 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2013-10-30 13:11 - 2013-09-13 17:33 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2013-10-30 13:11 - 2013-08-30 00:43 - 00061784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2013-10-30 13:11 - 2013-08-30 00:20 - 01173504 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2013-10-30 13:11 - 2013-08-29 18:48 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2013-10-30 13:11 - 2013-08-21 01:39 - 00465240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2013-10-30 13:11 - 2013-08-10 01:30 - 00151896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2013-10-30 13:11 - 2013-08-10 00:21 - 00817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2013-10-30 13:11 - 2013-08-09 22:58 - 00656896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2013-10-30 13:11 - 2013-07-24 18:10 - 10799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2013-10-30 13:11 - 2013-07-24 18:07 - 13661696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2013-10-30 13:11 - 2013-07-11 20:38 - 00599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2013-10-30 13:11 - 2013-07-11 20:30 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2013-10-30 13:10 - 2013-04-02 18:37 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdlg.dll
2013-10-30 13:10 - 2013-04-02 18:12 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdlg.dll
2013-10-30 13:10 - 2013-03-21 22:49 - 02382336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2013-10-30 13:10 - 2013-03-21 17:47 - 02851840 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2013-10-30 13:10 - 2013-03-02 03:23 - 00375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2013-10-30 13:10 - 2013-03-01 21:44 - 01011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2013-10-30 13:10 - 2012-12-14 23:55 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2013-10-30 13:10 - 2012-11-03 00:26 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysreset.exe
2013-10-30 13:10 - 2012-11-03 00:25 - 00945152 _____ (Microsoft Corporation) C:\WINDOWS\system32\resetengmig.dll
2013-10-30 13:10 - 2012-10-23 22:25 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2013-10-30 13:10 - 2012-10-23 22:25 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2013-10-30 13:10 - 2012-10-23 22:24 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2013-10-30 13:10 - 2012-10-23 22:24 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2013-10-30 13:10 - 2012-10-23 22:05 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2013-10-30 13:10 - 2012-10-23 21:48 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2013-10-30 12:11 - 2013-10-30 12:11 - 00002780 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2013-10-30 12:11 - 2013-10-30 12:11 - 00000824 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-10-30 12:11 - 2013-10-30 12:11 - 00000000 ____D C:\Program Files\CCleaner
2013-10-30 11:57 - 2013-07-09 03:04 - 00120144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2013-10-30 11:57 - 2013-07-09 01:18 - 00439488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2013-10-30 11:57 - 2013-07-08 23:25 - 00385768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2013-10-30 11:57 - 2013-07-08 22:57 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2013-10-30 11:57 - 2013-07-08 17:46 - 00543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2013-10-30 11:57 - 2013-07-08 17:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2013-10-30 11:57 - 2013-07-08 17:46 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanadvui.dll
2013-10-30 11:57 - 2013-07-08 17:45 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2013-10-30 11:57 - 2013-07-05 19:16 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2013-10-30 11:57 - 2013-07-02 19:23 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2013-10-30 11:57 - 2013-07-02 19:23 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2013-10-30 11:57 - 2013-07-02 19:22 - 02839552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2013-10-30 11:57 - 2013-07-02 19:22 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2013-10-30 11:57 - 2013-07-02 19:11 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2013-10-30 11:57 - 2013-07-02 19:11 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-10-30 11:57 - 2013-07-02 19:10 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2013-10-30 11:57 - 2013-06-30 17:30 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\openfiles.exe
2013-10-30 11:57 - 2013-06-30 17:29 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\openfiles.exe
2013-10-30 11:57 - 2013-06-29 01:15 - 00195416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2013-10-30 11:57 - 2013-06-29 01:15 - 00125784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2013-10-30 11:57 - 2013-06-29 00:43 - 00327512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2013-10-30 11:57 - 2013-06-28 20:12 - 01022464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2013-10-30 11:57 - 2013-06-25 22:01 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2013-10-30 11:57 - 2013-06-25 21:59 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HdAudio.sys
2013-10-30 11:57 - 2013-06-24 17:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2013-10-30 11:57 - 2013-06-24 17:54 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2013-10-30 11:57 - 2013-06-24 17:54 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2013-10-30 11:57 - 2013-06-19 00:36 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2013-10-30 11:57 - 2013-06-19 00:36 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2013-10-30 11:57 - 2013-06-18 17:38 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2013-10-30 11:57 - 2013-06-18 17:38 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2013-10-30 11:57 - 2013-06-16 17:41 - 00997632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2013-10-30 11:57 - 2013-06-11 18:43 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2013-10-30 11:57 - 2013-06-11 18:26 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2013-10-30 11:57 - 2013-06-10 16:17 - 00096512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2013-10-30 11:57 - 2013-06-10 14:16 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2013-10-30 11:57 - 2013-06-10 14:15 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2013-10-30 11:57 - 2013-06-10 14:15 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2013-10-30 11:57 - 2013-06-10 14:15 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2013-10-30 11:57 - 2013-06-10 14:10 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2013-10-30 11:57 - 2013-06-10 14:10 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2013-10-30 11:57 - 2013-06-06 03:03 - 00119040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2013-10-30 11:57 - 2013-06-01 06:34 - 02391280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2013-10-30 11:57 - 2013-06-01 06:26 - 06987008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-10-30 11:57 - 2013-06-01 06:26 - 00327936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2013-10-30 11:57 - 2013-06-01 05:24 - 02106176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2013-10-30 11:57 - 2013-06-01 04:25 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2013-10-30 11:57 - 2013-06-01 04:25 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2013-10-30 11:57 - 2013-06-01 04:24 - 01453568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2013-10-30 11:57 - 2013-06-01 04:24 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2013-10-30 11:57 - 2013-06-01 04:24 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2013-10-30 11:57 - 2013-06-01 04:23 - 01842176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-10-30 11:57 - 2013-06-01 04:23 - 00680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2013-10-30 11:57 - 2013-06-01 04:22 - 00523264 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2013-10-30 11:57 - 2013-06-01 04:22 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2013-10-30 11:57 - 2013-06-01 04:22 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe
2013-10-30 11:57 - 2013-06-01 04:21 - 00729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2013-10-30 11:57 - 2013-06-01 04:21 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2013-10-30 11:57 - 2013-06-01 04:20 - 02219520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-10-30 11:57 - 2013-06-01 04:20 - 01527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2013-10-30 11:57 - 2013-06-01 04:20 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2013-10-30 11:57 - 2013-06-01 04:20 - 00583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2013-10-30 11:57 - 2013-06-01 04:19 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2013-10-30 11:57 - 2013-06-01 04:19 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2013-10-30 11:57 - 2013-05-31 22:08 - 00037632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthAvrcpTg.sys
2013-10-30 11:57 - 2013-05-24 17:09 - 01403296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2013-10-30 11:57 - 2013-05-24 17:09 - 01271584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2013-10-30 11:57 - 2013-05-24 17:09 - 01217352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2013-10-30 11:57 - 2013-05-24 17:09 - 01093904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2013-10-30 11:57 - 2012-10-02 02:34 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2013-10-30 11:57 - 2012-09-27 02:17 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.exe
2013-10-30 11:57 - 2012-09-27 02:17 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ndadmin.exe
2013-10-30 11:57 - 2012-09-27 02:15 - 00301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2013-10-30 11:57 - 2012-09-27 01:35 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.exe
2013-10-30 11:57 - 2012-09-27 01:35 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ndadmin.exe
2013-10-30 11:57 - 2012-09-27 01:34 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2013-10-30 11:56 - 2012-11-06 02:52 - 00277736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2013-10-30 11:56 - 2012-11-06 02:33 - 01566432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2013-10-30 11:56 - 2012-11-05 23:48 - 01150160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2013-10-30 11:56 - 2012-11-05 23:20 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2013-10-30 11:56 - 2012-11-05 23:20 - 00516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2013-10-30 11:56 - 2012-11-05 23:20 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2013-10-30 11:56 - 2012-11-05 23:20 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2013-10-30 11:56 - 2012-11-05 23:20 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2013-10-30 11:56 - 2012-11-05 23:20 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2013-10-30 11:56 - 2012-11-05 23:20 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2013-10-30 11:56 - 2012-11-05 23:20 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2013-10-30 11:56 - 2012-11-05 23:19 - 08552448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2013-10-30 11:56 - 2012-11-05 23:19 - 01386496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2013-10-30 11:56 - 2012-11-05 23:19 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2013-10-30 11:56 - 2012-11-05 23:19 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2013-10-30 11:56 - 2012-11-05 23:19 - 00466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2013-10-30 11:56 - 2012-11-05 23:19 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2013-10-30 11:56 - 2012-11-05 23:19 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2013-10-30 11:56 - 2012-11-05 23:19 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2013-10-30 11:56 - 2012-11-05 23:19 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2013-10-30 11:56 - 2012-11-05 23:19 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2013-10-30 11:56 - 2012-11-05 23:19 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnEapPeerProxy.dll
2013-10-30 11:56 - 2012-11-05 23:19 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnEapAuthProxy.dll
2013-10-30 11:56 - 2012-11-05 23:18 - 11459584 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2013-10-30 11:56 - 2012-11-05 23:18 - 00976384 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2013-10-30 11:56 - 2012-11-05 23:18 - 00189440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2013-10-30 11:56 - 2012-11-05 23:18 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2013-10-30 11:56 - 2012-11-05 23:18 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2013-10-30 11:56 - 2012-11-05 23:18 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2013-10-30 11:56 - 2012-11-05 23:17 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2013-10-30 11:56 - 2012-11-05 23:17 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
2013-10-30 11:56 - 2012-11-05 23:00 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsilog.dll
2013-10-30 11:56 - 2012-11-05 22:58 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2013-10-30 11:56 - 2012-11-05 22:56 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2013-10-30 11:56 - 2012-11-05 22:55 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2013-10-30 11:56 - 2012-11-05 22:55 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2013-10-30 11:56 - 2012-11-05 22:55 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2013-10-30 11:56 - 2012-11-05 22:55 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2013-10-30 11:56 - 2012-11-05 22:55 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fxppm.sys
2013-10-30 11:56 - 2012-11-05 22:53 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2013-10-30 11:56 - 2012-11-05 22:51 - 00665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2013-10-30 11:55 - 2013-08-10 00:21 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2013-10-30 11:55 - 2013-08-10 00:21 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncInfo.dll
2013-10-30 11:55 - 2013-08-09 22:58 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2013-10-30 11:55 - 2013-08-02 01:28 - 19758080 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2013-10-30 11:55 - 2013-08-02 01:28 - 10116608 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-10-30 11:55 - 2013-08-02 01:28 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2013-10-30 11:55 - 2013-08-02 01:26 - 02304512 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2013-10-30 11:55 - 2013-08-02 00:08 - 17561088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2013-10-30 11:55 - 2013-08-02 00:08 - 08858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-10-30 11:55 - 2013-08-02 00:08 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2013-10-30 11:55 - 2013-08-02 00:06 - 02035712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2013-10-30 11:55 - 2013-08-01 05:41 - 02233688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2013-10-30 11:55 - 2013-07-30 18:30 - 00386923 _____ C:\WINDOWS\system32\ApnDatabase.xml
2013-10-30 11:55 - 2013-07-24 18:10 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2013-10-30 11:55 - 2013-07-24 18:06 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2013-10-30 11:55 - 2013-04-09 18:17 - 01125888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2013-10-30 11:55 - 2013-04-09 17:29 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2013-10-30 11:55 - 2012-11-27 01:39 - 01122768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2013-10-30 11:55 - 2012-11-26 23:49 - 01027152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2013-10-30 11:55 - 2012-11-26 23:20 - 01217536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2013-10-30 11:55 - 2012-11-26 23:20 - 01123840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2013-10-30 11:55 - 2012-11-26 23:20 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2013-10-30 11:55 - 2012-11-26 23:20 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2013-10-30 11:55 - 2012-11-26 23:20 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2013-10-30 11:55 - 2012-11-26 23:20 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2013-10-30 11:55 - 2012-11-26 23:20 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vds_ps.dll
2013-10-30 11:55 - 2012-11-26 23:19 - 03245568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2013-10-30 11:55 - 2012-11-26 23:19 - 01536512 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2013-10-30 11:55 - 2012-11-26 23:19 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2013-10-30 11:55 - 2012-11-26 23:19 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2013-10-30 11:55 - 2012-11-26 23:19 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2013-10-30 11:55 - 2012-10-23 23:54 - 00396008 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2013-10-30 11:55 - 2012-10-12 03:08 - 00027880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2013-10-30 11:55 - 2012-10-12 01:14 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2013-10-30 11:55 - 2012-10-12 01:13 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dskquota.dll
2013-10-30 11:55 - 2012-10-12 00:50 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2013-10-30 11:55 - 2012-10-11 02:47 - 00793200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2013-10-30 11:55 - 2012-10-11 02:25 - 00056552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2013-10-30 11:55 - 2012-10-11 02:23 - 00441576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2013-10-30 11:55 - 2012-10-11 02:18 - 00172264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2013-10-30 11:55 - 2012-10-11 02:13 - 00033512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\battc.sys
2013-10-30 11:55 - 2012-10-11 02:08 - 00562392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2013-10-30 11:55 - 2012-10-11 02:02 - 01636672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2013-10-30 11:55 - 2012-10-11 00:46 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2013-10-30 11:55 - 2012-10-11 00:46 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2013-10-30 11:55 - 2012-10-11 00:46 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Compression.dll
2013-10-30 11:55 - 2012-10-11 00:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2013-10-30 11:55 - 2012-10-11 00:46 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2013-10-30 11:55 - 2012-10-11 00:45 - 01045504 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2013-10-30 11:55 - 2012-10-11 00:45 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2013-10-30 11:55 - 2012-10-11 00:45 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2013-10-30 11:55 - 2012-10-11 00:45 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2013-10-30 11:55 - 2012-10-11 00:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll
2013-10-30 11:55 - 2012-10-11 00:45 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2013-10-30 11:55 - 2012-10-11 00:44 - 01265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2013-10-30 11:55 - 2012-10-11 00:44 - 00904192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2013-10-30 11:55 - 2012-10-11 00:44 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2013-10-30 11:55 - 2012-10-11 00:44 - 00264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2013-10-30 11:55 - 2012-10-11 00:44 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2013-10-30 11:55 - 2012-10-11 00:44 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2013-10-30 11:55 - 2012-10-11 00:43 - 01280000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2013-10-30 11:55 - 2012-10-11 00:43 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2013-10-30 11:55 - 2012-10-11 00:43 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2013-10-30 11:55 - 2012-10-11 00:43 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2013-10-30 11:55 - 2012-10-11 00:43 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2013-10-30 11:55 - 2012-10-11 00:43 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2013-10-30 11:55 - 2012-10-11 00:43 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2013-10-30 11:55 - 2012-10-11 00:43 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2013-10-30 11:55 - 2012-10-11 00:42 - 00612416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2013-10-30 11:55 - 2012-10-11 00:23 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-pdc.dll
2013-10-30 11:55 - 2012-10-11 00:23 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdhebl3.dll
2013-10-30 11:55 - 2012-10-11 00:19 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmkaud.sys
2013-10-30 11:55 - 2012-10-11 00:18 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmk.sys
2013-10-30 11:55 - 2012-10-11 00:16 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2013-10-30 11:55 - 2012-10-11 00:15 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2013-10-30 11:55 - 2012-10-11 00:07 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2013-10-30 11:55 - 2012-10-11 00:07 - 00962560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2013-10-30 11:55 - 2012-10-11 00:07 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2013-10-30 11:55 - 2012-10-11 00:07 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2013-10-30 11:55 - 2012-10-11 00:07 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Compression.dll
2013-10-30 11:55 - 2012-10-11 00:07 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2013-10-30 11:55 - 2012-10-11 00:07 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2013-10-30 11:55 - 2012-10-11 00:06 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2013-10-30 11:55 - 2012-10-11 00:06 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2013-10-30 11:55 - 2012-10-11 00:06 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2013-10-30 11:55 - 2012-10-11 00:06 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2013-10-30 11:55 - 2012-10-11 00:06 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2013-10-30 11:55 - 2012-10-11 00:06 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2013-10-30 11:55 - 2012-10-11 00:06 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2013-10-30 11:55 - 2012-10-11 00:05 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2013-10-30 11:55 - 2012-10-10 23:42 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdhebl3.dll
2013-10-30 11:55 - 2012-10-10 19:45 - 00478424 _____ C:\WINDOWS\SysWOW64\locale.nls
2013-10-30 11:55 - 2012-10-10 19:44 - 00478424 _____ C:\WINDOWS\system32\locale.nls
2013-10-30 11:54 - 2013-08-03 01:40 - 01374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2013-10-30 11:54 - 2013-08-03 01:40 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll
2013-10-30 11:54 - 2013-08-03 01:40 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx
2013-10-30 11:54 - 2013-08-03 00:14 - 00399360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2013-10-30 11:54 - 2013-08-03 00:13 - 01245696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2013-10-30 11:54 - 2013-08-03 00:13 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll
2013-10-30 11:54 - 2012-11-20 00:24 - 01164800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2013-10-30 11:54 - 2012-11-20 00:17 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-10-30 11:54 - 2012-11-20 00:02 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDKURD.DLL
2013-10-30 11:54 - 2012-11-19 23:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDKURD.DLL
2013-10-30 11:54 - 2012-10-16 23:32 - 01172992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2013-10-30 11:54 - 2012-10-16 23:32 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2013-10-30 11:54 - 2012-10-16 23:32 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2013-10-30 11:54 - 2012-10-16 22:57 - 00929792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2013-10-30 11:54 - 2012-10-16 22:57 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2013-10-30 11:54 - 2012-10-16 22:57 - 00513024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2013-10-30 11:54 - 2012-10-12 00:39 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dskquota.dll
2013-10-30 11:40 - 2013-10-30 11:40 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-10-30 11:40 - 2013-09-26 03:46 - 80541720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-10-30 11:30 - 2013-10-30 11:30 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\WebApp
2013-10-30 11:30 - 2013-10-30 11:30 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\CyberLink
2013-10-30 11:30 - 2013-10-30 11:30 - 00000000 ____D C:\Users\Public\CyberLink
2013-10-30 11:29 - 2013-10-30 11:29 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2013-10-30 11:29 - 2012-10-10 02:04 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\synceng.dll
2013-10-30 11:29 - 2012-10-10 01:31 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\synceng.dll
2013-10-30 11:28 - 2013-11-04 08:46 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\ClassicShell
2013-10-30 11:28 - 2013-10-31 10:01 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2013-10-30 11:28 - 2013-10-31 10:01 - 00000000 _____ C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-10-30 11:28 - 2013-08-16 00:41 - 00058200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2013-10-30 11:28 - 2013-08-16 00:39 - 02371728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2013-10-30 11:28 - 2013-08-16 00:32 - 00209200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationUI.exe
2013-10-30 11:28 - 2013-08-16 00:22 - 04917760 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2013-10-30 11:28 - 2013-08-16 00:21 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2013-10-30 11:28 - 2013-08-16 00:21 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-10-30 11:28 - 2013-08-16 00:21 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2013-10-30 11:28 - 2013-08-16 00:21 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2013-10-30 11:28 - 2013-08-16 00:21 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2013-10-30 11:28 - 2013-08-16 00:21 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2013-10-30 11:28 - 2013-08-16 00:21 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-10-30 11:28 - 2013-08-16 00:21 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2013-10-30 11:28 - 2013-08-16 00:21 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcln.dll
2013-10-30 11:28 - 2013-08-16 00:21 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2013-10-30 11:28 - 2013-08-16 00:21 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2013-10-30 11:28 - 2013-08-16 00:20 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2013-10-30 11:28 - 2013-08-15 17:43 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-10-30 11:28 - 2013-08-15 17:43 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2013-10-30 11:28 - 2013-08-15 17:43 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
2013-10-30 11:28 - 2013-08-15 17:43 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2013-10-30 11:28 - 2013-08-15 17:43 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-10-30 11:28 - 2013-08-15 17:43 - 00083968 _____ C:\WINDOWS\SysWOW64\OEMLicense.dll
2013-10-30 11:28 - 2013-08-15 17:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2013-10-30 11:28 - 2013-08-15 17:42 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2013-10-30 11:28 - 2013-08-15 17:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcln.dll
2013-10-30 11:28 - 2013-07-01 19:44 - 00036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2013-10-30 11:28 - 2013-07-01 17:08 - 00247216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2013-10-30 11:28 - 2013-01-09 20:53 - 00028904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys
2013-10-30 11:28 - 2013-01-09 20:29 - 00091880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2013-10-30 11:28 - 2013-01-09 18:26 - 01752064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2013-10-30 11:28 - 2013-01-09 18:26 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2013-10-30 11:28 - 2013-01-09 18:26 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2013-10-30 11:28 - 2013-01-09 18:26 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2013-10-30 11:28 - 2013-01-09 18:26 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaacmgr.exe
2013-10-30 11:28 - 2013-01-09 18:23 - 02094592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2013-10-30 11:28 - 2013-01-09 18:23 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2013-10-30 11:28 - 2013-01-09 18:23 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2013-10-30 11:28 - 2013-01-09 18:23 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2013-10-30 11:28 - 2013-01-09 18:23 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2013-10-30 11:28 - 2013-01-09 18:23 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaacmgr.exe
2013-10-30 11:28 - 2013-01-09 18:22 - 00894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2013-10-30 11:28 - 2013-01-09 18:22 - 00666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2013-10-30 11:28 - 2013-01-09 18:22 - 00438272 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2013-10-30 11:28 - 2013-01-09 18:22 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2013-10-30 11:28 - 2012-11-25 23:21 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2013-10-30 11:28 - 2012-11-25 23:20 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2013-10-30 11:28 - 2012-11-02 00:19 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2013-10-30 11:28 - 2012-11-02 00:18 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2013-10-30 11:28 - 2012-11-02 00:18 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2013-10-30 11:28 - 2012-11-02 00:18 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhapi.dll
2013-10-30 11:28 - 2012-11-02 00:18 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2013-10-30 11:28 - 2012-11-02 00:18 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2013-10-30 11:27 - 2013-07-05 19:15 - 00652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2013-10-30 11:27 - 2013-07-03 21:13 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2013-10-30 11:26 - 2013-10-30 11:26 - 00000000 ____D C:\Program Files\Classic Shell
2013-10-30 11:26 - 2013-09-22 18:28 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-10-30 11:26 - 2013-09-22 18:28 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-10-30 11:26 - 2013-09-22 18:27 - 14335488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-10-30 11:26 - 2013-09-22 18:27 - 13761024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-10-30 11:26 - 2013-09-22 18:27 - 02876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-10-30 11:26 - 2013-09-22 18:27 - 02048512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-10-30 11:26 - 2013-09-22 18:27 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2013-10-30 11:26 - 2013-09-22 18:27 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2013-10-30 11:26 - 2013-09-22 17:55 - 02241024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-10-30 11:26 - 2013-09-22 17:55 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-10-30 11:26 - 2013-09-22 17:55 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-10-30 11:26 - 2013-09-22 17:54 - 19252224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-10-30 11:26 - 2013-09-22 17:54 - 15404544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-10-30 11:26 - 2013-09-22 17:54 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-10-30 11:26 - 2013-09-22 17:54 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-10-30 11:26 - 2013-09-22 17:54 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2013-10-30 11:26 - 2013-09-22 17:54 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2013-10-30 11:26 - 2013-06-22 00:45 - 00785624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2013-10-30 11:26 - 2013-06-22 00:45 - 00054488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
2013-10-30 11:26 - 2013-05-15 17:37 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2013-10-30 11:26 - 2013-05-15 17:35 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2013-10-30 11:26 - 2013-05-14 08:14 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2013-10-30 11:26 - 2013-05-14 04:23 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2013-10-30 11:26 - 2013-04-28 17:28 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2013-10-30 11:26 - 2013-04-15 21:34 - 01455368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-10-30 11:26 - 2013-02-21 05:29 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2013-10-30 11:26 - 2013-02-21 05:29 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2013-10-30 11:26 - 2013-02-21 05:29 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2013-10-30 11:26 - 2013-02-21 05:29 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2013-10-30 11:26 - 2013-02-21 05:14 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2013-10-30 11:26 - 2013-02-21 05:14 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2013-10-30 11:26 - 2013-02-19 04:53 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2013-10-30 11:26 - 2012-11-07 23:20 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2013-10-30 11:26 - 2012-11-07 23:20 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2013-10-30 11:24 - 2012-08-30 19:53 - 00017888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2013-10-30 11:24 - 2012-08-30 19:52 - 00017888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2013-10-30 11:23 - 2013-07-05 17:02 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbcir.sys
2013-10-30 11:23 - 2013-07-01 17:14 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbprint.sys
2013-10-30 11:23 - 2013-06-28 22:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2013-10-30 11:23 - 2013-06-28 22:07 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2013-10-30 11:23 - 2013-05-03 23:48 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2013-10-30 11:23 - 2013-03-02 05:57 - 00332520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2013-10-30 11:23 - 2013-03-02 05:57 - 00077544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2013-10-30 11:23 - 2013-03-02 05:39 - 00495336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2013-10-30 11:23 - 2013-03-02 03:23 - 01338880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2013-10-30 11:23 - 2013-03-02 03:23 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2013-10-30 11:23 - 2013-03-02 03:23 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2013-10-30 11:23 - 2013-03-02 03:23 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2013-10-30 11:23 - 2013-03-02 03:23 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncInfo.dll
2013-10-30 11:23 - 2013-03-02 03:22 - 05091840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2013-10-30 11:23 - 2013-03-02 03:22 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2013-10-30 11:23 - 2013-03-02 03:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2013-10-30 11:23 - 2013-03-02 03:21 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2013-10-30 11:23 - 2013-03-02 03:21 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevDispItemProvider.dll
2013-10-30 11:23 - 2013-03-01 21:45 - 01627648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2013-10-30 11:23 - 2013-03-01 21:45 - 01149952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2013-10-30 11:23 - 2013-03-01 21:45 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2013-10-30 11:23 - 2013-03-01 21:45 - 00951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2013-10-30 11:23 - 2013-03-01 21:45 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2013-10-30 11:23 - 2013-03-01 21:45 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2013-10-30 11:23 - 2013-03-01 21:45 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2013-10-30 11:23 - 2013-03-01 21:45 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2013-10-30 11:23 - 2013-03-01 21:45 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2013-10-30 11:23 - 2013-03-01 21:45 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDPrintProxy.DLL
2013-10-30 11:23 - 2013-03-01 21:44 - 05978624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2013-10-30 11:23 - 2013-03-01 21:44 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2013-10-30 11:23 - 2013-03-01 21:44 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2013-10-30 11:23 - 2013-03-01 21:44 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll
2013-10-30 11:23 - 2013-03-01 21:44 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\NdisImPlatform.dll
2013-10-30 11:23 - 2013-03-01 21:44 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevDispItemProvider.dll
2013-10-30 11:23 - 2013-03-01 21:43 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2013-10-30 11:23 - 2013-03-01 21:15 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2013-10-30 11:23 - 2013-02-28 23:56 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2013-10-30 11:21 - 2013-05-23 18:02 - 01314816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2013-10-30 11:21 - 2013-05-23 17:25 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2013-10-30 11:21 - 2013-04-23 18:13 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2013-10-30 11:21 - 2013-04-23 18:12 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptnet.dll
2013-10-30 11:21 - 2013-04-23 17:56 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2013-10-30 11:21 - 2013-04-23 17:55 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptnet.dll
2013-10-30 11:20 - 2013-03-02 04:59 - 00411880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2013-10-30 11:19 - 2013-08-23 00:11 - 04040192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-10-30 11:19 - 2013-06-30 20:42 - 00623448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2013-10-30 11:19 - 2013-06-30 20:42 - 00498008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2013-10-30 11:19 - 2013-06-30 20:42 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2013-10-30 11:19 - 2013-06-30 20:42 - 00021848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2013-10-30 11:19 - 2013-06-28 22:07 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2013-10-30 11:19 - 2013-06-28 22:06 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2013-10-30 11:19 - 2013-06-01 04:25 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2013-10-30 11:19 - 2013-06-01 04:21 - 00595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2013-10-30 11:19 - 2013-05-26 18:17 - 00035328 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2013-10-30 11:19 - 2013-05-26 17:59 - 00046080 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2013-10-30 11:19 - 2013-05-24 22:15 - 00362496 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2013-10-30 11:19 - 2013-05-24 21:32 - 00300032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2013-10-30 11:19 - 2013-04-11 17:30 - 01421312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2013-10-30 11:19 - 2013-04-11 17:22 - 01838080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2013-10-30 11:19 - 2013-03-06 02:10 - 00112872 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2013-10-30 11:19 - 2013-03-06 01:29 - 00070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2013-10-30 11:19 - 2013-02-05 17:29 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2013-10-30 11:19 - 2013-02-05 17:28 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2013-10-30 11:19 - 2013-02-02 05:54 - 01933544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2013-10-30 11:19 - 2013-02-02 03:40 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlroamextension.dll
2013-10-30 11:19 - 2013-02-02 03:40 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2013-10-30 11:19 - 2013-02-02 03:40 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2013-10-30 11:19 - 2013-02-02 03:40 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tasklist.exe
2013-10-30 11:19 - 2013-02-02 03:40 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskkill.exe
2013-10-30 11:19 - 2013-02-02 03:39 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2013-10-30 11:19 - 2013-02-02 03:38 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2013-10-30 11:19 - 2013-02-02 03:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskkill.exe
2013-10-30 11:19 - 2013-02-02 03:24 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\tasklist.exe
2013-10-30 11:19 - 2013-02-02 03:23 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2013-10-30 11:19 - 2013-02-02 03:23 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlroamextension.dll
2013-10-30 11:19 - 2013-02-02 03:23 - 00475136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2013-10-30 11:19 - 2013-02-02 03:23 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2013-10-30 11:19 - 2013-02-02 03:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2013-10-30 11:19 - 2013-02-02 03:21 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2013-10-30 11:19 - 2013-02-02 03:20 - 00729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2013-10-30 11:19 - 2013-02-02 03:20 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hotspotauth.dll
2013-10-30 11:19 - 2013-02-02 02:25 - 00297984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2013-10-30 11:19 - 2013-02-02 00:41 - 01437184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2013-10-30 11:19 - 2013-02-02 00:31 - 01690624 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2013-10-30 11:19 - 2012-11-26 22:57 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2013-10-30 11:19 - 2012-11-26 22:55 - 00029952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthhfHid.sys
2013-10-30 11:19 - 2012-11-19 23:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbohci.sys
2013-10-30 11:19 - 2012-11-07 23:24 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2013-10-30 11:19 - 2012-11-07 23:24 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2013-10-30 11:19 - 2012-11-07 23:20 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2013-10-30 11:19 - 2012-11-07 23:20 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2013-10-30 11:19 - 2012-11-07 23:02 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2013-10-30 11:19 - 2012-11-07 23:01 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2013-10-30 11:19 - 2012-10-05 23:53 - 02893824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2013-10-30 11:19 - 2012-10-05 23:15 - 02400256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2013-10-30 11:18 - 2013-02-11 19:17 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2013-10-30 11:17 - 2013-05-30 18:24 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2013-10-30 11:17 - 2013-05-30 18:08 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2013-10-30 11:17 - 2013-05-14 21:25 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2013-10-30 11:17 - 2013-05-14 21:25 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2013-10-30 11:17 - 2013-05-14 21:24 - 00793088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2013-10-30 11:17 - 2013-05-14 21:24 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2013-10-30 11:17 - 2013-05-04 02:58 - 00120736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2013-10-30 11:17 - 2013-05-04 02:34 - 00284416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-10-30 11:17 - 2013-05-04 01:59 - 02842112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2013-10-30 11:17 - 2013-05-04 01:59 - 01483776 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2013-10-30 11:17 - 2013-05-04 01:59 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2013-10-30 11:17 - 2013-05-04 01:58 - 01332736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2013-10-30 11:17 - 2013-05-04 01:58 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2013-10-30 11:17 - 2013-05-04 01:58 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2013-10-30 11:17 - 2013-05-04 01:58 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2013-10-30 11:17 - 2013-05-04 01:58 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2013-10-30 11:17 - 2013-05-04 01:58 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2013-10-30 11:17 - 2013-05-04 01:57 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-10-30 11:17 - 2013-05-04 01:57 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-10-30 11:17 - 2013-05-04 01:57 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2013-10-30 11:17 - 2013-05-04 01:57 - 00501760 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2013-10-30 11:17 - 2013-05-04 01:57 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2013-10-30 11:17 - 2013-05-04 01:57 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2013-10-30 11:17 - 2013-05-04 01:57 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\biwinrt.dll
2013-10-30 11:17 - 2013-05-04 01:57 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\muifontsetup.dll
2013-10-30 11:17 - 2013-05-04 01:56 - 00419840 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2013-10-30 11:17 - 2013-05-03 23:58 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2013-10-30 11:17 - 2013-05-03 23:57 - 02620928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2013-10-30 11:17 - 2013-05-03 23:57 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2013-10-30 11:17 - 2013-05-03 23:57 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2013-10-30 11:17 - 2013-05-03 23:57 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2013-10-30 11:17 - 2013-05-03 23:57 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2013-10-30 11:17 - 2013-05-03 23:57 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\muifontsetup.dll
2013-10-30 11:17 - 2013-05-03 23:56 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2013-10-30 11:17 - 2013-05-03 23:56 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2013-10-30 11:17 - 2013-05-03 23:56 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll
2013-10-30 11:17 - 2013-05-03 23:56 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\biwinrt.dll
2013-10-30 11:17 - 2013-05-03 23:55 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2013-10-30 11:17 - 2013-05-03 23:51 - 00014848 _____ (Microsoft) C:\WINDOWS\system32\rars.rs
2013-10-30 11:17 - 2013-05-03 23:47 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2013-10-30 11:17 - 2013-05-03 23:10 - 00014848 _____ (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2013-10-30 11:17 - 2013-04-27 00:20 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2013-10-30 11:17 - 2013-03-01 21:45 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhost.exe
2013-10-30 11:17 - 2013-03-01 21:45 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostex.exe
2013-10-30 11:17 - 2013-02-02 03:39 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmproxy.dll
2013-10-30 11:17 - 2013-02-02 03:39 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmsprep.dll
2013-10-30 11:17 - 2012-11-05 23:20 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2013-10-30 11:17 - 2012-11-05 23:00 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wushareduxresources.dll
2013-10-30 11:16 - 2013-10-31 05:26 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Adobe
2013-10-30 11:16 - 2013-07-19 17:13 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-30 11:16 - 2013-07-19 17:13 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-30 11:16 - 2013-07-01 20:41 - 00447320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2013-10-30 11:16 - 2013-07-01 20:41 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-10-30 11:16 - 2013-07-01 20:41 - 00213336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2013-10-30 11:16 - 2013-04-09 00:33 - 00489576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2013-10-30 11:16 - 2013-04-09 00:33 - 00446792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2013-10-30 11:16 - 2013-04-09 00:33 - 00253544 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2013-10-30 11:16 - 2013-04-09 00:20 - 00306952 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_10ec.dll
2013-10-30 11:16 - 2013-04-09 00:20 - 00086280 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2013-10-30 11:16 - 2013-04-09 00:18 - 00077960 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdvm.dll
2013-10-30 11:16 - 2013-04-09 00:17 - 01829408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2013-10-30 11:16 - 2013-04-08 23:52 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2013-10-30 11:16 - 2013-04-08 23:52 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2013-10-30 11:16 - 2013-04-08 23:52 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2013-10-30 11:16 - 2013-04-08 23:52 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2013-10-30 11:16 - 2013-04-08 23:52 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2013-10-30 11:16 - 2013-04-08 23:51 - 14267904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2013-10-30 11:16 - 2013-04-08 23:51 - 03552768 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2013-10-30 11:16 - 2013-04-08 23:51 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2013-10-30 11:16 - 2013-04-08 23:51 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2013-10-30 11:16 - 2013-04-08 23:51 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2013-10-30 11:16 - 2013-04-08 23:51 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2013-10-30 11:16 - 2013-04-08 23:50 - 02107904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2013-10-30 11:16 - 2013-04-08 23:50 - 01285632 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2013-10-30 11:16 - 2013-04-08 23:50 - 00745984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2013-10-30 11:16 - 2013-04-08 23:50 - 00435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2013-10-30 11:16 - 2013-04-08 23:50 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2013-10-30 11:16 - 2013-04-08 23:50 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenuineCenter.dll
2013-10-30 11:16 - 2013-04-08 23:50 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2013-10-30 11:16 - 2013-04-08 23:50 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2013-10-30 11:16 - 2013-04-08 23:50 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msshooks.dll
2013-10-30 11:16 - 2013-04-08 23:49 - 01444864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2013-10-30 11:16 - 2013-04-08 23:49 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2013-10-30 11:16 - 2013-04-08 23:49 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2013-10-30 11:16 - 2013-04-08 23:49 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhengine.dll
2013-10-30 11:16 - 2013-04-08 23:49 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2013-10-30 11:16 - 2013-04-08 23:49 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2013-10-30 11:16 - 2013-04-08 23:49 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2013-10-30 11:16 - 2013-04-08 23:49 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\fmifs.dll
2013-10-30 11:16 - 2013-04-08 23:48 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2013-10-30 11:16 - 2013-04-08 21:34 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2013-10-30 11:16 - 2013-04-08 21:33 - 00623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2013-10-30 11:16 - 2013-04-08 21:33 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2013-10-30 11:16 - 2013-04-08 21:32 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2013-10-30 11:16 - 2013-04-08 21:31 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2013-10-30 11:16 - 2013-04-08 21:31 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2013-10-30 11:16 - 2013-04-08 18:44 - 00123880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2013-10-30 11:16 - 2013-04-08 18:39 - 01408896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2013-10-30 11:16 - 2013-04-08 18:37 - 00426024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2013-10-30 11:16 - 2013-04-08 18:37 - 00324368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2013-10-30 11:16 - 2013-04-08 16:52 - 11878912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2013-10-30 11:16 - 2013-04-08 16:52 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2013-10-30 11:16 - 2013-04-08 16:52 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2013-10-30 11:16 - 2013-04-08 16:52 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2013-10-30 11:16 - 2013-04-08 16:52 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2013-10-30 11:16 - 2013-04-08 16:51 - 02767360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2013-10-30 11:16 - 2013-04-08 16:51 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2013-10-30 11:16 - 2013-04-08 16:51 - 01113600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2013-10-30 11:16 - 2013-04-08 16:51 - 00659456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2013-10-30 11:16 - 2013-04-08 16:51 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2013-10-30 11:16 - 2013-04-08 16:51 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2013-10-30 11:16 - 2013-04-08 16:51 - 00361984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2013-10-30 11:16 - 2013-04-08 16:51 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2013-10-30 11:16 - 2013-04-08 16:51 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2013-10-30 11:16 - 2013-04-08 16:51 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2013-10-30 11:16 - 2013-04-08 16:51 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2013-10-30 11:16 - 2013-04-08 16:51 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fmifs.dll
2013-10-30 11:16 - 2013-04-08 16:51 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2013-10-30 11:16 - 2013-04-08 16:51 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msshooks.dll
2013-10-30 11:16 - 2013-04-04 18:30 - 00503080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2013-10-30 11:16 - 2013-03-15 17:05 - 00298456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2013-10-30 11:16 - 2013-03-15 17:05 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2013-10-30 11:16 - 2013-03-02 05:39 - 00069864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2013-10-30 11:16 - 2013-03-01 21:43 - 02146304 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2013-10-30 11:16 - 2013-02-06 20:33 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2013-10-30 11:16 - 2013-02-02 03:40 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsRasterService.dll
2013-10-30 11:16 - 2013-02-02 03:23 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsRasterService.dll
2013-10-30 11:16 - 2013-01-09 20:40 - 00303848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-10-30 11:16 - 2012-12-12 23:00 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2013-10-30 11:16 - 2012-12-12 22:59 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2013-10-30 11:16 - 2012-11-19 23:54 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidi2c.sys
2013-10-30 11:16 - 2012-11-06 02:33 - 00522640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2013-10-30 11:16 - 2012-11-06 00:00 - 00463768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2013-10-30 11:16 - 2012-11-05 23:18 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2013-10-30 11:16 - 2012-10-11 00:44 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2013-10-30 11:16 - 2012-10-11 00:44 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2013-10-30 11:16 - 2012-10-11 00:06 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2013-10-30 11:16 - 2012-10-11 00:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2013-10-30 11:15 - 2013-10-31 08:28 - 00000000 ____D C:\Users\ronak_000\AppData\Local\Hewlett-Packard
2013-10-30 11:15 - 2013-07-13 01:18 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2013-10-30 11:15 - 2013-07-13 01:16 - 01889280 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2013-10-30 11:15 - 2013-07-13 01:16 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2013-10-30 11:15 - 2013-07-13 01:15 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2013-10-30 11:15 - 2013-07-13 01:15 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2013-10-30 11:15 - 2013-07-12 23:24 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2013-10-30 11:15 - 2013-07-12 23:23 - 01568256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2013-10-30 11:15 - 2013-07-12 23:23 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2013-10-30 11:15 - 2013-07-12 23:23 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2013-10-30 11:15 - 2013-03-14 19:17 - 00861184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2013-10-30 11:15 - 2012-11-03 00:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2013-10-30 11:15 - 2012-11-03 00:26 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2013-10-30 11:15 - 2012-11-03 00:24 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2013-10-30 11:15 - 2012-11-03 00:24 - 00375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2013-10-30 11:15 - 2012-11-03 00:24 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2013-10-30 11:15 - 2012-11-03 00:24 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2013-10-30 11:15 - 2012-11-03 00:24 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2013-10-30 11:15 - 2012-11-03 00:24 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2013-10-30 11:15 - 2012-11-03 00:24 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2013-10-30 11:15 - 2012-11-03 00:24 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2013-10-30 11:15 - 2012-11-03 00:04 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2013-10-30 11:15 - 2012-11-03 00:04 - 00003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2013-10-30 11:15 - 2012-11-03 00:00 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2013-10-30 11:15 - 2012-11-03 00:00 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2013-10-30 11:14 - 2013-08-07 00:15 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssdisai.dll
2013-10-30 11:14 - 2012-11-09 23:23 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2013-10-30 11:14 - 2012-11-09 23:23 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2013-10-30 11:14 - 2012-11-09 23:22 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDWebAI.dll
2013-10-30 11:14 - 2012-11-09 23:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmHostAI.dll
2013-10-30 11:14 - 2012-11-09 23:20 - 00135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appserverai.dll
2013-10-30 11:13 - 2012-10-31 23:41 - 01802240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2013-10-30 11:13 - 2012-10-31 23:41 - 01438720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2013-10-30 11:13 - 2012-10-31 23:40 - 02361344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2013-10-30 11:13 - 2012-10-31 23:40 - 01836032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2013-10-30 11:13 - 2012-10-31 23:21 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2013-10-30 11:13 - 2012-10-31 23:21 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
2013-10-30 11:13 - 2012-10-31 23:20 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2013-10-30 11:13 - 2012-10-31 23:20 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll
2013-10-30 11:00 - 2013-10-31 09:35 - 00000000 ____D C:\Users\ronak_000\AppData\Local\Mozilla
2013-10-30 10:59 - 2013-10-30 10:59 - 00000000 ____D C:\Users\ronak_000\AppData\Local\VS Revo Group
2013-10-30 10:59 - 2013-10-30 10:59 - 00000000 ____D C:\ProgramData\VS Revo Group
2013-10-30 10:59 - 2013-10-30 10:59 - 00000000 ____D C:\Program Files\VS Revo Group
2013-10-30 10:59 - 2009-12-30 13:21 - 00031800 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2013-10-30 10:58 - 2013-10-30 10:58 - 00000000 ____D C:\ProgramData\Mozilla
2013-10-30 10:47 - 2013-10-30 10:47 - 00004036 _____ C:\WINDOWS\System32\Tasks\HPGenoobeReminder
2013-10-30 10:43 - 2013-10-30 10:43 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Malwarebytes
2013-10-30 10:43 - 2013-10-30 10:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-30 10:29 - 2013-11-02 09:18 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3079756242-3303576260-2646273123-1001
2013-10-30 10:28 - 2013-10-30 10:28 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Macromedia
2013-10-30 10:22 - 2013-11-03 10:32 - 00003950 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{CC14A16C-DBFE-46F7-941D-C33446E91EFF}
2013-10-30 10:22 - 2013-11-02 06:12 - 00000000 ___RD C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-30 10:22 - 2013-10-30 12:42 - 00000000 ___RD C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-30 10:22 - 2013-10-30 10:22 - 00001436 _____ C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-30 10:21 - 2013-10-31 05:26 - 00000000 ____D C:\Users\ronak_000\AppData\Local\Packages
2013-10-30 10:21 - 2013-10-30 11:14 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Hewlett-Packard
2013-10-30 10:21 - 2013-10-30 10:21 - 00000000 __RSH C:\WINDOWS\SysWOW64\Drivers\103C_HP_cPC_h9-1420t_Y53316J_0U_Q2MD3160BVT_E13NA1RC8602_4A_I2AD5_SPEGATRON CORPORATION_V1.03_B8.18_T130318_W8101-0_L409_M10179_J1000_7Intel_8472_93.40_#130422_N19691091;1814539B_Z_G10DE1185_Ohp BD E DH12E3SHB.MRK
2013-10-30 10:21 - 2013-10-30 10:21 - 00000000 __RSH C:\WINDOWS\system32\Drivers\103C_HP_cPC_h9-1420t_Y53316J_0U_Q2MD3160BVT_E13NA1RC8602_4A_I2AD5_SPEGATRON CORPORATION_V1.03_B8.18_T130318_W8101-0_L409_M10179_J1000_7Intel_8472_93.40_#130422_N19691091;1814539B_Z_G10DE1185_Ohp BD E DH12E3SHB.MRK
2013-10-30 10:21 - 2013-10-30 10:21 - 00000000 ____D C:\Users\ronak_000\AppData\Local\VirtualStore
2013-10-30 10:20 - 2013-10-30 10:20 - 00000020 ___SH C:\Users\ronak_000\ntuser.ini
2013-10-30 10:17 - 2013-10-31 11:07 - 00000000 ____D C:\Users\ronak_000
2013-10-30 10:17 - 2013-10-30 10:17 - 00022863 _____ C:\WINDOWS\diagwrn.xml
2013-10-30 10:17 - 2013-10-30 10:17 - 00022863 _____ C:\WINDOWS\diagerr.xml
2013-10-30 10:17 - 2013-10-30 10:17 - 00000000 ___HD C:\Users\ronak_000\Documents\hp.system.package.metadata
2013-10-30 10:17 - 2013-04-22 14:42 - 00002103 _____ C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2013-10-30 10:17 - 2012-07-26 03:13 - 00000000 ___RD C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-10-30 10:17 - 2012-07-26 03:13 - 00000000 ___RD C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-30 10:17 - 2012-07-26 03:13 - 00000000 ___RD C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-10-30 10:17 - 2012-07-26 03:13 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-30 10:08 - 2013-10-30 12:27 - 00000000 ___HD C:\$SysReset
2013-10-23 23:17 - 2013-10-23 23:17 - 00000000 ____D C:\Users\ronak_000\Documents\C9
2013-10-21 03:43 - 2013-10-29 15:52 - 00000000 __RDO C:\Users\ronak_000\SkyDrive
2013-10-20 19:47 - 2013-10-20 19:47 - 00329216 _____ (IvoSoft) C:\WINDOWS\system32\StartMenuHelper64.dll
2013-10-20 19:46 - 2013-10-20 19:46 - 00268288 _____ (IvoSoft) C:\WINDOWS\SysWOW64\StartMenuHelper32.dll
2013-10-16 12:13 - 2013-11-01 19:20 - 00000000 ____D C:\Users\ronak_000\Desktop\To Do
2013-10-09 21:49 - 2013-10-09 21:49 - 00000000 ____D C:\Users\ronak_000\Documents\Microsoft Corporation

==================== One Month Modified Files and Folders =======

2013-11-04 10:16 - 2013-11-04 10:16 - 00000000 ____D C:\FRST
2013-11-04 10:14 - 2013-11-04 10:14 - 01957098 _____ (Farbar) C:\Users\ronak_000\Desktop\FRST64.exe
2013-11-04 10:13 - 2013-09-28 02:47 - 00804352 ___SH C:\Users\ronak_000\Desktop\Thumbs.db
2013-11-04 10:08 - 2013-09-27 09:40 - 00000000 ____D C:\Users\ronak_000\Documents\Outlook Files
2013-11-04 10:07 - 2013-10-31 09:35 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-11-04 10:00 - 2012-07-26 03:12 - 00000000 ____D C:\WINDOWS\system32\sru
2013-11-04 09:39 - 2013-10-31 05:29 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-04 09:22 - 2013-10-31 16:37 - 00000000 ____D C:\Users\ronak_000\AppData\Local\5BF0C2C5-597C-4B4F-B966-9AC3D60BE1F8.aplzod
2013-11-04 08:46 - 2013-10-30 11:28 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\ClassicShell
2013-11-03 19:54 - 2013-10-30 15:19 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\webex
2013-11-03 19:27 - 2013-10-31 11:04 - 00000000 ____D C:\Users\ronak_000\AppData\Local\Firestorm
2013-11-03 17:54 - 2013-10-30 15:17 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Skype
2013-11-03 15:29 - 2013-09-27 04:27 - 00000000 ____D C:\Users\ronak_000\Documents\To Do
2013-11-03 12:11 - 2012-07-26 02:28 - 00876558 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-03 12:05 - 2013-10-31 10:04 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\stickies
2013-11-03 12:05 - 2013-10-31 09:41 - 00000000 ____D C:\Program Files (x86)\Steam
2013-11-03 12:05 - 2013-10-31 05:29 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-03 12:05 - 2012-07-26 02:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-03 10:32 - 2013-10-30 10:22 - 00003950 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{CC14A16C-DBFE-46F7-941D-C33446E91EFF}
2013-11-03 08:34 - 2013-10-31 13:24 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-02 22:13 - 2013-11-02 22:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-11-02 22:13 - 2013-11-02 22:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-11-02 09:18 - 2013-10-30 10:29 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3079756242-3303576260-2646273123-1001
2013-11-02 06:18 - 2013-11-02 06:18 - 00001932 _____ C:\Users\ronak_000\Desktop\TERA.lnk
2013-11-02 06:18 - 2013-10-30 13:53 - 00000000 ____D C:\ProgramData\HappyCloud
2013-11-02 06:12 - 2013-10-30 10:22 - 00000000 ___RD C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-02 06:05 - 2013-10-31 16:17 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2013-11-02 06:03 - 2013-10-31 16:15 - 00000000 ____D C:\Program Files\Microsoft Office
2013-11-02 06:03 - 2013-10-31 16:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-11-02 06:03 - 2012-07-26 03:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-11-01 23:50 - 2013-10-30 13:30 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Mozilla
2013-11-01 20:27 - 2013-10-31 10:08 - 00000000 ____D C:\Program Files (x86)\Everything
2013-11-01 19:20 - 2013-10-16 12:13 - 00000000 ____D C:\Users\ronak_000\Desktop\To Do
2013-11-01 19:08 - 2013-10-31 11:04 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Firestorm
2013-11-01 18:53 - 2013-10-31 16:50 - 00000000 ____D C:\Users\ronak_000\AppData\Local\Windows Live
2013-11-01 11:25 - 2013-11-01 11:25 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-11-01 04:54 - 2013-11-01 04:54 - 00156422 _____ C:\Users\ronak_000\Desktop\OTL.Txt
2013-11-01 04:50 - 2013-11-01 04:50 - 00602112 _____ (OldTimer Tools) C:\Users\ronak_000\Desktop\OTL.exe
2013-11-01 04:50 - 2013-10-31 15:16 - 00000000 ____D C:\Users\ronak_000\AppData\Local\Apple
2013-11-01 04:48 - 2013-10-31 13:56 - 00000000 ____D C:\Users\ronak_000\Documents\CCleaner Backups
2013-11-01 04:39 - 2013-10-30 14:55 - 00000000 ____D C:\Users\ronak_000\AppData\Local\NPE
2013-11-01 03:59 - 2012-07-26 03:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2013-11-01 03:53 - 2013-11-01 03:53 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Internet Security
2013-11-01 03:52 - 2013-11-01 03:52 - 00177752 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2013-11-01 03:52 - 2013-11-01 03:52 - 00008222 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2013-11-01 03:52 - 2013-11-01 03:52 - 00002539 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2013-11-01 03:52 - 2013-10-31 13:39 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-11-01 03:52 - 2013-04-22 14:43 - 00003234 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2013-11-01 03:51 - 2013-11-01 03:51 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security
2013-11-01 03:51 - 2013-04-22 14:42 - 00000000 ____D C:\ProgramData\Norton
2013-11-01 03:42 - 2013-10-31 16:34 - 00000000 ____D C:\Users\ronak_000\AppData\Local\CrashDumps
2013-10-31 16:56 - 2013-10-31 06:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-31 16:56 - 2012-07-26 00:26 - 00000167 _____ C:\WINDOWS\win.ini
2013-10-31 16:55 - 2013-10-31 16:55 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-10-31 16:39 - 2013-10-31 15:16 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Apple Computer
2013-10-31 16:31 - 2013-10-31 15:16 - 00000000 ____D C:\Users\ronak_000\AppData\Local\Apple Computer
2013-10-31 16:29 - 2012-07-26 00:26 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2013-10-31 16:17 - 2013-10-31 16:17 - 00000000 ____D C:\WINDOWS\PCHEALTH
2013-10-31 16:17 - 2013-10-31 16:17 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-10-31 16:17 - 2013-10-31 16:17 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-10-31 16:17 - 2012-07-26 02:52 - 00000000 ____D C:\WINDOWS\ShellNew
2013-10-31 16:15 - 2013-10-31 16:15 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-10-31 16:15 - 2013-10-31 16:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-10-31 16:15 - 2012-07-26 03:12 - 00000000 ____D C:\Program Files\Common Files\System
2013-10-31 15:34 - 2013-10-31 15:34 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\e-academy Inc
2013-10-31 15:34 - 2013-10-31 15:34 - 00000000 ____D C:\Users\ronak_000\AppData\Local\e-academy Inc
2013-10-31 15:24 - 2013-10-31 15:16 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-10-31 15:21 - 2013-10-31 15:21 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-10-31 15:18 - 2013-10-31 15:18 - 00004156 _____ C:\WINDOWS\System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4}
2013-10-31 15:18 - 2013-10-31 15:18 - 00000000 ____D C:\ProgramData\Carbonite
2013-10-31 15:18 - 2013-10-31 15:18 - 00000000 ____D C:\Program Files\Carbonite
2013-10-31 15:18 - 2013-10-31 15:18 - 00000000 ____D C:\Program Files (x86)\Carbonite
2013-10-31 15:16 - 2013-10-31 15:16 - 00001745 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-31 15:16 - 2013-10-31 15:16 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2013-10-31 15:16 - 2013-10-31 15:16 - 00000000 ____D C:\ProgramData\Apple Computer
2013-10-31 15:16 - 2013-10-31 15:16 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-31 15:16 - 2013-10-31 15:16 - 00000000 ____D C:\Program Files\iTunes
2013-10-31 15:16 - 2013-10-31 15:16 - 00000000 ____D C:\Program Files\iPod
2013-10-31 15:16 - 2013-10-31 15:16 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-31 15:16 - 2013-10-31 15:16 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-10-31 15:16 - 2013-04-22 14:34 - 00000000 ____D C:\ProgramData\Apple
2013-10-31 14:01 - 2013-09-27 09:40 - 00000000 ____D C:\Users\ronak_000\Documents\Team Doubleclick
2013-10-31 13:54 - 2013-04-22 14:42 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-10-31 13:54 - 2012-08-10 18:55 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-10-31 13:52 - 2013-10-31 13:52 - 00000000 ____D C:\Users\ronak_000\AppData\Local\TERA
2013-10-31 13:51 - 2013-10-31 13:51 - 00000000 ____D C:\Users\ronak_000\AppData\Local\Cyberlink
2013-10-31 13:51 - 2012-07-26 03:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-10-31 13:29 - 2013-10-31 09:56 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\TeamViewer
2013-10-31 13:27 - 2013-10-31 13:27 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-10-31 13:26 - 2013-10-31 13:26 - 07539624 _____ (Symantec Corporation) C:\Users\ronak_000\Desktop\NRnR.exe
2013-10-31 13:24 - 2013-10-31 13:24 - 00000000 ____D C:\Users\ronak_000\AppData\Local\Microsoft Help
2013-10-31 11:40 - 2013-10-31 11:40 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-10-31 11:07 - 2013-10-31 11:07 - 00000000 _____ C:\Users\ronak_000\BITF25.tmp
2013-10-31 11:07 - 2013-10-30 10:17 - 00000000 ____D C:\Users\ronak_000
2013-10-31 11:04 - 2013-10-31 11:04 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\NVIDIA
2013-10-31 11:04 - 2013-10-31 11:03 - 00000000 ____D C:\Program Files (x86)\Firestorm-Beta
2013-10-31 10:28 - 2013-10-31 10:28 - 00000000 ____D C:\ProgramData\PCSettings
2013-10-31 10:08 - 2013-10-31 10:08 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
2013-10-31 10:04 - 2013-10-31 10:04 - 00000835 _____ C:\WINDOWS\uninstallstickies.bat
2013-10-31 10:04 - 2013-10-31 10:04 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stickies
2013-10-31 10:04 - 2013-10-31 10:04 - 00000000 ____D C:\Program Files (x86)\Stickies
2013-10-31 10:03 - 2013-10-31 10:03 - 00000000 _____ C:\Users\ronak_000\BIT5249.tmp
2013-10-31 10:01 - 2013-10-30 11:28 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2013-10-31 10:01 - 2013-10-30 11:28 - 00000000 _____ C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-10-31 09:57 - 2013-10-31 09:16 - 00000000 ____D C:\Users\ronak_000\AppData\Local\LogMeIn Rescue Applet
2013-10-31 09:57 - 2013-10-30 13:43 - 00000370 _____ C:\WINDOWS\Tasks\HPCeeScheduleForronak_000.job
2013-10-31 09:48 - 2013-10-31 09:48 - 00000000 ____D C:\Users\ronak_000\AppData\Local\Macromedia
2013-10-31 09:41 - 2013-10-31 09:41 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-10-31 09:35 - 2013-10-31 09:35 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-10-31 09:35 - 2013-10-30 11:00 - 00000000 ____D C:\Users\ronak_000\AppData\Local\Mozilla
2013-10-31 09:27 - 2013-10-30 15:15 - 00000000 ____D C:\Users\ronak_000\AppData\Local\Adobe
2013-10-31 09:26 - 2013-10-30 13:43 - 00003192 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForronak_000
2013-10-31 09:21 - 2013-10-31 09:20 - 00000000 ____D C:\AdwCleaner
2013-10-31 09:17 - 2013-10-31 09:17 - 00000000 ____D C:\WINDOWS\ERUNT
2013-10-31 09:16 - 2013-10-31 09:16 - 00002235 _____ C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard (2).lnk
2013-10-31 09:03 - 2013-10-31 09:03 - 00002110 _____ C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard.lnk
2013-10-31 08:46 - 2013-10-31 08:46 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\hpqlog
2013-10-31 08:28 - 2013-10-30 11:15 - 00000000 ____D C:\Users\ronak_000\AppData\Local\Hewlett-Packard
2013-10-31 07:49 - 2012-07-26 00:26 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2013-10-31 07:48 - 2013-04-22 14:43 - 00000000 ____D C:\WINDOWS\system32\Drivers\NISx64
2013-10-31 07:09 - 2013-10-31 07:09 - 00002110 _____ C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland).lnk
2013-10-31 05:34 - 2013-10-31 05:29 - 00003898 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-31 05:34 - 2013-10-31 05:29 - 00003662 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-31 05:30 - 2013-10-31 05:30 - 00000000 ____D C:\Program Files\Google
2013-10-31 05:30 - 2013-10-31 05:29 - 00000000 ____D C:\ProgramData\Google
2013-10-31 05:30 - 2013-10-31 05:29 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-31 05:29 - 2013-10-31 05:29 - 00000000 ____D C:\Users\ronak_000\AppData\Local\Google
2013-10-31 05:29 - 2013-10-31 05:29 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-31 05:29 - 2013-10-30 15:16 - 00000000 ____D C:\ProgramData\Adobe
2013-10-31 05:26 - 2013-10-30 11:16 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Adobe
2013-10-31 05:26 - 2013-10-30 10:21 - 00000000 ____D C:\Users\ronak_000\AppData\Local\Packages
2013-10-30 19:53 - 2013-10-30 15:19 - 00000000 ____D C:\ProgramData\WebEx
2013-10-30 17:19 - 2012-07-26 03:12 - 00000000 ____D C:\WINDOWS\rescache
2013-10-30 15:29 - 2013-04-22 14:34 - 00000000 ____D C:\Program Files (x86)\CyberLink
2013-10-30 15:29 - 2013-04-22 14:30 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-30 15:26 - 2013-10-30 15:26 - 00000000 _____ C:\Users\ronak_000\BITAE00.tmp
2013-10-30 15:25 - 2013-10-30 15:25 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2013-10-30 15:25 - 2013-10-30 13:13 - 00000000 ____D C:\Program Files\IDT
2013-10-30 15:25 - 2013-04-22 14:27 - 00000000 ____D C:\ProgramData\SoundResearch
2013-10-30 15:17 - 2013-10-30 15:17 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-30 15:17 - 2013-10-30 15:17 - 00000000 ____D C:\ProgramData\Skype
2013-10-30 15:10 - 2013-10-30 15:10 - 00000000 _____ C:\Users\ronak_000\BITA5E6.tmp
2013-10-30 15:08 - 2013-04-22 14:38 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2013-10-30 15:08 - 2013-04-22 14:38 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2013-10-30 15:08 - 2013-04-22 14:38 - 00029480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2013-10-30 15:07 - 2012-10-11 22:24 - 00000000 ____D C:\SWSETUP
2013-10-30 14:41 - 2013-10-30 14:41 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2013-10-30 14:41 - 2013-10-30 14:41 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Leadertech
2013-10-30 14:41 - 2013-10-30 14:41 - 00000000 ____D C:\Users\Public\Documents\Logishrd
2013-10-30 14:41 - 2013-10-30 14:41 - 00000000 ____D C:\ProgramData\Logishrd
2013-10-30 14:41 - 2013-10-30 14:40 - 00000000 ____D C:\Program Files\Common Files\Logishrd
2013-10-30 14:41 - 2013-10-30 14:39 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Logitech
2013-10-30 14:40 - 2013-10-30 14:40 - 00000000 ____D C:\Program Files\Logitech
2013-10-30 14:39 - 2013-10-30 14:39 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Logishrd
2013-10-30 14:15 - 2013-10-30 14:15 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-10-30 14:15 - 2012-07-26 03:13 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2013-10-30 14:13 - 2013-10-30 14:13 - 00000000 _____ C:\Users\ronak_000\BITB0FF.tmp
2013-10-30 14:13 - 2013-04-22 14:30 - 00000000 ____D C:\ProgramData\Intel
2013-10-30 14:13 - 2013-04-22 14:30 - 00000000 ____D C:\Program Files\Intel
2013-10-30 14:11 - 2013-10-30 14:15 - 00000000 ____D C:\Windows.old
2013-10-30 14:09 - 2013-10-30 14:09 - 00000000 ____D C:\$WINDOWS.~BT
2013-10-30 14:05 - 2013-10-30 13:54 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TERA
2013-10-30 13:54 - 2013-10-30 13:54 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2013-10-30 13:53 - 2013-10-30 13:53 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Happy Cloud
2013-10-30 13:49 - 2013-10-30 13:49 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-10-30 13:43 - 2013-10-30 13:43 - 00000000 _____ C:\Users\ronak_000\BITE8FB.tmp
2013-10-30 13:42 - 2013-10-30 13:42 - 00119528 _____ (Qualcomm Atheros Co., Ltd.) C:\WINDOWS\system32\Drivers\L1C63x64.sys
2013-10-30 13:30 - 2013-10-30 13:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-30 13:29 - 2013-04-22 14:27 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-10-30 13:29 - 2013-04-22 14:27 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-10-30 13:29 - 2013-04-22 14:27 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-10-30 13:28 - 2013-10-30 13:28 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-10-30 13:28 - 2013-04-22 14:28 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-30 13:22 - 2013-10-30 13:22 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2013-10-30 13:22 - 2013-10-30 13:22 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2013-10-30 13:22 - 2013-10-30 13:22 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2013-10-30 13:22 - 2013-10-30 13:22 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2013-10-30 13:22 - 2013-10-30 13:22 - 00000000 ____D C:\ProgramData\Sun
2013-10-30 13:22 - 2013-10-30 13:22 - 00000000 ____D C:\ProgramData\Oracle
2013-10-30 13:22 - 2013-10-30 13:22 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-30 13:16 - 2012-07-26 03:12 - 00000000 ____D C:\WINDOWS\WinStore
2013-10-30 13:15 - 2013-10-30 13:15 - 00000000 ____D C:\Program Files (x86)\Hp
2013-10-30 13:15 - 2013-10-30 13:14 - 00000000 ___HD C:\WINDOWS\AxInstSV
2013-10-30 13:13 - 2013-10-30 13:13 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\WinBatch
2013-10-30 13:11 - 2013-10-30 13:11 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\IDT
2013-10-30 12:42 - 2013-10-30 10:22 - 00000000 ___RD C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-30 12:41 - 2012-07-26 03:12 - 00000000 ___RD C:\WINDOWS\ToastData
2013-10-30 12:41 - 2012-07-26 00:38 - 00000000 ____D C:\WINDOWS\system32\oobe
2013-10-30 12:27 - 2013-10-30 10:08 - 00000000 ___HD C:\$SysReset
2013-10-30 12:11 - 2013-10-30 12:11 - 00002780 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2013-10-30 12:11 - 2013-10-30 12:11 - 00000824 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-10-30 12:11 - 2013-10-30 12:11 - 00000000 ____D C:\Program Files\CCleaner
2013-10-30 12:11 - 2012-08-10 19:49 - 00000000 ___DC C:\WINDOWS\Panther
2013-10-30 11:48 - 2012-07-26 00:37 - 00000000 ____D C:\WINDOWS\servicing
2013-10-30 11:47 - 2012-07-26 03:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-10-30 11:47 - 2012-07-26 03:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-10-30 11:47 - 2012-07-26 03:12 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2013-10-30 11:47 - 2012-07-26 03:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-10-30 11:47 - 2012-07-26 03:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-10-30 11:47 - 2012-07-26 03:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-10-30 11:47 - 2012-07-26 03:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-10-30 11:47 - 2012-07-26 02:52 - 00000000 ____D C:\Program Files\Windows Journal
2013-10-30 11:47 - 2012-07-26 00:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2013-10-30 11:47 - 2012-07-26 00:38 - 00000000 ____D C:\WINDOWS\system32\Dism
2013-10-30 11:40 - 2013-10-30 11:40 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-10-30 11:36 - 2013-04-22 14:38 - 00000000 ____D C:\ProgramData\CyberLink
2013-10-30 11:30 - 2013-10-30 11:30 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\WebApp
2013-10-30 11:30 - 2013-10-30 11:30 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\CyberLink
2013-10-30 11:30 - 2013-10-30 11:30 - 00000000 ____D C:\Users\Public\CyberLink
2013-10-30 11:29 - 2013-10-30 11:29 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2013-10-30 11:28 - 2013-04-22 14:30 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-10-30 11:28 - 2013-04-22 14:29 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2013-10-30 11:26 - 2013-10-30 11:26 - 00000000 ____D C:\Program Files\Classic Shell
2013-10-30 11:24 - 2013-04-22 14:34 - 00000000 ____D C:\ProgramData\WildTangent
2013-10-30 11:20 - 2013-04-22 14:34 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2013-10-30 11:14 - 2013-10-30 10:21 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Hewlett-Packard
2013-10-30 11:12 - 2013-04-22 14:39 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-10-30 10:59 - 2013-10-30 10:59 - 00000000 ____D C:\Users\ronak_000\AppData\Local\VS Revo Group
2013-10-30 10:59 - 2013-10-30 10:59 - 00000000 ____D C:\ProgramData\VS Revo Group
2013-10-30 10:59 - 2013-10-30 10:59 - 00000000 ____D C:\Program Files\VS Revo Group
2013-10-30 10:59 - 2012-07-26 03:12 - 00000000 ____D C:\WINDOWS\system32\restore
2013-10-30 10:58 - 2013-10-30 10:58 - 00000000 ____D C:\ProgramData\Mozilla
2013-10-30 10:47 - 2013-10-30 10:47 - 00004036 _____ C:\WINDOWS\System32\Tasks\HPGenoobeReminder
2013-10-30 10:43 - 2013-10-30 10:43 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Malwarebytes
2013-10-30 10:43 - 2013-10-30 10:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-30 10:28 - 2013-10-30 10:28 - 00000000 ____D C:\Users\ronak_000\AppData\Roaming\Macromedia
2013-10-30 10:27 - 2012-07-26 03:12 - 00000000 ____D C:\WINDOWS\system32\NDF
2013-10-30 10:23 - 2013-04-22 14:31 - 00002881 _____ C:\WINDOWS\system32\RaCoInst.log
2013-10-30 10:22 - 2013-10-30 10:22 - 00001436 _____ C:\Users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-30 10:21 - 2013-10-30 10:21 - 00000000 __RSH C:\WINDOWS\SysWOW64\Drivers\103C_HP_cPC_h9-1420t_Y53316J_0U_Q2MD3160BVT_E13NA1RC8602_4A_I2AD5_SPEGATRON CORPORATION_V1.03_B8.18_T130318_W8101-0_L409_M10179_J1000_7Intel_8472_93.40_#130422_N19691091;1814539B_Z_G10DE1185_Ohp BD E DH12E3SHB.MRK
2013-10-30 10:21 - 2013-10-30 10:21 - 00000000 __RSH C:\WINDOWS\system32\Drivers\103C_HP_cPC_h9-1420t_Y53316J_0U_Q2MD3160BVT_E13NA1RC8602_4A_I2AD5_SPEGATRON CORPORATION_V1.03_B8.18_T130318_W8101-0_L409_M10179_J1000_7Intel_8472_93.40_#130422_N19691091;1814539B_Z_G10DE1185_Ohp BD E DH12E3SHB.MRK
2013-10-30 10:21 - 2013-10-30 10:21 - 00000000 ____D C:\Users\ronak_000\AppData\Local\VirtualStore
2013-10-30 10:21 - 2013-04-22 14:34 - 00000000 ___RD C:\Program Files (x86)\Online Services
2013-10-30 10:21 - 2013-01-07 06:32 - 00000000 _RSHD C:\hp
2013-10-30 10:21 - 2012-10-11 22:21 - 00000000 _RSHD C:\SYSTEM.SAV
2013-10-30 10:20 - 2013-10-30 10:20 - 00000020 ___SH C:\Users\ronak_000\ntuser.ini
2013-10-30 10:17 - 2013-10-30 10:17 - 00022863 _____ C:\WINDOWS\diagwrn.xml
2013-10-30 10:17 - 2013-10-30 10:17 - 00022863 _____ C:\WINDOWS\diagerr.xml
2013-10-30 10:17 - 2013-10-30 10:17 - 00000000 ___HD C:\Users\ronak_000\Documents\hp.system.package.metadata
2013-10-30 10:17 - 2012-07-26 03:12 - 00000000 __RHD C:\Users\Public\Libraries
2013-10-30 10:17 - 2012-07-26 03:12 - 00000000 ____D C:\WINDOWS\system32\Recovery
2013-10-29 15:52 - 2013-10-21 03:43 - 00000000 __RDO C:\Users\ronak_000\SkyDrive
2013-10-23 23:17 - 2013-10-23 23:17 - 00000000 ____D C:\Users\ronak_000\Documents\C9
2013-10-23 05:30 - 2013-10-30 13:27 - 30344480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2013-10-23 05:30 - 2013-10-30 13:27 - 25257248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2013-10-23 05:30 - 2013-10-30 13:27 - 22933792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2013-10-23 05:30 - 2013-10-30 13:27 - 18199872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2013-10-23 05:30 - 2013-10-30 13:27 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2013-10-23 05:30 - 2013-10-30 13:27 - 15855568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2013-10-23 05:30 - 2013-10-30 13:27 - 15212336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2013-10-23 05:30 - 2013-10-30 13:27 - 12572960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2013-10-23 05:30 - 2013-10-30 13:27 - 11426568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2013-10-23 05:30 - 2013-10-30 13:27 - 11374520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2013-10-23 05:30 - 2013-10-30 13:27 - 09524088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2013-10-23 05:30 - 2013-10-30 13:27 - 09480328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2013-10-23 05:30 - 2013-10-30 13:27 - 03131680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2013-10-23 05:30 - 2013-10-30 13:27 - 03124512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2013-10-23 05:30 - 2013-10-30 13:27 - 02946848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2013-10-23 05:30 - 2013-10-30 13:27 - 02747168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2013-10-23 05:30 - 2013-10-30 13:27 - 02695200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2013-10-23 05:30 - 2013-10-30 13:27 - 01884448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433165.dll
2013-10-23 05:30 - 2013-10-30 13:27 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433165.dll
2013-10-23 05:30 - 2013-10-30 13:27 - 01241376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2013-10-23 05:30 - 2013-10-30 13:27 - 00696096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2013-10-23 05:30 - 2013-10-30 13:27 - 00655136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2013-10-23 05:30 - 2013-10-30 13:27 - 00599840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2013-10-23 05:30 - 2013-10-30 13:27 - 00560416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2013-10-23 05:30 - 2013-10-30 13:27 - 00479520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2013-10-23 05:30 - 2013-10-30 13:27 - 00405280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2013-10-23 05:30 - 2013-10-30 13:27 - 00317472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2013-10-23 05:30 - 2013-10-30 13:27 - 00266984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2013-10-23 05:30 - 2013-10-30 13:27 - 00168616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2013-10-23 05:30 - 2013-10-30 13:27 - 00141336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2013-10-23 05:30 - 2013-04-22 14:27 - 00061216 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2013-10-23 05:30 - 2013-04-22 14:27 - 00053024 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2013-10-23 05:30 - 2012-09-18 11:27 - 18286416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2013-10-23 05:30 - 2012-09-18 11:27 - 03067560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2013-10-23 05:30 - 2012-09-18 11:27 - 01435504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2013-10-23 05:30 - 2012-09-18 11:27 - 00023287 _____ C:\WINDOWS\system32\nvinfo.pb
2013-10-23 03:20 - 2013-04-22 14:27 - 06669600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2013-10-23 03:20 - 2013-04-22 14:27 - 03489568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2013-10-23 03:20 - 2013-04-22 14:27 - 03426956 _____ C:\WINDOWS\system32\nvcoproc.bin
2013-10-23 03:20 - 2013-04-22 14:27 - 00922912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2013-10-23 03:20 - 2013-04-22 14:27 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2013-10-23 03:20 - 2013-04-22 14:27 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2013-10-22 10:25 - 2013-09-27 04:27 - 00000000 ____D C:\Users\ronak_000\Documents\1 Work
2013-10-20 19:47 - 2013-10-20 19:47 - 00329216 _____ (IvoSoft) C:\WINDOWS\system32\StartMenuHelper64.dll
2013-10-20 19:46 - 2013-10-20 19:46 - 00268288 _____ (IvoSoft) C:\WINDOWS\SysWOW64\StartMenuHelper32.dll
2013-10-18 20:46 - 2013-09-27 04:27 - 00000000 ____D C:\Users\ronak_000\Documents\Life
2013-10-17 20:36 - 2013-10-30 13:29 - 01063200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2013-10-17 20:36 - 2013-10-30 13:29 - 00955168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2013-10-14 04:22 - 2013-09-27 04:27 - 00000000 ____D C:\Users\ronak_000\Documents\Strayer
2013-10-09 21:49 - 2013-10-09 21:49 - 00000000 ____D C:\Users\ronak_000\Documents\Microsoft Corporation

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2012-08-10 18:49

==================== End Of Log ============================










Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-10-2013
Ran by ronak_000 at 2013-11-04 10:16:42
Running from C:\Users\ronak_000\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader XI (11.0.04) (x32 Version: 11.0.04)
APB Reloaded (x32)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
Bonjour (Version: 3.0.0.10)
Carbonite (x32 Version: 5.5.0 build 3621 (Oct-10-2013))
CCleaner (Version: 4.07)
Cisco WebEx Meetings (HKCU)
Classic Shell (Version: 4.0.2)
CyberLink PowerDVD (x32 Version: 10.0.8.5511)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition
Energy Star (x32 Version: 1.0.9)
eReg (x32 Version: 1.20.138.34)
Everything 1.2.1.371 (x32)
Firestorm-Beta (remove only) (x32 Version: 4.5.1.38838)
GeForce Experience NvStream Client Components (Version: 1.6.28)
Google Update Helper (x32 Version: 1.3.21.165)
Happy Cloud Client (HKCU Version: 3.72)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7)
HP Postscript Converter (Version: 3.1.3591)
HP Support Assistant (x32 Version: 7.0.39.15)
HP Support Information (x32 Version: 12.00.0000)
iCloud (Version: 3.0.2.163)
IDT Audio (x32 Version: 1.0.6429.0)
Intel® Management Engine Components (x32 Version: 8.1.0.1252)
Intel® Rapid Storage Technology (Version: 12.6.0.1033)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
iTunes (Version: 11.1.2.32)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Logitech SetPoint 6.61 (Version: 6.61.15)
Microsoft Access MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft DCF MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Excel MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Groove MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Lync MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4420.1017)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Word MUI (English) 2013 (Version: 15.0.4420.1017)
Movie Maker (x32 Version: 16.4.3503.0728)
Mozilla Firefox 25.0 (x86 en-US) (x32 Version: 25.0)
Mozilla Maintenance Service (x32 Version: 25.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1108.0727)
Norton Internet Security (x32 Version: 21.1.0.18)
NVIDIA Control Panel 331.65 (Version: 331.65)
NVIDIA GeForce Experience 1.7 (Version: 1.7)
NVIDIA Graphics Driver 331.65 (Version: 331.65)
NVIDIA HD Audio Driver 1.3.26.4 (Version: 1.3.26.4)
NVIDIA Install Application (Version: 2.1002.140.952)
NVIDIA LED Visualizer 1.0 (Version: 1.0)
NVIDIA PhysX (x32 Version: 9.13.0725)
NVIDIA PhysX System Software 9.13.0725 (Version: 9.13.0725)
NVIDIA ShadowPlay 9.3.16 (Version: 9.3.16)
NVIDIA Update 9.3.16 (Version: 9.3.16)
NVIDIA Update Components (Version: 9.3.16)
NVIDIA Virtual Audio 1.2.9 (Version: 1.2.9)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017)
Photo Common (x32 Version: 16.4.3503.0728)
Photo Gallery (x32 Version: 16.4.3503.0728)
QuickTime (x32 Version: 7.74.80.86)
Ralink RT5390R 802.11bgn Wi-Fi Adapter (x32 Version: 5.0.5.0)
Recovery Manager (x32 Version: 5.5.0.5826)
Revo Uninstaller Pro 3.0.7 (Version: 3.0.7)
Secure Download Manager (x32 Version: 3.1.20)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition
SHIELD Streaming (Version: 1.6.34)
Skype™ 6.10 (x32 Version: 6.10.104)
Steam (x32 Version: 1.0.0.0)
Stickies 7.1e (x32)
TeamViewer 8 (x32 Version: 8.0.22298)
TERA (HKCU)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition
Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition
Update for Microsoft InfoPath 2013 (KB2752078) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2817621) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition
Update for Microsoft Office 2013 (KB2737954) 64-Bit Edition
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760257) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817309) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817311) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817493) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817640) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827228) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827235) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition
Update for Microsoft OneNote 2013 (KB2810016) 64-Bit Edition
Update for Microsoft Outlook 2013 (KB2825632) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2726947) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2817625) 64-Bit Edition
Update for Microsoft Project 2013 (KB2767859) 64-Bit Edition
Update for Microsoft Publisher 2013 (KB2752097) 64-Bit Edition
Update for Microsoft SkyDrive Pro (KB2825633) 64-Bit Edition
Update for Microsoft Visio 2013 (KB2752018) 64-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition
Update for Microsoft Word 2010 (KB2827323) 64-Bit Edition
Update for Microsoft Word 2013 (KB2817631) 64-Bit Edition
Update for Microsoft Word 2013 (KB2827218) 64-Bit Edition
Windows Live Communications Platform (x32 Version: 16.4.3503.0728)
Windows Live Essentials (x32 Version: 16.4.3503.0728)
Windows Live Installer (x32 Version: 16.4.3503.0728)
Windows Live Photo Common (x32 Version: 16.4.3503.0728)
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728)
Windows Live SOXE (x32 Version: 16.4.3503.0728)
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728)
Windows Live UX Platform (x32 Version: 16.4.3503.0728)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728)

==================== Restore Points =========================

31-10-2013 20:23:53 Installed iCloud
31-10-2013 20:34:54 Installed Secure Download Manager
31-10-2013 21:15:07 Installed Microsoft Office Professional Plus 2013
31-10-2013 21:15:16 PROPLUSR
01-11-2013 16:24:46 Installed QuickTime
02-11-2013 11:02:50 Installed Microsoft Office Professional Plus 2010

==================== Hosts content: ==========================

2012-07-26 00:26 - 2012-07-26 00:26 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1524CB92-48D2-482A-A8A2-81A98DB303C2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {21B1A2CE-F4C8-4F2D-94C3-F52186B49815} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {25EF7A21-6C8D-4096-9E5B-4C7B2E7706B4} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {280C8F6A-5F49-4744-81A2-98FA4FD46DB1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-09-05] (Hewlett-Packard Company)
Task: {3737D8A8-7539-4792-ABFE-B7519C8FF9C7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-21] (Piriform Ltd)
Task: {3EA281C0-B996-44FB-9BFA-D2043E667A9E} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\symerr.exe [2013-08-01] (Symantec Corporation)
Task: {4143E1BC-4BC2-4340-A40E-6E87B6DCAECD} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\System32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {4FB4433D-769C-461A-A4F2-7DCA3AAE0A9E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-10-15] (Hewlett-Packard)
Task: {50D76C23-C3E0-4112-933E-7991121EFDF3} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\Windows\System32\oobe\setupsqm.exe [2012-07-25] (Microsoft Corporation)
Task: {5D2C024F-45C3-420D-9DC6-D154ADDFBD4E} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\symerr.exe [2013-08-01] (Symantec Corporation)
Task: {6E60F23B-01D3-49AC-ABE8-7D7C9CC6B861} - System32\Tasks\HPCeeScheduleForronak_000 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {8CBBF701-76C4-475C-A4D4-AB74A27FEB08} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {924B0C77-9743-40F6-A5A3-381F2F3B3075} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-31] (Adobe Systems Incorporated)
Task: {AE4172E9-5498-4BF1-B89F-BE3AD77584FD} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\microsoft shared\OFFICE15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {CA251F8E-25F3-4253-B2BA-73B01D0EE0B9} - System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} => C:\ProgramData\Carbonite\Carbonite Backup\CarboniteUpgrade.exe
Task: {D6C74D4E-875A-45EA-972E-D7A4C100D08B} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-09-14] (Apple Inc.)
Task: {D952A827-B0C7-44F2-9183-61A261C140A6} - System32\Tasks\HPGenoobeReminder => C:\Program Files (x86)\Hewlett-Packard\HP Registration Service\HP GenOOBE\HPGenOOBE.exe
Task: {E291C1EE-B53C-4FD2-9FA0-FCD33D4E69B3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {ECFA17C9-8EE2-4482-B849-33F18B1A12F8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-31] (Google Inc.)
Task: {EF4E7703-A659-43CE-AC36-00B2339803BC} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
Task: {F34FE6FE-F90F-4B55-9140-C235EED4BC39} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {FC1C212C-5BEF-4B05-92E2-8AA45B52E6FC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-31] (Google Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForronak_000.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2013-09-13 05:02 - 2013-09-13 05:02 - 08866472 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-04-04 01:09 - 2013-04-04 01:09 - 04300432 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-07-19 11:55 - 2013-07-19 11:55 - 01421480 _____ () C:\Program Files\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll
2012-10-01 19:36 - 2012-10-01 19:36 - 00401024 _____ () C:\Program Files\Microsoft Office\Office15\msfad.dll
2013-09-13 18:51 - 2013-09-13 18:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 18:51 - 2013-09-13 18:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-10-24 08:45 - 2013-10-24 12:45 - 00691200 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-10-31 11:16 - 2013-10-30 14:25 - 01123240 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-10-31 11:16 - 2013-10-23 15:07 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-10-31 11:16 - 2013-06-14 18:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2013-10-31 11:16 - 2013-06-14 18:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2013-10-31 11:16 - 2013-06-14 18:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2013-10-31 10:04 - 2013-10-31 10:04 - 00049152 _____ () C:\Program Files (x86)\Stickies\shook70.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\ronak_000\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR410 => ""="Service"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 21%
Total physical RAM: 10178.13 MB
Available physical RAM: 8025.84 MB
Total Pagefile: 30658.13 MB
Available Pagefile: 28250.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:218.09 GB) (Free:39.09 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:18.57 GB) (Free:2.28 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (DATADRIVE1) (Fixed) (Total:931.26 GB) (Free:873.91 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238 GB) (Disk ID: 2201E60A)

Partition: GPT Partition Type
========================================================
Disk: 1 (Size: 932 GB) (Disk ID: B97F44D5)

Partition: GPT Partition Type
==================== End Of Log ============================
  • 0

#4
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello queendom,

Please download ComboFix from this location:

Link

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.

  • Double click on ComboFix.exe & follow the prompts.
  • If you have an older Operating System you may be asked whether you want to install the Recovery Console. Click yes and follow any prompts.
  • Your desktop may go blank. This is normal.
  • ComboFix may appear to be doing nothing for quite long periods, this is normal, just leave it to do it's job.
  • ComboFix may reboot your machine. This is normal too.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply.
  • 0

#5
queendom

queendom

    Member

  • Topic Starter
  • Member
  • PipPip
  • 75 posts
I disabled Norton's firewall and auto-protect via the System Tray icon, but I still received warnings that Norton was still active.



ComboFix 13-11-03.02 - ronak_000 11/05/2013 7:19.1.8 - x64
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.10178.8069 [GMT -5:00]
Running from: c:\users\ronak_000\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\ronak_000\AppData\Local\assembly\tmp
c:\users\ronak_000\AppData\Roaming\Microsoft\Windows\Recent\Backup_OLCC_3.website
c:\users\ronak_000\BITA5E6.tmp
c:\users\ronak_000\BITAE00.tmp
c:\users\ronak_000\BITB0FF.tmp
c:\users\ronak_000\BITE8FB.tmp
c:\users\ronak_000\BITF25.tmp
.
.
((((((((((((((((((((((((( Files Created from 2013-10-05 to 2013-11-05 )))))))))))))))))))))))))))))))
.
.
2013-11-05 12:22 . 2013-11-05 12:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-04 17:16 . 2013-11-04 17:16 -------- d-----w- c:\program files\Carbonite
2013-11-04 17:16 . 2013-11-04 17:16 -------- d-----w- c:\programdata\Carbonite
2013-11-04 17:16 . 2013-11-04 17:16 -------- d-----w- c:\program files (x86)\Carbonite
2013-11-04 15:16 . 2013-11-04 15:16 -------- d-----w- C:\FRST
2013-11-03 03:13 . 2013-11-03 03:13 -------- d-----w- c:\program files\Microsoft Silverlight
2013-11-03 03:13 . 2013-11-03 03:13 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-11-01 21:09 . 2013-11-01 21:09 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2013-11-01 16:25 . 2013-11-01 16:25 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2013-11-01 16:25 . 2013-11-01 16:25 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2013-11-01 16:25 . 2013-11-01 16:25 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2013-11-01 16:25 . 2013-11-01 16:25 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2013-11-01 16:25 . 2013-11-01 16:25 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2013-11-01 16:25 . 2013-11-01 16:25 -------- d-----w- c:\program files (x86)\QuickTime
2013-11-01 08:52 . 2013-11-01 08:52 177752 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2013-11-01 08:51 . 2013-11-01 08:51 -------- d-----w- c:\program files (x86)\Norton Internet Security
2013-11-01 07:00 . 2013-11-01 07:00 -------- d-----w- c:\program files\Microsoft.NET
2013-10-31 21:55 . 2013-10-31 21:55 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2013-10-31 21:17 . 2013-11-02 11:05 -------- d-----w- c:\program files\Common Files\DESIGNER
2013-10-31 21:17 . 2013-10-31 21:17 -------- d-----w- c:\program files (x86)\Microsoft SQL Server
2013-10-31 21:17 . 2013-10-31 21:17 -------- d-----w- c:\program files\Microsoft SQL Server
2013-10-31 21:17 . 2013-10-31 21:17 -------- d-----w- c:\windows\PCHEALTH
2013-10-31 21:15 . 2013-10-31 21:15 -------- d-----w- c:\program files\Microsoft Analysis Services
2013-10-31 21:15 . 2013-10-31 21:15 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2013-10-31 21:15 . 2013-11-02 11:03 -------- d-----w- c:\program files\Microsoft Office
2013-10-31 20:16 . 2012-08-21 17:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2013-10-31 20:16 . 2013-10-31 20:16 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-31 20:16 . 2013-10-31 20:16 -------- d-----w- c:\program files\iTunes
2013-10-31 20:16 . 2013-10-31 20:16 -------- d-----w- c:\program files (x86)\iTunes
2013-10-31 20:16 . 2013-10-31 20:16 -------- d-----w- c:\programdata\Apple Computer
2013-10-31 20:16 . 2013-10-31 20:16 -------- d-----w- c:\program files\iPod
2013-10-31 20:16 . 2013-10-31 20:16 -------- d-----w- c:\program files (x86)\Apple Software Update
2013-10-31 20:16 . 2013-10-31 20:24 -------- d-----w- c:\program files\Common Files\Apple
2013-10-31 20:16 . 2013-10-31 20:24 -------- d-----w- c:\program files (x86)\Common Files\Apple
2013-10-31 18:39 . 2013-11-01 08:52 -------- d-----w- c:\program files\Common Files\Symantec Shared
2013-10-31 18:39 . 2013-11-01 08:51 -------- d-----w- c:\program files (x86)\NortonInstaller
2013-10-31 18:24 . 2013-11-03 13:34 -------- d-----w- c:\programdata\Microsoft Help
2013-10-31 16:03 . 2013-10-31 16:04 -------- d-----w- c:\program files (x86)\Firestorm-Beta
2013-10-31 15:28 . 2013-10-31 15:28 -------- d-----w- c:\programdata\PCSettings
2013-10-31 15:08 . 2013-11-02 01:27 -------- d-----w- c:\program files (x86)\Everything
2013-10-31 15:04 . 2013-10-31 15:04 835 ----a-w- c:\windows\uninstallstickies.bat
2013-10-31 15:04 . 2013-10-31 15:04 -------- d-----w- c:\program files (x86)\Stickies
2013-10-31 15:02 . 2013-10-31 15:02 -------- d-----w- c:\program files (x86)\Common Files\Steam
2013-10-31 14:41 . 2013-10-31 14:41 -------- d-----w- c:\program files (x86)\TeamViewer
2013-10-31 14:41 . 2013-11-05 12:15 -------- d-----w- c:\program files (x86)\Steam
2013-10-31 14:22 . 2013-10-31 14:22 -------- d-----w- c:\windows\ServiceProfiles\LocalService\winhttp
2013-10-31 14:20 . 2013-10-31 14:21 -------- d-----w- C:\AdwCleaner
2013-10-31 14:17 . 2013-10-31 14:17 -------- d-----w- c:\windows\ERUNT
2013-10-31 12:48 . 2013-11-01 08:52 -------- d-----w- c:\windows\system32\drivers\NISx64\1501000.012
2013-10-31 10:30 . 2013-10-31 10:30 -------- d-----w- c:\program files\Google
2013-10-31 10:29 . 2013-10-31 10:30 -------- d-----w- c:\program files (x86)\Google
2013-10-30 20:25 . 2013-10-30 20:25 -------- d-----w- c:\windows\system32\SRSLabs
2013-10-30 20:19 . 2013-10-31 00:53 -------- d-----w- c:\programdata\WebEx
2013-10-30 20:17 . 2013-10-30 20:17 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-10-30 20:17 . 2013-10-30 20:17 -------- d-----r- c:\program files (x86)\Skype
2013-10-30 20:17 . 2013-10-30 20:17 -------- d-----w- c:\programdata\Skype
2013-10-30 19:41 . 2013-10-30 19:41 -------- d-----w- c:\program files (x86)\Common Files\LogiShrd
2013-10-30 19:41 . 2013-10-30 19:41 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-10-30 19:41 . 2013-10-30 19:41 -------- d-----w- c:\programdata\Logishrd
2013-10-30 19:40 . 2013-10-30 19:40 -------- d-----w- c:\program files\Logitech
2013-10-30 19:40 . 2013-10-30 19:41 -------- d-----w- c:\program files\Common Files\Logishrd
2013-10-30 19:15 . 2013-10-30 19:11 -------- d-----w- C:\Windows.old
2013-10-30 19:13 . 2013-10-30 19:13 -------- d-----w- c:\windows\SysWow64\config\systemprofile\Intel
2013-10-30 19:09 . 2013-10-30 19:09 -------- d-----w- C:\$WINDOWS.~BT
2013-10-30 18:54 . 2007-04-05 01:53 81768 ----a-w- c:\windows\SysWow64\xinput1_3.dll
2013-10-30 18:54 . 2013-10-30 18:54 4178264 ----a-w- c:\windows\SysWow64\D3DX9_41.dll
2013-10-30 18:53 . 2013-11-02 11:18 -------- d-----w- c:\programdata\HappyCloud
2013-10-30 18:42 . 2013-10-30 18:42 119528 ----a-w- c:\windows\system32\drivers\L1C63x64.sys
2013-10-30 18:30 . 2013-10-30 18:30 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-10-30 18:29 . 2013-10-18 01:36 1063200 ----a-w- c:\windows\system32\nvspcap64.dll
2013-10-30 18:29 . 2013-10-18 01:36 955168 ----a-w- c:\windows\SysWow64\nvspcap.dll
2013-10-30 18:28 . 2013-10-30 18:28 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-10-30 18:22 . 2013-10-30 18:22 -------- d-----w- c:\programdata\Oracle
2013-10-30 18:22 . 2013-10-30 18:22 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-10-30 18:22 . 2013-10-30 18:22 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-30 18:22 . 2013-10-30 18:22 -------- d-----w- c:\program files (x86)\Java
2013-10-30 18:19 . 2013-06-21 05:04 19187712 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-10-30 18:19 . 2013-06-21 04:46 18523648 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-10-30 18:15 . 2013-10-30 18:15 -------- d-----w- c:\program files (x86)\Hp
2013-10-30 18:14 . 2013-10-30 18:15 -------- d--h--w- c:\windows\AxInstSV
2013-10-30 18:13 . 2013-10-30 20:25 -------- d-----w- c:\program files\IDT
2013-10-30 18:10 . 2012-10-24 03:25 13312 ----a-w- c:\windows\system32\pcalua.exe
2013-10-30 17:11 . 2013-10-30 17:11 -------- d-----w- c:\program files\CCleaner
2013-10-30 17:00 . 2013-10-30 17:00 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-10-30 16:56 . 2012-11-06 04:18 11459584 ----a-w- c:\windows\system32\glcndFilter.dll
2013-10-30 16:55 . 2012-10-24 04:54 396008 ----a-w- c:\windows\system32\hal.dll
2013-10-30 16:54 . 2012-10-12 05:39 82944 ----a-w- c:\windows\SysWow64\dskquota.dll
2013-10-30 16:40 . 2013-10-30 16:40 -------- d-----w- c:\windows\system32\MRT
2013-10-30 16:30 . 2013-10-30 16:30 -------- d-----w- c:\users\Public\CyberLink
2013-10-30 16:29 . 2012-10-10 07:04 94208 ----a-w- c:\windows\system32\synceng.dll
2013-10-30 16:29 . 2012-10-10 06:31 72192 ----a-w- c:\windows\SysWow64\synceng.dll
2013-10-30 16:27 . 2013-07-06 00:15 652288 ----a-w- c:\windows\system32\comctl32.dll
2013-10-30 16:27 . 2013-07-04 02:13 541696 ----a-w- c:\windows\SysWow64\comctl32.dll
2013-10-30 16:27 . 2013-04-10 22:35 1617920 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-10-30 16:27 . 2013-04-10 22:35 2035200 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2013-10-30 16:27 . 2013-04-10 22:35 1318912 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-10-30 16:27 . 2013-04-10 22:35 1306112 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-10-30 16:27 . 2013-04-10 22:35 1272320 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-10-30 16:27 . 2013-04-11 04:12 1029632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2013-10-30 16:27 . 2013-04-11 04:12 1413632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2013-10-30 16:24 . 2012-08-31 00:52 17888 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2013-10-30 16:24 . 2012-08-31 00:53 17888 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll
2013-10-30 16:21 . 2013-05-23 23:02 1314816 ----a-w- c:\windows\system32\rpcrt4.dll
2013-10-30 16:21 . 2013-05-23 22:25 694272 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-10-30 16:21 . 2013-04-23 23:13 1013248 ----a-w- c:\windows\SysWow64\certutil.exe
2013-10-30 16:21 . 2013-04-23 23:12 109056 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-10-30 16:21 . 2013-04-23 22:56 1255936 ----a-w- c:\windows\system32\certutil.exe
2013-10-30 16:21 . 2013-04-23 22:55 141312 ----a-w- c:\windows\system32\cryptnet.dll
2013-10-30 16:20 . 2013-03-02 09:59 411880 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-10-30 16:18 . 2013-02-12 00:17 20992 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-10-30 16:16 . 2013-04-09 04:51 14267904 ----a-w- c:\windows\system32\wmp.dll
2013-10-30 16:15 . 2012-11-03 05:26 34816 ----a-w- c:\windows\system32\dpnsvr.exe
2013-10-30 16:14 . 2012-11-07 23:04 149264 ----a-w- c:\program files\Windows Defender\SymSrv.dll
2013-10-30 16:14 . 2012-11-07 23:04 1558912 ----a-w- c:\program files\Windows Defender\DbgHelp.dll
2013-10-30 16:14 . 2013-08-07 05:15 144896 ----a-w- c:\windows\system32\tssdisai.dll
2013-10-30 16:14 . 2012-11-10 04:23 132608 ----a-w- c:\windows\SysWow64\poqexec.exe
2013-10-30 16:14 . 2012-11-10 04:23 148480 ----a-w- c:\windows\system32\poqexec.exe
2013-10-30 16:14 . 2012-11-10 04:22 122880 ----a-w- c:\windows\system32\VmHostAI.dll
2013-10-30 16:14 . 2012-11-10 04:22 126976 ----a-w- c:\windows\system32\RDWebAI.dll
2013-10-30 16:14 . 2012-11-10 04:20 135680 ----a-w- c:\windows\system32\appserverai.dll
2013-10-30 16:13 . 2012-11-01 04:40 2361344 ----a-w- c:\windows\system32\msxml6.dll
2013-10-30 16:13 . 2012-11-01 04:41 1802240 ----a-w- c:\windows\SysWow64\msxml6.dll
2013-10-30 16:13 . 2012-11-01 04:41 1438720 ----a-w- c:\windows\SysWow64\msxml3.dll
2013-10-30 16:13 . 2012-11-01 04:40 1836032 ----a-w- c:\windows\system32\msxml3.dll
2013-10-30 16:13 . 2012-11-01 04:21 2048 ----a-w- c:\windows\system32\msxml6r.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-30 20:08 . 2013-04-22 19:38 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2013-10-30 20:08 . 2013-04-22 19:38 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2013-10-30 20:08 . 2013-04-22 19:38 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll
2013-10-30 15:29 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-10-23 10:30 . 2013-04-22 19:27 61216 ----a-w- c:\windows\system32\OpenCL.dll
2013-10-23 10:30 . 2013-04-22 19:27 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-10-23 10:30 . 2012-09-18 16:27 3067560 ----a-w- c:\windows\system32\nvapi64.dll
2013-10-23 10:30 . 2012-09-18 16:27 18286416 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-10-23 10:30 . 2012-09-18 16:27 1435504 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-10-23 08:20 . 2013-04-22 19:27 6669600 ----a-w- c:\windows\system32\nvcpl.dll
2013-10-23 08:20 . 2013-04-22 19:27 3489568 ----a-w- c:\windows\system32\nvsvc64.dll
2013-10-23 08:20 . 2013-04-22 19:27 922912 ----a-w- c:\windows\system32\nvvsvc.exe
2013-10-23 08:20 . 2013-04-22 19:27 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-10-23 08:20 . 2013-04-22 19:27 219424 ----a-w- c:\windows\system32\nvmctray.dll
2013-10-23 08:20 . 2013-04-22 19:27 3426956 ----a-w- c:\windows\system32\nvcoproc.bin
2013-10-02 01:38 . 2012-07-26 08:14 78296 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-02 01:38 . 2012-07-26 08:14 694232 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-09-13 10:05 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-09-13 10:05 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-09-13 10:05 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Green]
@="{95A27763-F62A-4114-9072-E81D87DE3B68}"
[HKEY_CLASSES_ROOT\CLSID\{95A27763-F62A-4114-9072-E81D87DE3B68}]
2013-10-10 20:26 1021448 ----a-r- c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Partial]
@="{E300CD91-100F-4E67-9AF3-1384A6124015}"
[HKEY_CLASSES_ROOT\CLSID\{E300CD91-100F-4E67-9AF3-1384A6124015}]
2013-10-10 20:26 1021448 ----a-r- c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Yellow]
@="{5E529433-B50E-4bef-A63B-16A6B71B071A}"
[HKEY_CLASSES_ROOT\CLSID\{5E529433-B50E-4bef-A63B-16A6B71B071A}]
2013-10-10 20:26 1021448 ----a-r- c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2013-10-21 00:47 627712 ----a-w- c:\program files\Classic Shell\ClassicExplorer32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2013-10-30 1820584]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-09-14 59720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-09-05 958576]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-10-23 152392]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"Carbonite Backup"="c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe" [2013-10-10 1056264]
.
c:\users\ronak_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech . Product Registration.lnk - c:\program files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe /remind /language=ENU /_WFM="." [2009-11-16 517384]
Stickies.lnk - c:\program files (x86)\Stickies\stickies.exe [2013-10-31 1134592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
R0 SymELAM;Symantec ELAM Driver;c:\windows\system32\drivers\NISx64\1501000.012\SymELAM.sys;c:\windows\SYSNATIVE\drivers\NISx64\1501000.012\SymELAM.sys [x]
R2 LMIRescue_e5aafcb3-49eb-4603-8ecb-ebe321c6407c;LogMeIn Rescue (e5aafcb3-49eb-4603-8ecb-ebe321c6407c);c:\users\RONAK_~1\AppData\Local\Temp\LMIR0001.tmp\LMI_Rescue_srv.exe;c:\users\RONAK_~1\AppData\Local\Temp\LMIR0001.tmp\LMI_Rescue_srv.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\System32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
R4 CLKMSVC10_38F51D56;CyberLink Product - 2013/10/30 13:09;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [x]
R4 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
R4 Intel® ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [x]
R4 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]
R4 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1501000.012\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1501000.012\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1501000.012\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1501000.012\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20131022.001\BHDrvx64.sys;c:\program files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20131022.001\BHDrvx64.sys [x]
S1 ccSet_NIS;NIS Settings Manager;c:\windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1501000.012\ccSetx64.sys [x]
S1 IDSVia64;IDSVia64;c:\program files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20131101.001\IDSvia64.sys;c:\program files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20131101.001\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1501000.012\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\NISx64\1501000.012\SYMNETS.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1501000.012\SYMNETS.SYS [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe;c:\program files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys;c:\windows\SYSNATIVE\DRIVERS\LEqdUsb.Sys [x]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys;c:\windows\SYSNATIVE\DRIVERS\LHidEqd.Sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
apphost REG_MULTI_SZ apphostsvc
iissvcs REG_MULTI_SZ w3svc was
.
Contents of the 'Scheduled Tasks' folder
.
2013-11-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-31 14:35]
.
2013-11-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-31 10:29]
.
2013-11-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-31 10:29]
.
2013-11-04 c:\windows\Tasks\HPCeeScheduleForronak_000.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-09-13 10:02 2328264 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-09-13 10:02 2328264 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-09-13 10:02 2328264 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Green]
@="{95A27763-F62A-4114-9072-E81D87DE3B68}"
[HKEY_CLASSES_ROOT\CLSID\{95A27763-F62A-4114-9072-E81D87DE3B68}]
2013-10-10 20:12 1294344 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Partial]
@="{E300CD91-100F-4E67-9AF3-1384A6124015}"
[HKEY_CLASSES_ROOT\CLSID\{E300CD91-100F-4E67-9AF3-1384A6124015}]
2013-10-10 20:12 1294344 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Yellow]
@="{5E529433-B50E-4bef-A63B-16A6B71B071A}"
[HKEY_CLASSES_ROOT\CLSID\{5E529433-B50E-4bef-A63B-16A6B71B071A}]
2013-10-10 20:12 1294344 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2013-10-21 00:47 774144 ----a-w- c:\program files\Classic Shell\ClassicExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2012-10-25 41664]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-06-16 499608]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 3933496]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-10-18 1028384]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-10-18 1063200]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2013-07-31 3091224]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2013-03-29 1702912]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~1\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\ronak_000\AppData\Roaming\Mozilla\Firefox\Profiles\6wa1imod.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://olmcdn.upromise.com/search.html?ourmark=3&qs=
FF - ExtSQL: 2013-10-30 15:41; {F003DA68-8256-4b37-A6C4-350FA04494DF}; c:\program files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF - ExtSQL: 2013-10-31 10:49; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; c:\users\ronak_000\AppData\Roaming\Mozilla\Firefox\Profiles\6wa1imod.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - ExtSQL: 2013-10-31 10:49; {37fa1426-b82d-11db-8314-0800200c9a66}; c:\users\ronak_000\AppData\Roaming\Mozilla\Firefox\Profiles\6wa1imod.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi
FF - ExtSQL: 2013-10-31 10:49; openinie@wittersworld.com; c:\users\ronak_000\AppData\Roaming\Mozilla\Firefox\Profiles\6wa1imod.default\extensions\openinie@wittersworld.com.xpi
FF - ExtSQL: 2013-10-31 10:49; amznUWL2@amazon.com; c:\users\ronak_000\AppData\Roaming\Mozilla\Firefox\Profiles\6wa1imod.default\extensions\amznUWL2@amazon.com.xpi
FF - ExtSQL: 2013-10-31 14:39; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn
FF - ExtSQL: 2013-10-31 14:40; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF - ExtSQL: 2013-10-31 17:37; firefoxdav@icloud.com; c:\users\ronak_000\AppData\Roaming\Mozilla\Firefox\Profiles\6wa1imod.default\extensions\firefoxdav@icloud.com
FF - ExtSQL: 2013-11-04 11:33; {b9871413-95b7-01c4-69cf-961a01420158}; c:\users\ronak_000\AppData\Roaming\Mozilla\Firefox\Profiles\6wa1imod.default\extensions\{b9871413-95b7-01c4-69cf-961a01420158}.xpi
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\21.1.0.18\diMaster.dll\" /prefetch:1"
"ImagePath"="\SystemRoot\system32\drivers\NISx64\1501000.012\SYMNETS.SYS"
"TrustedImagePaths"="c:\program files (x86)\Norton Internet Security\Engine\21.1.0.18;c:\program files (x86)\Norton Internet Security\Engine64\21.1.0.18"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Completion time: 2013-11-05 07:23:24
ComboFix-quarantined-files.txt 2013-11-05 12:23
.
Pre-Run: 47,577,776,128 bytes free
Post-Run: 47,439,532,032 bytes free
.
- - End Of File - - D4E512F59EBB4890BD3951DF44D49A45
5FB38429D5D77768867C76DCBDB35194
  • 0

#6
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello queendom,

Please run a free online scan with the ESET Online Scanner

Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.

Note: This scan works with Internet Explorer or Mozilla FireFox.

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

  • Click the green ESET Online Scanner box
  • Tick the box next to YES, I accept the Terms of Use
    then click on: Start
  • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install. If your firewall asks whether you want to allow installation, say yes.
  • Make sure that the option Scan archives is checked.
  • If you are given an option to quarantine files ensure the scan is set to do so.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close, make sure you copy the logfile first!
  • Then click on: Finish
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic and tell me how your machine is now.

  • 0

#7
queendom

queendom

    Member

  • Topic Starter
  • Member
  • PipPip
  • 75 posts
Hi emeraldnzl,

Just finished the scan. Haven't noticed any changes in performance. Perhaps my earlier attempts to remove the virus were successful after all?

E:\FileHistory\ronak_000\HERDESKTOP\Data\C\Users\ronak_000\Documents\Microsoft Downloads\SetupImgBurn_2.5.7.0 (2013_09_28 02_05_09 UTC).exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
  • 0

#8
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
graybird virus is an old infection (one reason why we used ComboFix) although maybe what you had was a new version. I think you likely got a good part of it and we have since removed some clutter and leftovers.

The logs look okay to me now.

Are you still having unusual problems connecting to the internet?

If not we will go to clearing away the tools we have been using at my next post.
  • 0

#9
queendom

queendom

    Member

  • Topic Starter
  • Member
  • PipPip
  • 75 posts
Oh, that's good news! No more problems connecting to the internet or updating Norton. Thanks so much again for all the help!
  • 0

#10
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello again queendom,

No more problems connecting to the internet or updating Norton.


Excellent news. :thumbsup:

Now

We have a couple of last steps to perform and then you're all set.Posted Image

Follow these steps to uninstall Combofix and tools used in the removal of malware. This will also clean out and reset your Restore Points.

  • Go to Start > Programs > Accessories and click on Run
  • Copy and paste the the bolded text below in the box then hit OK

    Combofix /Uninstall

    Posted Image
Step 2
  • Double-click OTL.exe to run it. (Vista users, please right click on OTL.exe and select "Run as an Administrator")
  • Click on the CleanUp! button
  • Click Yes to begin the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

Any remaining tools may be deleted.

-------------------------------------------------------------------------------------------------------------------

A reminder: Remember to (re-install if uninstalled during cleaning) update and turn back on any anti-malware programs you may have turned off during the cleaning process.
-------------------------------------------------------------------------------------------------------------------

Here are some things that I think are worth having a look at if you don't already know about them:

---------------------------------------------------------------------------------------------------------------------

It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article Strong passwords: How to create and use them.

----------------------------------------------------------------------------------------------------------------------

Java warning

Java is a popular point of entry to your computer for malicous programs. The United States Department of Homeland Security recommends that computer users disable Java, see here. Unless you need it to run an important software the safest approach is to completely uninstall Java. Where you do require it, then the next safest option is to disable it in your browsers until you need it, then enable it.

How to disable Java in your web browser and How to unplug Java from the browser

If you do still need Java then regularly check that it is up to date. Older versions are the most vulnerable to malicious attack.

  • Download Java for Windows

    Reboot your computer.
    You also need to unininstall older versions of Java.
  • Click Start > Control Panel > Add or Remove Programs
  • Remove all Java updates except the latest one you have just installed.
--------------------------------------------------------------------------------------------------------------------

CryptoLocker Warning

There is a particularly nasty infection out there at the moment.

Go here for information about CryptoLocker Ransomeware

Download CryptoPrevent free for home use.

--------------------------------------------------------------------------------------------------------------------

To help protect your computer in the future:



If you do not already have automatic updates set then it is recommended that you do set Windows to check, download and install your updates automatically.

* Click Start > Control Panel > System and Security > Windows Update
* Under Windows Update click on Turn automatic updating on or off
* Check items shown to ensure you receive updates automatically. Click OK.

Be aware of what emails you open and websites you visit.

Go here for some good advice about how to prevent infection.

A fun way to check your online safety literacy.

Quiz - getsafeonline

Have a safe and happy computing day!
  • 0

#11
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP