Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Cannot remove snap.do from Program Files [Solved]

snap.do

  • This topic is locked This topic is locked

#1
Aishenne

Aishenne

    Member

  • Member
  • PipPip
  • 47 posts

Hi, when trying to install Yahoo Messenger, I somehow installed snap.do to my computer.

 

I followed some instructions I found online to remove it from Chrome, but I think I only succeeded in hiding it from sight and preventing redirections. I can still see it in my Program Files. 

 

I tried to use CC Cleaner to delete it but it shows an error: Cannot delete MSI installer.

 

If I go to Control Panel and select the program and uninstall, it also throws an error: The feature you are trying to use is on a network resource that is unavailable. The installation source for this product is not available.

 

 

Below is the OTL log. Any help is appreciated. I'm really pissed off that my new laptop got this malware :( .

 

 

 

 

OTL logfile created on: 24/3/2014 4:28:42 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\jennjennkho\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00004809 | Country: Singapore | Language: ENE | Date Format: d/M/yyyy
 
7.93 Gb Total Physical Memory | 5.29 Gb Available Physical Memory | 66.74% Memory free
9.18 Gb Paging File | 6.35 Gb Available in Paging File | 69.13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 344.50 Gb Total Space | 284.80 Gb Free Space | 82.67% Space Free | Partition Type: NTFS
Drive D: | 21.33 Gb Total Space | 2.15 Gb Free Space | 10.07% Space Free | Partition Type: NTFS
Drive E: | 332.03 Gb Total Space | 331.90 Gb Free Space | 99.96% Space Free | Partition Type: NTFS
 
Computer Name: HP | User Name: jennjennkho | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/03/24 16:28:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\jennjennkho\Downloads\OTL.exe
PRC - [2014/03/15 08:50:42 | 000,859,976 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/02/05 17:32:47 | 002,234,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/02/05 17:32:34 | 001,593,632 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013/10/08 11:41:36 | 001,045,304 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
PRC - [2013/10/08 11:41:28 | 001,039,160 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
PRC - [2013/08/30 21:18:16 | 000,015,720 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2013/08/13 11:06:20 | 005,545,448 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
PRC - [2013/08/09 20:25:18 | 000,390,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2013/08/09 20:25:16 | 000,131,544 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2013/08/09 20:25:12 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
PRC - [2013/08/01 20:34:53 | 000,267,224 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
PRC - [2013/06/08 04:56:48 | 001,343,904 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
PRC - [2013/04/04 14:50:32 | 000,887,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/03/15 08:50:40 | 013,637,448 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll
MOD - [2014/03/15 08:50:40 | 000,394,568 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppgooglenaclpluginchrome.dll
MOD - [2014/03/15 08:50:38 | 004,061,000 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
MOD - [2014/03/15 08:50:35 | 000,716,616 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
MOD - [2014/03/15 08:50:34 | 000,100,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
MOD - [2014/03/15 08:50:32 | 001,647,432 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
MOD - [2014/03/15 08:50:30 | 000,051,016 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/03/01 04:16:08 | 002,169,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2014/02/19 21:02:27 | 001,555,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/02/19 21:02:27 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/02/19 21:02:27 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/02/19 20:16:14 | 002,252,504 | ---- | M] (Broadcom Corporation.) [Auto | Stopped] -- C:\Windows\SysNative\BtwRSupportService.exe -- (BcmBtRSupport)
SRV:64bit: - [2014/02/06 18:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/02/05 17:32:24 | 016,941,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2014/01/28 01:14:46 | 000,178,528 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\mcafee\msc\McAPExe.exe -- (McAPExe)
SRV:64bit: - [2014/01/27 08:37:08 | 000,185,792 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2014/01/27 08:31:12 | 000,219,752 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2014/01/21 04:04:28 | 001,025,712 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe -- (mfecore)
SRV:64bit: - [2013/11/27 23:36:30 | 003,395,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/11/27 17:17:40 | 000,263,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/11/23 12:50:00 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/11/08 11:41:17 | 001,302,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2013/10/31 08:29:53 | 000,348,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2013/10/31 08:29:53 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/10/22 09:53:47 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2013/10/04 16:10:59 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/08/30 21:18:16 | 000,015,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:64bit: - [2013/08/26 14:13:24 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV:64bit: - [2013/08/23 17:13:42 | 000,087,552 | ---- | M] (Softex Inc.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe -- (omniserv)
SRV:64bit: - [2013/08/23 17:08:20 | 000,109,568 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe -- (Cachedrv server)
SRV:64bit: - [2013/08/22 20:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 19:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 19:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 19:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 19:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 19:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 18:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 18:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 18:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 18:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 18:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 18:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 18:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 18:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 18:04:53 | 000,716,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013/08/22 18:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 17:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2013/08/22 17:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 17:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 17:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 17:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 17:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 17:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 17:40:14 | 000,398,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2013/08/22 17:39:33 | 000,198,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/08/22 17:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 17:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013/08/16 21:21:10 | 000,339,456 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2013/08/13 11:06:34 | 000,198,120 | ---- | M] () [Auto | Running] -- C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe -- (ISCTAgent)
SRV:64bit: - [2013/08/02 17:52:58 | 000,602,944 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\virusscan\mcods.exe -- (McODS)
SRV:64bit: - [2013/08/02 00:03:12 | 000,032,768 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\valWBFPolicyService.exe -- (valWBFPolicyService)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe -- (McOobeSv2)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)
SRV:64bit: - [2013/07/25 10:21:46 | 000,334,608 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe -- (McAWFwk)
SRV:64bit: - [2013/07/24 03:28:56 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2013/05/12 09:45:54 | 000,822,232 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel®
SRV:64bit: - [2013/05/12 09:45:38 | 000,733,696 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV - [2014/03/16 16:00:06 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2014/02/19 21:02:27 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/02/05 17:32:34 | 001,593,632 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013/10/08 11:41:28 | 001,039,160 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe -- (HPWMISVC)
SRV - [2013/08/30 09:31:42 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2013/08/26 14:13:24 | 000,475,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2013/08/26 14:13:24 | 000,066,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV - [2013/08/26 14:13:24 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2013/08/22 20:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/22 11:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/22 10:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/08/09 20:25:18 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013/08/09 20:25:16 | 000,131,544 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2013/08/09 20:25:12 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2010/10/13 01:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/03/16 16:00:04 | 004,170,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2014/02/19 21:02:27 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/02/19 21:02:27 | 000,236,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/02/19 21:02:27 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2014/02/19 20:16:14 | 000,170,712 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
DRV:64bit: - [2014/02/19 20:15:00 | 007,474,864 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL63a.SYS -- (BCM43XX)
DRV:64bit: - [2014/01/27 08:43:26 | 000,070,592 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2014/01/27 08:37:32 | 000,344,688 | ---- | M] (McAfee, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2014/01/27 08:33:26 | 000,783,864 | ---- | M] (McAfee, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2014/01/27 08:31:34 | 000,520,696 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2014/01/27 08:30:06 | 000,311,600 | ---- | M] (McAfee, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2014/01/27 08:29:22 | 000,180,272 | ---- | M] (McAfee, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2014/01/27 08:15:36 | 000,069,352 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mfeelamk.sys -- (mfeelamk)
DRV:64bit: - [2014/01/21 03:50:24 | 000,096,592 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfencrk.sys -- (mfencrk)
DRV:64bit: - [2014/01/21 03:50:02 | 000,422,712 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfencbdc.sys -- (mfencbdc)
DRV:64bit: - [2014/01/08 09:46:27 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/12/28 02:42:26 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013/11/11 10:48:41 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/11/01 19:39:53 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/10/31 08:58:59 | 000,372,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/10/31 08:29:36 | 000,236,888 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/10/31 08:29:36 | 000,124,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2013/10/31 08:28:47 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/10/26 09:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/10/13 10:48:34 | 000,136,536 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/10/05 23:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/09/23 13:49:22 | 000,197,704 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2013/09/04 18:12:52 | 000,166,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2013/08/30 21:18:02 | 000,644,968 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2013/08/23 06:51:12 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013/08/23 06:51:12 | 000,026,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013/08/23 03:12:11 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/08/23 03:12:07 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/08/22 21:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 21:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 20:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 20:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 20:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 20:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 20:43:48 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/08/22 20:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 20:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 20:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 20:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 20:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 20:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 20:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 20:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 20:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 20:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 20:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 20:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 20:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 20:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 20:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 20:43:33 | 000,189,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/08/22 20:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 20:43:32 | 000,078,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2013/08/22 20:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 20:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 20:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 20:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 20:41:08 | 000,054,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2013/08/22 20:39:44 | 000,377,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2013/08/22 20:39:15 | 000,924,512 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2013/08/22 20:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 20:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 20:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 19:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 19:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 19:39:28 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013/08/22 19:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 19:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 19:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 19:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 19:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 19:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 19:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 19:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 19:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 19:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 19:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 19:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 19:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 19:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 19:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 19:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 19:36:37 | 000,224,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013/08/22 19:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 19:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 19:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 19:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 16:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/22 07:25:40 | 000,429,272 | ---- | M] (Realsil Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPer.sys -- (RTSPER)
DRV:64bit: - [2013/08/20 08:25:00 | 000,449,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2013/08/16 21:21:10 | 000,551,936 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2013/08/13 07:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 08:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/08/09 20:25:14 | 000,099,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:64bit: - [2013/08/09 10:06:40 | 000,021,920 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\imsevent.sys -- (imsevent)
DRV:64bit: - [2013/08/09 10:06:40 | 000,021,408 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ikbevent.sys -- (ikbevent)
DRV:64bit: - [2013/08/08 10:01:32 | 000,046,568 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ISCTD64.sys -- (ISCT)
DRV:64bit: - [2013/08/08 10:01:24 | 000,029,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\INETMON.sys -- (INETMON)
DRV:64bit: - [2013/08/02 11:57:42 | 000,524,016 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2013/08/02 11:57:42 | 000,034,544 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2013/08/02 11:57:40 | 000,030,448 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Smb_driver_AMDASF.sys -- (SmbDrv)
DRV:64bit: - [2013/07/31 02:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/27 07:07:30 | 000,827,096 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2013/07/26 03:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/07/24 03:28:56 | 000,043,320 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2013/07/24 03:28:56 | 000,030,520 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2013/07/23 08:45:58 | 000,020,800 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WirelessButtonDriver64.sys -- (WirelessButtonDriver)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/03/05 14:22:20 | 000,041,408 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL14/37
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.jp.msn.com/HPALL14/37
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPNTDFJS
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...54361-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL14/37
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.jp.msn.com/HPALL14/37
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.c...q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPNTDFJS
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL14/37
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.c...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK [2014/03/12 17:29:24 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\jennjennkho\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\jennjennkho\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\jennjennkho\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\jennjennkho\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\jennjennkho\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\jennjennkho\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2013/08/22 21:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [OPBHOBroker] C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [OPBHOBrokerDesktop] C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [SimplePass] C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [YouCam Service] C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (CyberLink Corp.)
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E55AFCB0-5154-49A8-B1EB-53FEDB97A69E}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/03/24 16:19:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2014/03/24 16:04:29 | 000,000,000 | ---D | C] -- C:\Users\jennjennkho\AppData\Roaming\Malwarebytes
[2014/03/24 16:04:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/03/24 16:04:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/03/24 16:04:11 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/03/24 16:04:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/03/24 16:04:00 | 000,000,000 | ---D | C] -- C:\Users\jennjennkho\AppData\Local\Programs
[2014/03/24 15:48:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014/03/24 15:48:52 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/03/24 15:07:07 | 000,000,000 | ---D | C] -- C:\Users\jennjennkho\AppData\Roaming\TuneUp Software
[2014/03/24 15:06:25 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2014/03/24 15:06:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
[2014/03/24 15:06:20 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2014/03/24 15:05:30 | 000,000,000 | ---D | C] -- C:\Users\jennjennkho\AppData\Roaming\rmi
[2014/03/19 19:08:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014/03/16 16:03:41 | 000,000,000 | ---D | C] -- C:\Users\jennjennkho\Intel
[2014/03/14 22:50:46 | 000,000,000 | ---D | C] -- C:\Users\jennjennkho\AppData\Local\NVIDIA Corporation
[2014/03/14 22:48:46 | 000,000,000 | ---D | C] -- C:\Users\jennjennkho\AppData\Local\NVIDIA
[2014/03/14 22:48:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2014/03/14 22:48:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2014/03/14 22:44:01 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2014/03/12 17:40:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive
[2014/03/12 17:40:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive
[2014/03/12 17:40:40 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2014/03/12 17:40:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2014/03/12 17:39:31 | 000,000,000 | ---D | C] -- C:\Users\jennjennkho\Documents\Personal
[2014/03/12 17:35:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2014/03/12 17:35:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office 15
[2014/03/12 16:27:59 | 000,197,704 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\HipShieldK.sys
[2014/03/12 04:51:59 | 000,000,000 | ---D | C] -- C:\Users\jennjennkho\Desktop\Alex Applications
[2014/03/12 04:36:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014/03/12 04:36:53 | 000,000,000 | ---D | C] -- C:\Users\jennjennkho\AppData\Local\Google
[2014/03/12 04:26:09 | 000,000,000 | ---D | C] -- C:\Users\jennjennkho\AppData\Local\Apps
[2014/03/12 04:26:08 | 000,000,000 | ---D | C] -- C:\Users\jennjennkho\AppData\Local\Deployment
[2014/03/12 04:22:06 | 000,000,000 | ---D | C] -- C:\Users\jennjennkho\AppData\Roaming\Macromedia
[2014/03/12 04:11:07 | 000,000,000 | ---D | C] -- C:\FINAL FANTASY XIV - A Realm Reborn
[2014/03/12 03:23:58 | 000,000,000 | ---D | C] -- C:\Users\jennjennkho\AppData\Roaming\Hewlett-Packard
[2014/03/12 03:23:52 | 000,000,000 | ---D | C] -- C:\Users\jennjennkho\AppData\Roaming\hpqlog
[2014/03/12 03:23:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Synaptics
[2014/03/12 03:23:32 | 000,000,000 | ---D | C] -- C:\Users\jennjennkho\AppData\Roaming\Synaptics
[2014/03/12 03:23:21 | 000,000,000 | ---D | C] -- C:\Users\jennjennkho\Documents\Youcam
[2014/03/12 03:23:19 | 000,000,000 | ---D | C] -- C:\Users\jennjennkho\AppData\Local\CyberLink
[2014/03/12 03:23:06 | 000,000,000 | ---D | C] -- C:\Users\jennjennkho\AppData\Local\Hewlett-Packard
[2014/03/12 03:20:35 | 000,000,000 | R--D | C] -- C:\Users\jennjennkho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/03/12 03:20:35 | 000,000,000 | R--D | C] -- C:\Users\jennjennkho\Searches
[2014/03/12 03:20:35 | 000,000,000 | R--D | C] -- C:\Users\jennjennkho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/03/12 03:20:34 | 000,000,000 | R--D | C] -- C:\Users\jennjennkho\Contacts
[2014/03/12 03:20:34 | 000,000,000 | -H-D | C] -- C:\Users\jennjennkho\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/03/12 03:20:16 | 000,000,000 | ---D | C] -- C:\Users\jennjennkho\AppData\Local\VirtualStore
[2014/03/12 03:20:16 | 000,000,000 | ---D | C] -- C:\Users\jennjennkho\AppData\Roaming\Adobe
[2014/03/12 03:20:10 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
[2014/03/12 03:19:45 | 000,000,000 | ---D | C] -- C:\Users\jennjennkho\AppData\Local\Packages
[2014/03/12 03:19:35 | 000,000,000 | -HSD | C] -- C:\Users\jennjennkho\AppData\Local\Temporary Internet Files
[2014/03/12 03:19:35 | 000,000,000 | -HSD | C] -- C:\Users\jennjennkho\Templates
[2014/03/12 03:19:35 | 000,000,000 | -HSD | C] -- C:\Users\jennjennkho\Start Menu
[2014/03/12 03:19:35 | 000,000,000 | -HSD | C] -- C:\Users\jennjennkho\SendTo
[2014/03/12 03:19:35 | 000,000,000 | -HSD | C] -- C:\Users\jennjennkho\Recent
[2014/03/12 03:19:35 | 000,000,000 | -HSD | C] -- C:\Users\jennjennkho\PrintHood
[2014/03/12 03:19:35 | 000,000,000 | -HSD | C] -- C:\Users\jennjennkho\NetHood
[2014/03/12 03:19:35 | 000,000,000 | -HSD | C] -- C:\Users\jennjennkho\Documents\My Videos
[2014/03/12 03:19:35 | 000,000,000 | -HSD | C] -- C:\Users\jennjennkho\Documents\My Pictures
[2014/03/12 03:19:35 | 000,000,000 | -HSD | C] -- C:\Users\jennjennkho\Documents\My Music
[2014/03/12 03:19:35 | 000,000,000 | -HSD | C] -- C:\Users\jennjennkho\My Documents
[2014/03/12 03:19:35 | 000,000,000 | -HSD | C] -- C:\Users\jennjennkho\Local Settings
[2014/03/12 03:19:35 | 000,000,000 | -HSD | C] -- C:\Users\jennjennkho\AppData\Local\History
[2014/03/12 03:19:35 | 000,000,000 | -HSD | C] -- C:\Users\jennjennkho\Cookies
[2014/03/12 03:19:35 | 000,000,000 | -HSD | C] -- C:\Users\jennjennkho\Application Data
[2014/03/12 03:19:35 | 000,000,000 | -HSD | C] -- C:\Users\jennjennkho\AppData\Local\Application Data
[2014/03/12 03:19:34 | 000,000,000 | --SD | C] -- C:\Users\jennjennkho\AppData\Roaming\Microsoft
[2014/03/12 03:19:34 | 000,000,000 | R--D | C] -- C:\Users\jennjennkho\Videos
[2014/03/12 03:19:34 | 000,000,000 | R--D | C] -- C:\Users\jennjennkho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014/03/12 03:19:34 | 000,000,000 | R--D | C] -- C:\Users\jennjennkho\Saved Games
[2014/03/12 03:19:34 | 000,000,000 | R--D | C] -- C:\Users\jennjennkho\Pictures
[2014/03/12 03:19:34 | 000,000,000 | R--D | C] -- C:\Users\jennjennkho\Music
[2014/03/12 03:19:34 | 000,000,000 | R--D | C] -- C:\Users\jennjennkho\Links
[2014/03/12 03:19:34 | 000,000,000 | R--D | C] -- C:\Users\jennjennkho\Favorites
[2014/03/12 03:19:34 | 000,000,000 | R--D | C] -- C:\Users\jennjennkho\Downloads
[2014/03/12 03:19:34 | 000,000,000 | R--D | C] -- C:\Users\jennjennkho\Documents
[2014/03/12 03:19:34 | 000,000,000 | R--D | C] -- C:\Users\jennjennkho\Desktop
[2014/03/12 03:19:34 | 000,000,000 | R--D | C] -- C:\Users\jennjennkho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/03/12 03:19:34 | 000,000,000 | R--D | C] -- C:\Users\jennjennkho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014/03/12 03:19:34 | 000,000,000 | -H-D | C] -- C:\Users\jennjennkho\Documents\hp.system.package.metadata
[2014/03/12 03:19:34 | 000,000,000 | -H-D | C] -- C:\Users\jennjennkho\Documents\hp.applications.package.appdata
[2014/03/12 03:19:34 | 000,000,000 | -H-D | C] -- C:\Users\jennjennkho\AppData
[2014/03/12 03:19:34 | 000,000,000 | ---D | C] -- C:\Users\jennjennkho\AppData\Local\Temp
[2014/03/12 03:19:34 | 000,000,000 | ---D | C] -- C:\Users\jennjennkho\AppData\Local\Microsoft
[2014/03/12 03:19:34 | 000,000,000 | ---D | C] -- C:\Users\jennjennkho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/03/12 03:18:26 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/03/12 02:49:41 | 000,000,000 | ---D | C] -- C:\Users\jennjennkho\AppData\Local\CrashDumps
[2014/03/11 14:51:11 | 000,000,000 | ---D | C] -- C:\Users\jennjennkho\AppData\Roaming\WildTangent
[2014/03/11 10:53:36 | 000,000,000 | R--D | C] -- C:\Users\jennjennkho\SkyDrive
[2014/03/11 09:03:57 | 000,000,000 | ---D | C] -- C:\Users\jennjennkho\Documents\My Games
[2014/03/11 09:03:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
 
========== Files - Modified Within 30 Days ==========
 
[2014/03/24 16:19:20 | 000,001,867 | ---- | M] () -- C:\Users\Public\Desktop\McAfee LiveSafe - Internet Security.lnk
[2014/03/24 16:18:38 | 000,958,356 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/03/24 16:18:38 | 000,801,446 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/03/24 16:18:38 | 000,165,972 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/03/24 16:16:20 | 000,002,210 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/03/24 16:15:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/03/24 16:15:10 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/03/24 16:13:47 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/03/24 16:13:46 | 2519,953,407 | -HS- | M] () -- C:\hiberfil.sys
[2014/03/24 16:05:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/24 16:04:15 | 000,001,128 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/03/24 15:48:55 | 000,000,841 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/03/24 15:09:27 | 000,083,222 | ---- | M] () -- C:\Windows\SysWow64\_m.dmp
[2014/03/16 22:27:12 | 000,018,276 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2014/03/16 16:00:06 | 000,002,948 | ---- | M] () -- C:\Windows\SysNative\iglhxs64.vp
[2014/03/16 16:00:05 | 000,012,288 | ---- | M] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2014/03/16 16:00:04 | 000,365,568 | ---- | M] () -- C:\Windows\SysNative\igdmd64.dll
[2014/03/16 16:00:04 | 000,303,104 | ---- | M] () -- C:\Windows\SysWow64\igdmd32.dll
[2014/03/16 16:00:03 | 000,220,672 | ---- | M] () -- C:\Windows\SysNative\igdde64.dll
[2014/03/16 16:00:03 | 000,180,736 | ---- | M] () -- C:\Windows\SysWow64\igdde32.dll
[2014/03/16 16:00:03 | 000,160,256 | ---- | M] () -- C:\Windows\SysNative\igdail64.dll
[2014/03/16 16:00:03 | 000,142,848 | ---- | M] () -- C:\Windows\SysWow64\igdail32.dll
[2014/03/16 16:00:02 | 002,384,896 | ---- | M] () -- C:\Windows\SysNative\GfxRes.dll
[2014/03/16 16:00:02 | 000,265,385 | ---- | M] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2014/03/16 16:00:02 | 000,251,862 | ---- | M] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2014/03/16 16:00:02 | 000,233,588 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2014/03/16 16:00:02 | 000,199,481 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2014/03/16 16:00:02 | 000,197,044 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2014/03/16 16:00:02 | 000,191,088 | ---- | M] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2014/03/16 16:00:02 | 000,179,353 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2014/03/16 16:00:02 | 000,179,230 | ---- | M] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2014/03/16 16:00:02 | 000,176,940 | ---- | M] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2014/03/16 16:00:02 | 000,176,666 | ---- | M] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2014/03/16 16:00:02 | 000,176,638 | ---- | M] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2014/03/16 16:00:02 | 000,175,259 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources
[2014/03/16 16:00:02 | 000,174,244 | ---- | M] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2014/03/16 16:00:02 | 000,173,953 | ---- | M] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2014/03/16 16:00:02 | 000,173,813 | ---- | M] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2014/03/16 16:00:02 | 000,173,495 | ---- | M] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2014/03/16 16:00:02 | 000,172,750 | ---- | M] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2014/03/16 16:00:02 | 000,172,041 | ---- | M] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2014/03/16 16:00:02 | 000,171,709 | ---- | M] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2014/03/16 16:00:02 | 000,171,547 | ---- | M] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2014/03/16 16:00:02 | 000,171,310 | ---- | M] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2014/03/16 16:00:02 | 000,170,996 | ---- | M] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2014/03/16 16:00:02 | 000,170,175 | ---- | M] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources
[2014/03/16 16:00:02 | 000,166,672 | ---- | M] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2014/03/16 16:00:02 | 000,165,374 | ---- | M] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2014/03/16 16:00:02 | 000,164,698 | ---- | M] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2014/03/16 16:00:02 | 000,159,947 | ---- | M] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2014/03/16 16:00:02 | 000,153,249 | ---- | M] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2014/03/16 16:00:02 | 000,151,473 | ---- | M] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2014/03/16 15:48:19 | 000,027,319 | ---- | M] () -- C:\Users\jennjennkho\Desktop\web checkin.jpg
[2014/03/14 22:50:39 | 000,001,370 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2014/03/13 22:08:23 | 000,487,144 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/03/12 04:52:42 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2014/03/12 04:18:33 | 000,001,443 | ---- | M] () -- C:\Users\jennjennkho\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/03/12 03:20:13 | 000,002,151 | ---- | M] () -- C:\Users\Public\Desktop\WildTangent Games For HP.lnk
[2014/03/12 02:49:43 | 000,002,306 | ---- | M] () -- C:\Users\jennjennkho\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/03/11 09:07:51 | 000,001,358 | ---- | M] () -- C:\Users\jennjennkho\Desktop\FFXIV A Realm Reborn.lnk
[2014/03/04 22:35:23 | 000,024,544 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2014/03/04 21:05:53 | 003,649,185 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
 
========== Files Created - No Company Name ==========
 
[2014/03/24 16:04:15 | 000,001,128 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/03/24 15:48:55 | 000,000,841 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/03/24 15:09:27 | 000,083,222 | ---- | C] () -- C:\Windows\SysWow64\_m.dmp
[2014/03/19 03:42:04 | 000,138,240 | ---- | C] () -- C:\Windows\SysNative\OEMLicense.dll
[2014/03/19 03:42:00 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2014/03/16 16:01:00 | 000,002,948 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2014/03/16 16:00:58 | 000,012,288 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2014/03/16 16:00:57 | 000,365,568 | ---- | C] () -- C:\Windows\SysNative\igdmd64.dll
[2014/03/16 16:00:57 | 000,303,104 | ---- | C] () -- C:\Windows\SysWow64\igdmd32.dll
[2014/03/16 16:00:55 | 000,220,672 | ---- | C] () -- C:\Windows\SysNative\igdde64.dll
[2014/03/16 16:00:55 | 000,180,736 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2014/03/16 16:00:55 | 000,160,256 | ---- | C] () -- C:\Windows\SysNative\igdail64.dll
[2014/03/16 16:00:55 | 000,142,848 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
[2014/03/16 16:00:54 | 002,384,896 | ---- | C] () -- C:\Windows\SysNative\GfxRes.dll
[2014/03/16 16:00:54 | 000,265,385 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2014/03/16 16:00:54 | 000,251,862 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2014/03/16 16:00:54 | 000,233,588 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2014/03/16 16:00:54 | 000,199,481 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2014/03/16 16:00:54 | 000,197,044 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2014/03/16 16:00:54 | 000,191,088 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2014/03/16 16:00:54 | 000,179,353 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2014/03/16 16:00:54 | 000,179,230 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2014/03/16 16:00:54 | 000,176,940 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2014/03/16 16:00:54 | 000,176,666 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2014/03/16 16:00:54 | 000,176,638 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2014/03/16 16:00:54 | 000,175,259 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources
[2014/03/16 16:00:54 | 000,174,244 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2014/03/16 16:00:54 | 000,173,953 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2014/03/16 16:00:54 | 000,173,813 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2014/03/16 16:00:54 | 000,173,495 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2014/03/16 16:00:54 | 000,172,750 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2014/03/16 16:00:54 | 000,172,041 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2014/03/16 16:00:54 | 000,171,709 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2014/03/16 16:00:54 | 000,171,547 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2014/03/16 16:00:54 | 000,171,310 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2014/03/16 16:00:54 | 000,170,996 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2014/03/16 16:00:54 | 000,170,175 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources
[2014/03/16 16:00:54 | 000,166,672 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2014/03/16 16:00:54 | 000,165,374 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2014/03/16 16:00:54 | 000,164,698 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2014/03/16 16:00:54 | 000,159,947 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2014/03/16 16:00:54 | 000,153,249 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2014/03/16 16:00:54 | 000,151,473 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2014/03/16 15:48:18 | 000,027,319 | ---- | C] () -- C:\Users\jennjennkho\Desktop\web checkin.jpg
[2014/03/14 22:50:39 | 000,001,370 | ---- | C] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2014/03/13 13:22:07 | 000,009,701 | ---- | C] () -- C:\Windows\SysWow64\connectedsearch-results.searchconnector-ms
[2014/03/13 13:22:07 | 000,009,701 | ---- | C] () -- C:\Windows\SysNative\connectedsearch-results.searchconnector-ms
[2014/03/13 13:21:56 | 000,386,722 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2014/03/12 17:40:57 | 000,002,193 | ---- | C] () -- C:\Users\jennjennkho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
[2014/03/12 17:37:04 | 000,001,867 | ---- | C] () -- C:\Users\Public\Desktop\McAfee LiveSafe - Internet Security.lnk
[2014/03/12 05:00:49 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/12 05:00:49 | 000,000,910 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/03/12 04:52:42 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2014/03/12 04:18:33 | 000,001,443 | ---- | C] () -- C:\Users\jennjennkho\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/03/12 03:20:16 | 000,001,449 | ---- | C] () -- C:\Users\jennjennkho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/03/12 03:20:13 | 000,002,151 | ---- | C] () -- C:\Users\Public\Desktop\WildTangent Games For HP.lnk
[2014/03/12 03:20:10 | 000,002,282 | ---- | C] () -- C:\Users\Public\Desktop\eBay.com.sg.lnk
[2014/03/12 03:19:34 | 000,000,352 | ---- | C] () -- C:\Users\jennjennkho\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/03/12 03:19:34 | 000,000,334 | ---- | C] () -- C:\Users\jennjennkho\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/03/11 09:07:51 | 000,001,358 | ---- | C] () -- C:\Users\jennjennkho\Desktop\FFXIV A Realm Reborn.lnk
[2014/03/11 09:03:29 | 000,002,306 | ---- | C] () -- C:\Users\jennjennkho\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/03/11 09:03:29 | 000,002,210 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/08/26 14:13:37 | 001,587,694 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/08/22 23:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2013/08/22 23:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2013/08/22 22:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013/08/22 15:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013/08/22 11:32:36 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2013/08/22 07:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013/08/22 07:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2013/05/12 09:17:52 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
[2013/09/08 08:37:07 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/12/09 16:05:24 | 021,199,256 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/12/09 12:51:04 | 018,643,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 17:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 10:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 17:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/03/24 15:05:41 | 000,000,000 | ---D | M] -- C:\Users\jennjennkho\AppData\Roaming\rmi
[2014/03/12 03:23:32 | 000,000,000 | ---D | M] -- C:\Users\jennjennkho\AppData\Roaming\Synaptics
[2014/03/24 15:07:07 | 000,000,000 | ---D | M] -- C:\Users\jennjennkho\AppData\Roaming\TuneUp Software
[2014/03/11 14:51:13 | 000,000,000 | ---D | M] -- C:\Users\jennjennkho\AppData\Roaming\WildTangent
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 199 bytes -> C:\Users\jennjennkho\SkyDrive:ms-properties
 
< End of report >
 

  • 0

Advertisements


#2
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts

Hello Aishenne

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.


These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
When they are complete let me have the two reports and let me know how things are running.

Gringo
  • 0

#3
Aishenne

Aishenne

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

Hi Gringo,

 

Thanks for picking this up! I ran the 2 tools as advised, then I checked the list of programs in Control Panel. I can still see snap.do listed there.

 

 

# AdwCleaner v3.022 - Report created 25/03/2014 at 15:11:24
# Updated 13/03/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : jennjennkho - HP
# Running from : C:\Users\jennjennkho\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16518
 
 
-\\ Google Chrome v33.0.1750.154
 
[ File : C:\Users\jennjennkho\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted : homepage
 
*************************
 
AdwCleaner[R0].txt - [3833 octets] - [25/03/2014 00:01:15]
AdwCleaner[R1].txt - [888 octets] - [25/03/2014 00:15:40]
AdwCleaner[R2].txt - [1004 octets] - [25/03/2014 15:09:55]
AdwCleaner[R3].txt - [1064 octets] - [25/03/2014 15:10:59]
AdwCleaner[S0].txt - [3363 octets] - [25/03/2014 00:01:46]
AdwCleaner[S1].txt - [950 octets] - [25/03/2014 00:16:30]
AdwCleaner[S2].txt - [989 octets] - [25/03/2014 15:11:24]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1048 octets] ##########
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 8.1 x64
Ran by jennjennkho on Tue 25/03/2014 at 15:16:06.29
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 25/03/2014 at 15:21:56.99
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

  • 0

#4
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts

Hello Aishenne

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?
Gringo
  • 0

#5
Aishenne

Aishenne

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

Hi Gringo,

 

I'm unable to run ComboFix. 

 

I saved it to desktop but when I double-click it, it shows the prompt: "ComboFix is not meant to run in 'Compatibility Mode'. The program shall now exit."

 

I'm running windows 8.1. When I right click Combofix, go to Properties, and check the Compatibility tab, the checkbox for 'Run this program in Compatibility mode' is not checked, so I'm not sure why I'm getting that error.


  • 0

#6
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts


I would like to know how the computer is doing at this time and I would like you to rerun FRST for me and send me a new report

If you cannot find it here is the link again.

Please download the Farbar Recovery Scan Tool from here:
http://www.bleepingc...very-scan-tool/ - Click on the BLUE download buttons only - ( The GREEN ones are ads)

save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Double-click to run it.
When the tool opens click Yes to disclaimer.
Press the Scan button.
It will make a log (FRST.txt) in the same directory the tool is run.

Please attach that log to your reply.
The first time the tool is run, it makes a second log (Addition.txt).
Please attach that to your reply as well
  • 0

#7
Aishenne

Aishenne

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

Hi Gringo,

 

Below are the 2 logs:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by jennjennkho (administrator) on HP on 28-03-2014 17:34:33
Running from C:\Users\jennjennkho\Desktop
Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
() C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
(Hewlett-Packard Development Company, L.P.) c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Validity Sensors, Inc.) C:\Windows\system32\valWBFPolicyService.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(BitTorrent Inc.) C:\Users\jennjennkho\AppData\Roaming\uTorrent\uTorrent.exe
(Spigot, Inc.) C:\Users\jennjennkho\AppData\Roaming\Search Protection\SearchProtection.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\BackgroundTaskHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-16] (IDT, Inc.)
HKLM\...\Run: [SimplePass] - C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2249104 2013-09-03] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] - C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [151608 2013-08-23] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] - C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [151608 2013-08-23] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-02] (Synaptics Incorporated)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] - C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-25] (Hewlett-Packard Company)
HKLM-x32\...\Run: [YouCam Service] - C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-08-01] (CyberLink Corp.)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-01-28] (McAfee, Inc.)
HKLM-x32\...\Run: [HPMessageService] - C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-10-08] (Hewlett-Packard Development Company, L.P.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-03-25] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-735343836-2922221655-4130560249-1002\...\Run: [SearchProtection] - C:\Users\jennjennkho\AppData\Roaming\Search Protection\SearchProtection.EXE [842088 2014-03-19] (Spigot, Inc.)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sg.search.yah...r=spigot-yhp-ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL14/37
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL14/37
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.jp.msn.com/HPALL14/37
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL14/37
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.jp.msn.com/HPALL14/37
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPNTDFJS
SearchScopes: HKCU - DefaultScope {8652FE1E-349D-4985-B7E0-2D0BB728DF3A} URL = http://sg.search.yah...p={searchTerms}
SearchScopes: HKCU - {8652FE1E-349D-4985-B7E0-2D0BB728DF3A} URL = http://sg.search.yah...p={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
Chrome: 
=======
CHR HomePage: hxxp://sg.search.yahoo.com/?type=903578&fr=spigot-yhp-ch
CHR DefaultSearchKeyword: google.com.sg
CHR Extension: (Google Docs) - C:\Users\jennjennkho\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-11]
CHR Extension: (Google Drive) - C:\Users\jennjennkho\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-11]
CHR Extension: (YouTube) - C:\Users\jennjennkho\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-11]
CHR Extension: (Google Search) - C:\Users\jennjennkho\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-11]
CHR Extension: (Google Wallet) - C:\Users\jennjennkho\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-11]
CHR Extension: (Gmail) - C:\Users\jennjennkho\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-11]
 
==================== Services (Whitelisted) =================
 
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2014-02-19] (Broadcom Corporation.)
R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-08-23] ()
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-03-01] (Microsoft Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-10-08] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-09] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-13] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-08-09] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-01-28] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-25] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025712 2014-01-21] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-01-27] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [185792 2014-01-27] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-08-23] (Softex Inc.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [32768 2013-08-02] (Validity Sensors, Inc.)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-08-26] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2014-02-19] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7480496 2014-03-24] (Broadcom Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows ® Win 7 DDK provider)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-01-27] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-31] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-26] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-09] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-09] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-08] ()
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-08] ()
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-09] (Intel Corporation)
R2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-01-27] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-01-27] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69352 2014-01-27] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [520696 2014-01-27] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-01-27] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [422712 2014-01-21] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-01-21] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344688 2014-01-27] (McAfee, Inc.)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-28] (NVIDIA Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [429272 2013-08-22] (Realsil Semiconductor Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-08-02] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-02] (Synaptics Incorporated)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-23] (Hewlett-Packard Development Company, L.P.)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-28 17:34 - 2014-03-28 17:35 - 00019045 _____ () C:\Users\jennjennkho\Desktop\FRST.txt
2014-03-28 17:34 - 2014-03-28 17:34 - 00000000 ____D () C:\FRST
2014-03-28 17:28 - 2014-03-28 17:28 - 02157056 _____ (Farbar) C:\Users\jennjennkho\Desktop\FRST64.exe
2014-03-27 19:05 - 2014-03-27 19:05 - 00003188 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForjennjennkho
2014-03-27 19:05 - 2014-03-27 19:05 - 00000362 _____ () C:\Windows\Tasks\HPCeeScheduleForjennjennkho.job
2014-03-27 01:23 - 2014-03-27 02:18 - 00000000 ____D () C:\Users\jennjennkho\AppData\Roaming\vlc
2014-03-27 00:16 - 2014-03-27 00:16 - 00001089 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-03-27 00:15 - 2014-03-27 00:15 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-03-27 00:09 - 2014-03-27 00:13 - 24677393 _____ () C:\Users\jennjennkho\Downloads\vlc-2.1.3-win32.exe
2014-03-26 17:09 - 2014-03-26 17:09 - 00000872 _____ () C:\Users\jennjennkho\Desktop\µTorrent.lnk
2014-03-26 17:09 - 2014-03-26 17:09 - 00000852 _____ () C:\Users\jennjennkho\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-03-26 17:09 - 2014-03-26 17:09 - 00000000 ____D () C:\Users\jennjennkho\AppData\Roaming\Search Protection
2014-03-26 17:08 - 2014-03-28 17:34 - 00000000 ____D () C:\Users\jennjennkho\AppData\Roaming\uTorrent
2014-03-26 17:08 - 2014-03-26 17:08 - 01614416 _____ (BitTorrent Inc.) C:\Users\jennjennkho\Downloads\utorrent.exe
2014-03-26 02:27 - 2014-03-26 02:28 - 05192353 _____ (Swearware) C:\Users\jennjennkho\Desktop\ComboFix.exe
2014-03-26 02:23 - 2014-03-26 02:23 - 00001266 _____ () C:\Users\jennjennkho\Desktop\instructs.txt
2014-03-25 17:10 - 2014-03-25 17:32 - 00000038 _____ () C:\test.vbs
2014-03-25 16:57 - 2014-03-25 17:10 - 00000212 _____ () C:\Users\jennjennkho\Documents\test.vbs
2014-03-25 15:21 - 2014-03-25 15:21 - 00000628 _____ () C:\Users\jennjennkho\Desktop\JRT.txt
2014-03-25 00:06 - 2014-03-25 00:06 - 00000000 ____D () C:\Windows\ERUNT
2014-03-25 00:00 - 2014-03-25 00:00 - 01038974 _____ (Thisisu) C:\Users\jennjennkho\Downloads\JRT (2).exe
2014-03-24 23:59 - 2014-03-25 15:11 - 00000000 ____D () C:\AdwCleaner
2014-03-24 23:59 - 2014-03-24 23:59 - 00001084 _____ () C:\Users\jennjennkho\Desktop\clean.txt
2014-03-24 23:58 - 2014-03-24 23:58 - 01950720 _____ () C:\Users\jennjennkho\Desktop\AdwCleaner.exe
2014-03-24 18:50 - 2014-03-27 15:09 - 00001499 _____ () C:\Windows\setupact.log
2014-03-24 18:50 - 2014-03-24 18:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-24 18:49 - 2014-03-28 17:20 - 00712032 _____ () C:\Windows\WindowsUpdate.log
2014-03-24 18:49 - 2014-03-26 02:25 - 00000706 _____ () C:\Windows\PFRO.log
2014-03-24 18:17 - 2014-03-24 18:17 - 00000000 ____D () C:\Windows\LastGood
2014-03-24 18:16 - 2014-03-24 18:17 - 00005082 _____ () C:\Windows\DPINST.LOG
2014-03-24 17:18 - 2014-03-24 17:18 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-03-24 17:18 - 2014-03-24 17:18 - 00000000 ____D () C:\Users\jennjennkho\AppData\Roaming\InstallShield
2014-03-24 16:46 - 2014-03-24 16:46 - 00056092 _____ () C:\Users\jennjennkho\Downloads\Extras.Txt
2014-03-24 16:44 - 2014-03-25 01:38 - 00332926 _____ () C:\Users\jennjennkho\Downloads\OTL.Txt
2014-03-24 16:28 - 2014-03-24 16:28 - 00602112 _____ (OldTimer Tools) C:\Users\jennjennkho\Downloads\OTL.exe
2014-03-24 16:04 - 2014-03-24 16:04 - 00001128 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-24 16:04 - 2014-03-24 16:04 - 00000000 ____D () C:\Users\jennjennkho\AppData\Roaming\Malwarebytes
2014-03-24 16:04 - 2014-03-24 16:04 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-24 16:04 - 2014-03-24 16:04 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-24 16:04 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-24 16:03 - 2014-03-24 16:03 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\jennjennkho\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-24 15:56 - 2014-03-24 15:56 - 01038974 _____ (Thisisu) C:\Users\jennjennkho\Downloads\JRT (1).exe
2014-03-24 15:56 - 2014-03-24 15:56 - 01038974 _____ (Thisisu) C:\Users\jennjennkho\Desktop\JRT.exe
2014-03-24 15:48 - 2014-03-24 15:48 - 04765152 _____ (Piriform Ltd) C:\Users\jennjennkho\Downloads\ccsetup411.exe
2014-03-24 15:48 - 2014-03-24 15:48 - 00002784 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-03-24 15:48 - 2014-03-24 15:48 - 00000841 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-24 15:48 - 2014-03-24 15:48 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-24 15:09 - 2014-03-24 15:09 - 00083222 _____ () C:\Windows\SysWOW64\_m.dmp
2014-03-24 15:07 - 2014-03-24 15:07 - 00000000 ____D () C:\Users\jennjennkho\AppData\Roaming\TuneUp Software
2014-03-24 15:06 - 2014-03-24 15:07 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-03-24 15:06 - 2014-03-24 15:06 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-03-24 15:05 - 2014-03-24 15:05 - 00000000 ____D () C:\Users\jennjennkho\AppData\Roaming\rmi
2014-03-19 19:08 - 2014-03-19 19:09 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 19:08 - 2014-03-02 14:05 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-19 03:50 - 2013-11-27 23:34 - 03210528 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-03-19 03:50 - 2013-11-27 23:27 - 00809872 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-03-19 03:50 - 2013-11-27 22:00 - 00663680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-03-19 03:50 - 2013-11-27 21:47 - 02804528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-03-19 03:50 - 2013-11-27 17:41 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2014-03-19 03:50 - 2013-11-27 17:17 - 00263168 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-03-19 03:50 - 2013-11-27 16:58 - 01503232 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-03-19 03:50 - 2013-11-26 21:20 - 01399176 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-03-19 03:50 - 2013-11-26 21:20 - 01374384 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-03-19 03:50 - 2013-11-26 19:44 - 01204968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-03-19 03:50 - 2013-11-25 09:32 - 01119064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-03-19 03:50 - 2013-11-23 20:47 - 00032088 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2014-03-19 03:50 - 2013-11-23 15:08 - 00403456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-03-19 03:50 - 2013-11-23 12:50 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2014-03-19 03:50 - 2013-11-23 11:19 - 02617344 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-03-19 03:50 - 2013-11-23 11:15 - 02295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-03-19 03:50 - 2013-11-15 22:59 - 00470016 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2014-03-19 03:50 - 2013-11-15 22:08 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2014-03-19 03:50 - 2013-11-15 21:24 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-03-19 03:50 - 2013-10-31 08:29 - 00745336 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-03-19 03:49 - 2013-12-09 08:34 - 01227264 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-03-19 03:49 - 2013-12-09 08:04 - 00980480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-03-19 03:49 - 2013-11-27 20:02 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys
2014-03-19 03:49 - 2013-11-27 18:24 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-03-19 03:49 - 2013-11-27 17:46 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-03-19 03:49 - 2013-11-27 17:10 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.dll
2014-03-19 03:49 - 2013-11-27 16:56 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.dll
2014-03-19 03:49 - 2013-11-25 09:45 - 00142680 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-03-19 03:49 - 2013-11-25 07:30 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-03-19 03:49 - 2013-11-25 07:28 - 00589824 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-03-19 03:49 - 2013-11-23 15:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\bi.dll
2014-03-19 03:49 - 2013-11-23 15:13 - 00019456 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BtaMPM.sys
2014-03-19 03:49 - 2013-11-21 14:58 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\deviceregistration.dll
2014-03-19 03:49 - 2013-11-21 14:26 - 01415680 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-03-19 03:49 - 2013-11-15 22:25 - 00433664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2014-03-19 03:49 - 2013-10-31 07:41 - 00552624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-03-19 03:46 - 2013-10-10 19:53 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2014-03-19 03:46 - 2013-10-10 19:21 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2014-03-19 03:46 - 2013-10-10 18:34 - 01085952 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2014-03-19 03:46 - 2013-10-10 18:27 - 00869888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-03-19 03:45 - 2013-10-23 19:29 - 00044936 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2014-03-19 03:45 - 2013-10-23 19:21 - 00155480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-03-19 03:45 - 2013-10-23 19:13 - 00171864 _____ (Microsoft Corporation) C:\Windows\system32\kd_02_8086.dll
2014-03-19 03:45 - 2013-10-22 15:55 - 02328872 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-03-19 03:45 - 2013-10-22 14:03 - 02065448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-03-19 03:45 - 2013-10-22 13:15 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2014-03-19 03:45 - 2013-10-22 12:04 - 00618496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2014-03-19 03:45 - 2013-10-22 11:56 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-03-19 03:45 - 2013-10-22 11:44 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-03-19 03:45 - 2013-10-22 10:38 - 01362944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-03-19 03:45 - 2013-10-22 10:22 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-03-19 03:45 - 2013-10-22 10:13 - 01704448 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-03-19 03:45 - 2013-10-22 09:53 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-03-19 03:45 - 2013-10-19 12:48 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2014-03-19 03:45 - 2013-10-19 12:03 - 00531968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2014-03-19 03:45 - 2013-10-19 11:26 - 01231360 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-03-19 03:45 - 2013-10-19 11:14 - 00888832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-03-19 03:45 - 2013-10-16 17:34 - 00518656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2014-03-19 03:45 - 2013-10-16 17:33 - 00631296 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2014-03-19 03:45 - 2013-10-13 11:06 - 00258904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2014-03-19 03:45 - 2013-10-13 10:43 - 00708616 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll
2014-03-19 03:45 - 2013-10-11 00:26 - 00317616 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-03-19 03:45 - 2013-10-11 00:26 - 00104320 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2014-03-19 03:45 - 2013-10-10 22:53 - 00235960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-03-19 03:45 - 2013-10-10 22:53 - 00088272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2014-03-19 03:45 - 2013-10-10 19:38 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-03-19 03:45 - 2013-10-08 18:28 - 00523096 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2014-03-19 03:45 - 2013-10-08 14:46 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2014-03-19 03:45 - 2013-10-08 13:58 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll
2014-03-19 03:45 - 2013-10-08 13:50 - 00656384 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-03-19 03:45 - 2013-10-08 13:48 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-03-19 03:45 - 2013-10-08 13:15 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-03-19 03:45 - 2013-10-08 13:09 - 01160704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2014-03-19 03:45 - 2013-10-08 12:50 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-03-19 03:45 - 2013-10-08 12:50 - 00762368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2014-03-19 03:45 - 2013-10-07 15:21 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-03-19 03:45 - 2013-10-07 10:13 - 03532288 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-03-19 03:45 - 2013-10-05 23:25 - 00057176 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2014-03-19 03:45 - 2013-10-05 22:21 - 00699840 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-03-19 03:45 - 2013-10-05 20:05 - 00578952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-03-19 03:45 - 2013-10-05 19:01 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-03-19 03:45 - 2013-10-05 19:01 - 00081920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2014-03-19 03:45 - 2013-10-05 19:00 - 01200640 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-03-19 03:45 - 2013-10-05 17:36 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-03-19 03:45 - 2013-10-05 17:18 - 01011712 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-03-19 03:45 - 2013-10-05 17:07 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2014-03-19 03:45 - 2013-10-05 16:56 - 01147904 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2014-03-19 03:45 - 2013-10-05 16:55 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\miutils.dll
2014-03-19 03:45 - 2013-10-05 16:40 - 00795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-03-19 03:45 - 2013-10-05 16:24 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\miutils.dll
2014-03-19 03:45 - 2013-10-05 16:21 - 00920064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2014-03-19 03:45 - 2013-10-05 16:15 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2014-03-19 03:45 - 2013-10-05 15:43 - 00578560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2014-03-19 03:45 - 2013-10-05 15:35 - 00411648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2014-03-19 03:45 - 2013-10-04 16:10 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2014-03-19 03:45 - 2013-09-17 17:06 - 01067080 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2014-03-19 03:45 - 2013-09-17 17:06 - 00465960 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-03-19 03:45 - 2013-09-17 15:01 - 00270848 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-03-19 03:45 - 2013-09-17 14:31 - 00883184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2014-03-19 03:45 - 2013-09-17 14:31 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-03-19 03:45 - 2013-09-17 12:37 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll
2014-03-19 03:45 - 2013-09-14 22:07 - 02134120 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-03-19 03:45 - 2013-09-14 22:00 - 00391512 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2014-03-19 03:45 - 2013-09-14 20:39 - 01799944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-03-19 03:45 - 2013-09-14 20:33 - 00345552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2014-03-19 03:45 - 2013-09-14 18:05 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2014-03-19 03:45 - 2013-09-14 17:11 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2014-03-19 03:45 - 2013-09-13 16:22 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
2014-03-19 03:45 - 2013-09-13 15:47 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftp.exe
2014-03-19 03:45 - 2013-09-12 16:45 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2014-03-19 03:45 - 2013-09-12 16:08 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2014-03-19 03:45 - 2013-09-12 16:08 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2014-03-19 03:45 - 2013-09-12 16:02 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2014-03-19 03:45 - 2013-09-12 15:44 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2014-03-19 03:45 - 2013-09-12 15:37 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2014-03-19 03:45 - 2013-09-12 15:37 - 00184832 _____ (Microsoft Corporation) C:\Windows\system32\dafWfdProvider.dll
2014-03-19 03:45 - 2013-09-12 15:21 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2014-03-19 03:45 - 2013-09-12 15:16 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2014-03-19 03:45 - 2013-09-12 15:01 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2014-03-19 03:45 - 2013-09-10 12:52 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\msched.dll
2014-03-19 03:42 - 2014-01-08 09:46 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2014-03-19 03:42 - 2014-01-08 09:41 - 01530712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-03-19 03:42 - 2014-01-08 09:41 - 00382808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-03-19 03:42 - 2014-01-04 23:54 - 00138240 _____ () C:\Windows\system32\OEMLicense.dll
2014-03-19 03:42 - 2014-01-04 23:08 - 00103936 _____ () C:\Windows\SysWOW64\OEMLicense.dll
2014-03-19 03:42 - 2014-01-04 22:08 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2014-03-19 03:42 - 2014-01-04 21:53 - 00174592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2014-03-19 03:42 - 2014-01-03 07:54 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-03-19 03:42 - 2014-01-03 07:48 - 00336896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-03-19 03:42 - 2014-01-01 09:55 - 01720560 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-03-19 03:42 - 2014-01-01 09:52 - 00481944 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2014-03-19 03:42 - 2014-01-01 08:56 - 01472048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-03-19 03:42 - 2014-01-01 08:55 - 00381168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-03-19 03:42 - 2014-01-01 07:59 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-03-19 03:42 - 2014-01-01 07:57 - 01214976 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-03-19 03:42 - 2014-01-01 07:56 - 00960512 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-03-19 03:42 - 2013-12-31 07:33 - 00770560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2014-03-19 03:42 - 2013-12-31 07:32 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll
2014-03-19 03:42 - 2013-12-31 07:31 - 00947712 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-03-19 03:42 - 2013-12-31 07:31 - 00914944 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2014-03-19 03:42 - 2013-12-27 23:09 - 00419160 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-03-19 03:42 - 2013-12-27 16:57 - 00842752 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2014-03-19 03:42 - 2013-12-27 16:57 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2014-03-19 03:42 - 2013-12-27 16:23 - 00749056 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2014-03-19 03:42 - 2013-12-27 15:03 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2014-03-19 03:42 - 2013-12-27 15:03 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2014-03-19 03:42 - 2013-12-27 14:37 - 00588800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2014-03-19 03:42 - 2013-12-21 15:21 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2014-03-19 03:42 - 2013-12-17 15:21 - 00408576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2014-03-19 03:42 - 2013-12-14 14:31 - 13949440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-03-19 03:42 - 2013-12-14 14:19 - 18576384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-03-19 03:42 - 2013-12-13 18:54 - 00131160 _____ (Microsoft Corporation) C:\Windows\system32\easinvoker.exe
2014-03-19 03:42 - 2013-12-13 14:36 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll
2014-03-19 03:42 - 2013-12-13 13:32 - 00140800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\easwrt.dll
2014-03-19 03:42 - 2013-12-09 16:05 - 21199256 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-03-19 03:42 - 2013-12-09 12:51 - 18643560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-03-19 03:42 - 2013-11-04 19:50 - 02143744 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-03-19 03:42 - 2013-11-04 09:30 - 01765376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2014-03-19 03:42 - 2013-10-05 22:21 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-03-19 03:42 - 2013-10-05 22:21 - 00516496 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-03-19 03:42 - 2013-10-05 20:05 - 01765384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-03-19 03:42 - 2013-10-05 20:05 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-03-19 03:41 - 2013-12-31 07:34 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll
2014-03-19 03:41 - 2013-11-11 10:48 - 00039768 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2014-03-19 03:41 - 2013-11-09 14:37 - 01756160 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2014-03-19 03:41 - 2013-11-09 13:56 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2014-03-19 03:41 - 2013-11-08 18:26 - 00358896 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2014-03-19 03:41 - 2013-11-08 12:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2014-03-19 03:41 - 2013-11-08 12:16 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2014-03-19 03:41 - 2013-11-08 12:15 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2014-03-19 03:41 - 2013-11-08 11:41 - 01302528 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2014-03-19 03:41 - 2013-11-08 11:14 - 00922624 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2014-03-19 03:41 - 2013-11-05 22:19 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2014-03-19 03:41 - 2013-11-04 21:07 - 01843712 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-03-19 03:41 - 2013-11-04 18:32 - 02570240 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-03-19 03:41 - 2013-11-04 10:28 - 01816576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-03-19 03:41 - 2013-11-01 19:39 - 00086872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2014-03-19 03:41 - 2013-11-01 14:08 - 00747008 _____ (Microsoft Corporation) C:\Windows\system32\wlidcli.dll
2014-03-19 03:41 - 2013-11-01 13:57 - 00544768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll
2014-03-19 03:41 - 2013-10-31 08:58 - 00372568 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-03-19 03:41 - 2013-10-31 08:42 - 07399256 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-03-19 03:41 - 2013-10-26 09:54 - 00146776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SerCx2.sys
2014-03-19 03:41 - 2013-10-24 17:31 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll
2014-03-19 03:41 - 2013-10-24 17:12 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2014-03-19 03:41 - 2013-10-17 19:21 - 02896896 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2014-03-19 03:41 - 2013-10-17 18:36 - 02266624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2014-03-16 16:03 - 2014-03-16 16:03 - 00000000 ____D () C:\Users\jennjennkho\Intel
2014-03-16 16:01 - 2014-03-16 16:00 - 04009632 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiAAC64.dll
2014-03-16 16:01 - 2014-03-16 16:00 - 02474736 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiVAD64.exe
2014-03-16 16:01 - 2014-03-16 16:00 - 01423008 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiSecureSourceFilter64.dll
2014-03-16 16:01 - 2014-03-16 16:00 - 00650400 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiWinNextAgent64.dll
2014-03-16 16:01 - 2014-03-16 16:00 - 00631456 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiAudioFilter64.dll
2014-03-16 16:01 - 2014-03-16 16:00 - 00598688 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiMux64.dll
2014-03-16 16:01 - 2014-03-16 16:00 - 00344224 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiSilenceFilter64.dll
2014-03-16 16:01 - 2014-03-16 16:00 - 00304640 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2014-03-16 16:01 - 2014-03-16 16:00 - 00279024 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2014-03-16 16:01 - 2014-03-16 16:00 - 00253440 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2014-03-16 16:01 - 2014-03-16 16:00 - 00207008 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiUtils64.dll
2014-03-16 16:01 - 2014-03-16 16:00 - 00180224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3304.dll
2014-03-16 16:01 - 2014-03-16 16:00 - 00176288 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiDDEAgent64.dll
2014-03-16 16:01 - 2014-03-16 16:00 - 00121504 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiMCUMD64.dll
2014-03-16 16:01 - 2014-03-16 16:00 - 00093344 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiLogServer64.dll
2014-03-16 16:01 - 2014-03-16 16:00 - 00002948 _____ () C:\Windows\system32\iglhxs64.vp
2014-03-16 16:00 - 2014-03-16 16:00 - 25982976 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 20943872 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 13139968 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 09081856 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 07908352 _____ (Intel Corporation) C:\Windows\system32\ig75icd64.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 07586288 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
2014-03-16 16:00 - 2014-03-16 16:00 - 06296576 _____ (Intel Corporation) C:\Windows\SysWOW64\ig75icd32.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 04170752 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2014-03-16 16:00 - 2014-03-16 16:00 - 03279872 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 02962432 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 02384896 _____ () C:\Windows\system32\GfxRes.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 00844784 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2014-03-16 16:00 - 2014-03-16 16:00 - 00771056 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2014-03-16 16:00 - 2014-03-16 16:00 - 00769520 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2014-03-16 16:00 - 2014-03-16 16:00 - 00754672 _____ (Intel Corporation) C:\Windows\system32\GfxUIHotKeyMenu.exe
2014-03-16 16:00 - 2014-03-16 16:00 - 00548864 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 00530416 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
2014-03-16 16:00 - 2014-03-16 16:00 - 00527360 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00524288 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00524288 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00523776 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00523776 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00523776 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00522240 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00521728 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00517120 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00516096 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00513536 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00513024 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00492032 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 00396272 _____ (Intel Corporation) C:\Windows\system32\CustomModeApp.exe
2014-03-16 16:00 - 2014-03-16 16:00 - 00393712 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2014-03-16 16:00 - 2014-03-16 16:00 - 00391152 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2014-03-16 16:00 - 2014-03-16 16:00 - 00371200 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00365568 _____ () C:\Windows\system32\igdmd64.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 00345600 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 00329216 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 00303104 _____ () C:\Windows\SysWOW64\igdmd32.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 00290816 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 00279040 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2014-03-16 16:00 - 2014-03-16 16:00 - 00265385 _____ () C:\Windows\system32\Gfxres.th-TH.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00251862 _____ () C:\Windows\system32\Gfxres.el-GR.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00243712 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 00233588 _____ () C:\Windows\system32\Gfxres.ru-RU.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00220672 _____ () C:\Windows\system32\igdde64.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 00199481 _____ () C:\Windows\system32\Gfxres.ar-SA.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00197044 _____ () C:\Windows\system32\Gfxres.ja-JP.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00194048 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 00191088 _____ () C:\Windows\system32\Gfxres.he-IL.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00180736 _____ () C:\Windows\SysWOW64\igdde32.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 00179353 _____ () C:\Windows\system32\Gfxres.ko-KR.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00179230 _____ () C:\Windows\system32\Gfxres.it-IT.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00176940 _____ () C:\Windows\system32\Gfxres.es-ES.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00176666 _____ () C:\Windows\system32\Gfxres.fr-FR.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00176638 _____ () C:\Windows\system32\Gfxres.de-DE.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00175259 _____ () C:\Windows\system32\Gfxres.ro-RO.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00174244 _____ () C:\Windows\system32\Gfxres.hu-HU.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00173953 _____ () C:\Windows\system32\Gfxres.tr-TR.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00173813 _____ () C:\Windows\system32\Gfxres.pl-PL.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00173495 _____ () C:\Windows\system32\Gfxres.nl-NL.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00172750 _____ () C:\Windows\system32\Gfxres.pt-BR.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00172041 _____ () C:\Windows\system32\Gfxres.fi-FI.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00171709 _____ () C:\Windows\system32\Gfxres.sk-SK.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00171547 _____ () C:\Windows\system32\Gfxres.sv-SE.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00171310 _____ () C:\Windows\system32\Gfxres.pt-PT.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00170996 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00170175 _____ () C:\Windows\system32\Gfxres.hr-HR.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00166672 _____ () C:\Windows\system32\Gfxres.sl-SI.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00165374 _____ () C:\Windows\system32\Gfxres.nb-NO.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00164698 _____ () C:\Windows\system32\Gfxres.da-DK.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00160256 _____ () C:\Windows\system32\igdail64.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 00159947 _____ () C:\Windows\system32\Gfxres.en-US.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00153249 _____ () C:\Windows\system32\Gfxres.zh-TW.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00153072 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2014-03-16 16:00 - 2014-03-16 16:00 - 00151473 _____ () C:\Windows\system32\Gfxres.zh-CN.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00142848 _____ () C:\Windows\SysWOW64\igdail32.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 00029184 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 00012288 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2014-03-14 22:50 - 2014-03-14 22:50 - 00001370 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-03-14 22:50 - 2014-03-14 22:50 - 00000000 ____D () C:\Users\jennjennkho\AppData\Local\NVIDIA Corporation
2014-03-14 22:48 - 2014-03-14 22:51 - 00000000 ____D () C:\Users\jennjennkho\AppData\Local\NVIDIA
2014-03-14 22:48 - 2014-03-14 22:48 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-14 22:48 - 2014-02-05 17:31 - 01048152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-03-14 22:48 - 2014-02-05 17:30 - 01179576 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-03-14 22:45 - 2014-03-04 22:35 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-14 22:45 - 2014-03-04 22:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-14 22:45 - 2014-03-04 22:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-14 22:45 - 2014-03-04 22:35 - 18302384 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-03-14 22:45 - 2014-03-04 22:35 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-14 22:45 - 2014-03-04 22:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-14 22:45 - 2014-03-04 22:35 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-03-14 22:45 - 2014-03-04 22:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-14 22:45 - 2014-03-04 22:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-14 22:45 - 2014-03-04 22:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-14 22:45 - 2014-03-04 22:35 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-14 22:45 - 2014-03-04 22:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-14 22:45 - 2014-03-04 22:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-14 22:45 - 2014-03-04 22:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-14 22:45 - 2014-03-04 22:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-14 22:45 - 2014-03-04 22:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-14 22:45 - 2014-03-04 22:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-14 22:45 - 2014-03-04 22:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-14 22:45 - 2014-03-04 22:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-14 22:45 - 2014-03-04 22:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-14 22:45 - 2014-03-04 22:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-14 22:45 - 2014-03-04 22:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-14 22:45 - 2014-03-04 22:35 - 00484296 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-03-14 22:45 - 2014-03-04 22:35 - 00409544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-03-14 22:45 - 2014-03-04 22:35 - 00377688 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-03-14 22:45 - 2014-03-04 22:35 - 00333600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-03-14 22:45 - 2014-03-04 22:35 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-14 22:45 - 2014-03-04 22:35 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-03-14 22:45 - 2013-12-28 02:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-03-14 22:45 - 2013-12-28 02:42 - 00035104 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-03-14 22:45 - 2013-12-28 02:42 - 00033056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-03-14 21:57 - 2014-03-14 22:27 - 276758080 _____ (NVIDIA Corporation) C:\Users\jennjennkho\Downloads\335.23-notebook-win8-win7-64bit-international-whql.exe
2014-03-13 22:19 - 2014-03-27 19:05 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-03-13 22:18 - 2014-03-27 19:04 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-03-13 13:24 - 2013-12-09 08:19 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-03-13 13:24 - 2013-12-09 07:55 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-03-13 13:24 - 2013-10-19 16:53 - 00075360 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-03-13 13:24 - 2013-10-19 15:14 - 00070680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-03-13 13:23 - 2014-03-01 14:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 13:23 - 2014-03-01 12:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 13:23 - 2014-03-01 12:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 13:23 - 2014-03-01 12:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 13:23 - 2014-03-01 11:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 13:23 - 2014-03-01 11:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 13:23 - 2014-03-01 11:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 13:23 - 2014-03-01 11:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 13:23 - 2014-03-01 11:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 13:23 - 2014-03-01 11:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 13:23 - 2014-03-01 11:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 13:23 - 2014-03-01 10:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 13:23 - 2014-03-01 10:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 13:23 - 2014-03-01 10:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 13:23 - 2014-03-01 10:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 13:23 - 2014-03-01 10:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 13:23 - 2014-03-01 10:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 13:23 - 2014-02-06 19:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 13:23 - 2014-02-06 19:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 13:23 - 2014-02-06 19:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 13:23 - 2014-02-06 19:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 13:23 - 2014-02-06 18:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 13:23 - 2014-02-06 18:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 13:23 - 2014-02-06 18:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 13:23 - 2014-02-06 18:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 13:23 - 2014-02-06 18:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 13:23 - 2014-02-06 18:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 13:23 - 2014-02-06 18:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 13:23 - 2014-02-06 18:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 13:23 - 2014-02-06 18:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 13:23 - 2014-02-06 17:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 13:23 - 2014-02-06 17:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 13:23 - 2014-02-06 17:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 13:23 - 2014-02-06 17:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 13:23 - 2014-02-06 17:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 13:23 - 2014-02-06 17:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 13:23 - 2014-02-06 17:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 13:23 - 2013-12-20 18:18 - 01643584 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-03-13 13:23 - 2013-12-20 18:18 - 01507704 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-03-13 13:23 - 2013-12-09 08:27 - 02152448 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-03-13 13:23 - 2013-12-09 07:54 - 01317376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-03-13 13:23 - 2013-10-31 08:33 - 01476184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-03-13 13:23 - 2013-10-31 08:33 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-03-13 13:22 - 2014-02-11 11:04 - 04189184 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 13:22 - 2014-01-07 15:03 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.exe
2014-03-13 13:22 - 2014-01-07 13:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.exe
2014-03-13 13:22 - 2014-01-07 13:00 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-03-13 13:22 - 2014-01-07 12:30 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-03-13 13:22 - 2014-01-05 04:50 - 01462216 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-03-13 13:22 - 2014-01-05 03:22 - 01202888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-03-13 13:22 - 2014-01-04 22:30 - 13209088 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-03-13 13:22 - 2014-01-04 22:23 - 11702272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-03-13 13:22 - 2014-01-04 21:42 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-03-13 13:22 - 2014-01-04 21:40 - 07416832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-03-13 13:22 - 2014-01-04 21:36 - 00830976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-03-13 13:22 - 2014-01-04 21:28 - 04961792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-03-13 13:22 - 2013-12-21 10:10 - 00009701 _____ () C:\Windows\SysWOW64\connectedsearch-results.searchconnector-ms
2014-03-13 13:22 - 2013-12-21 10:10 - 00009701 _____ () C:\Windows\system32\connectedsearch-results.searchconnector-ms
2014-03-13 13:22 - 2013-11-27 23:36 - 03395920 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2014-03-13 13:22 - 2013-11-27 19:41 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe
2014-03-13 13:22 - 2013-11-27 16:48 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-03-13 13:22 - 2013-11-27 16:40 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-03-13 13:22 - 2013-11-27 16:17 - 00695808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-03-13 13:22 - 2013-11-27 16:12 - 00848384 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-03-13 13:22 - 2013-11-23 12:34 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-03-13 13:22 - 2013-11-23 12:13 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-03-13 13:22 - 2013-11-21 14:42 - 04604416 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-03-13 13:22 - 2013-11-21 13:44 - 03936256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-03-13 13:22 - 2013-10-31 08:29 - 00236888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-03-13 13:22 - 2013-10-31 08:29 - 00124760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-03-13 13:22 - 2013-10-31 08:28 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-03-13 13:22 - 2013-10-23 19:01 - 00872840 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-03-13 13:22 - 2013-10-23 16:59 - 00698232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-03-13 13:22 - 2013-10-13 10:48 - 00136536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2014-03-13 13:22 - 2013-10-13 05:48 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-03-13 13:22 - 2013-10-13 05:34 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-03-13 13:22 - 2013-10-05 22:21 - 01341288 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-03-13 13:22 - 2013-10-05 16:39 - 01067008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-03-13 13:21 - 2014-02-11 10:43 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-13 13:21 - 2014-02-11 10:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 13:21 - 2014-02-01 00:15 - 00311640 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-03-13 13:21 - 2014-02-01 00:07 - 00233920 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-03-13 13:21 - 2014-02-01 00:06 - 02133208 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-03-13 13:21 - 2014-01-31 21:47 - 02143960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-03-13 13:21 - 2014-01-31 17:06 - 00716288 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-03-13 13:21 - 2014-01-29 17:55 - 01287064 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-03-13 13:21 - 2014-01-29 16:53 - 00458616 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2014-03-13 13:21 - 2014-01-29 16:53 - 00407024 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2014-03-13 13:21 - 2014-01-29 16:49 - 01928144 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2014-03-13 13:21 - 2014-01-29 16:47 - 02543960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-03-13 13:21 - 2014-01-29 15:44 - 01371824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2014-03-13 13:21 - 2014-01-29 15:44 - 00408480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2014-03-13 13:21 - 2014-01-29 15:44 - 00369280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2014-03-13 13:21 - 2014-01-29 14:41 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-03-13 13:21 - 2014-01-29 08:36 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-03-13 13:21 - 2014-01-28 03:07 - 04175360 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2014-03-13 13:21 - 2014-01-28 03:06 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-03-13 13:21 - 2014-01-28 03:04 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2014-03-13 13:21 - 2014-01-28 02:52 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-03-13 13:21 - 2014-01-28 02:23 - 02873344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2014-03-13 13:21 - 2014-01-28 02:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-03-13 13:21 - 2014-01-28 02:20 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2014-03-13 13:21 - 2014-01-28 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-03-13 13:21 - 2014-01-28 01:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-03-13 13:21 - 2014-01-28 01:18 - 01486848 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2014-03-13 13:21 - 2014-01-28 01:00 - 01238016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2014-03-13 13:21 - 2014-01-27 23:58 - 05770752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-03-13 13:21 - 2014-01-27 23:50 - 06640640 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-03-13 13:21 - 2014-01-27 19:45 - 00386722 _____ () C:\Windows\system32\ApnDatabase.xml
2014-03-13 13:21 - 2014-01-18 07:04 - 00764864 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-03-13 13:21 - 2014-01-18 05:54 - 00669352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-03-13 13:21 - 2014-01-09 16:25 - 02804224 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-03-13 13:21 - 2014-01-09 15:59 - 01020928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-03-13 13:21 - 2014-01-09 15:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-03-13 13:21 - 2014-01-09 15:49 - 00919040 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-03-13 13:21 - 2014-01-09 15:44 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-03-13 13:21 - 2014-01-09 15:43 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-03-13 13:21 - 2014-01-09 15:29 - 00105984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-03-13 13:21 - 2014-01-09 15:28 - 04217344 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-03-13 13:21 - 2014-01-09 15:28 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-03-13 13:21 - 2014-01-09 15:18 - 00870912 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-03-13 13:21 - 2013-12-21 22:51 - 06353960 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2014-03-13 13:21 - 2013-12-21 16:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2014-03-13 13:21 - 2013-12-20 18:10 - 01113040 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-03-13 13:21 - 2013-12-20 14:13 - 00835584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-03-13 13:21 - 2013-12-09 10:57 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-13 13:21 - 2013-12-09 09:51 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-13 13:21 - 2013-12-09 08:15 - 00787968 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-03-13 13:21 - 2013-11-09 14:34 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-03-13 13:21 - 2013-11-09 14:34 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2014-03-13 13:21 - 2013-11-09 13:52 - 00240128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2014-03-13 13:21 - 2013-10-16 23:58 - 01943536 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-03-13 13:21 - 2013-10-16 21:54 - 01581968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-03-13 13:21 - 2013-10-15 16:54 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-03-13 13:21 - 2013-10-15 16:03 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-03-12 17:40 - 2014-03-12 17:40 - 00002193 _____ () C:\Users\jennjennkho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-03-12 17:40 - 2014-03-12 17:40 - 00002119 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-03-12 17:40 - 2014-03-12 17:40 - 00002119 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-03-12 17:40 - 2014-03-12 17:40 - 00000000 __RHD () C:\MSOCache
2014-03-12 17:40 - 2014-03-12 17:40 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive
2014-03-12 17:40 - 2014-03-12 17:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2014-03-12 17:39 - 2014-03-16 17:15 - 00000000 ____D () C:\Users\jennjennkho\Documents\Personal
2014-03-12 17:37 - 2014-03-28 17:21 - 00001867 _____ () C:\Users\Public\Desktop\McAfee LiveSafe - Internet Security.lnk
2014-03-12 17:35 - 2014-03-19 16:23 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-03-12 17:35 - 2014-03-12 17:35 - 00958136 _____ (Microsoft Corporation) C:\Users\jennjennkho\Downloads\Setup.X86.en-US_O365HomePremRetail_4f91a638-3c9e-4c96-81c0-545d49f0102d_TX_SG_ (1).exe
2014-03-12 17:16 - 2014-03-12 17:16 - 00958136 _____ (Microsoft Corporation) C:\Users\jennjennkho\Downloads\Setup.X86.en-US_O365HomePremRetail_4f91a638-3c9e-4c96-81c0-545d49f0102d_TX_SG_.exe
2014-03-12 16:27 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2014-03-12 05:00 - 2014-03-28 17:20 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-12 05:00 - 2014-03-28 04:05 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-12 05:00 - 2014-03-12 05:00 - 00003886 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-12 05:00 - 2014-03-12 05:00 - 00003650 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-12 04:52 - 2014-03-12 04:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-03-12 04:51 - 2014-03-12 04:52 - 00000000 ____D () C:\Users\jennjennkho\Desktop\Alex Applications
2014-03-12 04:36 - 2014-03-11 09:03 - 00000000 ____D () C:\Users\jennjennkho\AppData\Local\Google
2014-03-12 04:36 - 2014-03-11 09:03 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-12 04:26 - 2014-03-12 04:26 - 00000000 ____D () C:\Users\jennjennkho\AppData\Local\Deployment
2014-03-12 04:26 - 2014-03-12 04:26 - 00000000 ____D () C:\Users\jennjennkho\AppData\Local\Apps\2.0
2014-03-12 04:22 - 2014-03-12 04:22 - 00000000 ____D () C:\Users\jennjennkho\AppData\Roaming\Macromedia
2014-03-12 04:11 - 2014-03-12 04:11 - 00000000 ____D () C:\FINAL FANTASY XIV - A Realm Reborn
2014-03-12 03:26 - 2014-03-28 17:24 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-735343836-2922221655-4130560249-1002
2014-03-12 03:26 - 2014-03-12 03:26 - 00000000 ____D () C:\Users\Public\CyberLink
2014-03-12 03:23 - 2014-03-28 17:20 - 00000000 ____D () C:\Users\jennjennkho\Documents\Youcam
2014-03-12 03:23 - 2014-03-27 19:05 - 00000000 ____D () C:\Users\jennjennkho\AppData\Local\Hewlett-Packard
2014-03-12 03:23 - 2014-03-12 04:17 - 00000000 ____D () C:\Users\jennjennkho\AppData\Roaming\Hewlett-Packard
2014-03-12 03:23 - 2014-03-12 03:23 - 00000000 ____D () C:\Users\jennjennkho\AppData\Roaming\Synaptics
2014-03-12 03:23 - 2014-03-12 03:23 - 00000000 ____D () C:\Users\jennjennkho\AppData\Roaming\hpqlog
2014-03-12 03:23 - 2014-03-12 03:23 - 00000000 ____D () C:\Users\jennjennkho\AppData\Local\CyberLink
2014-03-12 03:23 - 2014-03-12 03:23 - 00000000 ____D () C:\ProgramData\Synaptics
2014-03-12 03:21 - 2014-03-12 03:21 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-03-12 03:20 - 2014-03-28 17:22 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{00D12764-906C-46C2-99F3-5B0D0E3A2B8E}
2014-03-12 03:20 - 2014-03-24 15:17 - 00000000 ___RD () C:\Users\jennjennkho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-12 03:20 - 2014-03-24 15:17 - 00000000 ___RD () C:\Users\jennjennkho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-12 03:20 - 2014-03-12 17:35 - 00000000 ____D () C:\Users\jennjennkho\AppData\Local\VirtualStore
2014-03-12 03:20 - 2014-03-12 03:20 - 00002151 _____ () C:\Users\Public\Desktop\WildTangent Games For HP.lnk
2014-03-12 03:20 - 2014-03-12 03:20 - 00001449 _____ () C:\Users\jennjennkho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-12 03:20 - 2014-03-12 03:20 - 00000000 ____D () C:\Users\jennjennkho\AppData\Roaming\Adobe
2014-03-12 03:20 - 2013-09-08 08:36 - 00002282 _____ () C:\Users\Public\Desktop\eBay.com.sg.lnk
2014-03-12 03:19 - 2014-03-26 16:35 - 00000000 ____D () C:\Users\jennjennkho\AppData\Local\Packages
2014-03-12 03:19 - 2014-03-16 16:03 - 00000000 ____D () C:\Users\jennjennkho
2014-03-12 03:19 - 2014-03-12 03:19 - 00000020 ___SH () C:\Users\jennjennkho\ntuser.ini
2014-03-12 03:19 - 2013-09-08 08:26 - 00000000 ___HD () C:\Users\jennjennkho\Documents\hp.system.package.metadata
2014-03-12 03:19 - 2013-08-22 23:36 - 00000000 ___RD () C:\Users\jennjennkho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-12 03:19 - 2013-08-22 23:36 - 00000000 ___RD () C:\Users\jennjennkho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-12 03:19 - 2013-08-22 23:36 - 00000000 ___RD () C:\Users\jennjennkho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-03-12 03:19 - 2013-08-22 23:36 - 00000000 ____D () C:\Users\jennjennkho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-12 02:49 - 2014-03-24 17:55 - 00000000 ____D () C:\Users\jennjennkho\AppData\Local\CrashDumps
2014-03-11 14:51 - 2014-03-11 14:51 - 00000000 ____D () C:\Users\jennjennkho\AppData\Roaming\WildTangent
2014-03-11 10:53 - 2014-03-28 17:19 - 00000000 __RDO () C:\Users\jennjennkho\SkyDrive
2014-03-11 09:07 - 2014-03-11 09:07 - 00001358 _____ () C:\Users\jennjennkho\Desktop\FFXIV A Realm Reborn.lnk
2014-03-11 09:06 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-03-11 09:06 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-03-11 09:06 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-03-11 09:06 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-03-11 09:06 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-03-11 09:06 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-03-11 09:06 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-03-11 09:06 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-03-11 09:06 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-03-11 09:06 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-03-11 09:06 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-03-11 09:06 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-03-11 09:06 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-03-11 09:06 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-03-11 09:06 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-03-11 09:06 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-03-11 09:06 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-03-11 09:06 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-03-11 09:06 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-03-11 09:06 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-03-11 09:06 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-03-11 09:06 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-03-11 09:06 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-03-11 09:06 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-03-11 09:06 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-03-11 09:06 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-03-11 09:06 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-03-11 09:06 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-03-11 09:06 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-03-11 09:06 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-03-11 09:06 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-03-11 09:06 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-03-11 09:06 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-03-11 09:06 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-03-11 09:06 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-03-11 09:06 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-03-11 09:06 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-03-11 09:06 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-03-11 09:06 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-03-11 09:06 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-03-11 09:06 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-03-11 09:06 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-03-11 09:06 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-03-11 09:06 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-03-11 09:06 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-03-11 09:06 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-03-11 09:06 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-03-11 09:06 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-03-11 09:06 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-03-11 09:06 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-03-11 09:06 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-03-11 09:06 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-03-11 09:06 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-03-11 09:06 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-03-11 09:06 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-03-11 09:06 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-03-11 09:06 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-03-11 09:06 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-03-11 09:06 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-03-11 09:06 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-03-11 09:06 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-03-11 09:06 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-03-11 09:06 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-03-11 09:06 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-03-11 09:06 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-03-11 09:06 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-03-11 09:06 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-03-11 09:06 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-03-11 09:06 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-03-11 09:06 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-03-11 09:06 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-03-11 09:06 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-03-11 09:06 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-03-11 09:06 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-03-11 09:06 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-03-11 09:06 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-03-11 09:06 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-03-11 09:06 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-03-11 09:06 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-03-11 09:06 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-03-11 09:06 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-03-11 09:06 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-03-11 09:06 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-03-11 09:06 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-03-11 09:06 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-03-11 09:06 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-03-11 09:06 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-03-11 09:06 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-03-11 09:06 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-03-11 09:06 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-03-11 09:06 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-03-11 09:06 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-03-11 09:06 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-03-11 09:06 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-03-11 09:06 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-03-11 09:06 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-03-11 09:06 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-03-11 09:06 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-03-11 09:06 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-03-11 09:06 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-03-11 09:06 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-03-11 09:06 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-03-11 09:06 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-03-11 09:06 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-03-11 09:06 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-03-11 09:06 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-03-11 09:06 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-03-11 09:06 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-03-11 09:06 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-03-11 09:06 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-03-11 09:06 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-03-11 09:06 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-03-11 09:06 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-03-11 09:06 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-03-11 09:06 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-03-11 09:06 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-03-11 09:06 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-03-11 09:06 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-03-11 09:06 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-03-11 09:06 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-03-11 09:06 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-03-11 09:06 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2014-03-11 09:06 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-03-11 09:06 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-03-11 09:06 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-03-11 09:06 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-03-11 09:06 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-03-11 09:06 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-03-11 09:06 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-03-11 09:06 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-03-11 09:06 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-03-11 09:06 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-03-11 09:06 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-03-11 09:06 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-03-11 09:06 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-03-11 09:06 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-03-11 09:06 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-03-11 09:06 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-03-11 09:06 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-03-11 09:06 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-03-11 09:06 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-03-11 09:06 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-03-11 09:06 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-03-11 09:06 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-03-11 09:06 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-03-11 09:06 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-03-11 09:06 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-03-11 09:06 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-03-11 09:06 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-03-11 09:06 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-03-11 09:04 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-03-11 09:04 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-03-11 09:04 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-03-11 09:04 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-03-11 09:04 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-03-11 09:04 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-03-11 09:04 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-03-11 09:04 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-03-11 09:04 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-03-11 09:04 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-03-11 09:04 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-03-11 09:04 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-03-11 09:04 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-03-11 09:04 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-03-11 09:04 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-03-11 09:04 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-03-11 09:04 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-03-11 09:04 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-03-11 09:03 - 2014-03-28 17:20 - 00002210 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-11 09:03 - 2014-03-11 09:03 - 00000000 ____D () C:\Users\jennjennkho\Documents\My Games
 
==================== One Month Modified Files and Folders =======
 
2014-03-28 17:35 - 2014-03-28 17:34 - 00019045 _____ () C:\Users\jennjennkho\Desktop\FRST.txt
2014-03-28 17:34 - 2014-03-28 17:34 - 00000000 ____D () C:\FRST
2014-03-28 17:34 - 2014-03-26 17:08 - 00000000 ____D () C:\Users\jennjennkho\AppData\Roaming\uTorrent
2014-03-28 17:28 - 2014-03-28 17:28 - 02157056 _____ (Farbar) C:\Users\jennjennkho\Desktop\FRST64.exe
2014-03-28 17:24 - 2014-03-12 03:26 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-735343836-2922221655-4130560249-1002
2014-03-28 17:22 - 2014-03-12 03:20 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{00D12764-906C-46C2-99F3-5B0D0E3A2B8E}
2014-03-28 17:21 - 2014-03-12 17:37 - 00001867 _____ () C:\Users\Public\Desktop\McAfee LiveSafe - Internet Security.lnk
2014-03-28 17:20 - 2014-03-24 18:49 - 00712032 _____ () C:\Windows\WindowsUpdate.log
2014-03-28 17:20 - 2014-03-12 05:00 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-28 17:20 - 2014-03-12 03:23 - 00000000 ____D () C:\Users\jennjennkho\Documents\Youcam
2014-03-28 17:20 - 2014-03-11 09:03 - 00002210 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-28 17:19 - 2014-03-11 10:53 - 00000000 __RDO () C:\Users\jennjennkho\SkyDrive
2014-03-28 17:19 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\system32\sru
2014-03-28 04:05 - 2014-03-12 05:00 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-27 19:05 - 2014-03-27 19:05 - 00003188 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForjennjennkho
2014-03-27 19:05 - 2014-03-27 19:05 - 00000362 _____ () C:\Windows\Tasks\HPCeeScheduleForjennjennkho.job
2014-03-27 19:05 - 2014-03-13 22:19 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-03-27 19:05 - 2014-03-12 03:23 - 00000000 ____D () C:\Users\jennjennkho\AppData\Local\Hewlett-Packard
2014-03-27 19:04 - 2014-03-13 22:18 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-03-27 15:10 - 2013-08-26 14:09 - 00958356 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-27 15:09 - 2014-03-24 18:50 - 00001499 _____ () C:\Windows\setupact.log
2014-03-27 14:35 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-03-27 03:38 - 2013-08-22 21:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-03-27 02:18 - 2014-03-27 01:23 - 00000000 ____D () C:\Users\jennjennkho\AppData\Roaming\vlc
2014-03-27 00:16 - 2014-03-27 00:16 - 00001089 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-03-27 00:15 - 2014-03-27 00:15 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-03-27 00:13 - 2014-03-27 00:09 - 24677393 _____ () C:\Users\jennjennkho\Downloads\vlc-2.1.3-win32.exe
2014-03-26 23:30 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\rescache
2014-03-26 17:09 - 2014-03-26 17:09 - 00000872 _____ () C:\Users\jennjennkho\Desktop\µTorrent.lnk
2014-03-26 17:09 - 2014-03-26 17:09 - 00000852 _____ () C:\Users\jennjennkho\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-03-26 17:09 - 2014-03-26 17:09 - 00000000 ____D () C:\Users\jennjennkho\AppData\Roaming\Search Protection
2014-03-26 17:08 - 2014-03-26 17:08 - 01614416 _____ (BitTorrent Inc.) C:\Users\jennjennkho\Downloads\utorrent.exe
2014-03-26 16:35 - 2014-03-12 03:19 - 00000000 ____D () C:\Users\jennjennkho\AppData\Local\Packages
2014-03-26 02:28 - 2014-03-26 02:27 - 05192353 _____ (Swearware) C:\Users\jennjennkho\Desktop\ComboFix.exe
2014-03-26 02:25 - 2014-03-24 18:49 - 00000706 _____ () C:\Windows\PFRO.log
2014-03-26 02:25 - 2013-08-22 22:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-26 02:24 - 2013-08-22 21:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-03-26 02:23 - 2014-03-26 02:23 - 00001266 _____ () C:\Users\jennjennkho\Desktop\instructs.txt
2014-03-25 17:32 - 2014-03-25 17:10 - 00000038 _____ () C:\test.vbs
2014-03-25 17:29 - 2013-09-08 08:59 - 00000000 ___HD () C:\HP
2014-03-25 17:10 - 2014-03-25 16:57 - 00000212 _____ () C:\Users\jennjennkho\Documents\test.vbs
2014-03-25 15:21 - 2014-03-25 15:21 - 00000628 _____ () C:\Users\jennjennkho\Desktop\JRT.txt
2014-03-25 15:11 - 2014-03-24 23:59 - 00000000 ____D () C:\AdwCleaner
2014-03-25 01:38 - 2014-03-24 16:44 - 00332926 _____ () C:\Users\jennjennkho\Downloads\OTL.Txt
2014-03-25 00:06 - 2014-03-25 00:06 - 00000000 ____D () C:\Windows\ERUNT
2014-03-25 00:00 - 2014-03-25 00:00 - 01038974 _____ (Thisisu) C:\Users\jennjennkho\Downloads\JRT (2).exe
2014-03-24 23:59 - 2014-03-24 23:59 - 00001084 _____ () C:\Users\jennjennkho\Desktop\clean.txt
2014-03-24 23:58 - 2014-03-24 23:58 - 01950720 _____ () C:\Users\jennjennkho\Desktop\AdwCleaner.exe
2014-03-24 18:50 - 2014-03-24 18:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-24 18:17 - 2014-03-24 18:17 - 00000000 ____D () C:\Windows\LastGood
2014-03-24 18:17 - 2014-03-24 18:16 - 00005082 _____ () C:\Windows\DPINST.LOG
2014-03-24 18:15 - 2014-02-19 20:15 - 07480496 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\BCMWL63a.SYS
2014-03-24 18:15 - 2014-02-19 20:15 - 04131840 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv64.dll
2014-03-24 18:15 - 2014-02-19 20:15 - 03777024 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui64.dll
2014-03-24 18:15 - 2013-09-01 11:49 - 00000000 ____D () C:\SWSetup
2014-03-24 17:55 - 2014-03-12 02:49 - 00000000 ____D () C:\Users\jennjennkho\AppData\Local\CrashDumps
2014-03-24 17:55 - 2013-08-26 14:57 - 00000000 ____D () C:\Windows\Panther
2014-03-24 17:18 - 2014-03-24 17:18 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-03-24 17:18 - 2014-03-24 17:18 - 00000000 ____D () C:\Users\jennjennkho\AppData\Roaming\InstallShield
2014-03-24 17:18 - 2014-02-19 20:15 - 00000000 ____D () C:\Program Files\Broadcom
2014-03-24 16:46 - 2014-03-24 16:46 - 00056092 _____ () C:\Users\jennjennkho\Downloads\Extras.Txt
2014-03-24 16:28 - 2014-03-24 16:28 - 00602112 _____ (OldTimer Tools) C:\Users\jennjennkho\Downloads\OTL.exe
2014-03-24 16:04 - 2014-03-24 16:04 - 00001128 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-24 16:04 - 2014-03-24 16:04 - 00000000 ____D () C:\Users\jennjennkho\AppData\Roaming\Malwarebytes
2014-03-24 16:04 - 2014-03-24 16:04 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-24 16:04 - 2014-03-24 16:04 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-24 16:03 - 2014-03-24 16:03 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\jennjennkho\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-24 15:56 - 2014-03-24 15:56 - 01038974 _____ (Thisisu) C:\Users\jennjennkho\Downloads\JRT (1).exe
2014-03-24 15:56 - 2014-03-24 15:56 - 01038974 _____ (Thisisu) C:\Users\jennjennkho\Desktop\JRT.exe
2014-03-24 15:48 - 2014-03-24 15:48 - 04765152 _____ (Piriform Ltd) C:\Users\jennjennkho\Downloads\ccsetup411.exe
2014-03-24 15:48 - 2014-03-24 15:48 - 00002784 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-03-24 15:48 - 2014-03-24 15:48 - 00000841 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-24 15:48 - 2014-03-24 15:48 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-24 15:17 - 2014-03-12 03:20 - 00000000 ___RD () C:\Users\jennjennkho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-24 15:17 - 2014-03-12 03:20 - 00000000 ___RD () C:\Users\jennjennkho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-24 15:10 - 2013-08-22 23:36 - 00000000 ___RD () C:\Windows\ToastData
2014-03-24 15:10 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\system32\migwiz
2014-03-24 15:10 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-03-24 15:10 - 2013-08-22 21:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-03-24 15:10 - 2013-08-22 21:36 - 00000000 ____D () C:\Windows\system32\Dism
2014-03-24 15:09 - 2014-03-24 15:09 - 00083222 _____ () C:\Windows\SysWOW64\_m.dmp
2014-03-24 15:07 - 2014-03-24 15:07 - 00000000 ____D () C:\Users\jennjennkho\AppData\Roaming\TuneUp Software
2014-03-24 15:07 - 2014-03-24 15:06 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-03-24 15:06 - 2014-03-24 15:06 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-03-24 15:05 - 2014-03-24 15:05 - 00000000 ____D () C:\Users\jennjennkho\AppData\Roaming\rmi
2014-03-19 19:09 - 2014-03-19 19:08 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 16:23 - 2014-03-12 17:35 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-03-16 22:27 - 2014-02-19 20:21 - 00018276 _____ () C:\Windows\system32\results.xml
2014-03-16 17:15 - 2014-03-12 17:39 - 00000000 ____D () C:\Users\jennjennkho\Documents\Personal
2014-03-16 16:11 - 2014-02-19 20:23 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-03-16 16:04 - 2014-02-19 20:12 - 00000000 ____D () C:\Program Files\Intel
2014-03-16 16:04 - 2013-09-08 08:26 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-03-16 16:03 - 2014-03-16 16:03 - 00000000 ____D () C:\Users\jennjennkho\Intel
2014-03-16 16:03 - 2014-03-12 03:19 - 00000000 ____D () C:\Users\jennjennkho
2014-03-16 16:00 - 2014-03-16 16:01 - 04009632 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiAAC64.dll
2014-03-16 16:00 - 2014-03-16 16:01 - 02474736 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiVAD64.exe
2014-03-16 16:00 - 2014-03-16 16:01 - 01423008 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiSecureSourceFilter64.dll
2014-03-16 16:00 - 2014-03-16 16:01 - 00650400 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiWinNextAgent64.dll
2014-03-16 16:00 - 2014-03-16 16:01 - 00631456 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiAudioFilter64.dll
2014-03-16 16:00 - 2014-03-16 16:01 - 00598688 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiMux64.dll
2014-03-16 16:00 - 2014-03-16 16:01 - 00344224 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiSilenceFilter64.dll
2014-03-16 16:00 - 2014-03-16 16:01 - 00304640 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2014-03-16 16:00 - 2014-03-16 16:01 - 00279024 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2014-03-16 16:00 - 2014-03-16 16:01 - 00253440 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2014-03-16 16:00 - 2014-03-16 16:01 - 00207008 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiUtils64.dll
2014-03-16 16:00 - 2014-03-16 16:01 - 00180224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3304.dll
2014-03-16 16:00 - 2014-03-16 16:01 - 00176288 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiDDEAgent64.dll
2014-03-16 16:00 - 2014-03-16 16:01 - 00121504 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiMCUMD64.dll
2014-03-16 16:00 - 2014-03-16 16:01 - 00093344 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiLogServer64.dll
2014-03-16 16:00 - 2014-03-16 16:01 - 00002948 _____ () C:\Windows\system32\iglhxs64.vp
2014-03-16 16:00 - 2014-03-16 16:00 - 25982976 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 20943872 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 13139968 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 09081856 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 07908352 _____ (Intel Corporation) C:\Windows\system32\ig75icd64.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 07586288 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
2014-03-16 16:00 - 2014-03-16 16:00 - 06296576 _____ (Intel Corporation) C:\Windows\SysWOW64\ig75icd32.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 04170752 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2014-03-16 16:00 - 2014-03-16 16:00 - 03279872 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 02962432 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 02384896 _____ () C:\Windows\system32\GfxRes.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 00844784 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2014-03-16 16:00 - 2014-03-16 16:00 - 00771056 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2014-03-16 16:00 - 2014-03-16 16:00 - 00769520 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2014-03-16 16:00 - 2014-03-16 16:00 - 00754672 _____ (Intel Corporation) C:\Windows\system32\GfxUIHotKeyMenu.exe
2014-03-16 16:00 - 2014-03-16 16:00 - 00548864 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 00530416 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
2014-03-16 16:00 - 2014-03-16 16:00 - 00527360 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00524288 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00524288 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00523776 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00523776 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00523776 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00522240 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00521728 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00517120 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00516096 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00513536 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00513024 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00492032 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 00396272 _____ (Intel Corporation) C:\Windows\system32\CustomModeApp.exe
2014-03-16 16:00 - 2014-03-16 16:00 - 00393712 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2014-03-16 16:00 - 2014-03-16 16:00 - 00391152 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2014-03-16 16:00 - 2014-03-16 16:00 - 00371200 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2014-03-16 16:00 - 2014-03-16 16:00 - 00365568 _____ () C:\Windows\system32\igdmd64.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 00345600 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 00329216 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 00303104 _____ () C:\Windows\SysWOW64\igdmd32.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 00290816 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 00279040 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2014-03-16 16:00 - 2014-03-16 16:00 - 00265385 _____ () C:\Windows\system32\Gfxres.th-TH.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00251862 _____ () C:\Windows\system32\Gfxres.el-GR.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00243712 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 00233588 _____ () C:\Windows\system32\Gfxres.ru-RU.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00220672 _____ () C:\Windows\system32\igdde64.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 00199481 _____ () C:\Windows\system32\Gfxres.ar-SA.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00197044 _____ () C:\Windows\system32\Gfxres.ja-JP.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00194048 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 00191088 _____ () C:\Windows\system32\Gfxres.he-IL.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00180736 _____ () C:\Windows\SysWOW64\igdde32.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 00179353 _____ () C:\Windows\system32\Gfxres.ko-KR.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00179230 _____ () C:\Windows\system32\Gfxres.it-IT.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00176940 _____ () C:\Windows\system32\Gfxres.es-ES.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00176666 _____ () C:\Windows\system32\Gfxres.fr-FR.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00176638 _____ () C:\Windows\system32\Gfxres.de-DE.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00175259 _____ () C:\Windows\system32\Gfxres.ro-RO.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00174244 _____ () C:\Windows\system32\Gfxres.hu-HU.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00173953 _____ () C:\Windows\system32\Gfxres.tr-TR.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00173813 _____ () C:\Windows\system32\Gfxres.pl-PL.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00173495 _____ () C:\Windows\system32\Gfxres.nl-NL.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00172750 _____ () C:\Windows\system32\Gfxres.pt-BR.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00172041 _____ () C:\Windows\system32\Gfxres.fi-FI.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00171709 _____ () C:\Windows\system32\Gfxres.sk-SK.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00171547 _____ () C:\Windows\system32\Gfxres.sv-SE.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00171310 _____ () C:\Windows\system32\Gfxres.pt-PT.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00170996 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00170175 _____ () C:\Windows\system32\Gfxres.hr-HR.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00166672 _____ () C:\Windows\system32\Gfxres.sl-SI.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00165374 _____ () C:\Windows\system32\Gfxres.nb-NO.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00164698 _____ () C:\Windows\system32\Gfxres.da-DK.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00160256 _____ () C:\Windows\system32\igdail64.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 00159947 _____ () C:\Windows\system32\Gfxres.en-US.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00153249 _____ () C:\Windows\system32\Gfxres.zh-TW.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00153072 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2014-03-16 16:00 - 2014-03-16 16:00 - 00151473 _____ () C:\Windows\system32\Gfxres.zh-CN.resources
2014-03-16 16:00 - 2014-03-16 16:00 - 00142848 _____ () C:\Windows\SysWOW64\igdail32.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 00029184 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2014-03-16 16:00 - 2014-03-16 16:00 - 00012288 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2014-03-16 16:00 - 2013-08-20 08:20 - 13744128 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll
2014-03-16 16:00 - 2013-08-20 08:20 - 12081664 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll
2014-03-16 16:00 - 2013-08-20 08:20 - 00066560 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2014-03-16 16:00 - 2013-08-20 08:19 - 00623104 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2014-03-16 16:00 - 2013-08-20 08:19 - 00223744 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2014-03-16 16:00 - 2013-08-20 08:15 - 11373056 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll
2014-03-16 16:00 - 2013-08-20 07:53 - 04414976 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll
2014-03-16 16:00 - 2013-08-20 07:51 - 03509760 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll
2014-03-16 15:29 - 2013-08-23 03:12 - 00000000 ____D () C:\Program Files\Windows Journal
2014-03-16 15:29 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\WinStore
2014-03-16 15:29 - 2013-08-22 23:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-03-16 15:29 - 2013-08-22 23:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-16 15:29 - 2013-08-22 23:36 - 00000000 ____D () C:\Program Files\Common Files\System
2014-03-16 15:29 - 2013-08-22 23:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-03-16 15:29 - 2013-08-22 23:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-16 15:29 - 2013-08-22 21:36 - 00000000 ____D () C:\Windows\servicing
2014-03-16 15:28 - 2013-08-23 03:10 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2014-03-16 15:28 - 2013-08-23 03:10 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2014-03-16 15:28 - 2013-08-23 03:10 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2014-03-16 15:28 - 2013-08-23 03:10 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2014-03-16 15:28 - 2013-08-23 03:10 - 00000000 ____D () C:\Windows\system32\winrm
2014-03-16 15:28 - 2013-08-23 03:10 - 00000000 ____D () C:\Windows\system32\WCN
2014-03-16 15:28 - 2013-08-23 03:10 - 00000000 ____D () C:\Windows\system32\slmgr
2014-03-16 15:28 - 2013-08-23 03:10 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2014-03-16 15:28 - 2013-08-22 23:36 - 00000000 ___SD () C:\Windows\system32\dsc
2014-03-16 15:28 - 2013-08-22 23:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-03-16 15:28 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-03-16 15:28 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\SysWOW64\inetsrv
2014-03-16 15:28 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\SysWOW64\Com
2014-03-16 15:28 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2014-03-16 15:28 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\system32\MUI
2014-03-16 15:28 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\system32\inetsrv
2014-03-16 15:28 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\system32\Com
2014-03-16 15:28 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\IME
2014-03-16 15:28 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\Help
2014-03-16 15:28 - 2013-08-22 21:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-03-16 15:28 - 2013-08-22 21:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2014-03-16 15:28 - 2013-08-22 21:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-03-14 22:51 - 2014-03-14 22:48 - 00000000 ____D () C:\Users\jennjennkho\AppData\Local\NVIDIA
2014-03-14 22:50 - 2014-03-14 22:50 - 00001370 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-03-14 22:50 - 2014-03-14 22:50 - 00000000 ____D () C:\Users\jennjennkho\AppData\Local\NVIDIA Corporation
2014-03-14 22:50 - 2014-02-19 20:12 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-14 22:49 - 2014-02-19 20:13 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-14 22:48 - 2014-03-14 22:48 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-14 22:48 - 2014-02-19 20:13 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-14 22:48 - 2014-02-19 20:12 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-14 22:27 - 2014-03-14 21:57 - 276758080 _____ (NVIDIA Corporation) C:\Users\jennjennkho\Downloads\335.23-notebook-win8-win7-64bit-international-whql.exe
2014-03-13 22:08 - 2013-08-22 22:44 - 00487144 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-13 16:06 - 2013-08-22 23:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-13 16:06 - 2013-08-22 23:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-13 16:06 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-03-13 16:06 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\FileManager
2014-03-13 16:06 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\Camera
2014-03-13 13:47 - 2013-08-22 23:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-03-12 17:40 - 2014-03-12 17:40 - 00002193 _____ () C:\Users\jennjennkho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-03-12 17:40 - 2014-03-12 17:40 - 00002119 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-03-12 17:40 - 2014-03-12 17:40 - 00002119 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-03-12 17:40 - 2014-03-12 17:40 - 00000000 __RHD () C:\MSOCache
2014-03-12 17:40 - 2014-03-12 17:40 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive
2014-03-12 17:40 - 2014-03-12 17:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2014-03-12 17:35 - 2014-03-12 17:35 - 00958136 _____ (Microsoft Corporation) C:\Users\jennjennkho\Downloads\Setup.X86.en-US_O365HomePremRetail_4f91a638-3c9e-4c96-81c0-545d49f0102d_TX_SG_ (1).exe
2014-03-12 17:35 - 2014-03-12 03:20 - 00000000 ____D () C:\Users\jennjennkho\AppData\Local\VirtualStore
2014-03-12 17:16 - 2014-03-12 17:16 - 00958136 _____ (Microsoft Corporation) C:\Users\jennjennkho\Downloads\Setup.X86.en-US_O365HomePremRetail_4f91a638-3c9e-4c96-81c0-545d49f0102d_TX_SG_.exe
2014-03-12 16:22 - 2014-02-19 20:25 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-03-12 16:21 - 2013-08-22 23:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-03-12 16:20 - 2014-02-19 20:25 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-12 05:00 - 2014-03-12 05:00 - 00003886 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-12 05:00 - 2014-03-12 05:00 - 00003650 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-12 04:52 - 2014-03-12 04:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-03-12 04:52 - 2014-03-12 04:51 - 00000000 ____D () C:\Users\jennjennkho\Desktop\Alex Applications
2014-03-12 04:51 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\system32\restore
2014-03-12 04:31 - 2013-09-08 08:29 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-03-12 04:26 - 2014-03-12 04:26 - 00000000 ____D () C:\Users\jennjennkho\AppData\Local\Deployment
2014-03-12 04:26 - 2014-03-12 04:26 - 00000000 ____D () C:\Users\jennjennkho\AppData\Local\Apps\2.0
2014-03-12 04:22 - 2014-03-12 04:22 - 00000000 ____D () C:\Users\jennjennkho\AppData\Roaming\Macromedia
2014-03-12 04:17 - 2014-03-12 03:23 - 00000000 ____D () C:\Users\jennjennkho\AppData\Roaming\Hewlett-Packard
2014-03-12 04:11 - 2014-03-12 04:11 - 00000000 ____D () C:\FINAL FANTASY XIV - A Realm Reborn
2014-03-12 03:26 - 2014-03-12 03:26 - 00000000 ____D () C:\Users\Public\CyberLink
2014-03-12 03:23 - 2014-03-12 03:23 - 00000000 ____D () C:\Users\jennjennkho\AppData\Roaming\Synaptics
2014-03-12 03:23 - 2014-03-12 03:23 - 00000000 ____D () C:\Users\jennjennkho\AppData\Roaming\hpqlog
2014-03-12 03:23 - 2014-03-12 03:23 - 00000000 ____D () C:\Users\jennjennkho\AppData\Local\CyberLink
2014-03-12 03:23 - 2014-03-12 03:23 - 00000000 ____D () C:\ProgramData\Synaptics
2014-03-12 03:21 - 2014-03-12 03:21 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-03-12 03:20 - 2014-03-12 03:20 - 00002151 _____ () C:\Users\Public\Desktop\WildTangent Games For HP.lnk
2014-03-12 03:20 - 2014-03-12 03:20 - 00001449 _____ () C:\Users\jennjennkho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-12 03:20 - 2014-03-12 03:20 - 00000000 ____D () C:\Users\jennjennkho\AppData\Roaming\Adobe
2014-03-12 03:20 - 2013-09-08 08:36 - 00000000 ___RD () C:\Program Files\Online Services
2014-03-12 03:20 - 2013-09-08 08:36 - 00000000 ___RD () C:\Program Files (x86)\Online Services
2014-03-12 03:19 - 2014-03-12 03:19 - 00000020 ___SH () C:\Users\jennjennkho\ntuser.ini
2014-03-12 03:19 - 2013-09-01 10:03 - 00000000 ___HD () C:\SYSTEM.SAV
2014-03-11 14:51 - 2014-03-11 14:51 - 00000000 ____D () C:\Users\jennjennkho\AppData\Roaming\WildTangent
2014-03-11 09:07 - 2014-03-11 09:07 - 00001358 _____ () C:\Users\jennjennkho\Desktop\FFXIV A Realm Reborn.lnk
2014-03-11 09:03 - 2014-03-12 04:36 - 00000000 ____D () C:\Users\jennjennkho\AppData\Local\Google
2014-03-11 09:03 - 2014-03-12 04:36 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-11 09:03 - 2014-03-11 09:03 - 00000000 ____D () C:\Users\jennjennkho\Documents\My Games
2014-03-05 06:53 - 2013-08-22 23:38 - 00693240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-05 06:53 - 2013-08-22 23:38 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-04 22:35 - 2014-03-14 22:45 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-04 22:35 - 2014-03-14 22:45 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-04 22:35 - 2014-03-14 22:45 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-04 22:35 - 2014-03-14 22:45 - 18302384 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-03-04 22:35 - 2014-03-14 22:45 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-04 22:35 - 2014-03-14 22:45 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-04 22:35 - 2014-03-14 22:45 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-03-04 22:35 - 2014-03-14 22:45 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-04 22:35 - 2014-03-14 22:45 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-04 22:35 - 2014-03-14 22:45 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-04 22:35 - 2014-03-14 22:45 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-04 22:35 - 2014-03-14 22:45 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-04 22:35 - 2014-03-14 22:45 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-04 22:35 - 2014-03-14 22:45 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-04 22:35 - 2014-03-14 22:45 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-04 22:35 - 2014-03-14 22:45 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-04 22:35 - 2014-03-14 22:45 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-04 22:35 - 2014-03-14 22:45 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-04 22:35 - 2014-03-14 22:45 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-04 22:35 - 2014-03-14 22:45 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-04 22:35 - 2014-03-14 22:45 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-04 22:35 - 2014-03-14 22:45 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-04 22:35 - 2014-03-14 22:45 - 00484296 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-03-04 22:35 - 2014-03-14 22:45 - 00409544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-03-04 22:35 - 2014-03-14 22:45 - 00377688 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-03-04 22:35 - 2014-03-14 22:45 - 00333600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-03-04 22:35 - 2014-03-14 22:45 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-04 22:35 - 2014-03-14 22:45 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-03-04 22:35 - 2014-02-19 20:12 - 03093280 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-03-04 22:35 - 2014-02-19 20:12 - 00024544 _____ () C:\Windows\system32\nvinfo.pb
2014-03-04 22:35 - 2013-10-27 09:03 - 14709720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-03-04 22:35 - 2013-10-27 09:03 - 02715264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-03-04 21:06 - 2014-02-19 20:13 - 06714312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-03-04 21:06 - 2014-02-19 20:13 - 03497816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-03-04 21:05 - 2014-02-19 20:13 - 03649185 _____ () C:\Windows\system32\nvcoproc.bin
2014-03-04 21:05 - 2014-02-19 20:13 - 02558808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-03-04 21:05 - 2014-02-19 20:13 - 01075032 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2014-03-04 21:05 - 2014-02-19 20:13 - 00922968 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-03-04 21:05 - 2014-02-19 20:13 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-03-04 21:05 - 2014-02-19 20:13 - 00067072 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2014-03-04 21:05 - 2014-02-19 20:13 - 00064968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-03-02 14:05 - 2014-03-19 19:08 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-01 14:05 - 2014-03-13 13:23 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 12:58 - 2014-03-13 13:23 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 12:30 - 2014-03-13 13:23 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 12:17 - 2014-03-13 13:23 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 11:54 - 2014-03-13 13:23 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 11:47 - 2014-03-13 13:23 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 11:42 - 2014-03-13 13:23 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 11:18 - 2014-03-13 13:23 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 11:14 - 2014-03-13 13:23 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 11:10 - 2014-03-13 13:23 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 11:03 - 2014-03-13 13:23 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 10:57 - 2014-03-13 13:23 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 10:38 - 2014-03-13 13:23 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 10:32 - 2014-03-13 13:23 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 10:27 - 2014-03-13 13:23 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 10:25 - 2014-03-13 13:23 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 10:25 - 2014-03-13 13:23 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
 
Some content of TEMP:
====================
C:\Users\jennjennkho\AppData\Local\Temp\Extract.exe
C:\Users\jennjennkho\AppData\Local\Temp\Quarantine.exe
C:\Users\jennjennkho\AppData\Local\Temp\SP63599.exe
C:\Users\jennjennkho\AppData\Local\Temp\SP63888.exe
C:\Users\jennjennkho\AppData\Local\Temp\SP65000.exe
C:\Users\jennjennkho\AppData\Local\Temp\SP65195.exe
C:\Users\jennjennkho\AppData\Local\Temp\utt712D.tmp.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-13 13:21] - [2014-02-01 00:15] - 0311640 ___AC (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02
 
 
 
LastRegBack: 2014-03-21 15:04
 
==================== End Of Log ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by jennjennkho at 2014-03-28 17:35:59
Running from C:\Users\jennjennkho\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
 
==================== Installed Programs ======================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.0.30660 - BitTorrent Inc.)
4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)
Airport Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Azkend 2: The World Beneath (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version:  - Broadcom Corporation)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version:  - Broadcom Corporation)
Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Curse at Twilight (x32 Version: 3.0.2.32 - WildTangent) Hidden
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3.4503 - CyberLink Corp.)
Cyberlink PhotoDirector (x32 Version: 3.0.3.4503 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.4.3122 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.4.3122 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1.3202 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 5.0.1.3202 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Fishdom 3: Collector's Edition (x32 Version: 3.0.2.38 - WildTangent) Hidden
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
House of 1000 Doors: Family Secrets (x32 Version: 2.2.0.98 - WildTangent) Hidden
HP 3D DriveGuard (HKLM-x32\...\{07F6DC37-0857-4B68-A675-4E35989E85E3}) (Version: 6.0.15.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{64382EDB-DCC6-4970-BE54-AD7A26AD1E74}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Postscript Converter (Version: 4.5.12202 - Hewlett-Packard) Hidden
HP Recovery Manager (x32 Version: 11.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7045.4591 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.49 - Hewlett-Packard)
HP SimplePass (Version: 8.00.49 - Hewlett-Packard) Hidden
HP Support Assistant (HKLM-x32\...\{3AF15EEA-8EDF-4393-BB6C-CF8A9986486A}) (Version: 7.3.35.20 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{C78E8F51-3EAD-4F0C-83F0-EF371075E0B4}) (Version: 1.0.10 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{AED1C141-3AFC-47FE-AE90-C820AA60B103}) (Version: 2.2.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
Inst5675 (Version: 8.00.49 - Softex Inc.) Hidden
Inst5676 (Version: 8.00.49 - Softex Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3304 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.8.2.1000 - Intel Corporation) Hidden
Intel® Smart Connect Technology (HKLM\...\{9B5FD763-5074-474C-B898-24567E6450C8}) (Version: 4.2.40.2439 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
LPT System Updater Service (x32 Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Dimensions Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee LiveSafe - Internet Security (HKLM-x32\...\MSC) (Version: 12.8.934 - McAfee, Inc.)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 Home Premium - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4569.1508 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NVIDIA Control Panel 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21239 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Search Protection (HKCU\...\Search Protection) (Version: 8.9.0.1 - Spigot, Inc.)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Snap.Do (HKLM-x32\...\{FB385922-2E32-4462-A7DC-27159614A660}) (Version: 10.213.1.15234 - ReSoft Ltd.) <==== ATTENTION
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.0 - Synaptics Incorporated)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
Validity WBF DDK (HKLM\...\{21498212-1146-4540-8A81-6A1328BA19F2}) (Version: 4.5.228.0 - Validity Sensors, Inc.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HP Games) (x32 Version: 4.0.10.15 - WildTangent) Hidden
Windows Driver Package - Broadcom Corporation (bcbtums) Bluetooth  (08/09/2013 12.0.0.7620) (HKLM\...\7C5445C0C158E0500C2E0AD361C4CBF4BAB2476C) (Version: 08/09/2013 12.0.0.7620 - Broadcom Corporation)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live 软件包 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
照片库 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
 
==================== Restore Points  =========================
 
19-03-2014 11:05:47 Windows Update
24-03-2014 07:19:49 Removed TuneUp Utilities 2014
 
==================== Hosts content: ==========================
 
2013-08-22 21:25 - 2013-08-22 21:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {06233F7D-6047-4281-8D7D-7636A834452A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-21] (Piriform Ltd)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0EC17B79-13FB-4E2A-B366-987177963A20} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2013-12-17] (Microsoft Corporation)
Task: {1C8AC6EC-44BA-4867-8823-59AC50D68ED5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-08-30] (Hewlett-Packard Company)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C013C01-D5EE-4B34-90F2-E5EEF6DCFD29} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-12] (Google Inc.)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {462117D9-F26F-4292-9250-6876086A1FC1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-12] (Google Inc.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5363C730-3CE8-4C71-B61C-EBDE92F86C68} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-03-19] (Microsoft Corporation)
Task: {56966366-E768-4C7B-A53C-46DBB8FCF005} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {69E6C7AA-BBFC-40B3-A565-6395DE41AA28} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-08-30] (Hewlett-Packard Company)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {89823EBA-8181-4E46-8C63-098AC0B59AF2} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-02] (Synaptics Incorporated)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B320312E-1A94-41A7-855E-4EFA05174C37} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-06-08] (Hewlett-Packard Development Company, L.P.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D0EC7E4C-B755-4B32-96CA-66418D0FEA58} - System32\Tasks\HPCeeScheduleForjennjennkho => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F63D320F-03C4-44B2-AC98-0AFE78AE8427} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-02-10] (Hewlett-Packard)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForjennjennkho.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-08-23 17:08 - 2013-08-23 17:08 - 00109568 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
2013-08-23 17:13 - 2013-08-23 17:13 - 00627200 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachedrv.dll
2013-08-23 17:09 - 2013-08-23 17:09 - 02508800 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2013-08-23 17:07 - 2013-08-23 17:07 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2013-08-23 17:07 - 2013-08-23 17:07 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2013-08-23 17:07 - 2013-08-23 17:07 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2013-08-23 17:20 - 2013-08-23 17:20 - 00304016 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2013-08-23 17:20 - 2013-08-23 17:20 - 01283472 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2014-03-19 16:22 - 2013-10-31 17:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-03-12 17:35 - 2014-01-02 18:41 - 00621736 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2013-08-13 11:06 - 2013-08-13 11:06 - 00198120 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
2013-08-13 11:06 - 2013-08-13 11:06 - 00054760 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll
2013-08-13 11:06 - 2013-08-13 11:06 - 00034792 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTNetMon.dll
2014-02-19 20:13 - 2014-03-04 21:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-19 15:53 - 2014-03-19 15:53 - 08878248 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-08-23 17:12 - 2013-08-23 17:12 - 00064000 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2014-02-19 20:13 - 2013-08-09 20:25 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-03-16 15:06 - 2014-03-15 08:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-16 15:06 - 2014-03-15 08:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-16 15:06 - 2014-03-15 08:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-16 15:06 - 2014-03-15 08:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-16 15:06 - 2014-03-15 08:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-16 15:06 - 2014-03-15 08:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
2014-03-16 15:06 - 2014-03-15 08:50 - 13637448 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\Users\jennjennkho\SkyDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
 
==================== Disabled items from MSCONFIG ==============
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/27/2014 09:25:37 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8713796
 
Error: (03/27/2014 09:25:37 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8713796
 
Error: (03/27/2014 09:25:37 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/27/2014 09:25:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8712515
 
Error: (03/27/2014 09:25:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8712515
 
Error: (03/27/2014 09:25:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/27/2014 09:25:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8711187
 
Error: (03/27/2014 09:25:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8711187
 
Error: (03/27/2014 09:25:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/27/2014 09:25:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8709875
 
 
System errors:
=============
Error: (03/28/2014 02:33:37 AM) (Source: DCOM) (User: HP)
Description: {209500FC-6B45-4693-8871-6296C4843751}
 
Error: (03/27/2014 09:22:51 PM) (Source: disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (03/27/2014 02:48:03 PM) (Source: DCOM) (User: HP)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}HpjennjennkhoS-1-5-21-735343836-2922221655-4130560249-1002LocalHost (Using LRPC)Microsoft.BingNews_3.0.2.233_x64__8wekyb3d8bbweS-1-15-2-508114518-3340871649-811464485-526616082-4258465299-1774086546-1865468257
 
Error: (03/26/2014 04:19:52 PM) (Source: DCOM) (User: HP)
Description: {209500FC-6B45-4693-8871-6296C4843751}
 
Error: (03/26/2014 02:27:08 AM) (Source: DCOM) (User: HP)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}HpjennjennkhoS-1-5-21-735343836-2922221655-4130560249-1002LocalHost (Using LRPC)Microsoft.BingNews_3.0.2.233_x64__8wekyb3d8bbweS-1-15-2-508114518-3340871649-811464485-526616082-4258465299-1774086546-1865468257
 
Error: (03/26/2014 02:25:26 AM) (Source: Service Control Manager) (User: )
Description: The McAfee Inc. mfeapfk service failed to start due to the following error: 
%%1243
 
Error: (03/25/2014 05:12:58 PM) (Source: DCOM) (User: HP)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (03/25/2014 05:12:27 PM) (Source: DCOM) (User: HP)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (03/25/2014 05:11:57 PM) (Source: DCOM) (User: HP)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (03/25/2014 05:11:27 PM) (Source: DCOM) (User: HP)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
 
Microsoft Office Sessions:
=========================
Error: (03/27/2014 09:25:37 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8713796
 
Error: (03/27/2014 09:25:37 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8713796
 
Error: (03/27/2014 09:25:37 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/27/2014 09:25:36 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8712515
 
Error: (03/27/2014 09:25:36 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8712515
 
Error: (03/27/2014 09:25:36 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/27/2014 09:25:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8711187
 
Error: (03/27/2014 09:25:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8711187
 
Error: (03/27/2014 09:25:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/27/2014 09:25:34 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8709875
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 38%
Total physical RAM: 8124.02 MB
Available physical RAM: 4994.43 MB
Total Pagefile: 9404.02 MB
Available Pagefile: 6262.43 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:344.5 GB) (Free:288.05 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:21.33 GB) (Free:2.15 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (My Files) (Fixed) (Total:332.03 GB) (Free:331.43 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 1E1F4777)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================

  • 0

#8
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Aishenne



I need you to download this script I have made for you --> Attached File  fixlist.txt   574bytes   191 downloads

It needs to be saved Next to the "Farbar Recovery Scan Tool" (FRST) program (If asked to overwrite existing one please allow)

Run FRST again but this time press the Fix button just once and wait.


When finished, it will make a log (fixlog.txt) next to FRST. Please copy and paste the content of this file to your reply.


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system


Gringo
  • 0

#9
Aishenne

Aishenne

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

HI Gringo,

 

Thank you! Below are the results of the run:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by jennjennkho at 2014-03-31 17:11:24 Run:1
Running from C:\Users\jennjennkho\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
(Spigot, Inc.) C:\Users\jennjennkho\AppData\Roaming\Search Protection\SearchProtection.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sg.search.yah...r=spigot-yhp-ie
C:\Users\jennjennkho\AppData\Local\Temp\Extract.exe
C:\Users\jennjennkho\AppData\Local\Temp\Quarantine.exe
C:\Users\jennjennkho\AppData\Local\Temp\SP63599.exe
C:\Users\jennjennkho\AppData\Local\Temp\SP63888.exe
C:\Users\jennjennkho\AppData\Local\Temp\SP65000.exe
C:\Users\jennjennkho\AppData\Local\Temp\SP65195.exe
C:\Users\jennjennkho\AppData\Local\Temp\utt712D.tmp.exe
 
 
 
*****************
 
[5064] C:\Users\jennjennkho\AppData\Roaming\Search Protection\SearchProtection.exe => Process closed successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
C:\Users\jennjennkho\AppData\Local\Temp\Extract.exe => Moved successfully.
C:\Users\jennjennkho\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\jennjennkho\AppData\Local\Temp\SP63599.exe => Moved successfully.
C:\Users\jennjennkho\AppData\Local\Temp\SP63888.exe => Moved successfully.
C:\Users\jennjennkho\AppData\Local\Temp\SP65000.exe => Moved successfully.
C:\Users\jennjennkho\AppData\Local\Temp\SP65195.exe => Moved successfully.
C:\Users\jennjennkho\AppData\Local\Temp\utt712D.tmp.exe => Moved successfully.
 
==== End of Fixlog ====

  • 0

#10
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts

Hello

These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

Clean Out Temp Files
  • This small application you may want to keep and use once a week to keep the computer clean.

    Download CCleaner from here CCleaner
    • Run the installer to install the application.
    • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
    • Run CCleaner. default settings are fine
    • Click Run Cleaner.
    • Close CCleaner.
: Malwarebytes' Anti-Malware :

I see that you have MBAM installed - That is great!! and at this time I would like you to update it and run me a quick scan
  • Double-click mbam icon
  • go to the update tab at the top
  • click on check for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
    • If you accidentally close it, the log file is saved here and will be named like this:
    • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.



Download HijackThis
  • Go Here to download HijackThis program
  • Save HijackThis to your desktop.
  • Right Click on Hijackthis and select "Run as Admin" (XP users just need to double click to run)
  • Click on "Do A system scan and save a logfile" (if you do not see "Do A system scan and save a logfile" then click on main menu)
  • copy and paste hijackthis report into the topic
"information and logs"
  • In your next post I need the following
    • Log From MBAM
    • report from Hijackthis
    • let me know of any problems you may have had
    • How is the computer doing now?
Gringo
  • 0

Advertisements


#11
Aishenne

Aishenne

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

Hi Gringo,

 

I mistakenly ran Malwarebytes twice (2nd time detected nothing), so posting only the first log. 

I can still see snap.do in Program Files but not noticing any weird behavior in the machine, although I never did notice any weird behavior aside from that it was installed and couldn't be removed.

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.04.03.05
 
Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16521
jennjennkho :: HP [administrator]
 
Protection: Enabled
 
4/4/2014 12:51:45 AM
mbam-log-2014-04-04 (00-51-45).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 222004
Time elapsed: 3 minute(s), 43 second(s)
 
Memory Processes Detected: 1
C:\Users\jennjennkho\AppData\Roaming\Search Protection\SearchProtection.exe (PUP.Optional.Spigot.A) -> 4912 -> Delete on reboot.
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 1
HKCU\Software\AppDataLow\Software\Search Protection (PUP.Optional.MyEmoticons.A) -> Quarantined and deleted successfully.
 
Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SearchProtection (PUP.Optional.Spigot.A) -> Data: "C:\Users\jennjennkho\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart -> Quarantined and deleted successfully.
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 2
C:\Users\jennjennkho\AppData\Roaming\Search Protection\SearchProtection.exe (PUP.Optional.Spigot.A) -> Delete on reboot.
C:\Users\jennjennkho\AppData\Local\Temp\~sp7C0A.tmp (PUP.Optional.Spigot.A) -> Quarantined and deleted successfully.
 
(end)
 
 
 
 
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:13:38 AM, on 4/4/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\jennjennkho\Desktop\HijackThis.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL14/37
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL14/37
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.jp.msn.com/HPALL14/37
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s
O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - Global Startup: ISCTSystray.lnk = C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @oem25.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\Windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service:  HP SimplePass Cachedrv Service (Cachedrv server) - Unknown owner - C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: @oem15.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel® Smart Connect Technology Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service:  HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\Windows\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
 
--
End of file - 12604 bytes
 

  • 0

#12
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts

Greetings

These logs are looking very good, we are almost done!!! Just one more scan to go.

:Remove unneeded start-up entries:

This part of the fix is purely optional
These are programs that start up when you turn on your computer but don't need to be, any of these programs you can click on their icons (or start from the control panel) and start the program when you need it. By stopping these programs you will boot up faster and your computer will work faster.
  • Run HijackThis (rightclick and run as admin)
  • Click on the Scan button
  • Put a check beside all of the items listed below (if present):

    • O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
      O4 - HKLM\..\Run: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s


  • Close all open windows and browsers/email, etc...
  • Click on the "Fix Checked" button
  • When completed, close the application.
    • NOTE**You can research each of those lines >here< and see if you want to keep them or not
      just copy the name between the brackets and paste into the search space
      O4 - HKLM\..\Run: [IntelliPoint]


Eset Online Scanner

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

Go Eset web page to run an online scanner from ESET.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
  • When asked, allow the add/on to be installed
    • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings, ensure the options
    • Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.

  • Click Scan
  • wait for the virus definitions to be downloaded
  • Wait for the scan to finish
When the scan is complete
  • If no threats were found
    • put a checkmark in "Uninstall application on close"
    • close program
    • report to me that nothing was found
  • If threats were found
    • click on "list of threats found"
    • click on "export to text file" and save it as ESET SCAN and save to the desktop
    • Click on back
    • put a checkmark in "Uninstall application on close"
    • click on finish
    • close program
    • copy and paste the report here
Gringo
  • 0

#13
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts

Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo
  • 0

#14
Aishenne

Aishenne

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

Hi Gringo,

 

Sorry it took a while.

 

Below are the results of the ESET Scan:

 

C:\Users\jennjennkho\Downloads\ccsetup404.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\jennjennkho\Downloads\ccsetup411.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\jennjennkho\Downloads\ccsetup412.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
 
Thanks as usual!

Edited by Aishenne, 07 April 2014 - 02:33 PM.

  • 0

#15
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts

Hello Aishenne

There are some minor things in your online scan that should be removed.


delete files
  • Copy all text in the code box (below)...to Notepad.
    @echo off
    del /f /s /q "C:\Users\jennjennkho\Downloads\ccsetup404.exe"
    del /f /s /q "C:\Users\jennjennkho\Downloads\ccsetup411.exe"
    del /f /s /q "C:\Users\jennjennkho\Downloads\ccsetup412.exe"
    del %0
  • Save the Notepad file on your desktop...as delfile.bat... save type as "All Files"
    It should look like this: batfileicon.gif<--XPvista_bat_icon.png<--vista
  • Double click on delfile.bat to execute it.
    A black CMD window will flash, then disappear...this is normal.
  • The files and folders, if found...will have been deleted and the "delfile.bat" file will also be deleted.
The rest of the Online scan is only reporting backups created during the course of this fix C:\Qoobox\Quarantine\, and/or items located in System Restore's cache C:\System Volume Information\, Whatever is in these folders can't harm you unless you choose to perform a manual restore. the following steps will remove these backups.




Very well done!! This is my general post for when your logs show no more signs of malware - Please let me know if you still are having problems with your computer and what these problems are.


:Why we need to remove some of our tools:
  • Some of the tools we have used to clean your computer were made by fellow malware fighters and are very powerful and if used incorrectly or at the wronge time can make the computer an expensive paper weight.
    They are updated all the time and some of them more than once a day so by the time you are ready to use them again they will already be outdated.

    The following procedures will implement some cleanup procedures to remove these tools. It will also reset your System Restore by flushing out previous restore points and create a new restore point. It will also remove all the backups our tools may have made.
:DeFogger:

Note** Defogger only needs to be run if it was run when we first started. If you have not already run it then skip this.
  • To re-enable your Emulation drivers, double click DeFogger to run the tool.
    • The application window will appear
    • Click the Re-enable button to re-enable your CD Emulation drivers
    • Click Yes to continue
    • A 'Finished!' message will appear
    • Click OK
    • DeFogger will now ask to reboot the machine - click OK.
    Your Emulation drivers are now re-enabled.

:Uninstall ComboFix:
  • turn off all active protection software
  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box ComboFix /Uninstall and click OK.
  • Note the space between the X and the /Uninstall, it needs to be there.
  • CF-Uninstall.png
:Remove the rest of our tools:

Please download DelFix and save it to desktop. This tool will remove all the tools we used to clean your pc.
  • Double-click DelFix.exe.
  • select all options avalible
  • Click the Run button.
  • The tool will delete itself once it finishes, if not delete it by yourself.
  • If asked to restart the computer, please do so
:The programs you can keep:

Some of the programs that we have used would be a good idea to keep and used often in helping to keep the computer clean. I use these programs on my computer.
  • Revo Uninstaller Free - this is the uninstaller that I had you download and works allot better than add/remove in windows and has saved me more than once from corrupted installs and uninstalls

    CCleaner - This is a good program to clean out temp files, I would use this once a week or before any malware scan to remove unwanted temp files - It has a built in registry cleaner but I would leave that alone and not use any registry cleaner

    Malwarebytes' Anti-Malware The Gold standerd today in antimalware scanners

:Security programs:

One of the questions I am asked all the time is "What programs do you use" I have at this time 4 computers in my home and I have this setup on all 4 of them.
  • Microsoft Security Essentials - provides real-time protection for your home PC that guards against viruses, spyware, and other malicious software.
  • WinPatrol As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge.
  • Malwarebytes' Anti-Malware Malwarebytes' Anti-Malware is a new and powerful anti-malware tool. It is
    totally free but for real-time protection you will have to pay a small one-time fee. We used this to help clean your computer and recomend keeping it and using often. (I have upgraded to the paid version of MBAM and I am glad I did)


    Note** If you decide to install MSE you will need to uninstall your present Antivirus
:Security awareness:


It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article
Strong passwords: How to create and use them Then consider a password keeper, to keep all your passwords safe. KeePass is a small utility that allows you to manage all your passwords.

As Java seems to get exploited on a daily basis I advise to disable java in your web browsers - How to disable java in your web browsers - Disable Java


The other question I am asked all the time is "How can I prevent this from happening again." and the short answer to that is to be aware of what is out there and how to start spotting dangers.

Here are some articles that are must reads and should be read by everybody in your household that uses the internetHere is some more reading for you from some of my collegesquoted from Tech Support Forum

Conclusion

There is no such thing as 'perfect security'. This applies to many things, not just computer systems. Using the above guide you should be able to take all the reasonable steps you can to prevent infection. However, the most important part of all this is you, the user. Surf sensibly and think before you download a file or click on a link. Take a few moments to assess the possible risks and you should be able to enjoy all the internet has to offer.


I'd be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can then be closed.

I Will Keep This Open For About Three Days, If Anything Comes Up - Just Come Back And Let Me Know, after that time you will have to send me a PM

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Gringo
  • 0






Similar Topics


Also tagged with one or more of these keywords: snap.do

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP