Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

'Ad by saleplus'

adware

  • Please log in to reply

#1
rebtastic

rebtastic

    New Member

  • Member
  • Pip
  • 3 posts

Hey, having problems with banners and pop-ups from saleplus. I think I got it when installing a fake keygen for my new laptop last week (the key from my old laptop didn't work at the time and my Windows was all in Russian, thankfully my old official key now works!), and I can't get rid of it.

 

I've tried uninstalling everything I think it could be, doing scans using F-Secure and Malwarebytes Anti-Malware, and a different scanner which I've uninstalled and forgotten the name of.

 

I can stop the ads from appearing by removing an extension called SSalEPlus from Chrome, but every time I restart Chrome it reappears! I've tried searching for it on my laptop but nothing shows.

 

Any advice? Would it be easier to just wipe and start again?

 

This is the FRST log

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015

Ran by Rebecca (administrator) on CLAPTRAP on 08-04-2015 23:03:14
Running from C:\Users\Rebecca\Desktop
Loaded Profiles: Rebecca (Available profiles: Rebecca)
Platform: Windows 8.1 Pro (X64) OS Language: Russian (Russia)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSHDLL64.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Flux Software LLC) C:\Users\Rebecca\AppData\Local\FluxSoftware\Flux\flux.exe
(Spotify Ltd) C:\Users\Rebecca\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Apple Inc.) F:\Music\iTunes.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7573208 2014-04-23] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2014-06-17] (Synaptics Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [iTunesHelper] => F:\Music\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM\...\Run: [BoxSync] => C:\Program Files\Box\Box Sync\BoxSync.exe [5732976 2015-03-23] (Box, Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [506680 2014-06-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [F-Secure Hoster (49534)] => C:\Program Files (x86)\F-Secure\fshoster32.exe [187432 2015-03-02] (F-Secure Corporation)
HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE [306032 2015-03-16] (F-Secure Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1557593974-1961322542-3061216239-1001\...\Run: [f.lux] => C:\Users\Rebecca\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-1557593974-1961322542-3061216239-1001\...\Run: [Spotify Web Helper] => C:\Users\Rebecca\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-04-06] (Spotify Ltd)
HKU\S-1-5-21-1557593974-1961322542-3061216239-1001\...\MountPoints2: {f48bae55-d6fc-11e4-825f-b01041ed4a98} - "F:\AutoRun.exe" 
HKU\S-1-5-21-1557593974-1961322542-3061216239-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [571392 2013-08-22] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncFileLocked] -> {2a607da5-abe8-358e-a881-c0f5faf2d3a5} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncFileLockedByOther] -> {f7d2951f-0b6b-346c-99ec-69cffc30a364} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncNotSynced] -> {5ea95e3d-3e46-3812-b03c-49785fa67d41} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncProblem] -> {a88b7184-bfa1-3d14-8efb-2225df9699bc} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncSynced] -> {c89f9943-8f58-3eca-bd55-a658f53b2f48} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.bing.com?pc=HPDTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDFJS
HKU\S-1-5-21-1557593974-1961322542-3061216239-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1557593974-1961322542-3061216239-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-04-06] (Microsoft Corporation)
BHO: Browsing Protection -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https64.dll [2015-03-06] (F-Secure Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-06] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-04-06] (Microsoft Corporation)
BHO-x32: Browsing Protection -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dll [2015-03-06] (F-Secure Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-06] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-04-06] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
 
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-06] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-04-06] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF HKLM-x32\...\Firefox\Extensions: [{50d47bc6-5425-4951-b2f1-efb0c3cbe09f}] - C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\deploy\fs_firefox_https
FF Extension: Browsing Protection - C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\deploy\fs_firefox_https [2015-04-06]
 
Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Profile 1 -> hxxp://portal.bris.ac.uk/
CHR StartupUrls: Profile 1 -> "hxxp://uk-mg42.mail.yahoo.com/neo/launch?.rand=648c6iindv2qg#mail"
CHR DefaultSuggestURL: Profile 1 -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-30]
CHR Extension: (Google Docs) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-30]
CHR Extension: (Google Drive) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-30]
CHR Extension: (YouTube) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-30]
CHR Extension: (Online Chess Games) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdpiilochbpoemecaookclgloelkmdfc [2015-03-31]
CHR Extension: (Google Search) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-30]
CHR Extension: (Google Sheets) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-30]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-30]
CHR Extension: (Google Wallet) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-30]
CHR Extension: (Gmail) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Profile: C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-30]
CHR Extension: (Google Docs) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-30]
CHR Extension: (Google Drive) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-30]
CHR Extension: (YouTube) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-30]
CHR Extension: (Google Cast) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-03-30]
CHR Extension: (Google Search) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-30]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2015-03-30]
CHR Extension: (Gmail Offline) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2015-03-30]
CHR Extension: (Google Calendar) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-03-30]
CHR Extension: (Hola Better Internet Engine) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\epbfmioobedknooiakdehepogalbgkng [2015-03-30]
CHR Extension: (Google Sheets) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-30]
CHR Extension: (AdBlock) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-03-30]
CHR Extension: (Hola Better Internet) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-03-30]
CHR Extension: (Bookmark Manager) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-06]
CHR Extension: (RefME WebClipper) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hmgoegihbjidjbcnmokiicohabagclpg [2015-04-07]
CHR Extension: (Browsing Protection by F-Secure) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2015-04-06]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2015-03-30]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-31]
CHR Extension: (Hangouts) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2015-03-30]
CHR Extension: (Google Wallet) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-30]
CHR Extension: (Gmail) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Daryl Dixon Walking Dead) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\plkegioblhcgfapjldldgfokpfmoefia [2015-03-30]
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - C:/Program Files (x86)/F-Secure/apps/CCF_Scanning/bin/browser/install/fs_chrome_https/fs_chrome_https.crx [2015-03-16]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-13] (Broadcom Corporation.)
S3 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [28696 2015-03-23] (Box, Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
R2 fshoster; C:\Program Files (x86)\F-Secure\fshoster32.exe [187432 2015-03-02] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE [215920 2015-03-16] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe [60456 2015-04-06] (F-Secure Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-06-03] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [475960 2014-06-19] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-08] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315376 2014-05-15] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [File not signed]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-09] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-06-17] (Synaptics Incorporated)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-04-03] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-13] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7532760 2014-08-27] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [208424 2015-04-06] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [71112 2015-04-06] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2015-04-06] ()
R3 fsni; C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\fsni64.sys [90152 2015-02-13] (F-Secure Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-13] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-13] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-13] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [476888 2014-03-22] (Realsil Semiconductor Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2014-06-17] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-06-17] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-08 23:03 - 2015-04-08 23:03 - 00030000 _____ () C:\Users\Rebecca\Desktop\FRST.txt
2015-04-08 23:02 - 2015-04-08 23:03 - 00000000 ____D () C:\FRST
2015-04-08 23:01 - 2015-04-08 23:02 - 02095616 _____ (Farbar) C:\Users\Rebecca\Desktop\FRST64.exe
2015-04-08 22:14 - 2015-04-08 22:22 - 00000000 ___RD () C:\Users\Rebecca\Box Sync
2015-04-08 22:14 - 2015-04-08 22:14 - 00001587 _____ () C:\Users\Rebecca\Desktop\Box Sync.lnk
2015-04-08 20:58 - 2015-04-08 20:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-04-08 20:58 - 2015-04-08 20:58 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-04-08 20:58 - 2015-04-08 20:58 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-04-08 20:39 - 2015-04-08 22:14 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\Box Sync
2015-04-08 20:38 - 2015-04-08 20:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Box Sync
2015-04-08 20:38 - 2015-04-08 20:38 - 00000000 ____D () C:\Program Files\Box
2015-04-08 19:23 - 2015-04-08 22:15 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-08 19:23 - 2015-04-08 19:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-08 19:23 - 2015-04-08 19:29 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-08 19:23 - 2015-04-08 19:23 - 00000000 ____D () C:\Users\Все пользователи\Malwarebytes
2015-04-08 19:23 - 2015-04-08 19:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-08 19:23 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-08 19:23 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-08 19:23 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-08 18:49 - 2015-04-08 18:53 - 00000000 ____D () C:\AdwCleaner
2015-04-08 16:40 - 2015-04-08 22:14 - 00000000 ____D () C:\Users\Rebecca\Documents\Youcam
2015-04-08 16:33 - 2015-03-05 00:24 - 00792032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-08 16:33 - 2015-03-05 00:24 - 00178144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-08 08:17 - 2015-04-08 16:33 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-08 08:17 - 2015-04-08 08:17 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-08 08:17 - 2015-04-08 08:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-08 08:17 - 2015-04-08 08:17 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-07 22:28 - 2014-04-14 06:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-04-07 18:55 - 2015-04-07 19:11 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-07 18:55 - 2015-02-26 20:14 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-07 18:20 - 2015-02-04 02:58 - 00264000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-04-07 18:20 - 2015-02-04 02:58 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-04-07 18:20 - 2015-02-04 02:58 - 00044024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-04-07 18:20 - 2015-02-03 02:53 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2015-04-07 18:20 - 2015-02-03 02:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2015-04-07 17:59 - 2014-11-10 05:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll
2015-04-07 17:59 - 2014-11-10 04:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
2015-04-07 17:56 - 2015-01-23 10:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-04-07 17:56 - 2015-01-23 08:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-04-07 17:53 - 2015-04-07 17:53 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\PDF Writer
2015-04-07 17:53 - 2015-04-07 17:53 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\PDF Writer
2015-04-07 17:48 - 2014-12-08 13:36 - 00000543 _____ () C:\Users\Rebecca\Documents\hard drive info.txt
2015-04-07 17:48 - 2014-10-26 08:24 - 00000043 _____ () C:\Users\Rebecca\Documents\card deets.txt
2015-04-07 17:48 - 2013-09-24 20:12 - 00001637 _____ () C:\Users\Rebecca\Documents\Rocksoc Playlist.txt
2015-04-07 17:48 - 2013-09-10 17:39 - 01239040 _____ () C:\Users\Rebecca\Documents\BCA Flyer.pub
2015-04-07 17:48 - 2013-09-04 21:49 - 04561920 _____ () C:\Users\Rebecca\Documents\Happy 21st Birthday Rebs!!.ppt
2015-04-07 17:48 - 2012-11-29 23:51 - 00002378 _____ () C:\Users\Rebecca\Documents\MumbleAutomaticCertificateBackup.p12
2015-04-07 17:48 - 2008-12-17 00:30 - 06990667 _____ () C:\Users\Rebecca\Documents\Mitosis.FINISHEDyey.wmv
2015-04-07 17:46 - 2015-04-07 17:48 - 00000000 ____D () C:\Users\Rebecca\Documents\Universitay
2015-04-07 17:46 - 2015-04-07 17:46 - 00000000 ____D () C:\Users\Rebecca\Documents\My Received Files
2015-04-07 17:46 - 2015-04-07 17:46 - 00000000 ____D () C:\Users\Rebecca\Documents\My Games
2015-04-07 17:46 - 2015-04-07 17:46 - 00000000 ____D () C:\Users\Rebecca\Documents\Homework
2015-04-07 17:46 - 2015-04-07 17:46 - 00000000 ____D () C:\Users\Rebecca\Documents\bamk
2015-04-07 17:45 - 2015-01-29 04:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-04-07 17:45 - 2015-01-29 04:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2015-04-07 17:44 - 2015-02-21 04:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-07 17:44 - 2015-02-21 03:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-07 17:44 - 2015-02-21 03:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-07 17:44 - 2015-02-21 03:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-04-07 17:44 - 2015-02-21 03:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-07 17:44 - 2015-02-21 02:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-07 17:44 - 2015-02-21 02:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-07 17:44 - 2015-02-20 05:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-07 17:44 - 2015-02-20 05:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-07 17:44 - 2015-02-20 05:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-07 17:44 - 2015-02-20 05:35 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-07 17:44 - 2015-02-20 05:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-07 17:44 - 2015-02-20 05:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-07 17:44 - 2015-02-20 05:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-07 17:44 - 2015-02-20 05:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-04-07 17:44 - 2015-02-20 05:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-07 17:44 - 2015-02-20 05:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-07 17:44 - 2015-02-20 05:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-07 17:44 - 2015-02-20 04:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-04-07 17:44 - 2015-02-20 04:56 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-07 17:44 - 2015-02-20 04:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-04-07 17:44 - 2015-02-20 04:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-07 17:44 - 2015-02-20 04:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-07 17:44 - 2015-02-20 04:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-07 17:44 - 2015-02-20 04:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-07 17:44 - 2015-02-20 04:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-07 17:44 - 2015-02-20 04:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-04-07 17:44 - 2015-02-20 04:29 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-04-07 17:44 - 2015-02-20 04:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-07 17:44 - 2015-02-20 04:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-04-07 17:44 - 2015-02-20 04:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-07 17:44 - 2015-02-20 04:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-07 17:44 - 2015-02-20 04:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-07 17:44 - 2015-02-20 04:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-07 17:44 - 2015-02-20 04:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-07 17:44 - 2015-02-20 03:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-07 17:44 - 2015-02-20 03:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-07 17:44 - 2015-01-12 05:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-07 17:44 - 2015-01-12 04:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-07 17:44 - 2015-01-12 04:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-07 17:44 - 2015-01-12 04:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-07 17:44 - 2014-11-22 05:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-07 17:44 - 2014-11-22 05:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-07 17:44 - 2014-10-31 08:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-04-07 17:44 - 2014-10-31 08:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-04-07 17:44 - 2014-10-31 08:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-04-07 17:44 - 2014-10-31 08:09 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-04-07 17:44 - 2014-10-31 08:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-04-07 17:44 - 2014-10-31 08:06 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-04-07 17:44 - 2014-10-31 08:06 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-07 17:44 - 2014-10-31 08:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-07 17:44 - 2014-10-31 07:57 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-07 17:44 - 2014-10-31 07:56 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-07 17:44 - 2014-10-31 07:54 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-04-07 17:44 - 2014-10-31 07:53 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-07 17:44 - 2014-10-31 07:52 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2015-04-07 17:44 - 2014-10-31 07:51 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-07 17:44 - 2014-10-31 07:51 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-07 17:44 - 2014-10-31 07:40 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-04-07 17:44 - 2014-10-31 07:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-07 17:44 - 2014-10-31 07:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-04-07 17:44 - 2014-10-31 07:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-04-07 17:44 - 2014-10-31 07:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-04-07 17:44 - 2014-10-31 07:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-07 17:44 - 2014-10-31 07:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-04-07 17:44 - 2014-10-31 07:19 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-04-07 17:44 - 2014-10-31 06:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-04-07 17:44 - 2014-10-31 06:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-04-07 17:44 - 2014-10-31 06:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-04-07 17:44 - 2014-10-31 06:27 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-04-07 17:44 - 2014-10-31 06:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-04-07 17:44 - 2014-10-31 06:25 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-04-07 17:44 - 2014-10-31 06:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-04-07 17:44 - 2014-10-31 06:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-07 17:44 - 2014-10-31 06:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-07 17:44 - 2014-10-31 06:16 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-07 17:44 - 2014-10-31 06:15 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-07 17:44 - 2014-10-31 06:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-04-07 17:44 - 2014-10-31 06:13 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-07 17:44 - 2014-10-31 06:13 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2015-04-07 17:44 - 2014-10-31 06:12 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-07 17:44 - 2014-10-31 06:11 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-07 17:44 - 2014-10-31 06:03 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-04-07 17:44 - 2014-10-31 05:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-07 17:44 - 2014-10-31 05:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-04-07 17:44 - 2014-10-31 05:56 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-04-07 17:44 - 2014-10-31 05:56 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-04-07 17:44 - 2014-10-31 05:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-07 17:44 - 2014-10-31 05:53 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-04-07 17:44 - 2014-10-31 05:48 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-04-07 17:44 - 2014-10-31 05:26 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-04-07 17:44 - 2014-10-31 05:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-04-07 17:44 - 2014-06-10 01:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-04-07 17:44 - 2014-06-10 01:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-04-07 17:43 - 2015-01-29 04:11 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-04-07 17:43 - 2015-01-29 04:00 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-04-07 17:43 - 2015-01-29 03:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-04-07 17:43 - 2015-01-29 03:50 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-04-07 17:43 - 2014-10-29 05:34 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe
2015-04-07 17:43 - 2014-10-29 05:34 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2015-04-07 17:43 - 2014-10-29 04:13 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2015-04-07 17:43 - 2014-10-29 03:55 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2015-04-07 17:24 - 2014-08-16 06:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2015-04-07 17:24 - 2014-08-16 04:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-07 17:24 - 2014-08-16 03:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-04-07 17:24 - 2014-08-16 03:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2015-04-07 17:24 - 2014-08-16 03:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2015-04-07 17:24 - 2014-08-16 03:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2015-04-07 17:24 - 2014-08-16 03:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2015-04-07 17:24 - 2014-08-16 03:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2015-04-07 17:24 - 2014-08-16 03:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2015-04-07 17:24 - 2014-08-16 03:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-04-07 17:24 - 2014-08-16 03:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2015-04-07 17:24 - 2014-08-16 03:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2015-04-07 17:24 - 2014-08-16 03:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2015-04-07 17:24 - 2014-08-16 03:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-04-07 17:24 - 2014-07-24 18:28 - 00468288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-04-07 17:24 - 2014-07-24 13:09 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-04-07 17:24 - 2014-07-24 12:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-04-07 17:23 - 2014-08-16 07:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2015-04-07 17:23 - 2014-08-16 06:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-07 17:23 - 2014-08-16 04:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2015-04-07 17:23 - 2014-08-16 03:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2015-04-07 17:23 - 2014-08-16 03:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2015-04-07 17:23 - 2014-08-16 03:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2015-04-07 17:23 - 2014-08-16 03:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2015-04-07 17:23 - 2014-08-16 03:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-04-07 17:23 - 2014-08-16 03:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2015-04-07 17:23 - 2014-08-16 03:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2015-04-07 17:23 - 2014-07-24 14:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2015-04-07 17:12 - 2014-09-10 09:25 - 00474432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-04-07 17:12 - 2014-09-08 06:07 - 02497344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-04-07 17:12 - 2014-09-08 06:07 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-04-07 17:12 - 2014-09-04 06:05 - 00836176 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2015-04-07 17:12 - 2014-09-04 05:22 - 00670384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-04-07 17:12 - 2014-09-04 03:10 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2015-04-07 17:12 - 2014-08-31 03:17 - 00148800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-04-07 17:12 - 2014-08-31 01:05 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2015-04-07 17:12 - 2014-08-31 00:58 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2015-04-07 17:12 - 2014-08-31 00:04 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-04-07 17:12 - 2014-08-30 23:53 - 00239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
2015-04-07 17:12 - 2014-08-30 23:17 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-04-07 17:12 - 2014-08-28 03:21 - 02480128 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-04-07 17:12 - 2014-08-28 03:06 - 02030592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-04-07 17:12 - 2014-08-23 08:14 - 13424128 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2015-04-07 17:12 - 2014-08-23 08:04 - 11820544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2015-04-07 17:12 - 2014-08-23 07:50 - 02714112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-04-07 17:12 - 2014-08-02 03:51 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-04-07 17:12 - 2014-08-02 03:35 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-04-07 17:11 - 2014-05-31 13:07 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-07 17:11 - 2014-05-31 13:06 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2015-04-07 17:11 - 2014-05-31 06:06 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-07 17:11 - 2014-05-31 06:03 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-07 17:11 - 2014-05-31 05:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-07 17:11 - 2014-05-31 05:54 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-07 17:11 - 2014-05-31 05:48 - 03463680 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-07 17:11 - 2014-05-31 05:37 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2015-04-07 17:11 - 2014-05-31 05:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2015-04-07 16:23 - 2015-04-07 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bullzip
2015-04-07 16:23 - 2015-04-07 16:23 - 00000000 ____D () C:\Program Files\Common Files\Bullzip
2015-04-07 16:23 - 2014-11-19 11:30 - 00228352 _____ (Bullzip) C:\Windows\SysWOW64\bzFlRdr.dll
2015-04-07 16:23 - 2008-07-09 11:30 - 00103424 _____ (Bullzip) C:\Windows\SysWOW64\bzDCT.dll
2015-04-07 16:22 - 2015-04-07 16:23 - 00000000 ____D () C:\Users\Все пользователи\PDF Writer
2015-04-07 16:22 - 2015-04-07 16:23 - 00000000 ____D () C:\ProgramData\PDF Writer
2015-04-07 16:22 - 2015-04-07 16:22 - 00000000 ____D () C:\Program Files\Bullzip
2015-04-07 16:22 - 2013-09-01 13:59 - 01103872 _____ () C:\Windows\SysWOW64\CBLCtlsU.ocx
2015-04-07 16:22 - 2013-07-13 13:15 - 00805376 _____ () C:\Windows\SysWOW64\EditCtlsU.ocx
2015-04-07 16:22 - 2013-07-12 23:57 - 00539648 _____ () C:\Windows\SysWOW64\LblCtlsU.ocx
2015-04-07 16:22 - 2013-04-05 14:55 - 00476160 _____ () C:\Windows\SysWOW64\TabStripCtlU.ocx
2015-04-07 16:22 - 2013-03-29 00:13 - 00645632 _____ () C:\Windows\SysWOW64\BtnCtlsU.ocx
2015-04-07 16:22 - 2013-03-03 15:37 - 01061888 _____ () C:\Windows\SysWOW64\ExLvwU.ocx
2015-04-07 16:22 - 1999-05-13 01:00 - 01064456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomctl.ocx
2015-04-07 16:22 - 1999-05-07 01:00 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.OCX
2015-04-07 16:17 - 2015-04-07 17:25 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-04-07 16:13 - 2015-04-07 16:13 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\Foxit Software
2015-04-07 12:59 - 2015-04-07 12:59 - 00000000 ____D () C:\Windows\SysWOW64\Drivers\en-GB
2015-04-07 12:59 - 2015-04-07 12:59 - 00000000 ____D () C:\Windows\system32\Drivers\en-GB
2015-04-07 12:59 - 2015-04-07 12:59 - 00000000 ____D () C:\Windows\en-GB
2015-04-06 21:21 - 2015-04-07 17:50 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\Apple Computer
2015-04-06 21:21 - 2015-04-06 21:21 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\Apple Computer
2015-04-06 21:21 - 2015-04-06 21:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-04-06 21:20 - 2015-04-06 21:20 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-04-06 21:20 - 2015-04-06 21:20 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2015-04-06 21:20 - 2015-04-06 21:20 - 00000000 ____D () C:\Users\Все пользователи\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-04-06 21:20 - 2015-04-06 21:20 - 00000000 ____D () C:\Users\Все пользователи\Apple Computer
2015-04-06 21:20 - 2015-04-06 21:20 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\Apple
2015-04-06 21:20 - 2015-04-06 21:20 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-04-06 21:20 - 2015-04-06 21:20 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-04-06 21:20 - 2015-04-06 21:20 - 00000000 ____D () C:\Program Files\iPod
2015-04-06 21:20 - 2015-04-06 21:20 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-04-06 21:20 - 2015-04-06 21:20 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-04-06 21:20 - 2012-10-03 15:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2015-04-06 21:19 - 2015-04-06 21:20 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-04-06 21:15 - 2015-04-06 21:15 - 00000000 ____D () C:\Users\Rebecca\Tracing
2015-04-06 21:07 - 2015-04-08 20:38 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\Skype
2015-04-06 21:07 - 2015-04-06 21:15 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-06 21:07 - 2015-04-06 21:07 - 00002713 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-04-06 21:07 - 2015-04-06 21:07 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\Skype
2015-04-06 21:07 - 2015-04-06 21:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-06 21:06 - 2015-04-06 21:15 - 00000000 ____D () C:\Users\Все пользователи\Skype
2015-04-06 21:06 - 2015-04-06 21:15 - 00000000 ____D () C:\ProgramData\Skype
2015-04-06 21:05 - 2015-04-07 20:45 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\Spotify
2015-04-06 21:05 - 2015-04-06 21:05 - 00001869 _____ () C:\Users\Rebecca\Desktop\Spotify.lnk
2015-04-06 21:05 - 2015-04-06 21:05 - 00001855 _____ () C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-04-06 21:01 - 2015-04-07 21:20 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\Spotify
2015-04-06 17:57 - 2014-08-15 03:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2015-04-06 17:57 - 2014-07-30 04:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2015-04-06 17:57 - 2014-07-29 08:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2015-04-06 16:42 - 2014-12-09 06:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-04-06 16:42 - 2014-12-09 04:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-04-06 16:42 - 2014-09-27 10:13 - 00104336 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-04-06 16:42 - 2014-09-27 08:24 - 00088800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-04-06 16:42 - 2014-09-27 06:30 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-04-06 16:41 - 2014-06-20 04:48 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-04-06 16:41 - 2014-06-20 02:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-04-06 16:36 - 2015-01-16 01:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-04-06 16:36 - 2015-01-16 01:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-06 16:36 - 2015-01-14 07:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-04-06 16:36 - 2015-01-14 06:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-04-06 16:36 - 2014-10-29 05:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-06 16:36 - 2014-10-29 05:50 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-06 16:36 - 2014-10-29 05:06 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-06 16:36 - 2014-10-29 05:06 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-06 16:36 - 2014-10-29 04:31 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-06 16:34 - 2015-02-20 06:03 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-04-06 16:34 - 2015-02-20 05:58 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-04-06 16:34 - 2015-02-20 05:20 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-04-06 16:34 - 2015-02-20 05:15 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-04-06 16:34 - 2014-12-09 04:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-04-06 16:34 - 2014-10-29 05:49 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-04-06 16:34 - 2014-10-29 05:44 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-04-06 16:34 - 2014-10-29 05:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-04-06 16:34 - 2014-10-29 05:04 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-04-06 16:34 - 2014-10-29 05:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-04-06 16:34 - 2014-10-29 05:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-04-06 16:34 - 2014-06-17 01:26 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-04-06 16:34 - 2014-06-17 01:24 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-04-06 16:34 - 2014-06-13 04:15 - 00517528 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-04-06 16:34 - 2014-06-13 04:14 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-04-06 16:34 - 2014-06-13 03:10 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2015-04-06 16:34 - 2014-05-30 06:03 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-04-06 16:32 - 2015-03-11 05:38 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-06 16:32 - 2015-03-11 01:08 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-06 16:32 - 2015-03-11 01:08 - 00943104 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-06 16:32 - 2015-03-11 01:08 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-06 16:32 - 2015-03-11 01:08 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-06 16:32 - 2015-03-11 01:08 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-06 16:32 - 2015-03-11 01:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-06 16:32 - 2014-12-03 02:09 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-06 16:31 - 2015-03-06 05:53 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-06 16:31 - 2015-03-06 05:33 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-06 16:31 - 2015-02-26 02:26 - 04178944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-04-06 16:31 - 2015-01-31 02:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-04-06 16:31 - 2015-01-31 02:29 - 02484224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-04-06 16:31 - 2014-10-13 05:33 - 00116032 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-04-06 16:31 - 2014-10-11 03:58 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-04-06 16:31 - 2014-10-11 03:53 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-04-06 16:31 - 2014-10-08 10:30 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-04-06 16:31 - 2014-10-08 10:09 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-04-06 16:31 - 2014-10-08 09:27 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-04-06 16:31 - 2014-08-07 05:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-06 16:31 - 2014-08-02 06:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-06 16:30 - 2015-01-27 06:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2015-04-06 16:30 - 2015-01-24 04:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2015-04-06 16:30 - 2014-12-14 00:28 - 00513488 _____ () C:\Windows\SysWOW64\locale.nls
2015-04-06 16:30 - 2014-12-14 00:28 - 00513488 _____ () C:\Windows\system32\locale.nls
2015-04-06 16:30 - 2014-10-29 04:27 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-04-06 16:30 - 2014-10-29 04:27 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2015-04-06 16:30 - 2014-10-29 04:04 - 00868352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-04-06 16:30 - 2014-10-29 04:04 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2015-04-06 16:29 - 2015-02-07 02:09 - 00396419 _____ () C:\Windows\system32\ApnDatabase.xml
2015-04-06 16:29 - 2014-12-19 11:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-04-06 16:29 - 2014-12-19 11:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-04-06 16:27 - 2014-10-31 02:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-04-06 16:27 - 2014-10-31 02:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-04-06 16:20 - 2015-01-29 04:04 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-04-06 16:20 - 2015-01-29 04:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-04-06 16:20 - 2014-10-29 05:43 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\printui.exe
2015-04-06 16:20 - 2014-10-29 05:34 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-04-06 16:20 - 2014-10-29 05:04 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\findnetprinters.dll
2015-04-06 16:20 - 2014-10-29 04:58 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.exe
2015-04-06 16:20 - 2014-10-29 04:52 - 00289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compstui.dll
2015-04-06 16:20 - 2014-10-29 04:51 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-04-06 16:20 - 2014-10-29 04:48 - 00825856 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2015-04-06 16:20 - 2014-10-29 04:45 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2015-04-06 16:20 - 2014-10-29 04:45 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2015-04-06 16:20 - 2014-10-29 04:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\findnetprinters.dll
2015-04-06 16:20 - 2014-10-29 04:20 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-04-06 16:20 - 2014-10-29 04:15 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2015-04-06 16:20 - 2014-10-29 03:55 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2015-04-06 16:20 - 2014-10-29 03:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2015-04-06 16:20 - 2014-10-29 03:41 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2015-04-06 16:20 - 2014-10-29 03:35 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2015-04-06 16:19 - 2015-02-05 23:24 - 01113920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-04-06 16:19 - 2014-08-23 09:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2015-04-06 16:19 - 2014-08-23 08:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2015-04-06 16:19 - 2014-08-23 07:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2015-04-06 16:19 - 2014-07-15 21:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2015-04-06 16:19 - 2014-07-15 11:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2015-04-06 16:19 - 2014-07-15 11:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2015-04-06 16:19 - 2014-07-15 11:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2015-04-06 16:18 - 2015-02-06 04:28 - 02257408 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-04-06 16:18 - 2015-02-06 04:08 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-04-06 16:18 - 2015-02-03 03:03 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2015-04-06 16:18 - 2015-02-03 03:02 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2015-04-06 16:18 - 2015-01-30 06:01 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2015-04-06 16:18 - 2015-01-30 06:00 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2015-04-06 16:18 - 2015-01-30 05:03 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-04-06 16:18 - 2015-01-30 05:03 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-04-06 16:18 - 2015-01-30 04:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-04-06 16:18 - 2015-01-30 04:42 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-04-06 16:18 - 2015-01-30 04:29 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll
2015-04-06 16:18 - 2014-12-19 09:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-04-06 16:18 - 2014-12-12 05:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-04-06 16:18 - 2014-12-12 03:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-04-06 16:18 - 2014-10-29 05:46 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2015-04-06 16:18 - 2014-10-29 05:46 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2015-04-06 16:18 - 2014-10-29 05:45 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-04-06 16:18 - 2014-10-29 05:03 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\fsquirt.exe
2015-04-06 16:18 - 2014-10-29 04:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\atlthunk.dll
2015-04-06 16:18 - 2014-09-04 03:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-04-06 16:18 - 2014-09-04 03:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-04-06 16:18 - 2014-08-02 03:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-04-06 16:16 - 2015-01-29 03:59 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-04-06 16:16 - 2015-01-29 03:49 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-04-06 16:16 - 2015-01-28 05:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2015-04-06 16:16 - 2015-01-28 04:47 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2015-04-06 16:16 - 2015-01-19 21:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-04-06 16:16 - 2014-10-23 08:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-04-06 16:16 - 2014-10-23 08:05 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-04-06 16:16 - 2014-08-23 08:18 - 02149376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-06 16:16 - 2014-08-23 08:03 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-06 16:16 - 2014-07-10 07:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\lockscreencn.dll
2015-04-06 16:16 - 2014-05-19 09:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2015-04-06 16:16 - 2014-05-19 09:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2015-04-06 16:16 - 2014-05-19 08:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2015-04-06 16:13 - 2015-01-31 02:20 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-04-06 16:13 - 2015-01-28 18:41 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-06 16:13 - 2015-01-28 18:41 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-06 16:13 - 2015-01-28 18:41 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-06 16:13 - 2015-01-27 07:22 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-04-06 16:13 - 2015-01-27 05:11 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-04-06 16:13 - 2014-10-29 06:56 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-04-06 16:13 - 2014-10-29 05:37 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2015-04-06 16:13 - 2014-10-29 05:02 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-06 16:13 - 2014-10-29 05:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-06 16:13 - 2014-10-29 04:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-06 16:13 - 2014-10-29 04:15 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-06 16:13 - 2014-10-29 04:15 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-06 16:13 - 2014-10-29 04:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-06 16:13 - 2014-10-29 04:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-06 16:13 - 2014-10-29 04:13 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-06 16:11 - 2015-02-12 20:40 - 22291584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-04-06 16:11 - 2015-02-12 20:34 - 19731824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-04-06 15:59 - 2015-04-06 16:04 - 00056016 _____ () C:\Windows\system32\Drivers\fsbts.sys
2015-04-06 15:59 - 2015-04-06 15:59 - 00000657 _____ () C:\Windows\fsav_db_setup.log
2015-04-06 15:58 - 2015-04-06 15:59 - 04068536 _____ () C:\Windows\FSISU.log
2015-04-06 15:58 - 2015-04-06 15:59 - 00912721 _____ () C:\Windows\FSSFM.log
2015-04-06 15:58 - 2015-04-06 15:59 - 00720020 _____ () C:\Windows\FSSETUP.log
2015-04-06 15:58 - 2015-04-06 15:59 - 00140799 _____ () C:\Windows\FSDEPH.log
2015-04-06 15:58 - 2015-04-06 15:59 - 00136077 _____ () C:\Windows\FSPROD.log
2015-04-06 15:58 - 2015-04-06 15:59 - 00088552 _____ () C:\Windows\RunSetup.log
2015-04-06 15:58 - 2015-04-06 15:59 - 00068612 _____ () C:\Windows\FSAVINST.LOG
2015-04-06 15:58 - 2015-04-06 15:59 - 00010317 _____ () C:\Windows\FSAVCSIN.LOG
2015-04-06 15:58 - 2015-04-06 15:59 - 00004343 _____ () C:\Windows\FSGKIAIN.log
2015-04-06 15:58 - 2015-04-06 15:59 - 00004230 _____ () C:\Windows\fstnbins.LOG
2015-04-06 15:58 - 2015-04-06 15:59 - 00003331 _____ () C:\Windows\fsavunin.log
2015-04-06 15:58 - 2015-04-06 15:59 - 00001811 _____ () C:\Windows\FSLDIN.LOG
2015-04-06 15:58 - 2015-04-06 15:58 - 00020688 _____ () C:\Windows\prodsett_copy.ini
2015-04-06 15:58 - 2015-04-06 15:58 - 00019322 _____ () C:\Windows\fspplugin.log
2015-04-06 15:54 - 2015-04-06 15:55 - 00000000 ____D () C:\Program Files (x86)\F-Secure
2015-04-06 15:54 - 2015-04-06 15:54 - 00002046 _____ () C:\Users\Public\Desktop\F-Secure.lnk
2015-04-06 15:54 - 2015-04-06 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F-Secure
2015-04-06 15:52 - 2015-01-30 05:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-04-06 15:52 - 2015-01-30 04:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2015-04-06 15:52 - 2015-01-30 04:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-04-06 15:52 - 2015-01-30 04:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-04-06 15:52 - 2015-01-30 04:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2015-04-06 15:52 - 2015-01-30 04:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2015-04-06 15:52 - 2015-01-30 04:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-04-06 15:52 - 2015-01-30 04:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2015-04-06 15:52 - 2014-12-06 06:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-04-06 15:52 - 2014-12-06 04:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-04-06 15:52 - 2014-10-29 04:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-04-06 15:52 - 2014-10-29 04:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\eappprxy.dll
2015-04-06 15:52 - 2014-10-29 04:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-04-06 15:52 - 2014-10-29 03:59 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappprxy.dll
2015-04-06 15:52 - 2014-06-06 16:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-04-06 15:52 - 2014-06-06 15:18 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-04-06 15:41 - 2015-01-29 21:45 - 01763352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-04-06 15:41 - 2015-01-29 21:34 - 01488040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-04-06 15:41 - 2014-07-12 07:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2015-04-06 15:37 - 2014-12-11 08:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2015-04-06 15:32 - 2015-02-08 02:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-04-06 15:32 - 2015-02-08 02:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-04-06 15:31 - 2015-01-28 04:31 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-04-06 15:31 - 2015-01-28 04:11 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-04-06 15:31 - 2015-01-28 02:47 - 02501368 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-04-06 15:31 - 2015-01-28 02:41 - 02207488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-04-06 15:30 - 2014-12-08 22:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-04-06 15:30 - 2014-12-08 22:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-04-06 15:30 - 2014-12-08 22:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-04-06 15:30 - 2014-12-08 22:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-04-06 15:30 - 2014-12-08 22:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-04-06 15:30 - 2014-12-08 22:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-04-06 15:30 - 2014-12-08 22:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-04-06 15:30 - 2014-12-08 22:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-04-06 15:30 - 2014-12-06 04:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-04-06 15:30 - 2014-10-29 07:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-04-06 15:30 - 2014-10-29 07:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2015-04-06 15:30 - 2014-10-29 06:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-04-06 15:30 - 2014-10-29 06:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-04-06 15:30 - 2014-10-29 06:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-04-06 15:30 - 2014-10-29 06:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-04-06 15:30 - 2014-10-29 06:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-04-06 15:30 - 2014-10-29 06:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2015-04-06 15:30 - 2014-10-29 06:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-04-06 15:30 - 2014-10-29 06:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-04-06 15:30 - 2014-10-29 06:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-04-06 15:30 - 2014-10-29 05:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-04-06 15:30 - 2014-10-29 04:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2015-04-06 15:30 - 2014-10-29 04:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-04-06 15:29 - 2014-11-10 02:19 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-06 15:29 - 2014-11-10 02:19 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-06 15:29 - 2014-11-10 02:18 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-04-06 15:29 - 2014-11-10 02:18 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-04-06 15:23 - 2014-07-24 06:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2015-04-06 15:23 - 2014-07-24 06:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2015-04-06 15:18 - 2015-01-21 08:54 - 01384712 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-06 15:18 - 2015-01-21 08:15 - 01123848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-04-06 15:03 - 2015-04-06 15:09 - 00000000 ____D () C:\Windows\CSC
2015-04-06 15:03 - 2015-04-06 15:03 - 00000000 __SHD () C:\Windows\BitLockerDiscoveryVolumeContents
2015-04-06 14:50 - 2015-04-06 18:21 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\F-Secure
2015-04-06 14:50 - 2015-04-06 15:58 - 00000000 ____D () C:\Users\Все пользователи\F-Secure
2015-04-06 14:50 - 2015-04-06 15:58 - 00000000 ____D () C:\ProgramData\F-Secure
2015-04-06 14:48 - 2015-04-06 16:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-04-06 14:45 - 2015-04-06 16:01 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-04-06 14:31 - 2015-04-06 14:31 - 00001093 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-04-05 00:41 - 2015-04-05 00:41 - 00000000 ____D () C:\Users\Rebecca\Desktop\Новая папка
2015-04-04 11:03 - 2015-04-04 11:03 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\Steam
2015-04-02 23:44 - 2015-04-02 23:44 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-CLAPTRAP-Windows-8.1-Single-Language-(64-bit).dat
2015-04-02 23:44 - 2015-04-02 23:44 - 00000000 ____D () C:\RegBackup
2015-04-02 23:42 - 2015-04-07 22:22 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-02 23:42 - 2015-04-02 23:42 - 00000986 _____ () C:\Users\Public\Desktop\Steam.lnk
2015-04-02 23:42 - 2015-04-02 23:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-04-02 23:37 - 2015-04-02 23:37 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\LolClient
2015-04-02 23:32 - 2015-04-02 23:32 - 00000000 ____D () C:\Users\Все пользователи\Riot Games
2015-04-02 23:32 - 2015-04-02 23:32 - 00000000 ____D () C:\ProgramData\Riot Games
2015-04-02 23:32 - 2015-04-02 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2015-04-02 23:32 - 2008-07-31 09:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-04-02 23:32 - 2008-07-31 09:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-04-02 23:32 - 2008-07-12 07:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-04-02 23:32 - 2008-07-12 07:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-04-02 23:32 - 2008-07-12 07:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-04-02 23:25 - 2015-04-02 23:32 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\Riot Games
2015-04-02 23:23 - 2015-04-02 23:23 - 00000000 ____D () C:\Riot Games
2015-04-02 23:13 - 2015-04-04 11:41 - 00000138 _____ () C:\Users\Rebecca\Desktop\8.1 key pro.txt
2015-03-31 23:14 - 2015-04-04 12:58 - 00000000 ____D () C:\Users\Все пользователи\{85292c86-39ca-88b8-8529-92c8639cb218}
2015-03-31 23:14 - 2015-04-04 12:58 - 00000000 ____D () C:\ProgramData\{85292c86-39ca-88b8-8529-92c8639cb218}
2015-03-31 23:10 - 2015-03-31 23:10 - 00000000 ____D () C:\Users\Все пользователи\ncnnihfkkkifcpfkomchdppeojnogmja
2015-03-31 23:10 - 2015-03-31 23:10 - 00000000 ____D () C:\Users\Все пользователи\3012578853096907344
2015-03-31 23:10 - 2015-03-31 23:10 - 00000000 ____D () C:\ProgramData\ncnnihfkkkifcpfkomchdppeojnogmja
2015-03-31 23:10 - 2015-03-31 23:10 - 00000000 ____D () C:\ProgramData\3012578853096907344
2015-03-31 23:09 - 2015-04-04 17:07 - 00000000 ____D () C:\Users\Все пользователи\{7a7f4047-6490-4f2c-7a7f-f4047649011d}
2015-03-31 23:09 - 2015-04-04 17:07 - 00000000 ____D () C:\ProgramData\{7a7f4047-6490-4f2c-7a7f-f4047649011d}
2015-03-31 23:03 - 2014-10-31 01:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-03-31 23:03 - 2014-10-31 01:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-03-31 23:03 - 2014-10-13 05:43 - 00238912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-03-31 23:03 - 2014-10-13 05:43 - 00153920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-03-31 23:03 - 2014-10-13 05:43 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-03-31 23:03 - 2014-10-13 05:43 - 00039744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2015-03-31 22:57 - 2014-06-05 17:13 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2015-03-31 22:57 - 2014-06-05 16:14 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2015-03-31 22:57 - 2014-06-02 05:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2015-03-31 22:57 - 2014-05-31 13:07 - 00440664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-03-31 22:57 - 2014-05-31 13:07 - 00419672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-03-31 22:57 - 2014-05-31 13:07 - 00089944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-03-31 22:57 - 2014-05-31 13:07 - 00027480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-03-31 22:57 - 2014-05-31 09:30 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-03-31 22:57 - 2014-05-31 09:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-03-31 22:57 - 2014-05-31 09:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-03-31 22:57 - 2014-05-31 07:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-03-31 22:57 - 2014-05-31 07:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-03-31 22:57 - 2014-05-31 07:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-03-31 22:57 - 2014-05-29 09:21 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2015-03-31 22:57 - 2014-05-27 12:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll
2015-03-31 22:57 - 2014-05-27 12:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll
2015-03-31 22:57 - 2014-05-17 07:59 - 16871936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-03-31 22:57 - 2014-05-17 07:13 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-03-31 22:57 - 2014-04-30 07:30 - 00668160 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2015-03-31 22:57 - 2014-04-30 06:52 - 00590336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2015-03-31 22:36 - 2015-03-31 22:36 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2015-03-31 22:35 - 2015-03-31 22:35 - 00597304 _____ () C:\Users\Rebecca\Downloads\flux-setup.exe
2015-03-31 22:35 - 2015-03-31 22:35 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\FluxSoftware
2015-03-31 22:19 - 2015-03-31 22:19 - 00463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrptadm.dll
2015-03-31 22:19 - 2015-03-31 22:19 - 00350720 _____ (Microsoft Corporation) C:\Windows\system32\bdechangepin.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\SrpUxNativeSnapIn.dll
2015-03-31 22:19 - 2015-03-31 22:19 - 00304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SrpUxNativeSnapIn.dll
2015-03-31 22:19 - 2015-03-31 22:19 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\AuditNativeSnapIn.dll
2015-03-31 22:19 - 2015-03-31 22:19 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\tscfgwmi.dll
2015-03-31 22:19 - 2015-03-31 22:19 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuditNativeSnapIn.dll
2015-03-31 22:19 - 2015-03-31 22:19 - 00163328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDist.dll
2015-03-31 22:19 - 2015-03-31 22:19 - 00147439 _____ () C:\Windows\system32\gpedit.msc
2015-03-31 22:19 - 2015-03-31 22:19 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\baaupdate.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpolmsg.dll
2015-03-31 22:19 - 2015-03-31 22:19 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\auditpolmsg.dll
2015-03-31 22:19 - 2015-03-31 22:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\AuditPolicyGPInterop.dll
2015-03-31 22:19 - 2015-03-31 22:19 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuditPolicyGPInterop.dll
2015-03-31 22:19 - 2015-03-31 22:19 - 00043566 _____ () C:\Windows\system32\rsop.msc
2015-03-31 22:19 - 2015-03-31 22:19 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2015-03-31 22:19 - 2015-03-31 22:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\qwinsta.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\qprocess.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\msg.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\quser.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\tskill.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\qappsrv.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\chgport.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\tsdiscon.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\tscon.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\rwinsta.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\logoff.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\chgusr.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\chglogon.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\reset.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\change.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\query.exe
2015-03-31 22:19 - 2014-03-18 12:55 - 00035781 _____ () C:\Windows\Professional.xml
2015-03-31 22:18 - 2015-03-31 22:18 - 00794112 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
2015-03-31 22:18 - 2015-03-31 22:18 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\AdmTmpl.dll
2015-03-31 22:18 - 2015-03-31 22:18 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2015-03-31 22:18 - 2015-03-31 22:18 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\AppIdPolicyEngineApi.dll
2015-03-31 22:18 - 2015-03-31 22:18 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\ddputils.dll
2015-03-31 22:18 - 2015-03-31 22:18 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppIdPolicyEngineApi.dll
2015-03-31 22:18 - 2015-03-31 22:18 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\PresentationSettings.exe
2015-03-31 22:18 - 2015-03-31 22:18 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\ddptrace.dll
2015-03-31 22:18 - 2015-03-31 22:18 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerWizardElev.exe
2015-03-31 22:18 - 2015-03-31 22:18 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerWizard.exe
2015-03-31 22:18 - 2015-03-31 22:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\srmlib.dll
2015-03-31 22:18 - 2015-03-31 22:18 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\PrintBrmUi.exe
2015-03-31 22:18 - 2015-03-31 22:18 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\ddp_ps.dll
2015-03-31 22:18 - 2015-03-31 22:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\BdeSysprep.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 01319424 _____ (Microsoft Corporation) C:\Windows\system32\srmclient.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 01230848 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSh.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 01165824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDistSh.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00922624 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistCacheProvider.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00649728 _____ (Microsoft Corporation) C:\Windows\system32\srmscan.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\scrptadm.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\appmgr.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\srm.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00277504 _____ (Microsoft Corporation) C:\Windows\system32\srmstormod.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ddpchunk.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\appmgmts.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\srmshell.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appmgmts.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00147439 _____ () C:\Windows\SysWOW64\gpedit.msc
2015-03-31 22:17 - 2015-03-31 22:17 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\adrclient.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00120458 _____ () C:\Windows\system32\secpol.msc
2015-03-31 22:17 - 2015-03-31 22:17 - 00090464 _____ (Microsoft Corporation) C:\Windows\system32\KeyboardFilterSvc.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmlib.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\srmtrace.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00043566 _____ () C:\Windows\SysWOW64\rsop.msc
2015-03-31 22:17 - 2015-03-31 22:17 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe
2015-03-31 22:17 - 2015-03-31 22:17 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\srm_ps.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00022272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbldfltr.sys
2015-03-31 22:17 - 2015-03-31 22:17 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-03-31 22:16 - 2015-04-08 22:23 - 00000000 ____D () C:\Users\Rebecca\Desktop\dl
2015-03-31 22:16 - 2015-03-31 22:16 - 02176000 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00935424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmclient.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2015-03-31 22:16 - 2015-03-31 22:16 - 00470528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmscan.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AdmTmpl.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistCleaner.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00366080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appmgr.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\cscobj.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srm.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmstormod.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscobj.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00178688 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\fveprompt.exe
2015-03-31 22:16 - 2015-03-31 22:16 - 00146389 _____ () C:\Windows\system32\printmanagement.msc
2015-03-31 22:16 - 2015-03-31 22:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
2015-03-31 22:16 - 2015-03-31 22:16 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmshell.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adrclient.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00096088 _____ (Microsoft Corporation) C:\Windows\system32\embeddedapplauncher.exe
2015-03-31 22:16 - 2015-03-31 22:16 - 00068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmtrace.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistHttpTrans.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistAD.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00040288 _____ (Microsoft Corporation) C:\Windows\system32\KeyboardFilterCore.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00039264 _____ (Microsoft Corporation) C:\Windows\system32\EmbeddedAppLauncherConfig.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00034144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KeyboardFilterCore.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srm_ps.dll
2015-03-31 21:47 - 2015-03-31 21:47 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2015-03-31 21:46 - 2015-03-13 22:41 - 32114888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 24775368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 20466376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 18580512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 17258024 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 16022016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 14121624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 13297144 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 13210080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 10775080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 10715864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 10262160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-03-31 21:46 - 2015-03-13 22:41 - 03611792 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 03249352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 02906928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 01896136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434788.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434788.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 00970384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 00944784 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 00930448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 00909512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 00400584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 00390288 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 00346824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 00178512 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-03-30 21:21 - 2015-04-08 22:58 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\BitTorrent
2015-03-30 21:21 - 2015-03-30 21:21 - 00000907 _____ () C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2015-03-30 21:18 - 2015-04-08 17:35 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\vlc
2015-03-30 21:17 - 2015-03-30 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-03-30 21:17 - 2015-03-30 21:17 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2015-03-30 21:14 - 2015-03-28 06:44 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-03-30 21:14 - 2015-03-28 06:43 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-03-30 21:14 - 2014-11-22 13:46 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-03-30 21:14 - 2014-11-22 13:46 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-03-30 20:52 - 2015-04-07 20:41 - 00000000 ____D () C:\Users\Rebecca\Desktop\Flights
2015-03-30 20:08 - 2015-03-30 20:08 - 00002390 _____ () C:\Users\Rebecca\Desktop\Rebecca - Chrome.lnk
2015-03-30 20:07 - 2015-03-30 20:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-03-30 20:04 - 2015-04-05 16:09 - 00002206 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-30 20:04 - 2015-03-30 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-30 20:03 - 2015-04-08 22:12 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-30 20:03 - 2015-04-08 21:08 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-30 20:03 - 2015-03-30 20:04 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\Google
2015-03-30 20:03 - 2015-03-30 20:04 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-30 20:03 - 2015-03-30 20:03 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-03-30 20:03 - 2015-03-30 20:03 - 00003654 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-03-30 20:03 - 2015-03-30 20:03 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\Deployment
2015-03-30 20:03 - 2015-03-30 20:03 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\Apps\2.0
2015-03-30 20:02 - 2015-04-08 22:47 - 00003956 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C8A0AB14-AD23-4588-B4CF-9F4698423B30}
2015-03-30 20:02 - 2015-03-30 20:02 - 00000000 __SHD () C:\Users\Rebecca\AppData\Local\EmieUserList
2015-03-30 20:02 - 2015-03-30 20:02 - 00000000 __SHD () C:\Users\Rebecca\AppData\Local\EmieSiteList
2015-03-30 20:00 - 2015-04-08 22:20 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1557593974-1961322542-3061216239-1001
2015-03-30 19:59 - 2015-04-08 22:13 - 00000000 ___DO () C:\Users\Rebecca\OneDrive
2015-03-30 19:58 - 2015-03-30 19:58 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\Macromedia
2015-03-30 19:56 - 2015-03-30 19:56 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\CyberLink
2015-03-30 19:56 - 2015-03-29 23:21 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\Hewlett-Packard
2015-03-30 19:55 - 2015-03-30 19:55 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\hpqlog
2015-03-30 19:54 - 2015-04-08 20:02 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\CrashDumps
2015-03-30 19:54 - 2015-03-30 19:55 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\PackageStaging
2015-03-30 19:54 - 2015-03-30 19:54 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-30 19:53 - 2015-03-30 19:53 - 00001445 _____ () C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-30 19:53 - 2015-03-30 19:53 - 00000199 _____ () C:\Windows\insFileSpec
2015-03-30 19:53 - 2015-03-30 19:53 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\Adobe
2015-03-30 19:53 - 2015-03-30 19:53 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\VirtualStore
2015-03-30 19:53 - 2015-03-29 23:22 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\Hewlett-Packard
2015-03-30 19:52 - 2015-04-07 17:24 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\Packages
2015-03-30 19:52 - 2015-04-07 14:28 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\NVIDIA
2015-03-30 19:52 - 2015-03-30 21:14 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\NVIDIA Corporation
2015-03-30 19:52 - 2015-03-30 19:52 - 00000180 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-03-30 19:52 - 2015-03-30 19:52 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\Synaptics
2015-03-30 19:50 - 2015-04-08 23:03 - 02083993 _____ () C:\Windows\WindowsUpdate.log
2015-03-30 19:50 - 2015-04-08 22:14 - 00000000 ____D () C:\Users\Rebecca
2015-03-30 19:50 - 2015-03-30 19:50 - 00000020 ___SH () C:\Users\Rebecca\ntuser.ini
2015-03-30 19:50 - 2015-03-30 19:50 - 00000000 _SHDL () C:\Users\Rebecca\Шаблоны
2015-03-30 19:50 - 2015-03-30 19:50 - 00000000 _SHDL () C:\Users\Rebecca\Мои документы
2015-03-30 19:50 - 2015-03-30 19:50 - 00000000 _SHDL () C:\Users\Rebecca\главное меню
2015-03-30 19:50 - 2015-03-30 19:50 - 00000000 _SHDL () C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Программы
2015-03-30 19:50 - 2014-08-28 04:33 - 00000000 ___RD () C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-30 19:50 - 2014-03-18 13:06 - 00000000 ___RD () C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-30 19:50 - 2014-03-18 12:54 - 00000369 _____ () C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-03-30 19:50 - 2014-03-18 12:54 - 00000369 _____ () C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-03-30 19:50 - 2013-08-22 18:36 - 00000000 ___RD () C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-30 19:50 - 2013-08-22 18:36 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Все пользователи\Шаблоны
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Все пользователи\Рабочий стол
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Все пользователи\Документы
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Все пользователи\главное меню
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Все пользователи
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Public\Documents\Моя музыка
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Public\Documents\мои рисунки
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Public\Documents\Мои видеозаписи
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Default\Шаблоны
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Default\Мои документы
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Default\главное меню
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Default\Documents\Моя музыка
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Default\Documents\мои рисунки
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Default\Documents\Мои видеозаписи
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Программы
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Default User\Documents\Моя музыка
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Default User\Documents\мои рисунки
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Default User\Documents\Мои видеозаписи
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Программы
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\ProgramData\Шаблоны
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\ProgramData\Рабочий стол
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\ProgramData\Документы
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\ProgramData\главное меню
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Программы
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-08 23:00 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\system32\sru
2015-04-08 22:19 - 2014-08-28 04:08 - 00827056 _____ () C:\Windows\system32\perfh019.dat
2015-04-08 22:19 - 2014-08-28 04:08 - 00180112 _____ () C:\Windows\system32\perfc019.dat
2015-04-08 22:19 - 2014-03-18 12:53 - 01947946 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-08 22:11 - 2013-08-22 17:46 - 00031288 _____ () C:\Windows\setupact.log
2015-04-08 22:11 - 2013-08-22 17:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-08 22:08 - 2013-08-22 17:44 - 00491624 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-08 22:07 - 2014-03-18 12:38 - 00000000 ____D () C:\Program Files\Windows Journal
2015-04-08 22:07 - 2013-08-22 18:36 - 00000000 ___RD () C:\Windows\ToastData
2015-04-08 22:07 - 2013-08-22 18:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-04-08 22:07 - 2013-08-22 18:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-04-08 22:07 - 2013-08-22 18:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-04-08 22:07 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2015-04-08 22:07 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
2015-04-08 22:07 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2015-04-08 22:07 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\system32\setup
2015-04-08 22:07 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\system32\en-GB
2015-04-08 22:07 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\oobe
2015-04-08 22:01 - 2013-08-22 16:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-04-08 21:58 - 2014-03-18 12:44 - 00014644 _____ () C:\Windows\PFRO.log
2015-04-08 20:39 - 2014-08-27 17:18 - 00000000 ____D () C:\Users\Все пользователи\Package Cache
2015-04-08 20:39 - 2014-08-27 17:18 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-08 20:17 - 2013-08-22 18:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-08 08:17 - 2013-08-22 18:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-08 08:17 - 2013-08-22 18:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-08 08:17 - 2013-08-22 18:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-08 08:17 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\WinStore
2015-04-08 08:17 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2015-04-08 08:17 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2015-04-08 08:17 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-08 08:17 - 2013-08-22 18:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-04-08 08:17 - 2013-08-22 18:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-04-08 08:16 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\MediaViewer
2015-04-08 08:16 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\FileManager
2015-04-08 08:16 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\Camera
2015-04-08 08:16 - 2013-08-22 18:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-04-07 18:55 - 2013-08-22 16:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-04-07 17:24 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-04-07 12:59 - 2014-03-18 12:25 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2015-04-07 12:59 - 2014-03-18 12:25 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2015-04-07 12:59 - 2014-03-18 12:25 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2015-04-07 12:59 - 2014-03-18 12:25 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-04-07 12:59 - 2014-03-18 12:25 - 00000000 ____D () C:\Windows\system32\winrm
2015-04-07 12:59 - 2014-03-18 12:25 - 00000000 ____D () C:\Windows\system32\WCN
2015-04-07 12:59 - 2014-03-18 12:25 - 00000000 ____D () C:\Windows\system32\slmgr
2015-04-07 12:59 - 2014-03-18 12:25 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2015-04-07 12:59 - 2013-08-22 18:36 - 00000000 ___SD () C:\Windows\system32\dsc
2015-04-07 12:59 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2015-04-07 12:59 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\system32\migwiz
2015-04-07 12:59 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\Help
2015-04-07 12:59 - 2013-08-22 18:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-04-07 12:59 - 2013-08-22 18:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-04-07 12:59 - 2013-08-22 18:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-04-07 12:59 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2015-04-07 12:59 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\servicing
2015-04-06 21:20 - 2014-08-27 18:23 - 00000000 ____D () C:\Users\Все пользователи\Apple
2015-04-06 21:20 - 2014-08-27 18:23 - 00000000 ____D () C:\ProgramData\Apple
2015-04-06 15:37 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\rescache
2015-04-06 15:06 - 2014-08-27 18:36 - 00000000 ____D () C:\Users\Все пользователи\McAfee
2015-04-06 15:06 - 2014-08-27 18:36 - 00000000 ____D () C:\ProgramData\McAfee
2015-04-06 15:03 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\security
2015-04-06 14:55 - 2014-08-27 17:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2015-04-06 14:55 - 2013-08-22 18:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-03-31 23:20 - 2014-08-27 18:35 - 00000000 ____D () C:\Users\Public\CyberLink
2015-03-31 22:13 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\system32\restore
2015-03-31 21:47 - 2014-08-27 18:17 - 00000000 ____D () C:\Users\Все пользователи\NVIDIA
2015-03-31 21:47 - 2014-08-27 18:17 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-31 21:47 - 2014-08-27 18:17 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-03-31 21:46 - 2014-08-27 18:16 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-03-30 20:10 - 2014-08-28 03:51 - 00000000 ___HD () C:\HP
2015-03-30 19:52 - 2014-04-05 02:45 - 00000000 ___HD () C:\SYSTEM.SAV
2015-03-30 19:36 - 2014-04-03 02:51 - 00000000 ____D () C:\Windows\Panther
2015-03-30 19:36 - 2013-08-22 18:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-03-30 19:36 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Default
2015-03-28 06:44 - 2014-08-27 18:18 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-03-28 06:43 - 2014-08-27 18:18 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-03-13 22:41 - 2014-08-27 18:17 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-03-13 22:41 - 2014-08-27 18:16 - 03303448 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-03-13 19:16 - 2014-08-27 18:17 - 06861968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-03-13 19:16 - 2014-08-27 18:17 - 03526856 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-03-13 19:16 - 2014-08-27 18:17 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-03-13 19:16 - 2014-08-27 18:17 - 01099408 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2015-03-13 19:16 - 2014-08-27 18:17 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-03-13 19:16 - 2014-08-27 18:17 - 00386248 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-03-13 19:16 - 2014-08-27 18:17 - 00075976 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2015-03-13 19:16 - 2014-08-27 18:17 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-03-11 16:10 - 2014-08-27 18:17 - 04246327 _____ () C:\Windows\system32\nvcoproc.bin
 
==================== Files in the root of some directories =======
 
2015-04-02 23:50 - 2015-04-02 23:50 - 0011458 _____ () C:\Users\Rebecca\AppData\Local\Temp-log.txt
 
Some content of TEMP:
====================
C:\Users\Rebecca\AppData\Local\Temp\mccspuninstall.exe
C:\Users\Rebecca\AppData\Local\Temp\Quarantine.exe
C:\Users\Rebecca\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Rebecca\AppData\Local\Temp\sqlite3.dll
C:\Users\Rebecca\AppData\Local\Temp\vlc-2.1.5-win32.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-04-03 01:59
 
==================== End Of Log ============================
 
and this is the Addition log:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Rebecca at 2015-04-08 23:04:32
Running from C:\Users\Rebecca\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Antivirus (Enabled - Up to date) {0F70A6C4-76E4-6A3B-2695-519F428B1C20}
AS: Antivirus (Enabled - Up to date) {B4114720-50DE-65B5-1C25-6AED390C569D}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
BitTorrent (HKU\S-1-5-21-1557593974-1961322542-3061216239-1001\...\BitTorrent) (Version: 7.9.2.39589 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Box Sync (HKLM\...\{2C2D80FC-6831-499D-B4E1-988DB004B73C}) (Version: 4.0.6208.0 - Box, Inc.)
Box Sync (x32 Version: 4.0.6208.0 - Box Inc.) Hidden
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version:  - Broadcom Corporation)
Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.0.9810 - Broadcom Corporation)
Bullzip PDF Printer 10.11.0.2338 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.11.0.2338 - Bullzip)
Computer Security 14.132.102.0 (release) (x32 Version: 14.132.102.0 - F-Secure Corporation) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.7.4023 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.1.5406 - CyberLink Corp.)
Cyberlink PhotoDirector (Version: 5.0.1.5406 - Название организации) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.7.4016 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.1.3121 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.1.3121 - Название организации) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4.4223 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.4.4218 - CyberLink Corp.)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.3 (HKLM-x32\...\{E461B1AC-BC3C-11E3-B5B8-00163E98E7D6}) (Version: 5.3.0.3360 - Evernote Corp.)
f.lux (HKU\S-1-5-21-1557593974-1961322542-3061216239-1001\...\Flux) (Version:  - )
Foxit PhantomPDF (HKLM-x32\...\{00CD7D62-056A-4F0F-9143-44522D44E6DD}) (Version: 6.0.32.507 - Foxit Corporation)
F-Secure (HKLM-x32\...\F-Secure ServiceEnabler 49534) (Version: 2.33.219.0 - F-Secure Corporation)
F-Secure (x32 Version: 2.33.219.0 - F-Secure Corporation) Hidden
F-Secure CCF Reputation (x32 Version: 2.0.1337.0 - F-Secure) Hidden
F-Secure CCF Scanning 1.61.106.453 (release) (x32 Version: 1.61.106.453 - F-Secure Corporation) Hidden
F-Secure Network CCF 1.03.127 (x32 Version: 1.03.127 - F-Secure Corporation) Hidden
F-Secure SafeSearch 1.04.101.0 (release) (x32 Version: 1.04.101.0 - F-Secure Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{13133E99-B0D5-4143-B832-AAD55C62A41C}) (Version: 6.0.19.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{082B1425-0F24-43FA-9B64-E8F617B0AD3B}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{7FE016CC-DAA9-4E21-BD2F-98390D1E6F3F}) (Version: 7.6.23.8 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{E20B0C89-ACCF-4EBB-909D-2E5BD4A9C024}) (Version: 1.1.11 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{DCD5C599-5CCC-4E37-8938-FBB548D780C6}) (Version: 2.5.3 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.11 - Softex Inc.) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.9.1000 - Intel Corporation)
Intel® Smart Connect Technology (HKLM\...\{5B8687FC-220A-4255-94C6-197D1946F458}) (Version: 4.2.41.2710 - Intel Corporation)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4701.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Графический драйвер 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA Системное программное обеспечение PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Online Safety 2.133.4000.2313 (x32 Version: 2.133.4000.2313 - F-Secure Corporation) Hidden
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.49 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.32.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7231 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1557593974-1961322542-3061216239-1001\...\Spotify) (Version: 1.0.3.101.gbfa97dfe - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Surgeon Simulator (HKLM-x32\...\Steam App 233720) (Version:  - Bossa Studios)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.7.16 - Synaptics Incorporated)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Веселая ферма 2 (HKLM-x32\...\Веселая ферма 2) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Веселая ферма 3 (HKLM-x32\...\Веселая ферма 3) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Герои Эллады 2. Олимпия (HKLM-x32\...\Герои Эллады 2. Олимпия) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Магическая энциклопедия. Лунный свет (HKLM-x32\...\Магическая энциклопедия. Лунный свет) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Магнат курортов (HKLM-x32\...\Магнат курортов) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Масяня в полной Африке (HKLM-x32\...\Масяня в полной Африке) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Мои HP Игры (HKLM-x32\...\My HP Games) (Version: 1.0.0.0 - Alawar Entertainment)
Натали Брукс. Тайны одноклассников (HKLM-x32\...\Натали Брукс. Тайны одноклассников) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Обновления NVIDIA 2.4.1.21 (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Панель управления NVIDIA 347.88 (Version: 347.88 - NVIDIA Corporation) Hidden
Сага о вампире. Добро пожаловать в [bleep] Lock (HKLM-x32\...\Сага о вампире. Добро пожаловать в [bleep] Lock) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Сокровища Монтесумы 3 (HKLM-x32\...\Сокровища Монтесумы 3) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1557593974-1961322542-3061216239-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
 
==================== Restore Points  =========================
 
31-03-2015 22:13:02 Добавление компонентов в Windows 8.1
31-03-2015 22:14:11 Установщик модулей Windows
02-04-2015 23:29:20 Установлено: Microsoft Visual C++ 2005 Redistributable (x64)
04-04-2015 23:40:16 Installed Windows 7 USB/DVD Download Tool
06-04-2015 14:28:39 Removed Windows 7 USB/DVD Download Tool
08-04-2015 20:37:13 Box Sync
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 16:25 - 2013-08-22 16:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {043C3665-6630-421F-BA78-BD1A89453FE7} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {1B62533C-52C8-4ADA-A33C-289666D98EF3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-30] (Google Inc.)
Task: {36FDDA36-C71E-437E-A13D-B4DA818BAD23} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {3A0A3917-0CD3-4225-A02F-A864BFEBEEDC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {46913FEF-8515-4591-AF07-331691838BE7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-02-26] (Microsoft Corporation)
Task: {4BD1189A-7B30-4775-B221-A1837D5D2063} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-30] (Google Inc.)
Task: {52537E47-480F-4DC6-A1BE-2E01D2218A3C} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2014-05-19] (Hewlett-Packard Development Company, L.P.)
Task: {6D77EFC5-A264-4219-9F92-C6B0E38A6988} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {76CB49CF-637F-415A-AEDC-43FEC30F99C5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-04-06] (Microsoft Corporation)
Task: {79E28FEE-76EE-4552-AF4B-28B6D7C624E8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-04-06] (Microsoft Corporation)
Task: {7F2467DA-9EE2-42F4-8FB0-7F8696AA438A} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-06-18] (CyberLink Corp.)
Task: {909447D0-D460-45B0-80B2-32CB799474F0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-04-06] (Microsoft Corporation)
Task: {A184A733-4159-4F63-BD1E-D76BE1665DF7} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {B6891967-430F-41D5-B815-0200CA50ED79} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {BB7FBD2E-1F57-4E8C-AF2A-FFA677B66F5C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-06-03] (Hewlett-Packard Company)
Task: {C27E55C2-7558-46F8-B61A-29202BA5D8D9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-06-03] (Hewlett-Packard Company)
Task: {CA32A1EF-13EF-432B-AFAD-CCAA59AB0BC9} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {F920DDEF-C733-4A81-B1DE-F796C914478D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2014-08-27 18:17 - 2015-03-13 19:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-28 12:31 - 2014-03-28 12:31 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-28 12:27 - 2014-03-28 12:27 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-28 12:27 - 2014-03-28 12:27 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-28 12:27 - 2014-03-28 12:27 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-28 12:48 - 2014-03-28 12:48 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-28 12:48 - 2014-03-28 12:48 - 00712080 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2015-02-13 03:20 - 2015-02-13 03:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 03:20 - 2015-02-13 03:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-06 14:45 - 2014-05-20 07:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-12-04 07:44 - 2013-12-04 07:44 - 00200168 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
2013-12-04 07:44 - 2013-12-04 07:44 - 00054760 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll
2013-12-04 07:44 - 2013-12-04 07:44 - 00034792 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTNetMon.dll
2014-08-27 18:42 - 2014-04-14 17:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-04-06 15:00 - 2015-04-06 15:24 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-03-28 12:36 - 2014-03-28 12:36 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2015-02-13 03:20 - 2015-02-13 03:20 - 00306984 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Rebecca\OneDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1557593974-1961322542-3061216239-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rebecca\AppData\Local\Microsoft\Windows\Themes\k (2)\DesktopBackground\fhgg2.jpg
DNS Servers: 10.0.0.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "iTunesHelper"
 
==================== Accounts: =============================
 
HomeGroupUser$ (S-1-5-21-1557593974-1961322542-3061216239-1003 - Limited - Enabled)
Rebecca (S-1-5-21-1557593974-1961322542-3061216239-1001 - Administrator - Enabled) => C:\Users\Rebecca
Администратор (S-1-5-21-1557593974-1961322542-3061216239-500 - Administrator - Disabled)
Гость (S-1-5-21-1557593974-1961322542-3061216239-501 - Limited - Disabled)
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (04/08/2015 11:04:40 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 1  2015-04-08  23:04:39+04:00  CLAPTRAP  SYSTEM  F-Secure DeepGuard
 Application was blocked. This was determined to be a high-risk application by system control heuristics.
 Application path: \\?\c:\windows\mod_frst.exe
 File hash: 7af3f20e098b8c1d48a663b5a853b5950a159aae
 
Error: (04/08/2015 10:04:32 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: NT AUTHORITY)
Description: Error 0x8004401e encountered when trying to load MOF C:\WINDOWS\SYSTEM32\WBEM\EN-US\PROFILEASSOCIATIONPROVIDER.MFL while recovering .MOF file marked with autorecover.
 
Error: (04/08/2015 10:04:32 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: NT AUTHORITY)
Description: Error 0x8004401e encountered when trying to load MOF C:\WINDOWS\SYSTEM32\WBEM\EN-US\POWERMETERPROVIDER.MFL while recovering .MOF file marked with autorecover.
 
Error: (04/08/2015 10:04:32 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: NT AUTHORITY)
Description: Error 0x8004401e encountered when trying to load MOF C:\WINDOWS\SYSTEM32\WBEM\EN-US\CIMDMTF.MFL while recovering .MOF file marked with autorecover.
 
Error: (04/08/2015 10:04:32 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: NT AUTHORITY)
Description: Error 0x8004401e encountered when trying to load MOF C:\WINDOWS\SYSTEM32\WBEM\EN-US\DSCCORE.MFL while recovering .MOF file marked with autorecover.
 
Error: (04/08/2015 10:04:32 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: NT AUTHORITY)
Description: Error 0x8004401e encountered when trying to load MOF C:\WINDOWS\SYSTEM32\WBEM\EN-US\FILETRACE.MFL while recovering .MOF file marked with autorecover.
 
Error: (04/08/2015 10:04:31 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: NT AUTHORITY)
Description: Error 0x8004401e encountered when trying to load MOF C:\WINDOWS\SYSTEM32\WBEM\EN-US\DSCCORECONFPROV.MFL while recovering .MOF file marked with autorecover.
 
Error: (04/08/2015 10:04:31 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: NT AUTHORITY)
Description: Error 0x8004401e encountered when trying to load MOF C:\WINDOWS\SYSTEM32\WBEM\EN-US\MSFEEDS.MFL while recovering .MOF file marked with autorecover.
 
Error: (04/08/2015 10:04:31 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: NT AUTHORITY)
Description: Error 0x8004401e encountered when trying to load MOF C:\WINDOWS\SYSTEM32\WBEM\EN-US\APPBACKGROUNDTASK.MFL while recovering .MOF file marked with autorecover.
 
Error: (04/08/2015 10:04:31 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: NT AUTHORITY)
Description: Error 0x8004401e encountered when trying to load MOF C:\WINDOWS\SYSTEM32\WBEM\EN-US\USERPROFILECONFIGURATIONWMIPROVIDER.MFL while recovering .MOF file marked with autorecover.
 
 
System errors:
=============
Error: (04/08/2015 10:01:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error: 
%%6
 
Error: (04/08/2015 10:01:11 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Сервер service terminated with the following error: 
%%1115
 
Error: (04/08/2015 10:01:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Обнаружение SSDP service failed to start due to the following error: 
%%1069
 
Error: (04/08/2015 10:01:08 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The SSDPSRV service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: 
%%50
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (04/08/2015 10:01:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Клиент групповой политики service failed to start due to the following error: 
%%1115
 
Error: (04/08/2015 10:01:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Диспетчер настройки устройств service failed to start due to the following error: 
%%1115
 
Error: (04/08/2015 10:01:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Информация о совместимости приложений service failed to start due to the following error: 
%%1115
 
Error: (04/08/2015 10:01:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Служба поддержки Bluetooth service failed to start due to the following error: 
%%1069
 
Error: (04/08/2015 10:01:08 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The bthserv service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: 
%%50
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (04/08/2015 10:01:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Доступ к HID-устройствам service failed to start due to the following error: 
%%1115
 
 
Microsoft Office Sessions:
=========================
Error: (04/08/2015 11:04:40 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 1  2015-04-08  23:04:39+04:00  CLAPTRAP  SYSTEM  F-Secure DeepGuard
 Application was blocked. This was determined to be a high-risk application by system control heuristics.
 Application path: \\?\c:\windows\mod_frst.exe
 File hash: 7af3f20e098b8c1d48a663b5a853b5950a159aae
 
Error: (04/08/2015 10:04:32 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: NT AUTHORITY)
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EN-US\PROFILEASSOCIATIONPROVIDER.MFL
 
Error: (04/08/2015 10:04:32 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: NT AUTHORITY)
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EN-US\POWERMETERPROVIDER.MFL
 
Error: (04/08/2015 10:04:32 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: NT AUTHORITY)
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EN-US\CIMDMTF.MFL
 
Error: (04/08/2015 10:04:32 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: NT AUTHORITY)
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EN-US\DSCCORE.MFL
 
Error: (04/08/2015 10:04:32 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: NT AUTHORITY)
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EN-US\FILETRACE.MFL
 
Error: (04/08/2015 10:04:31 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: NT AUTHORITY)
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EN-US\DSCCORECONFPROV.MFL
 
Error: (04/08/2015 10:04:31 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: NT AUTHORITY)
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EN-US\MSFEEDS.MFL
 
Error: (04/08/2015 10:04:31 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: NT AUTHORITY)
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EN-US\APPBACKGROUNDTASK.MFL
 
Error: (04/08/2015 10:04:31 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: NT AUTHORITY)
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EN-US\USERPROFILECONFIGURATIONWMIPROVIDER.MFL
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4510U CPU @ 2.00GHz
Percentage of memory in use: 41%
Total physical RAM: 8122.15 MB
Available physical RAM: 4768.41 MB
Total Pagefile: 9402.15 MB
Available Pagefile: 5541.15 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:910.77 GB) (Free:835.72 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:19.73 GB) (Free:2.23 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (TOSHIBA EXT) (Fixed) (Total:1863.01 GB) (Free:1162.02 GB) NTFS
Drive g: () (Removable) (Total:3.73 GB) (Free:3.66 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 412A0C86)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: 671790B3)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (Size: 3.7 GB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================
 

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP

I don't usually work on win 8 but I think I can see part of it.  Would be easier if you hadn't removed the extension but I'm guessing that these entries are all part of it:

 

2015-03-31 23:14 - 2015-04-04 12:58 - 00000000 ____D () C:\Users\Все пользователи\{85292c86-39ca-88b8-8529-92c8639cb218}
2015-03-31 23:14 - 2015-04-04 12:58 - 00000000 ____D () C:\ProgramData\{85292c86-39ca-88b8-8529-92c8639cb218}
2015-03-31 23:10 - 2015-03-31 23:10 - 00000000 ____D () C:\Users\Все пользователи\ncnnihfkkkifcpfkomchdppeojnogmja
2015-03-31 23:10 - 2015-03-31 23:10 - 00000000 ____D () C:\Users\Все пользователи\3012578853096907344
2015-03-31 23:10 - 2015-03-31 23:10 - 00000000 ____D () C:\ProgramData\ncnnihfkkkifcpfkomchdppeojnogmja
2015-03-31 23:10 - 2015-03-31 23:10 - 00000000 ____D () C:\ProgramData\3012578853096907344
2015-03-31 23:09 - 2015-04-04 17:07 - 00000000 ____D () C:\Users\Все пользователи\{7a7f4047-6490-4f2c-7a7f-f4047649011d}
2015-03-31 23:09 - 2015-04-04 17:07 - 00000000 ____D () C:\ProgramData\{7a7f4047-6490-4f2c-7a7f-f4047649011d}

 

 

 
None of the folder names have any hits in Google so random which is usually a malware trait.  All created about the same time.   These two even look like Chrome extensions:
 
2015-03-31 23:10 - 2015-03-31 23:10 - 00000000 ____D () C:\Users\Все пользователи\ncnnihfkkkifcpfkomchdppeojnogmja
 
2015-03-31 23:10 - 2015-03-31 23:10 - 00000000 ____D () C:\ProgramData\ncnnihfkkkifcpfkomchdppeojnogmja

 

 

I expect if you look inside you will see a content.js file.  Let's try removing them with FRST and see if that helps:

 

Download the attached fixlist.txt to the same location as FRST
Run FRST (right click and Run As Admin)  and press Fix
A fix log will be generated please post that.  Run FRST again, check the Additions box and then Scan.  You will get two logs.  Post them both.

  • 0

#3
rebtastic

rebtastic

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

Thank you for replying! I did what you advised and here are the results.

 

This is the fix log:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Rebecca at 2015-04-09 17:35:11 Run:1
Running from C:\Users\Rebecca\Desktop
Loaded Profiles: Rebecca (Available profiles: Rebecca)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
2015-03-31 23:14 - 2015-04-04 12:58 - 00000000 ____D () C:\Users\Все пользователи\{85292c86-39ca-88b8-8529-92c8639cb218}
2015-03-31 23:14 - 2015-04-04 12:58 - 00000000 ____D () C:\ProgramData\{85292c86-39ca-88b8-8529-92c8639cb218}
2015-03-31 23:10 - 2015-03-31 23:10 - 00000000 ____D () C:\Users\Все пользователи\ncnnihfkkkifcpfkomchdppeojnogmja
2015-03-31 23:10 - 2015-03-31 23:10 - 00000000 ____D () C:\Users\Все пользователи\3012578853096907344
2015-03-31 23:10 - 2015-03-31 23:10 - 00000000 ____D () C:\ProgramData\ncnnihfkkkifcpfkomchdppeojnogmja
2015-03-31 23:10 - 2015-03-31 23:10 - 00000000 ____D () C:\ProgramData\3012578853096907344
2015-03-31 23:09 - 2015-04-04 17:07 - 00000000 ____D () C:\Users\Все пользователи\{7a7f4047-6490-4f2c-7a7f-f4047649011d}
2015-03-31 23:09 - 2015-04-04 17:07 - 00000000 ____D () C:\ProgramData\{7a7f4047-6490-4f2c-7a7f-f4047649011d}
*****************
 
C:\Users\Все пользователи\{85292c86-39ca-88b8-8529-92c8639cb218} => Moved successfully.
"C:\ProgramData\{85292c86-39ca-88b8-8529-92c8639cb218}" => File/Directory not found.
C:\Users\Все пользователи\ncnnihfkkkifcpfkomchdppeojnogmja => Moved successfully.
C:\Users\Все пользователи\3012578853096907344 => Moved successfully.
"C:\ProgramData\ncnnihfkkkifcpfkomchdppeojnogmja" => File/Directory not found.
"C:\ProgramData\3012578853096907344" => File/Directory not found.
C:\Users\Все пользователи\{7a7f4047-6490-4f2c-7a7f-f4047649011d} => Moved successfully.
"C:\ProgramData\{7a7f4047-6490-4f2c-7a7f-f4047649011d}" => File/Directory not found.
 
==== End of Fixlog 17:35:11 ====
 
This is the FRST log: 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Rebecca (administrator) on CLAPTRAP on 09-04-2015 17:38:10
Running from C:\Users\Rebecca\Desktop
Loaded Profiles: Rebecca (Available profiles: Rebecca)
Platform: Windows 8.1 Pro (X64) OS Language: Russian (Russia)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSHDLL64.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Box, Inc.) C:\Program Files\Box\Box Sync\BoxSync.exe
(Flux Software LLC) C:\Users\Rebecca\AppData\Local\FluxSoftware\Flux\flux.exe
(Spotify Ltd) C:\Users\Rebecca\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
() C:\Program Files\Box\Box Sync\BoxSyncMonitor.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Apple Inc.) F:\Music\iTunes.exe
(Box) C:\Program Files\WindowsApps\134D4F5B.Box_2.1.2.3_neutral__2qk4zy5s3qmee\Box.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.243\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.27\deploy\LoLPatcher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.139\deploy\LolClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\nacl64.exe
() C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.85\deploy\League of Legends.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7573208 2014-04-23] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2014-06-17] (Synaptics Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [iTunesHelper] => F:\Music\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM\...\Run: [BoxSync] => C:\Program Files\Box\Box Sync\BoxSync.exe [5732976 2015-03-23] (Box, Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [506680 2014-06-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [F-Secure Hoster (49534)] => C:\Program Files (x86)\F-Secure\fshoster32.exe [187432 2015-03-02] (F-Secure Corporation)
HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE [306032 2015-03-16] (F-Secure Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1557593974-1961322542-3061216239-1001\...\Run: [f.lux] => C:\Users\Rebecca\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-1557593974-1961322542-3061216239-1001\...\Run: [Spotify Web Helper] => C:\Users\Rebecca\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-04-06] (Spotify Ltd)
HKU\S-1-5-21-1557593974-1961322542-3061216239-1001\...\MountPoints2: {f48bae55-d6fc-11e4-825f-b01041ed4a98} - "F:\AutoRun.exe" 
HKU\S-1-5-21-1557593974-1961322542-3061216239-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [571392 2013-08-22] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncFileLocked] -> {2a607da5-abe8-358e-a881-c0f5faf2d3a5} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncFileLockedByOther] -> {f7d2951f-0b6b-346c-99ec-69cffc30a364} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncNotSynced] -> {5ea95e3d-3e46-3812-b03c-49785fa67d41} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncProblem] -> {a88b7184-bfa1-3d14-8efb-2225df9699bc} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncSynced] -> {c89f9943-8f58-3eca-bd55-a658f53b2f48} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.bing.com?pc=HPDTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDFJS
HKU\S-1-5-21-1557593974-1961322542-3061216239-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1557593974-1961322542-3061216239-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-04-06] (Microsoft Corporation)
BHO: Browsing Protection -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https64.dll [2015-03-06] (F-Secure Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-06] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-04-06] (Microsoft Corporation)
BHO-x32: Browsing Protection -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dll [2015-03-06] (F-Secure Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-06] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-04-06] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
 
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-06] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-04-06] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF HKLM-x32\...\Firefox\Extensions: [{50d47bc6-5425-4951-b2f1-efb0c3cbe09f}] - C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\deploy\fs_firefox_https
FF Extension: Browsing Protection - C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\deploy\fs_firefox_https [2015-04-06]
 
Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Profile 1 -> hxxp://portal.bris.ac.uk/
CHR StartupUrls: Profile 1 -> "hxxp://uk-mg42.mail.yahoo.com/neo/launch?.rand=648c6iindv2qg#mail"
CHR DefaultSuggestURL: Profile 1 -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-30]
CHR Extension: (Google Docs) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-30]
CHR Extension: (Google Drive) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-30]
CHR Extension: (YouTube) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-30]
CHR Extension: (Online Chess Games) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdpiilochbpoemecaookclgloelkmdfc [2015-03-31]
CHR Extension: (Google Search) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-30]
CHR Extension: (Google Sheets) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-30]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-30]
CHR Extension: (Google Wallet) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-30]
CHR Extension: (Gmail) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Profile: C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-30]
CHR Extension: (Google Docs) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-30]
CHR Extension: (Google Drive) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-30]
CHR Extension: (YouTube) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-30]
CHR Extension: (Google Cast) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-03-30]
CHR Extension: (Google Search) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-30]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2015-03-30]
CHR Extension: (Gmail Offline) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2015-03-30]
CHR Extension: (Google Calendar) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-03-30]
CHR Extension: (Hola Better Internet Engine) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\epbfmioobedknooiakdehepogalbgkng [2015-03-30]
CHR Extension: (Google Sheets) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-30]
CHR Extension: (AdBlock) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-03-30]
CHR Extension: (Hola Better Internet) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-03-30]
CHR Extension: (Bookmark Manager) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-06]
CHR Extension: (RefME WebClipper) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hmgoegihbjidjbcnmokiicohabagclpg [2015-04-07]
CHR Extension: (Browsing Protection by F-Secure) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2015-04-06]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2015-03-30]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-31]
CHR Extension: (Hangouts) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2015-03-30]
CHR Extension: (Google Wallet) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-30]
CHR Extension: (Gmail) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Daryl Dixon Walking Dead) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\plkegioblhcgfapjldldgfokpfmoefia [2015-03-30]
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - C:/Program Files (x86)/F-Secure/apps/CCF_Scanning/bin/browser/install/fs_chrome_https/fs_chrome_https.crx [2015-03-16]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-13] (Broadcom Corporation.)
S3 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [28696 2015-03-23] (Box, Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
R2 fshoster; C:\Program Files (x86)\F-Secure\fshoster32.exe [187432 2015-03-02] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE [215920 2015-03-16] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe [60456 2015-04-06] (F-Secure Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-06-03] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [475960 2014-06-19] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-08] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315376 2014-05-15] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [File not signed]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-09] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-06-17] (Synaptics Incorporated)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-04-03] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-13] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7532760 2014-08-27] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [208424 2015-04-06] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [71112 2015-04-06] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2015-04-06] ()
R3 fsni; C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\fsni64.sys [90152 2015-02-13] (F-Secure Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-13] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-13] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-13] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [476888 2014-03-22] (Realsil Semiconductor Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2014-06-17] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-06-17] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-09 17:31 - 2015-04-09 17:31 - 00001338 _____ () C:\Users\Rebecca\Desktop\Essay - Shortcut.lnk
2015-04-09 15:02 - 2015-04-09 15:02 - 00003176 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForRebecca
2015-04-09 15:02 - 2015-04-09 15:02 - 00000358 _____ () C:\Windows\Tasks\HPCeeScheduleForRebecca.job
2015-04-08 23:04 - 2015-04-08 23:05 - 00030070 _____ () C:\Users\Rebecca\Desktop\Addition.txt
2015-04-08 23:03 - 2015-04-09 17:38 - 00030851 _____ () C:\Users\Rebecca\Desktop\FRST.txt
2015-04-08 23:02 - 2015-04-09 17:38 - 00000000 ____D () C:\FRST
2015-04-08 23:01 - 2015-04-08 23:02 - 02095616 _____ (Farbar) C:\Users\Rebecca\Desktop\FRST64.exe
2015-04-08 22:14 - 2015-04-08 22:22 - 00000000 ___RD () C:\Users\Rebecca\Box Sync
2015-04-08 22:14 - 2015-04-08 22:14 - 00001587 _____ () C:\Users\Rebecca\Desktop\Box Sync.lnk
2015-04-08 20:58 - 2015-04-08 20:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-04-08 20:58 - 2015-04-08 20:58 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-04-08 20:58 - 2015-04-08 20:58 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-04-08 20:39 - 2015-04-09 14:51 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\Box Sync
2015-04-08 20:38 - 2015-04-08 20:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Box Sync
2015-04-08 20:38 - 2015-04-08 20:38 - 00000000 ____D () C:\Program Files\Box
2015-04-08 19:23 - 2015-04-08 22:15 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-08 19:23 - 2015-04-08 19:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-08 19:23 - 2015-04-08 19:29 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-08 19:23 - 2015-04-08 19:23 - 00000000 ____D () C:\Users\Все пользователи\Malwarebytes
2015-04-08 19:23 - 2015-04-08 19:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-08 19:23 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-08 19:23 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-08 19:23 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-08 18:49 - 2015-04-08 18:53 - 00000000 ____D () C:\AdwCleaner
2015-04-08 16:40 - 2015-04-09 14:57 - 00000000 ____D () C:\Users\Rebecca\Documents\Youcam
2015-04-08 16:33 - 2015-03-05 00:24 - 00792032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-08 16:33 - 2015-03-05 00:24 - 00178144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-08 08:17 - 2015-04-08 16:33 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-08 08:17 - 2015-04-08 08:17 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-08 08:17 - 2015-04-08 08:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-08 08:17 - 2015-04-08 08:17 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-07 22:28 - 2014-04-14 06:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-04-07 18:55 - 2015-04-07 19:11 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-07 18:55 - 2015-02-26 20:14 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-07 18:20 - 2015-02-04 02:58 - 00264000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-04-07 18:20 - 2015-02-04 02:58 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-04-07 18:20 - 2015-02-04 02:58 - 00044024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-04-07 18:20 - 2015-02-03 02:53 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2015-04-07 18:20 - 2015-02-03 02:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2015-04-07 17:59 - 2014-11-10 05:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll
2015-04-07 17:59 - 2014-11-10 04:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
2015-04-07 17:56 - 2015-01-23 10:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-04-07 17:56 - 2015-01-23 08:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-04-07 17:53 - 2015-04-07 17:53 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\PDF Writer
2015-04-07 17:53 - 2015-04-07 17:53 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\PDF Writer
2015-04-07 17:48 - 2014-12-08 13:36 - 00000543 _____ () C:\Users\Rebecca\Documents\hard drive info.txt
2015-04-07 17:48 - 2014-10-26 08:24 - 00000043 _____ () C:\Users\Rebecca\Documents\card deets.txt
2015-04-07 17:48 - 2013-09-24 20:12 - 00001637 _____ () C:\Users\Rebecca\Documents\Rocksoc Playlist.txt
2015-04-07 17:48 - 2013-09-10 17:39 - 01239040 _____ () C:\Users\Rebecca\Documents\BCA Flyer.pub
2015-04-07 17:48 - 2013-09-04 21:49 - 04561920 _____ () C:\Users\Rebecca\Documents\Happy 21st Birthday Rebs!!.ppt
2015-04-07 17:48 - 2012-11-29 23:51 - 00002378 _____ () C:\Users\Rebecca\Documents\MumbleAutomaticCertificateBackup.p12
2015-04-07 17:48 - 2008-12-17 00:30 - 06990667 _____ () C:\Users\Rebecca\Documents\Mitosis.FINISHEDyey.wmv
2015-04-07 17:46 - 2015-04-07 17:48 - 00000000 ____D () C:\Users\Rebecca\Documents\Universitay
2015-04-07 17:46 - 2015-04-07 17:46 - 00000000 ____D () C:\Users\Rebecca\Documents\My Received Files
2015-04-07 17:46 - 2015-04-07 17:46 - 00000000 ____D () C:\Users\Rebecca\Documents\My Games
2015-04-07 17:46 - 2015-04-07 17:46 - 00000000 ____D () C:\Users\Rebecca\Documents\Homework
2015-04-07 17:46 - 2015-04-07 17:46 - 00000000 ____D () C:\Users\Rebecca\Documents\bamk
2015-04-07 17:45 - 2015-01-29 04:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-04-07 17:45 - 2015-01-29 04:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2015-04-07 17:44 - 2015-02-21 04:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-07 17:44 - 2015-02-21 03:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-07 17:44 - 2015-02-21 03:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-07 17:44 - 2015-02-21 03:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-04-07 17:44 - 2015-02-21 03:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-07 17:44 - 2015-02-21 02:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-07 17:44 - 2015-02-21 02:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-07 17:44 - 2015-02-20 05:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-07 17:44 - 2015-02-20 05:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-07 17:44 - 2015-02-20 05:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-07 17:44 - 2015-02-20 05:35 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-07 17:44 - 2015-02-20 05:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-07 17:44 - 2015-02-20 05:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-07 17:44 - 2015-02-20 05:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-07 17:44 - 2015-02-20 05:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-04-07 17:44 - 2015-02-20 05:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-07 17:44 - 2015-02-20 05:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-07 17:44 - 2015-02-20 05:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-07 17:44 - 2015-02-20 04:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-04-07 17:44 - 2015-02-20 04:56 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-07 17:44 - 2015-02-20 04:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-04-07 17:44 - 2015-02-20 04:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-07 17:44 - 2015-02-20 04:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-07 17:44 - 2015-02-20 04:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-07 17:44 - 2015-02-20 04:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-07 17:44 - 2015-02-20 04:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-07 17:44 - 2015-02-20 04:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-04-07 17:44 - 2015-02-20 04:29 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-04-07 17:44 - 2015-02-20 04:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-07 17:44 - 2015-02-20 04:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-04-07 17:44 - 2015-02-20 04:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-07 17:44 - 2015-02-20 04:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-07 17:44 - 2015-02-20 04:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-07 17:44 - 2015-02-20 04:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-07 17:44 - 2015-02-20 04:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-07 17:44 - 2015-02-20 03:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-07 17:44 - 2015-02-20 03:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-07 17:44 - 2015-01-12 05:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-07 17:44 - 2015-01-12 04:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-07 17:44 - 2015-01-12 04:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-07 17:44 - 2015-01-12 04:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-07 17:44 - 2014-11-22 05:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-07 17:44 - 2014-11-22 05:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-07 17:44 - 2014-10-31 08:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-04-07 17:44 - 2014-10-31 08:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-04-07 17:44 - 2014-10-31 08:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-04-07 17:44 - 2014-10-31 08:09 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-04-07 17:44 - 2014-10-31 08:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-04-07 17:44 - 2014-10-31 08:06 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-04-07 17:44 - 2014-10-31 08:06 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-07 17:44 - 2014-10-31 08:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-07 17:44 - 2014-10-31 07:57 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-07 17:44 - 2014-10-31 07:56 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-07 17:44 - 2014-10-31 07:54 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-04-07 17:44 - 2014-10-31 07:53 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-07 17:44 - 2014-10-31 07:52 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2015-04-07 17:44 - 2014-10-31 07:51 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-07 17:44 - 2014-10-31 07:51 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-07 17:44 - 2014-10-31 07:40 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-04-07 17:44 - 2014-10-31 07:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-07 17:44 - 2014-10-31 07:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-04-07 17:44 - 2014-10-31 07:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-04-07 17:44 - 2014-10-31 07:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-04-07 17:44 - 2014-10-31 07:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-07 17:44 - 2014-10-31 07:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-04-07 17:44 - 2014-10-31 07:19 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-04-07 17:44 - 2014-10-31 06:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-04-07 17:44 - 2014-10-31 06:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-04-07 17:44 - 2014-10-31 06:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-04-07 17:44 - 2014-10-31 06:27 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-04-07 17:44 - 2014-10-31 06:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-04-07 17:44 - 2014-10-31 06:25 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-04-07 17:44 - 2014-10-31 06:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-04-07 17:44 - 2014-10-31 06:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-07 17:44 - 2014-10-31 06:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-07 17:44 - 2014-10-31 06:16 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-07 17:44 - 2014-10-31 06:15 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-07 17:44 - 2014-10-31 06:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-04-07 17:44 - 2014-10-31 06:13 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-07 17:44 - 2014-10-31 06:13 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2015-04-07 17:44 - 2014-10-31 06:12 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-07 17:44 - 2014-10-31 06:11 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-07 17:44 - 2014-10-31 06:03 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-04-07 17:44 - 2014-10-31 05:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-07 17:44 - 2014-10-31 05:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-04-07 17:44 - 2014-10-31 05:56 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-04-07 17:44 - 2014-10-31 05:56 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-04-07 17:44 - 2014-10-31 05:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-07 17:44 - 2014-10-31 05:53 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-04-07 17:44 - 2014-10-31 05:48 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-04-07 17:44 - 2014-10-31 05:26 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-04-07 17:44 - 2014-10-31 05:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-04-07 17:44 - 2014-06-10 01:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-04-07 17:44 - 2014-06-10 01:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-04-07 17:43 - 2015-01-29 04:11 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-04-07 17:43 - 2015-01-29 04:00 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-04-07 17:43 - 2015-01-29 03:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-04-07 17:43 - 2015-01-29 03:50 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-04-07 17:43 - 2014-10-29 05:34 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe
2015-04-07 17:43 - 2014-10-29 05:34 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2015-04-07 17:43 - 2014-10-29 04:13 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2015-04-07 17:43 - 2014-10-29 03:55 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2015-04-07 17:24 - 2014-08-16 06:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2015-04-07 17:24 - 2014-08-16 04:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-07 17:24 - 2014-08-16 03:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-04-07 17:24 - 2014-08-16 03:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2015-04-07 17:24 - 2014-08-16 03:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2015-04-07 17:24 - 2014-08-16 03:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2015-04-07 17:24 - 2014-08-16 03:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2015-04-07 17:24 - 2014-08-16 03:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2015-04-07 17:24 - 2014-08-16 03:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2015-04-07 17:24 - 2014-08-16 03:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-04-07 17:24 - 2014-08-16 03:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2015-04-07 17:24 - 2014-08-16 03:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2015-04-07 17:24 - 2014-08-16 03:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2015-04-07 17:24 - 2014-08-16 03:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-04-07 17:24 - 2014-07-24 18:28 - 00468288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-04-07 17:24 - 2014-07-24 13:09 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-04-07 17:24 - 2014-07-24 12:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-04-07 17:23 - 2014-08-16 07:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2015-04-07 17:23 - 2014-08-16 06:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-07 17:23 - 2014-08-16 04:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2015-04-07 17:23 - 2014-08-16 03:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2015-04-07 17:23 - 2014-08-16 03:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2015-04-07 17:23 - 2014-08-16 03:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2015-04-07 17:23 - 2014-08-16 03:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2015-04-07 17:23 - 2014-08-16 03:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-04-07 17:23 - 2014-08-16 03:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2015-04-07 17:23 - 2014-08-16 03:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2015-04-07 17:23 - 2014-07-24 14:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2015-04-07 17:12 - 2014-09-10 09:25 - 00474432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-04-07 17:12 - 2014-09-08 06:07 - 02497344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-04-07 17:12 - 2014-09-08 06:07 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-04-07 17:12 - 2014-09-04 06:05 - 00836176 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2015-04-07 17:12 - 2014-09-04 05:22 - 00670384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-04-07 17:12 - 2014-09-04 03:10 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2015-04-07 17:12 - 2014-08-31 03:17 - 00148800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-04-07 17:12 - 2014-08-31 01:05 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2015-04-07 17:12 - 2014-08-31 00:58 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2015-04-07 17:12 - 2014-08-31 00:04 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-04-07 17:12 - 2014-08-30 23:53 - 00239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
2015-04-07 17:12 - 2014-08-30 23:17 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-04-07 17:12 - 2014-08-28 03:21 - 02480128 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-04-07 17:12 - 2014-08-28 03:06 - 02030592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-04-07 17:12 - 2014-08-23 08:14 - 13424128 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2015-04-07 17:12 - 2014-08-23 08:04 - 11820544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2015-04-07 17:12 - 2014-08-23 07:50 - 02714112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-04-07 17:12 - 2014-08-02 03:51 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-04-07 17:12 - 2014-08-02 03:35 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-04-07 17:11 - 2014-05-31 13:07 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-07 17:11 - 2014-05-31 13:06 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2015-04-07 17:11 - 2014-05-31 06:06 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-07 17:11 - 2014-05-31 06:03 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-07 17:11 - 2014-05-31 05:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-07 17:11 - 2014-05-31 05:54 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-07 17:11 - 2014-05-31 05:48 - 03463680 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-07 17:11 - 2014-05-31 05:37 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2015-04-07 17:11 - 2014-05-31 05:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2015-04-07 16:23 - 2015-04-07 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bullzip
2015-04-07 16:23 - 2015-04-07 16:23 - 00000000 ____D () C:\Program Files\Common Files\Bullzip
2015-04-07 16:23 - 2014-11-19 11:30 - 00228352 _____ (Bullzip) C:\Windows\SysWOW64\bzFlRdr.dll
2015-04-07 16:23 - 2008-07-09 11:30 - 00103424 _____ (Bullzip) C:\Windows\SysWOW64\bzDCT.dll
2015-04-07 16:22 - 2015-04-07 16:23 - 00000000 ____D () C:\Users\Все пользователи\PDF Writer
2015-04-07 16:22 - 2015-04-07 16:23 - 00000000 ____D () C:\ProgramData\PDF Writer
2015-04-07 16:22 - 2015-04-07 16:22 - 00000000 ____D () C:\Program Files\Bullzip
2015-04-07 16:22 - 2013-09-01 13:59 - 01103872 _____ () C:\Windows\SysWOW64\CBLCtlsU.ocx
2015-04-07 16:22 - 2013-07-13 13:15 - 00805376 _____ () C:\Windows\SysWOW64\EditCtlsU.ocx
2015-04-07 16:22 - 2013-07-12 23:57 - 00539648 _____ () C:\Windows\SysWOW64\LblCtlsU.ocx
2015-04-07 16:22 - 2013-04-05 14:55 - 00476160 _____ () C:\Windows\SysWOW64\TabStripCtlU.ocx
2015-04-07 16:22 - 2013-03-29 00:13 - 00645632 _____ () C:\Windows\SysWOW64\BtnCtlsU.ocx
2015-04-07 16:22 - 2013-03-03 15:37 - 01061888 _____ () C:\Windows\SysWOW64\ExLvwU.ocx
2015-04-07 16:22 - 1999-05-13 01:00 - 01064456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomctl.ocx
2015-04-07 16:22 - 1999-05-07 01:00 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.OCX
2015-04-07 16:17 - 2015-04-07 17:25 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-04-07 16:13 - 2015-04-07 16:13 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\Foxit Software
2015-04-07 12:59 - 2015-04-07 12:59 - 00000000 ____D () C:\Windows\SysWOW64\Drivers\en-GB
2015-04-07 12:59 - 2015-04-07 12:59 - 00000000 ____D () C:\Windows\system32\Drivers\en-GB
2015-04-07 12:59 - 2015-04-07 12:59 - 00000000 ____D () C:\Windows\en-GB
2015-04-06 21:21 - 2015-04-07 17:50 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\Apple Computer
2015-04-06 21:21 - 2015-04-06 21:21 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\Apple Computer
2015-04-06 21:21 - 2015-04-06 21:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-04-06 21:20 - 2015-04-06 21:20 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-04-06 21:20 - 2015-04-06 21:20 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2015-04-06 21:20 - 2015-04-06 21:20 - 00000000 ____D () C:\Users\Все пользователи\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-04-06 21:20 - 2015-04-06 21:20 - 00000000 ____D () C:\Users\Все пользователи\Apple Computer
2015-04-06 21:20 - 2015-04-06 21:20 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\Apple
2015-04-06 21:20 - 2015-04-06 21:20 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-04-06 21:20 - 2015-04-06 21:20 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-04-06 21:20 - 2015-04-06 21:20 - 00000000 ____D () C:\Program Files\iPod
2015-04-06 21:20 - 2015-04-06 21:20 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-04-06 21:20 - 2015-04-06 21:20 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-04-06 21:20 - 2012-10-03 15:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2015-04-06 21:19 - 2015-04-06 21:20 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-04-06 21:15 - 2015-04-06 21:15 - 00000000 ____D () C:\Users\Rebecca\Tracing
2015-04-06 21:07 - 2015-04-09 17:32 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\Skype
2015-04-06 21:07 - 2015-04-06 21:15 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-06 21:07 - 2015-04-06 21:07 - 00002713 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-04-06 21:07 - 2015-04-06 21:07 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\Skype
2015-04-06 21:07 - 2015-04-06 21:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-06 21:06 - 2015-04-06 21:15 - 00000000 ____D () C:\Users\Все пользователи\Skype
2015-04-06 21:06 - 2015-04-06 21:15 - 00000000 ____D () C:\ProgramData\Skype
2015-04-06 21:05 - 2015-04-07 20:45 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\Spotify
2015-04-06 21:05 - 2015-04-06 21:05 - 00001869 _____ () C:\Users\Rebecca\Desktop\Spotify.lnk
2015-04-06 21:05 - 2015-04-06 21:05 - 00001855 _____ () C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-04-06 21:01 - 2015-04-07 21:20 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\Spotify
2015-04-06 17:57 - 2014-08-15 03:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2015-04-06 17:57 - 2014-07-30 04:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2015-04-06 17:57 - 2014-07-29 08:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2015-04-06 16:42 - 2014-12-09 06:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-04-06 16:42 - 2014-12-09 04:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-04-06 16:42 - 2014-09-27 10:13 - 00104336 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-04-06 16:42 - 2014-09-27 08:24 - 00088800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-04-06 16:42 - 2014-09-27 06:30 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-04-06 16:41 - 2014-06-20 04:48 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-04-06 16:41 - 2014-06-20 02:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-04-06 16:36 - 2015-01-16 01:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-04-06 16:36 - 2015-01-16 01:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-06 16:36 - 2015-01-14 07:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-04-06 16:36 - 2015-01-14 06:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-04-06 16:36 - 2014-10-29 05:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-06 16:36 - 2014-10-29 05:50 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-06 16:36 - 2014-10-29 05:06 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-06 16:36 - 2014-10-29 05:06 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-06 16:36 - 2014-10-29 04:31 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-06 16:34 - 2015-02-20 06:03 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-04-06 16:34 - 2015-02-20 05:58 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-04-06 16:34 - 2015-02-20 05:20 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-04-06 16:34 - 2015-02-20 05:15 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-04-06 16:34 - 2014-12-09 04:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-04-06 16:34 - 2014-10-29 05:49 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-04-06 16:34 - 2014-10-29 05:44 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-04-06 16:34 - 2014-10-29 05:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-04-06 16:34 - 2014-10-29 05:04 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-04-06 16:34 - 2014-10-29 05:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-04-06 16:34 - 2014-10-29 05:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-04-06 16:34 - 2014-06-17 01:26 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-04-06 16:34 - 2014-06-17 01:24 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-04-06 16:34 - 2014-06-13 04:15 - 00517528 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-04-06 16:34 - 2014-06-13 04:14 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-04-06 16:34 - 2014-06-13 03:10 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2015-04-06 16:34 - 2014-05-30 06:03 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-04-06 16:32 - 2015-03-11 05:38 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-06 16:32 - 2015-03-11 01:08 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-06 16:32 - 2015-03-11 01:08 - 00943104 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-06 16:32 - 2015-03-11 01:08 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-06 16:32 - 2015-03-11 01:08 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-06 16:32 - 2015-03-11 01:08 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-06 16:32 - 2015-03-11 01:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-06 16:32 - 2014-12-03 02:09 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-06 16:31 - 2015-03-06 05:53 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-06 16:31 - 2015-03-06 05:33 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-06 16:31 - 2015-02-26 02:26 - 04178944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-04-06 16:31 - 2015-01-31 02:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-04-06 16:31 - 2015-01-31 02:29 - 02484224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-04-06 16:31 - 2014-10-13 05:33 - 00116032 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-04-06 16:31 - 2014-10-11 03:58 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-04-06 16:31 - 2014-10-11 03:53 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-04-06 16:31 - 2014-10-08 10:30 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-04-06 16:31 - 2014-10-08 10:09 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-04-06 16:31 - 2014-10-08 09:27 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-04-06 16:31 - 2014-08-07 05:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-06 16:31 - 2014-08-02 06:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-06 16:30 - 2015-01-27 06:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2015-04-06 16:30 - 2015-01-24 04:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2015-04-06 16:30 - 2014-12-14 00:28 - 00513488 _____ () C:\Windows\SysWOW64\locale.nls
2015-04-06 16:30 - 2014-12-14 00:28 - 00513488 _____ () C:\Windows\system32\locale.nls
2015-04-06 16:30 - 2014-10-29 04:27 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-04-06 16:30 - 2014-10-29 04:27 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2015-04-06 16:30 - 2014-10-29 04:04 - 00868352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-04-06 16:30 - 2014-10-29 04:04 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2015-04-06 16:29 - 2015-02-07 02:09 - 00396419 _____ () C:\Windows\system32\ApnDatabase.xml
2015-04-06 16:29 - 2014-12-19 11:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-04-06 16:29 - 2014-12-19 11:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-04-06 16:27 - 2014-10-31 02:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-04-06 16:27 - 2014-10-31 02:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-04-06 16:20 - 2015-01-29 04:04 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-04-06 16:20 - 2015-01-29 04:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-04-06 16:20 - 2014-10-29 05:43 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\printui.exe
2015-04-06 16:20 - 2014-10-29 05:34 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-04-06 16:20 - 2014-10-29 05:04 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\findnetprinters.dll
2015-04-06 16:20 - 2014-10-29 04:58 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.exe
2015-04-06 16:20 - 2014-10-29 04:52 - 00289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compstui.dll
2015-04-06 16:20 - 2014-10-29 04:51 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-04-06 16:20 - 2014-10-29 04:48 - 00825856 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2015-04-06 16:20 - 2014-10-29 04:45 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2015-04-06 16:20 - 2014-10-29 04:45 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2015-04-06 16:20 - 2014-10-29 04:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\findnetprinters.dll
2015-04-06 16:20 - 2014-10-29 04:20 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-04-06 16:20 - 2014-10-29 04:15 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2015-04-06 16:20 - 2014-10-29 03:55 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2015-04-06 16:20 - 2014-10-29 03:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2015-04-06 16:20 - 2014-10-29 03:41 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2015-04-06 16:20 - 2014-10-29 03:35 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2015-04-06 16:19 - 2015-02-05 23:24 - 01113920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-04-06 16:19 - 2014-08-23 09:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2015-04-06 16:19 - 2014-08-23 08:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2015-04-06 16:19 - 2014-08-23 07:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2015-04-06 16:19 - 2014-07-15 21:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2015-04-06 16:19 - 2014-07-15 11:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2015-04-06 16:19 - 2014-07-15 11:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2015-04-06 16:19 - 2014-07-15 11:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2015-04-06 16:18 - 2015-02-06 04:28 - 02257408 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-04-06 16:18 - 2015-02-06 04:08 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-04-06 16:18 - 2015-02-03 03:03 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2015-04-06 16:18 - 2015-02-03 03:02 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2015-04-06 16:18 - 2015-01-30 06:01 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2015-04-06 16:18 - 2015-01-30 06:00 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2015-04-06 16:18 - 2015-01-30 05:03 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-04-06 16:18 - 2015-01-30 05:03 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-04-06 16:18 - 2015-01-30 04:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-04-06 16:18 - 2015-01-30 04:42 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-04-06 16:18 - 2015-01-30 04:29 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll
2015-04-06 16:18 - 2014-12-19 09:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-04-06 16:18 - 2014-12-12 05:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-04-06 16:18 - 2014-12-12 03:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-04-06 16:18 - 2014-10-29 05:46 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2015-04-06 16:18 - 2014-10-29 05:46 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2015-04-06 16:18 - 2014-10-29 05:45 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-04-06 16:18 - 2014-10-29 05:03 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\fsquirt.exe
2015-04-06 16:18 - 2014-10-29 04:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\atlthunk.dll
2015-04-06 16:18 - 2014-09-04 03:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-04-06 16:18 - 2014-09-04 03:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-04-06 16:18 - 2014-08-02 03:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-04-06 16:16 - 2015-01-29 03:59 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-04-06 16:16 - 2015-01-29 03:49 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-04-06 16:16 - 2015-01-28 05:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2015-04-06 16:16 - 2015-01-28 04:47 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2015-04-06 16:16 - 2015-01-19 21:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-04-06 16:16 - 2014-10-23 08:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-04-06 16:16 - 2014-10-23 08:05 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-04-06 16:16 - 2014-08-23 08:18 - 02149376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-06 16:16 - 2014-08-23 08:03 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-06 16:16 - 2014-07-10 07:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\lockscreencn.dll
2015-04-06 16:16 - 2014-05-19 09:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2015-04-06 16:16 - 2014-05-19 09:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2015-04-06 16:16 - 2014-05-19 08:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2015-04-06 16:13 - 2015-01-31 02:20 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-04-06 16:13 - 2015-01-28 18:41 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-06 16:13 - 2015-01-28 18:41 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-06 16:13 - 2015-01-28 18:41 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-06 16:13 - 2015-01-27 07:22 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-04-06 16:13 - 2015-01-27 05:11 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-04-06 16:13 - 2014-10-29 06:56 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-04-06 16:13 - 2014-10-29 05:37 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2015-04-06 16:13 - 2014-10-29 05:02 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-06 16:13 - 2014-10-29 05:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-06 16:13 - 2014-10-29 04:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-06 16:13 - 2014-10-29 04:15 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-06 16:13 - 2014-10-29 04:15 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-06 16:13 - 2014-10-29 04:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-06 16:13 - 2014-10-29 04:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-06 16:13 - 2014-10-29 04:13 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-06 16:11 - 2015-02-12 20:40 - 22291584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-04-06 16:11 - 2015-02-12 20:34 - 19731824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-04-06 15:59 - 2015-04-06 16:04 - 00056016 _____ () C:\Windows\system32\Drivers\fsbts.sys
2015-04-06 15:59 - 2015-04-06 15:59 - 00000657 _____ () C:\Windows\fsav_db_setup.log
2015-04-06 15:58 - 2015-04-06 15:59 - 04068536 _____ () C:\Windows\FSISU.log
2015-04-06 15:58 - 2015-04-06 15:59 - 00912721 _____ () C:\Windows\FSSFM.log
2015-04-06 15:58 - 2015-04-06 15:59 - 00720020 _____ () C:\Windows\FSSETUP.log
2015-04-06 15:58 - 2015-04-06 15:59 - 00140799 _____ () C:\Windows\FSDEPH.log
2015-04-06 15:58 - 2015-04-06 15:59 - 00136077 _____ () C:\Windows\FSPROD.log
2015-04-06 15:58 - 2015-04-06 15:59 - 00088552 _____ () C:\Windows\RunSetup.log
2015-04-06 15:58 - 2015-04-06 15:59 - 00068612 _____ () C:\Windows\FSAVINST.LOG
2015-04-06 15:58 - 2015-04-06 15:59 - 00010317 _____ () C:\Windows\FSAVCSIN.LOG
2015-04-06 15:58 - 2015-04-06 15:59 - 00004343 _____ () C:\Windows\FSGKIAIN.log
2015-04-06 15:58 - 2015-04-06 15:59 - 00004230 _____ () C:\Windows\fstnbins.LOG
2015-04-06 15:58 - 2015-04-06 15:59 - 00003331 _____ () C:\Windows\fsavunin.log
2015-04-06 15:58 - 2015-04-06 15:59 - 00001811 _____ () C:\Windows\FSLDIN.LOG
2015-04-06 15:58 - 2015-04-06 15:58 - 00020688 _____ () C:\Windows\prodsett_copy.ini
2015-04-06 15:58 - 2015-04-06 15:58 - 00019322 _____ () C:\Windows\fspplugin.log
2015-04-06 15:54 - 2015-04-06 15:55 - 00000000 ____D () C:\Program Files (x86)\F-Secure
2015-04-06 15:54 - 2015-04-06 15:54 - 00002046 _____ () C:\Users\Public\Desktop\F-Secure.lnk
2015-04-06 15:54 - 2015-04-06 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F-Secure
2015-04-06 15:52 - 2015-01-30 05:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-04-06 15:52 - 2015-01-30 04:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2015-04-06 15:52 - 2015-01-30 04:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-04-06 15:52 - 2015-01-30 04:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-04-06 15:52 - 2015-01-30 04:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2015-04-06 15:52 - 2015-01-30 04:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2015-04-06 15:52 - 2015-01-30 04:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-04-06 15:52 - 2015-01-30 04:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2015-04-06 15:52 - 2014-12-06 06:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-04-06 15:52 - 2014-12-06 04:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-04-06 15:52 - 2014-10-29 04:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-04-06 15:52 - 2014-10-29 04:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\eappprxy.dll
2015-04-06 15:52 - 2014-10-29 04:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-04-06 15:52 - 2014-10-29 03:59 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappprxy.dll
2015-04-06 15:52 - 2014-06-06 16:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-04-06 15:52 - 2014-06-06 15:18 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-04-06 15:41 - 2015-01-29 21:45 - 01763352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-04-06 15:41 - 2015-01-29 21:34 - 01488040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-04-06 15:41 - 2014-07-12 07:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2015-04-06 15:37 - 2014-12-11 08:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2015-04-06 15:32 - 2015-02-08 02:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-04-06 15:32 - 2015-02-08 02:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-04-06 15:31 - 2015-01-28 04:31 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-04-06 15:31 - 2015-01-28 04:11 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-04-06 15:31 - 2015-01-28 02:47 - 02501368 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-04-06 15:31 - 2015-01-28 02:41 - 02207488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-04-06 15:30 - 2014-12-08 22:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-04-06 15:30 - 2014-12-08 22:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-04-06 15:30 - 2014-12-08 22:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-04-06 15:30 - 2014-12-08 22:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-04-06 15:30 - 2014-12-08 22:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-04-06 15:30 - 2014-12-08 22:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-04-06 15:30 - 2014-12-08 22:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-04-06 15:30 - 2014-12-08 22:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-04-06 15:30 - 2014-12-06 04:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-04-06 15:30 - 2014-10-29 07:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-04-06 15:30 - 2014-10-29 07:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2015-04-06 15:30 - 2014-10-29 06:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-04-06 15:30 - 2014-10-29 06:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-04-06 15:30 - 2014-10-29 06:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-04-06 15:30 - 2014-10-29 06:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-04-06 15:30 - 2014-10-29 06:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-04-06 15:30 - 2014-10-29 06:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2015-04-06 15:30 - 2014-10-29 06:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-04-06 15:30 - 2014-10-29 06:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-04-06 15:30 - 2014-10-29 06:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-04-06 15:30 - 2014-10-29 05:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-04-06 15:30 - 2014-10-29 04:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2015-04-06 15:30 - 2014-10-29 04:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-04-06 15:29 - 2014-11-10 02:19 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-06 15:29 - 2014-11-10 02:19 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-06 15:29 - 2014-11-10 02:18 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-04-06 15:29 - 2014-11-10 02:18 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-04-06 15:23 - 2014-07-24 06:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2015-04-06 15:23 - 2014-07-24 06:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2015-04-06 15:18 - 2015-01-21 08:54 - 01384712 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-06 15:18 - 2015-01-21 08:15 - 01123848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-04-06 15:03 - 2015-04-06 15:09 - 00000000 ____D () C:\Windows\CSC
2015-04-06 15:03 - 2015-04-06 15:03 - 00000000 __SHD () C:\Windows\BitLockerDiscoveryVolumeContents
2015-04-06 14:50 - 2015-04-06 18:21 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\F-Secure
2015-04-06 14:50 - 2015-04-06 15:58 - 00000000 ____D () C:\Users\Все пользователи\F-Secure
2015-04-06 14:50 - 2015-04-06 15:58 - 00000000 ____D () C:\ProgramData\F-Secure
2015-04-06 14:48 - 2015-04-06 16:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-04-06 14:45 - 2015-04-06 16:01 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-04-06 14:31 - 2015-04-06 14:31 - 00001093 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-04-05 00:41 - 2015-04-05 00:41 - 00000000 ____D () C:\Users\Rebecca\Desktop\Новая папка
2015-04-04 11:03 - 2015-04-04 11:03 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\Steam
2015-04-02 23:44 - 2015-04-02 23:44 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-CLAPTRAP-Windows-8.1-Single-Language-(64-bit).dat
2015-04-02 23:44 - 2015-04-02 23:44 - 00000000 ____D () C:\RegBackup
2015-04-02 23:42 - 2015-04-07 22:22 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-02 23:42 - 2015-04-02 23:42 - 00000986 _____ () C:\Users\Public\Desktop\Steam.lnk
2015-04-02 23:42 - 2015-04-02 23:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-04-02 23:37 - 2015-04-02 23:37 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\LolClient
2015-04-02 23:32 - 2015-04-02 23:32 - 00000000 ____D () C:\Users\Все пользователи\Riot Games
2015-04-02 23:32 - 2015-04-02 23:32 - 00000000 ____D () C:\ProgramData\Riot Games
2015-04-02 23:32 - 2015-04-02 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2015-04-02 23:32 - 2008-07-31 09:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-04-02 23:32 - 2008-07-31 09:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-04-02 23:32 - 2008-07-12 07:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-04-02 23:32 - 2008-07-12 07:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-04-02 23:32 - 2008-07-12 07:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-04-02 23:25 - 2015-04-02 23:32 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\Riot Games
2015-04-02 23:23 - 2015-04-02 23:23 - 00000000 ____D () C:\Riot Games
2015-04-02 23:13 - 2015-04-04 11:41 - 00000138 _____ () C:\Users\Rebecca\Desktop\8.1 key pro.txt
2015-03-31 23:03 - 2014-10-31 01:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-03-31 23:03 - 2014-10-31 01:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-03-31 23:03 - 2014-10-13 05:43 - 00238912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-03-31 23:03 - 2014-10-13 05:43 - 00153920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-03-31 23:03 - 2014-10-13 05:43 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-03-31 23:03 - 2014-10-13 05:43 - 00039744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2015-03-31 22:57 - 2014-06-05 17:13 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2015-03-31 22:57 - 2014-06-05 16:14 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2015-03-31 22:57 - 2014-06-02 05:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2015-03-31 22:57 - 2014-05-31 13:07 - 00440664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-03-31 22:57 - 2014-05-31 13:07 - 00419672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-03-31 22:57 - 2014-05-31 13:07 - 00089944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-03-31 22:57 - 2014-05-31 13:07 - 00027480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-03-31 22:57 - 2014-05-31 09:30 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-03-31 22:57 - 2014-05-31 09:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-03-31 22:57 - 2014-05-31 09:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-03-31 22:57 - 2014-05-31 07:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-03-31 22:57 - 2014-05-31 07:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-03-31 22:57 - 2014-05-31 07:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-03-31 22:57 - 2014-05-29 09:21 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2015-03-31 22:57 - 2014-05-27 12:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll
2015-03-31 22:57 - 2014-05-27 12:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll
2015-03-31 22:57 - 2014-05-17 07:59 - 16871936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-03-31 22:57 - 2014-05-17 07:13 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-03-31 22:57 - 2014-04-30 07:30 - 00668160 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2015-03-31 22:57 - 2014-04-30 06:52 - 00590336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2015-03-31 22:36 - 2015-03-31 22:36 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2015-03-31 22:35 - 2015-03-31 22:35 - 00597304 _____ () C:\Users\Rebecca\Downloads\flux-setup.exe
2015-03-31 22:35 - 2015-03-31 22:35 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\FluxSoftware
2015-03-31 22:19 - 2015-03-31 22:19 - 00463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrptadm.dll
2015-03-31 22:19 - 2015-03-31 22:19 - 00350720 _____ (Microsoft Corporation) C:\Windows\system32\bdechangepin.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\SrpUxNativeSnapIn.dll
2015-03-31 22:19 - 2015-03-31 22:19 - 00304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SrpUxNativeSnapIn.dll
2015-03-31 22:19 - 2015-03-31 22:19 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\AuditNativeSnapIn.dll
2015-03-31 22:19 - 2015-03-31 22:19 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\tscfgwmi.dll
2015-03-31 22:19 - 2015-03-31 22:19 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuditNativeSnapIn.dll
2015-03-31 22:19 - 2015-03-31 22:19 - 00163328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDist.dll
2015-03-31 22:19 - 2015-03-31 22:19 - 00147439 _____ () C:\Windows\system32\gpedit.msc
2015-03-31 22:19 - 2015-03-31 22:19 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\baaupdate.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpolmsg.dll
2015-03-31 22:19 - 2015-03-31 22:19 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\auditpolmsg.dll
2015-03-31 22:19 - 2015-03-31 22:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\AuditPolicyGPInterop.dll
2015-03-31 22:19 - 2015-03-31 22:19 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuditPolicyGPInterop.dll
2015-03-31 22:19 - 2015-03-31 22:19 - 00043566 _____ () C:\Windows\system32\rsop.msc
2015-03-31 22:19 - 2015-03-31 22:19 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2015-03-31 22:19 - 2015-03-31 22:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\qwinsta.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\qprocess.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\msg.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\quser.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\tskill.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\qappsrv.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\chgport.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\tsdiscon.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\tscon.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\rwinsta.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\logoff.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\chgusr.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\chglogon.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\reset.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\change.exe
2015-03-31 22:19 - 2015-03-31 22:19 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\query.exe
2015-03-31 22:19 - 2014-03-18 12:55 - 00035781 _____ () C:\Windows\Professional.xml
2015-03-31 22:18 - 2015-03-31 22:18 - 00794112 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
2015-03-31 22:18 - 2015-03-31 22:18 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\AdmTmpl.dll
2015-03-31 22:18 - 2015-03-31 22:18 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2015-03-31 22:18 - 2015-03-31 22:18 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\AppIdPolicyEngineApi.dll
2015-03-31 22:18 - 2015-03-31 22:18 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\ddputils.dll
2015-03-31 22:18 - 2015-03-31 22:18 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppIdPolicyEngineApi.dll
2015-03-31 22:18 - 2015-03-31 22:18 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\PresentationSettings.exe
2015-03-31 22:18 - 2015-03-31 22:18 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\ddptrace.dll
2015-03-31 22:18 - 2015-03-31 22:18 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerWizardElev.exe
2015-03-31 22:18 - 2015-03-31 22:18 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerWizard.exe
2015-03-31 22:18 - 2015-03-31 22:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\srmlib.dll
2015-03-31 22:18 - 2015-03-31 22:18 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\PrintBrmUi.exe
2015-03-31 22:18 - 2015-03-31 22:18 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\ddp_ps.dll
2015-03-31 22:18 - 2015-03-31 22:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\BdeSysprep.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 01319424 _____ (Microsoft Corporation) C:\Windows\system32\srmclient.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 01230848 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSh.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 01165824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDistSh.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00922624 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistCacheProvider.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00649728 _____ (Microsoft Corporation) C:\Windows\system32\srmscan.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\scrptadm.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\appmgr.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\srm.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00277504 _____ (Microsoft Corporation) C:\Windows\system32\srmstormod.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ddpchunk.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\appmgmts.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\srmshell.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appmgmts.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00147439 _____ () C:\Windows\SysWOW64\gpedit.msc
2015-03-31 22:17 - 2015-03-31 22:17 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\adrclient.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00120458 _____ () C:\Windows\system32\secpol.msc
2015-03-31 22:17 - 2015-03-31 22:17 - 00090464 _____ (Microsoft Corporation) C:\Windows\system32\KeyboardFilterSvc.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmlib.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\srmtrace.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00043566 _____ () C:\Windows\SysWOW64\rsop.msc
2015-03-31 22:17 - 2015-03-31 22:17 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe
2015-03-31 22:17 - 2015-03-31 22:17 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\srm_ps.dll
2015-03-31 22:17 - 2015-03-31 22:17 - 00022272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbldfltr.sys
2015-03-31 22:17 - 2015-03-31 22:17 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-03-31 22:16 - 2015-04-08 22:23 - 00000000 ____D () C:\Users\Rebecca\Desktop\dl
2015-03-31 22:16 - 2015-03-31 22:16 - 02176000 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00935424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmclient.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2015-03-31 22:16 - 2015-03-31 22:16 - 00470528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmscan.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AdmTmpl.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistCleaner.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00366080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appmgr.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\cscobj.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srm.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmstormod.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscobj.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00178688 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\fveprompt.exe
2015-03-31 22:16 - 2015-03-31 22:16 - 00146389 _____ () C:\Windows\system32\printmanagement.msc
2015-03-31 22:16 - 2015-03-31 22:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
2015-03-31 22:16 - 2015-03-31 22:16 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmshell.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adrclient.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00096088 _____ (Microsoft Corporation) C:\Windows\system32\embeddedapplauncher.exe
2015-03-31 22:16 - 2015-03-31 22:16 - 00068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmtrace.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistHttpTrans.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistAD.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00040288 _____ (Microsoft Corporation) C:\Windows\system32\KeyboardFilterCore.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00039264 _____ (Microsoft Corporation) C:\Windows\system32\EmbeddedAppLauncherConfig.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00034144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KeyboardFilterCore.dll
2015-03-31 22:16 - 2015-03-31 22:16 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srm_ps.dll
2015-03-31 21:47 - 2015-03-31 21:47 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2015-03-31 21:46 - 2015-03-13 22:41 - 32114888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 24775368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 20466376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 18580512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 17258024 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 16022016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 14121624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 13297144 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 13210080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 10775080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 10715864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 10262160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-03-31 21:46 - 2015-03-13 22:41 - 03611792 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 03249352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 02906928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 01896136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434788.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434788.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 00970384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 00944784 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 00930448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 00909512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 00400584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 00390288 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 00346824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 00178512 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-03-31 21:46 - 2015-03-13 22:41 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-03-30 21:21 - 2015-04-08 22:58 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\BitTorrent
2015-03-30 21:21 - 2015-03-30 21:21 - 00000907 _____ () C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2015-03-30 21:18 - 2015-04-08 17:35 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\vlc
2015-03-30 21:17 - 2015-03-30 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-03-30 21:17 - 2015-03-30 21:17 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2015-03-30 21:14 - 2015-03-28 06:44 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-03-30 21:14 - 2015-03-28 06:43 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-03-30 21:14 - 2014-11-22 13:46 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-03-30 21:14 - 2014-11-22 13:46 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-03-30 20:52 - 2015-04-07 20:41 - 00000000 ____D () C:\Users\Rebecca\Desktop\Flights
2015-03-30 20:08 - 2015-03-30 20:08 - 00002390 _____ () C:\Users\Rebecca\Desktop\Rebecca - Chrome.lnk
2015-03-30 20:07 - 2015-03-30 20:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-03-30 20:04 - 2015-04-05 16:09 - 00002206 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-30 20:04 - 2015-03-30 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-30 20:03 - 2015-04-09 17:08 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-30 20:03 - 2015-04-09 14:54 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-30 20:03 - 2015-03-30 20:04 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\Google
2015-03-30 20:03 - 2015-03-30 20:04 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-30 20:03 - 2015-03-30 20:03 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-03-30 20:03 - 2015-03-30 20:03 - 00003654 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-03-30 20:03 - 2015-03-30 20:03 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\Deployment
2015-03-30 20:03 - 2015-03-30 20:03 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\Apps\2.0
2015-03-30 20:02 - 2015-04-09 14:56 - 00003956 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C8A0AB14-AD23-4588-B4CF-9F4698423B30}
2015-03-30 20:02 - 2015-03-30 20:02 - 00000000 __SHD () C:\Users\Rebecca\AppData\Local\EmieUserList
2015-03-30 20:02 - 2015-03-30 20:02 - 00000000 __SHD () C:\Users\Rebecca\AppData\Local\EmieSiteList
2015-03-30 20:00 - 2015-04-09 14:54 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1557593974-1961322542-3061216239-1001
2015-03-30 19:59 - 2015-04-09 14:52 - 00000000 ___DO () C:\Users\Rebecca\OneDrive
2015-03-30 19:58 - 2015-03-30 19:58 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\Macromedia
2015-03-30 19:56 - 2015-03-30 19:56 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\CyberLink
2015-03-30 19:56 - 2015-03-29 23:21 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\Hewlett-Packard
2015-03-30 19:55 - 2015-03-30 19:55 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\hpqlog
2015-03-30 19:54 - 2015-04-09 17:12 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\CrashDumps
2015-03-30 19:54 - 2015-03-30 19:55 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\PackageStaging
2015-03-30 19:54 - 2015-03-30 19:54 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-30 19:53 - 2015-04-09 15:01 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\Hewlett-Packard
2015-03-30 19:53 - 2015-03-30 19:53 - 00001445 _____ () C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-30 19:53 - 2015-03-30 19:53 - 00000199 _____ () C:\Windows\insFileSpec
2015-03-30 19:53 - 2015-03-30 19:53 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\Adobe
2015-03-30 19:53 - 2015-03-30 19:53 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\VirtualStore
2015-03-30 19:52 - 2015-04-07 17:24 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\Packages
2015-03-30 19:52 - 2015-04-07 14:28 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\NVIDIA
2015-03-30 19:52 - 2015-03-30 21:14 - 00000000 ____D () C:\Users\Rebecca\AppData\Local\NVIDIA Corporation
2015-03-30 19:52 - 2015-03-30 19:52 - 00000180 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-03-30 19:52 - 2015-03-30 19:52 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\Synaptics
2015-03-30 19:50 - 2015-04-09 16:45 - 01281784 _____ () C:\Windows\WindowsUpdate.log
2015-03-30 19:50 - 2015-04-09 15:01 - 00000000 ____D () C:\Users\Rebecca
2015-03-30 19:50 - 2015-03-30 19:50 - 00000020 ___SH () C:\Users\Rebecca\ntuser.ini
2015-03-30 19:50 - 2015-03-30 19:50 - 00000000 _SHDL () C:\Users\Rebecca\Шаблоны
2015-03-30 19:50 - 2015-03-30 19:50 - 00000000 _SHDL () C:\Users\Rebecca\Мои документы
2015-03-30 19:50 - 2015-03-30 19:50 - 00000000 _SHDL () C:\Users\Rebecca\главное меню
2015-03-30 19:50 - 2015-03-30 19:50 - 00000000 _SHDL () C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Программы
2015-03-30 19:50 - 2014-08-28 04:33 - 00000000 ___RD () C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-30 19:50 - 2014-03-18 13:06 - 00000000 ___RD () C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-30 19:50 - 2014-03-18 12:54 - 00000369 _____ () C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-03-30 19:50 - 2014-03-18 12:54 - 00000369 _____ () C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-03-30 19:50 - 2013-08-22 18:36 - 00000000 ___RD () C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-30 19:50 - 2013-08-22 18:36 - 00000000 ____D () C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Все пользователи\Шаблоны
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Все пользователи\Рабочий стол
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Все пользователи\Документы
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Все пользователи\главное меню
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Все пользователи
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Public\Documents\Моя музыка
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Public\Documents\мои рисунки
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Public\Documents\Мои видеозаписи
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Default\Шаблоны
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Default\Мои документы
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Default\главное меню
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Default\Documents\Моя музыка
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Default\Documents\мои рисунки
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Default\Documents\Мои видеозаписи
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Программы
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Default User\Documents\Моя музыка
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Default User\Documents\мои рисунки
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Default User\Documents\Мои видеозаписи
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Программы
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\ProgramData\Шаблоны
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\ProgramData\Рабочий стол
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\ProgramData\Документы
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\ProgramData\главное меню
2015-03-30 19:36 - 2015-03-30 19:36 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Программы
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-09 17:00 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\system32\sru
2015-04-08 23:29 - 2013-08-22 18:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-08 22:19 - 2014-08-28 04:08 - 00827056 _____ () C:\Windows\system32\perfh019.dat
2015-04-08 22:19 - 2014-08-28 04:08 - 00180112 _____ () C:\Windows\system32\perfc019.dat
2015-04-08 22:19 - 2014-03-18 12:53 - 01947946 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-08 22:11 - 2013-08-22 17:46 - 00031288 _____ () C:\Windows\setupact.log
2015-04-08 22:11 - 2013-08-22 17:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-08 22:08 - 2013-08-22 17:44 - 00491624 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-08 22:07 - 2014-03-18 12:38 - 00000000 ____D () C:\Program Files\Windows Journal
2015-04-08 22:07 - 2013-08-22 18:36 - 00000000 ___RD () C:\Windows\ToastData
2015-04-08 22:07 - 2013-08-22 18:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-04-08 22:07 - 2013-08-22 18:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-04-08 22:07 - 2013-08-22 18:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-04-08 22:07 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2015-04-08 22:07 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
2015-04-08 22:07 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2015-04-08 22:07 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\system32\setup
2015-04-08 22:07 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\system32\en-GB
2015-04-08 22:07 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\oobe
2015-04-08 22:01 - 2013-08-22 16:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-04-08 21:58 - 2014-03-18 12:44 - 00014644 _____ () C:\Windows\PFRO.log
2015-04-08 20:39 - 2014-08-27 17:18 - 00000000 ____D () C:\Users\Все пользователи\Package Cache
2015-04-08 20:39 - 2014-08-27 17:18 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-08 08:17 - 2013-08-22 18:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-08 08:17 - 2013-08-22 18:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-08 08:17 - 2013-08-22 18:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-08 08:17 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\WinStore
2015-04-08 08:17 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2015-04-08 08:17 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2015-04-08 08:17 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-08 08:17 - 2013-08-22 18:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-04-08 08:17 - 2013-08-22 18:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-04-08 08:16 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\MediaViewer
2015-04-08 08:16 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\FileManager
2015-04-08 08:16 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\Camera
2015-04-08 08:16 - 2013-08-22 18:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-04-07 18:55 - 2013-08-22 16:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-04-07 17:24 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-04-07 12:59 - 2014-03-18 12:25 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2015-04-07 12:59 - 2014-03-18 12:25 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2015-04-07 12:59 - 2014-03-18 12:25 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2015-04-07 12:59 - 2014-03-18 12:25 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-04-07 12:59 - 2014-03-18 12:25 - 00000000 ____D () C:\Windows\system32\winrm
2015-04-07 12:59 - 2014-03-18 12:25 - 00000000 ____D () C:\Windows\system32\WCN
2015-04-07 12:59 - 2014-03-18 12:25 - 00000000 ____D () C:\Windows\system32\slmgr
2015-04-07 12:59 - 2014-03-18 12:25 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2015-04-07 12:59 - 2013-08-22 18:36 - 00000000 ___SD () C:\Windows\system32\dsc
2015-04-07 12:59 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2015-04-07 12:59 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\system32\migwiz
2015-04-07 12:59 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\Help
2015-04-07 12:59 - 2013-08-22 18:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-04-07 12:59 - 2013-08-22 18:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-04-07 12:59 - 2013-08-22 18:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-04-07 12:59 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2015-04-07 12:59 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\servicing
2015-04-06 21:20 - 2014-08-27 18:23 - 00000000 ____D () C:\Users\Все пользователи\Apple
2015-04-06 21:20 - 2014-08-27 18:23 - 00000000 ____D () C:\ProgramData\Apple
2015-04-06 15:37 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\rescache
2015-04-06 15:06 - 2014-08-27 18:36 - 00000000 ____D () C:\Users\Все пользователи\McAfee
2015-04-06 15:06 - 2014-08-27 18:36 - 00000000 ____D () C:\ProgramData\McAfee
2015-04-06 15:03 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\security
2015-04-06 14:55 - 2014-08-27 17:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2015-04-06 14:55 - 2013-08-22 18:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-03-31 23:20 - 2014-08-27 18:35 - 00000000 ____D () C:\Users\Public\CyberLink
2015-03-31 22:13 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\system32\restore
2015-03-31 21:47 - 2014-08-27 18:17 - 00000000 ____D () C:\Users\Все пользователи\NVIDIA
2015-03-31 21:47 - 2014-08-27 18:17 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-31 21:47 - 2014-08-27 18:17 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-03-31 21:46 - 2014-08-27 18:16 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-03-30 20:10 - 2014-08-28 03:51 - 00000000 ___HD () C:\HP
2015-03-30 19:52 - 2014-04-05 02:45 - 00000000 ___HD () C:\SYSTEM.SAV
2015-03-30 19:36 - 2014-04-03 02:51 - 00000000 ____D () C:\Windows\Panther
2015-03-30 19:36 - 2013-08-22 18:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-03-30 19:36 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Default
2015-03-28 06:44 - 2014-08-27 18:18 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-03-28 06:43 - 2014-08-27 18:18 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-03-13 22:41 - 2014-08-27 18:17 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-03-13 22:41 - 2014-08-27 18:16 - 03303448 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-03-13 19:16 - 2014-08-27 18:17 - 06861968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-03-13 19:16 - 2014-08-27 18:17 - 03526856 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-03-13 19:16 - 2014-08-27 18:17 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-03-13 19:16 - 2014-08-27 18:17 - 01099408 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2015-03-13 19:16 - 2014-08-27 18:17 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-03-13 19:16 - 2014-08-27 18:17 - 00386248 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-03-13 19:16 - 2014-08-27 18:17 - 00075976 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2015-03-13 19:16 - 2014-08-27 18:17 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-03-11 16:10 - 2014-08-27 18:17 - 04246327 _____ () C:\Windows\system32\nvcoproc.bin
 
==================== Files in the root of some directories =======
 
2015-04-02 23:50 - 2015-04-02 23:50 - 0011458 _____ () C:\Users\Rebecca\AppData\Local\Temp-log.txt
 
Some content of TEMP:
====================
C:\Users\Rebecca\AppData\Local\Temp\mccspuninstall.exe
C:\Users\Rebecca\AppData\Local\Temp\Quarantine.exe
C:\Users\Rebecca\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Rebecca\AppData\Local\Temp\sqlite3.dll
C:\Users\Rebecca\AppData\Local\Temp\vlc-2.1.5-win32.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-04-03 01:59
 
==================== End Of Log ============================
 
and this is the addition log:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Rebecca at 2015-04-09 17:39:33
Running from C:\Users\Rebecca\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Antivirus (Enabled - Up to date) {0F70A6C4-76E4-6A3B-2695-519F428B1C20}
AS: Antivirus (Enabled - Up to date) {B4114720-50DE-65B5-1C25-6AED390C569D}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
BitTorrent (HKU\S-1-5-21-1557593974-1961322542-3061216239-1001\...\BitTorrent) (Version: 7.9.2.39589 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Box Sync (HKLM\...\{2C2D80FC-6831-499D-B4E1-988DB004B73C}) (Version: 4.0.6208.0 - Box, Inc.)
Box Sync (x32 Version: 4.0.6208.0 - Box Inc.) Hidden
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version:  - Broadcom Corporation)
Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.0.9810 - Broadcom Corporation)
Bullzip PDF Printer 10.11.0.2338 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.11.0.2338 - Bullzip)
Computer Security 14.132.102.0 (release) (x32 Version: 14.132.102.0 - F-Secure Corporation) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.7.4023 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.1.5406 - CyberLink Corp.)
Cyberlink PhotoDirector (Version: 5.0.1.5406 - Название организации) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.7.4016 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.1.3121 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.1.3121 - Название организации) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4.4223 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.4.4218 - CyberLink Corp.)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.3 (HKLM-x32\...\{E461B1AC-BC3C-11E3-B5B8-00163E98E7D6}) (Version: 5.3.0.3360 - Evernote Corp.)
f.lux (HKU\S-1-5-21-1557593974-1961322542-3061216239-1001\...\Flux) (Version:  - )
Foxit PhantomPDF (HKLM-x32\...\{00CD7D62-056A-4F0F-9143-44522D44E6DD}) (Version: 6.0.32.507 - Foxit Corporation)
F-Secure (HKLM-x32\...\F-Secure ServiceEnabler 49534) (Version: 2.33.219.0 - F-Secure Corporation)
F-Secure (x32 Version: 2.33.219.0 - F-Secure Corporation) Hidden
F-Secure CCF Reputation (x32 Version: 2.0.1337.0 - F-Secure) Hidden
F-Secure CCF Scanning 1.61.106.453 (release) (x32 Version: 1.61.106.453 - F-Secure Corporation) Hidden
F-Secure Network CCF 1.03.127 (x32 Version: 1.03.127 - F-Secure Corporation) Hidden
F-Secure SafeSearch 1.04.101.0 (release) (x32 Version: 1.04.101.0 - F-Secure Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{13133E99-B0D5-4143-B832-AAD55C62A41C}) (Version: 6.0.19.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{082B1425-0F24-43FA-9B64-E8F617B0AD3B}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{7FE016CC-DAA9-4E21-BD2F-98390D1E6F3F}) (Version: 7.6.23.8 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{E20B0C89-ACCF-4EBB-909D-2E5BD4A9C024}) (Version: 1.1.11 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{DCD5C599-5CCC-4E37-8938-FBB548D780C6}) (Version: 2.5.3 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.11 - Softex Inc.) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.9.1000 - Intel Corporation)
Intel® Smart Connect Technology (HKLM\...\{5B8687FC-220A-4255-94C6-197D1946F458}) (Version: 4.2.41.2710 - Intel Corporation)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4701.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Графический драйвер 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA Системное программное обеспечение PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Online Safety 2.133.4000.2313 (x32 Version: 2.133.4000.2313 - F-Secure Corporation) Hidden
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.49 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.32.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7231 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1557593974-1961322542-3061216239-1001\...\Spotify) (Version: 1.0.3.101.gbfa97dfe - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Surgeon Simulator (HKLM-x32\...\Steam App 233720) (Version:  - Bossa Studios)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.7.16 - Synaptics Incorporated)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Веселая ферма 2 (HKLM-x32\...\Веселая ферма 2) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Веселая ферма 3 (HKLM-x32\...\Веселая ферма 3) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Герои Эллады 2. Олимпия (HKLM-x32\...\Герои Эллады 2. Олимпия) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Магическая энциклопедия. Лунный свет (HKLM-x32\...\Магическая энциклопедия. Лунный свет) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Магнат курортов (HKLM-x32\...\Магнат курортов) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Масяня в полной Африке (HKLM-x32\...\Масяня в полной Африке) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Мои HP Игры (HKLM-x32\...\My HP Games) (Version: 1.0.0.0 - Alawar Entertainment)
Натали Брукс. Тайны одноклассников (HKLM-x32\...\Натали Брукс. Тайны одноклассников) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Обновления NVIDIA 2.4.1.21 (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Панель управления NVIDIA 347.88 (Version: 347.88 - NVIDIA Corporation) Hidden
Сага о вампире. Добро пожаловать в [bleep] Lock (HKLM-x32\...\Сага о вампире. Добро пожаловать в [bleep] Lock) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Сокровища Монтесумы 3 (HKLM-x32\...\Сокровища Монтесумы 3) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1557593974-1961322542-3061216239-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
 
==================== Restore Points  =========================
 
31-03-2015 22:13:02 Добавление компонентов в Windows 8.1
31-03-2015 22:14:11 Установщик модулей Windows
02-04-2015 23:29:20 Установлено: Microsoft Visual C++ 2005 Redistributable (x64)
04-04-2015 23:40:16 Installed Windows 7 USB/DVD Download Tool
06-04-2015 14:28:39 Removed Windows 7 USB/DVD Download Tool
08-04-2015 20:37:13 Box Sync
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 16:25 - 2013-08-22 16:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {043C3665-6630-421F-BA78-BD1A89453FE7} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {1B62533C-52C8-4ADA-A33C-289666D98EF3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-30] (Google Inc.)
Task: {36FDDA36-C71E-437E-A13D-B4DA818BAD23} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {3A0A3917-0CD3-4225-A02F-A864BFEBEEDC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4BD1189A-7B30-4775-B221-A1837D5D2063} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-30] (Google Inc.)
Task: {52537E47-480F-4DC6-A1BE-2E01D2218A3C} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2014-05-19] (Hewlett-Packard Development Company, L.P.)
Task: {6D77EFC5-A264-4219-9F92-C6B0E38A6988} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {76CB49CF-637F-415A-AEDC-43FEC30F99C5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-04-06] (Microsoft Corporation)
Task: {79E28FEE-76EE-4552-AF4B-28B6D7C624E8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-04-06] (Microsoft Corporation)
Task: {7F2467DA-9EE2-42F4-8FB0-7F8696AA438A} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-06-18] (CyberLink Corp.)
Task: {909447D0-D460-45B0-80B2-32CB799474F0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-04-06] (Microsoft Corporation)
Task: {A184A733-4159-4F63-BD1E-D76BE1665DF7} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {B6891967-430F-41D5-B815-0200CA50ED79} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {BB7FBD2E-1F57-4E8C-AF2A-FFA677B66F5C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-06-03] (Hewlett-Packard Company)
Task: {C27E55C2-7558-46F8-B61A-29202BA5D8D9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-06-03] (Hewlett-Packard Company)
Task: {CA32A1EF-13EF-432B-AFAD-CCAA59AB0BC9} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {E3031B72-0BDC-4DAE-B1A2-6E34645E475C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-02-26] (Microsoft Corporation)
Task: {F41CFA21-18EE-4380-B572-16BE1FE2065A} - System32\Tasks\HPCeeScheduleForRebecca => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {F920DDEF-C733-4A81-B1DE-F796C914478D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForRebecca.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2014-03-28 12:31 - 2014-03-28 12:31 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-28 12:27 - 2014-03-28 12:27 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-28 12:27 - 2014-03-28 12:27 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-28 12:27 - 2014-03-28 12:27 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-28 12:48 - 2014-03-28 12:48 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-28 12:48 - 2014-03-28 12:48 - 00712080 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2015-02-13 03:20 - 2015-02-13 03:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 03:20 - 2015-02-13 03:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-06 14:45 - 2014-05-20 07:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-12-04 07:44 - 2013-12-04 07:44 - 00200168 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
2013-12-04 07:44 - 2013-12-04 07:44 - 00054760 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll
2013-12-04 07:44 - 2013-12-04 07:44 - 00034792 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTNetMon.dll
2014-08-27 18:42 - 2014-04-14 17:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-08-27 18:17 - 2015-03-13 19:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-04-06 15:00 - 2015-04-06 15:24 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-03-28 12:36 - 2014-03-28 12:36 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2012-04-11 00:30 - 2012-04-11 00:30 - 00471552 _____ () C:\Program Files\Box\Box Sync\_hashlib.pyd
2014-11-11 10:53 - 2014-11-11 10:53 - 00128512 _____ () C:\Program Files\Box\Box Sync\win32api.pyd
2014-11-11 10:53 - 2014-11-11 10:53 - 00137728 _____ () C:\Program Files\Box\Box Sync\pywintypes27.dll
2014-11-11 10:53 - 2014-11-11 10:53 - 00503808 _____ () C:\Program Files\Box\Box Sync\pythoncom27.dll
2012-04-11 00:25 - 2012-04-11 00:25 - 00111616 _____ () C:\Program Files\Box\Box Sync\_ctypes.pyd
2014-11-11 10:55 - 2014-11-11 10:55 - 00003584 _____ () C:\Program Files\Box\Box Sync\clr.pyd
2014-11-11 10:55 - 2014-11-11 10:55 - 00103424 _____ () C:\Program Files\Box\Box Sync\Python.Runtime.dll
2012-04-11 00:24 - 2012-04-11 00:24 - 00046080 _____ () C:\Program Files\Box\Box Sync\_socket.pyd
2012-04-11 00:30 - 2012-04-11 00:30 - 01167360 _____ () C:\Program Files\Box\Box Sync\_ssl.pyd
2012-04-11 00:24 - 2012-04-11 00:24 - 00010752 _____ () C:\Program Files\Box\Box Sync\select.pyd
2012-04-11 00:24 - 2012-04-11 00:24 - 00166912 _____ () C:\Program Files\Box\Box Sync\_elementtree.pyd
2012-04-11 00:24 - 2012-04-11 00:24 - 00164352 _____ () C:\Program Files\Box\Box Sync\pyexpat.pyd
2012-04-11 00:24 - 2012-04-11 00:24 - 00689664 _____ () C:\Program Files\Box\Box Sync\unicodedata.pyd
2014-11-11 10:53 - 2014-11-11 10:53 - 00438784 _____ () C:\Program Files\Box\Box Sync\win32com.shell.shell.pyd
2014-11-11 10:53 - 2014-11-11 10:53 - 00023040 _____ () C:\Program Files\Box\Box Sync\win32event.pyd
2015-03-23 14:23 - 2015-03-23 14:23 - 00058368 _____ () C:\Program Files\Box\Box Sync\_sqlite3.pyd
2014-11-11 11:10 - 2014-11-11 11:10 - 00044544 _____ () C:\Program Files\Box\Box Sync\_psutil_windows.pyd
2014-11-11 10:53 - 2014-11-11 10:53 - 00149504 _____ () C:\Program Files\Box\Box Sync\win32file.pyd
2014-11-11 11:10 - 2014-11-11 11:10 - 00027136 _____ () C:\Program Files\Box\Box Sync\ujson.pyd
2014-11-11 10:53 - 2014-11-11 10:53 - 00136192 _____ () C:\Program Files\Box\Box Sync\win32security.pyd
2014-11-11 10:53 - 2014-11-11 10:53 - 00044032 _____ () C:\Program Files\Box\Box Sync\win32process.pyd
2014-11-11 10:53 - 2014-11-11 10:53 - 00030720 _____ () C:\Program Files\Box\Box Sync\win32cred.pyd
2014-11-11 11:10 - 2014-11-11 11:10 - 00030208 _____ () C:\Program Files\Box\Box Sync\Crypto.Cipher._AES.pyd
2014-11-11 11:10 - 2014-11-11 11:10 - 00008192 _____ () C:\Program Files\Box\Box Sync\Crypto.Util.strxor.pyd
2014-11-11 11:10 - 2014-11-11 11:10 - 00010752 _____ () C:\Program Files\Box\Box Sync\Crypto.Random.OSRNG.winrandom.pyd
2014-11-11 11:10 - 2014-11-11 11:10 - 00011264 _____ () C:\Program Files\Box\Box Sync\Crypto.Util._counter.pyd
2012-04-11 00:24 - 2012-04-11 00:24 - 00031744 _____ () C:\Program Files\Box\Box Sync\_multiprocessing.pyd
2014-11-11 10:53 - 2014-11-11 10:53 - 00053760 _____ () C:\Program Files\Box\Box Sync\win32service.pyd
2014-11-11 11:10 - 2014-11-11 11:10 - 00026112 _____ () C:\Program Files\Box\Box Sync\_yappi.pyd
2014-11-11 10:53 - 2014-11-11 10:53 - 00021504 _____ () C:\Program Files\Box\Box Sync\win32clipboard.pyd
2014-11-11 10:53 - 2014-11-11 10:53 - 00223232 _____ () C:\Program Files\Box\Box Sync\win32gui.pyd
2015-03-23 14:23 - 2015-03-23 14:23 - 00068096 _____ () C:\Program Files\Box\Box Sync\SystemWrapper.dll
2015-03-23 14:23 - 2015-03-23 14:23 - 00030232 _____ () C:\Program Files\Box\Box Sync\BoxSyncMonitor.exe
2015-02-13 03:20 - 2015-02-13 03:20 - 00306984 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
2014-01-21 15:54 - 2015-04-02 23:32 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2015-04-08 18:54 - 2015-04-08 18:54 - 02324472 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.243\deploy\LoLLauncher.exe
2015-04-08 18:55 - 2015-04-08 18:55 - 03800568 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.27\deploy\LoLPatcher.exe
2015-04-02 23:24 - 2015-03-05 19:29 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.139\deploy\LolClient.exe
2015-04-02 23:29 - 2015-04-08 19:23 - 18275832 _____ () C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.85\deploy\League of Legends.exe
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Rebecca\OneDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1557593974-1961322542-3061216239-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rebecca\AppData\Local\Microsoft\Windows\Themes\k (2)\DesktopBackground\fhgg2.jpg
DNS Servers: 10.0.0.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "iTunesHelper"
 
==================== Accounts: =============================
 
HomeGroupUser$ (S-1-5-21-1557593974-1961322542-3061216239-1003 - Limited - Enabled)
Rebecca (S-1-5-21-1557593974-1961322542-3061216239-1001 - Administrator - Enabled) => C:\Users\Rebecca
Администратор (S-1-5-21-1557593974-1961322542-3061216239-500 - Administrator - Disabled)
Гость (S-1-5-21-1557593974-1961322542-3061216239-501 - Limited - Disabled)
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (04/09/2015 05:39:40 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 2  2015-04-09  17:39:40+04:00  CLAPTRAP  SYSTEM  F-Secure DeepGuard
 Application was blocked. This was determined to be a high-risk application by system control heuristics.
 Application path: \\?\c:\windows\mod_frst.exe
 File hash: 7af3f20e098b8c1d48a663b5a853b5950a159aae
 
Error: (04/09/2015 05:12:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: League of Legends.exe, version: 5.7.0.275, time stamp: 0x551f11c0
Faulting module name: League of Legends.exe, version: 5.7.0.275, time stamp: 0x551f11c0
Exception code: 0xc0000409
Fault offset: 0x00ce4077
Faulting process ID: 0x1168
Faulting application start time: 0xLeague of Legends.exe0
Faulting application path: League of Legends.exe1
Faulting module path: League of Legends.exe2
Report ID: League of Legends.exe3
Faulting package full name: League of Legends.exe4
Faulting package-relative application ID: League of Legends.exe5
 
Error: (04/09/2015 02:54:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20689 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1934
 
Start Time: 01d072bb29d1b59c
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: 1e763702-deaf-11e4-8269-b01041ed4a98
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (04/09/2015 02:48:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 50565828
 
Error: (04/09/2015 02:48:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 50565828
 
Error: (04/09/2015 02:48:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (04/08/2015 11:04:40 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 1  2015-04-08  23:04:39+04:00  CLAPTRAP  SYSTEM  F-Secure DeepGuard
 Application was blocked. This was determined to be a high-risk application by system control heuristics.
 Application path: \\?\c:\windows\mod_frst.exe
 File hash: 7af3f20e098b8c1d48a663b5a853b5950a159aae
 
Error: (04/08/2015 10:04:32 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: NT AUTHORITY)
Description: Error 0x8004401e encountered when trying to load MOF C:\WINDOWS\SYSTEM32\WBEM\EN-US\PROFILEASSOCIATIONPROVIDER.MFL while recovering .MOF file marked with autorecover.
 
Error: (04/08/2015 10:04:32 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: NT AUTHORITY)
Description: Error 0x8004401e encountered when trying to load MOF C:\WINDOWS\SYSTEM32\WBEM\EN-US\POWERMETERPROVIDER.MFL while recovering .MOF file marked with autorecover.
 
Error: (04/08/2015 10:04:32 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: NT AUTHORITY)
Description: Error 0x8004401e encountered when trying to load MOF C:\WINDOWS\SYSTEM32\WBEM\EN-US\CIMDMTF.MFL while recovering .MOF file marked with autorecover.
 
 
System errors:
=============
Error: (04/09/2015 03:01:32 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.
 
Error: (04/08/2015 10:01:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error: 
%%6
 
Error: (04/08/2015 10:01:11 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Сервер service terminated with the following error: 
%%1115
 
Error: (04/08/2015 10:01:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Обнаружение SSDP service failed to start due to the following error: 
%%1069
 
Error: (04/08/2015 10:01:08 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The SSDPSRV service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: 
%%50
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (04/08/2015 10:01:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Клиент групповой политики service failed to start due to the following error: 
%%1115
 
Error: (04/08/2015 10:01:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Диспетчер настройки устройств service failed to start due to the following error: 
%%1115
 
Error: (04/08/2015 10:01:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Информация о совместимости приложений service failed to start due to the following error: 
%%1115
 
Error: (04/08/2015 10:01:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Служба поддержки Bluetooth service failed to start due to the following error: 
%%1069
 
Error: (04/08/2015 10:01:08 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The bthserv service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: 
%%50
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
 
Microsoft Office Sessions:
=========================
Error: (04/09/2015 05:39:40 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 2  2015-04-09  17:39:40+04:00  CLAPTRAP  SYSTEM  F-Secure DeepGuard
 Application was blocked. This was determined to be a high-risk application by system control heuristics.
 Application path: \\?\c:\windows\mod_frst.exe
 File hash: 7af3f20e098b8c1d48a663b5a853b5950a159aae
 
Error: (04/09/2015 05:12:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: League of Legends.exe5.7.0.275551f11c0League of Legends.exe5.7.0.275551f11c0c000040900ce4077116801d072ce2dd9dfd8C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.85\deploy\League of Legends.exeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.85\deploy\League of Legends.exe6f64fab6-dec2-11e4-8269-b01041ed4a98
 
Error: (04/09/2015 02:54:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20689193401d072bb29d1b59c4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe1e763702-deaf-11e4-8269-b01041ed4a98microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
 
Error: (04/09/2015 02:48:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 50565828
 
Error: (04/09/2015 02:48:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 50565828
 
Error: (04/09/2015 02:48:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (04/08/2015 11:04:40 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 1  2015-04-08  23:04:39+04:00  CLAPTRAP  SYSTEM  F-Secure DeepGuard
 Application was blocked. This was determined to be a high-risk application by system control heuristics.
 Application path: \\?\c:\windows\mod_frst.exe
 File hash: 7af3f20e098b8c1d48a663b5a853b5950a159aae
 
Error: (04/08/2015 10:04:32 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: NT AUTHORITY)
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EN-US\PROFILEASSOCIATIONPROVIDER.MFL
 
Error: (04/08/2015 10:04:32 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: NT AUTHORITY)
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EN-US\POWERMETERPROVIDER.MFL
 
Error: (04/08/2015 10:04:32 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: NT AUTHORITY)
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EN-US\CIMDMTF.MFL
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4510U CPU @ 2.00GHz
Percentage of memory in use: 59%
Total physical RAM: 8122.15 MB
Available physical RAM: 3323.29 MB
Total Pagefile: 9402.15 MB
Available Pagefile: 3501 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:910.77 GB) (Free:835.44 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:19.73 GB) (Free:2.23 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (TOSHIBA EXT) (Fixed) (Total:1863.01 GB) (Free:1162.02 GB) NTFS
Drive g: () (Removable) (Total:3.73 GB) (Free:3.66 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 412A0C86)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: 671790B3)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (Size: 3.7 GB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================

Edited by rebtastic, 09 April 2015 - 09:17 AM.

  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP

It looks like FRST got rid of the files even tho your anti-virus blocked part of it.  Did saleplus come back when you restarted Chrome?  If so do another FRST scan log so I can see what it looks like before you kill it off.


  • 0

#5
rebtastic

rebtastic

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

It's gone, for now! What a relief. Thank you so much for your help!


  • 0






Similar Topics


Also tagged with one or more of these keywords: adware

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP