Hi! I need help!
My antivirus doesn't wanna start! I have a virus and I don't know how to fix it.
I have Win7 Home Premium x64 with Microsoft Security Essentials and Avira
I read other thread and try to scan with FRST
My logs are attached. thanks.
FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01
Ran by David (administrator) on DAVIDHOHO on 01-07-2015 16:37:21
Running from C:\Users\David\Desktop
Loaded Profiles: David & MSSQLFDLauncher$SQL2012 & MSOLAP$SQL2012 & ReportServer$SQL2012 & MSSQL$SQL2012 (Available Profiles: David & MsDtsServer110 & MSSQLFDLauncher$SQL2012 & MSOLAP$SQL2012 & ReportServer$SQL2012 & MSSQL$SQL2012)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\Program Files (x86)\Distressed Stretch\Distressed Stretch.exe
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\bin\msmdsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQL2012\MSSQL\Binn\sqlservr.exe
() C:\xampp\mysql\bin\mysqld.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS11.SQL2012\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Users\David\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQL2012\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQL2012\MSSQL\Binn\fdhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\vsjitdebugger.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\wbengine.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [249064 2010-10-30] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-06-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [730416 2015-06-16] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1685673173-357443733-221515080-1000\...\Run: [Line] => C:\Program Files (x86)\Naver\LINE\Line.exe [13491224 2015-06-10] (LINE Corporation)
HKU\S-1-5-21-1685673173-357443733-221515080-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3417496 2011-08-31] (Tonec Inc.)
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\d.lnk [2015-06-10]
ShortcutTarget: d.lnk -> C:\Users\David\AppData\Roaming\obfavqufsr.exe (Kareo)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2011-05-30] (Tonec Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga...54HA397EHA397EX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga...54HA397EHA397EX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga...q={searchTerms}
HKU\S-1-5-21-1685673173-357443733-221515080-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKU\S-1-5-21-1685673173-357443733-221515080-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga...54HA397EHA397EX
HKU\S-1-5-21-1685673173-357443733-221515080-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certif...72E0943B8A17&q=
HKU\S-1-5-21-1685673173-357443733-221515080-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certif...72E0943B8A17&q=
HKU\S-1-5-21-1685673173-357443733-221515080-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certif...72E0943B8A17&q=
HKU\S-1-5-21-1685673173-357443733-221515080-1000\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.searchgol...913_m1&tsp=5015
HKU\S-1-5-21-1685673173-357443733-221515080-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft....g}&sourceid=ie7
HKU\S-1-5-80-1799020999-621814136-2803284099-1257466858-2328019442\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKU\S-1-5-80-1799020999-621814136-2803284099-1257466858-2328019442\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft....q={searchTerms}
HKU\S-1-5-80-1799020999-621814136-2803284099-1257466858-2328019442\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL/28
HKU\S-1-5-80-2371223097-4079952696-1148679707-1386771867-422980588\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKU\S-1-5-80-2371223097-4079952696-1148679707-1386771867-422980588\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft....q={searchTerms}
HKU\S-1-5-80-2371223097-4079952696-1148679707-1386771867-422980588\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL/28
HKU\S-1-5-80-3188738194-1912865064-2563333431-1497984182-3983513578\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKU\S-1-5-80-3188738194-1912865064-2563333431-1497984182-3983513578\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft....q={searchTerms}
HKU\S-1-5-80-3188738194-1912865064-2563333431-1497984182-3983513578\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL/28
HKU\S-1-5-80-771732568-2983420133-2210906521-522062425-3275482924\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKU\S-1-5-80-771732568-2983420133-2210906521-522062425-3275482924\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft....q={searchTerms}
HKU\S-1-5-80-771732568-2983420133-2210906521-522062425-3275482924\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL/28
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/we...&l=dis&o=HPNTDF
SearchScopes: HKLM -> {31090377-0740-419E-BEFC-A56E50500D5B} URL =
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://id.search.yah...psg&type=HPNTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.certif...q={searchTerms}
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/we...&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.certif...q={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://id.search.yah...psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.coo...&cc=ID&unqvl=85
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKLM-x32 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/we...q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\.DEFAULT -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/we...q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-1685673173-357443733-221515080-1000 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-1685673173-357443733-221515080-1000 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-1685673173-357443733-221515080-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.certif...q={searchTerms}
SearchScopes: HKU\S-1-5-21-1685673173-357443733-221515080-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.searchgol...913_m1&tsp=5015
SearchScopes: HKU\S-1-5-21-1685673173-357443733-221515080-1000 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/we...&l=dis&o=HPNTDF
SearchScopes: HKU\S-1-5-21-1685673173-357443733-221515080-1000 -> {3404FA74-44BB-4A17-9B45-9A467874A7C1} URL = http://websearch.ask...14-9DCFE39C47A5
SearchScopes: HKU\S-1-5-21-1685673173-357443733-221515080-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/we...q={searchTerms}
SearchScopes: HKU\S-1-5-21-1685673173-357443733-221515080-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-1685673173-357443733-221515080-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-1685673173-357443733-221515080-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.certif...q={searchTerms}
SearchScopes: HKU\S-1-5-21-1685673173-357443733-221515080-1000 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://id.search.yah...psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-1685673173-357443733-221515080-1000 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.coo...&cc=ID&unqvl=85
SearchScopes: HKU\S-1-5-21-1685673173-357443733-221515080-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKU\S-1-5-21-1685673173-357443733-221515080-1000 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKU\S-1-5-80-1799020999-621814136-2803284099-1257466858-2328019442 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-80-1799020999-621814136-2803284099-1257466858-2328019442 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-80-1799020999-621814136-2803284099-1257466858-2328019442 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/we...&l=dis&o=HPNTDF
SearchScopes: HKU\S-1-5-80-1799020999-621814136-2803284099-1257466858-2328019442 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-80-1799020999-621814136-2803284099-1257466858-2328019442 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://id.search.yah...psg&type=HPNTDF
SearchScopes: HKU\S-1-5-80-1799020999-621814136-2803284099-1257466858-2328019442 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKU\S-1-5-80-2371223097-4079952696-1148679707-1386771867-422980588 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-80-2371223097-4079952696-1148679707-1386771867-422980588 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-80-2371223097-4079952696-1148679707-1386771867-422980588 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/we...&l=dis&o=HPNTDF
SearchScopes: HKU\S-1-5-80-2371223097-4079952696-1148679707-1386771867-422980588 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-80-2371223097-4079952696-1148679707-1386771867-422980588 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://id.search.yah...psg&type=HPNTDF
SearchScopes: HKU\S-1-5-80-2371223097-4079952696-1148679707-1386771867-422980588 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKU\S-1-5-80-3188738194-1912865064-2563333431-1497984182-3983513578 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-80-3188738194-1912865064-2563333431-1497984182-3983513578 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-80-3188738194-1912865064-2563333431-1497984182-3983513578 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/we...&l=dis&o=HPNTDF
SearchScopes: HKU\S-1-5-80-3188738194-1912865064-2563333431-1497984182-3983513578 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-80-3188738194-1912865064-2563333431-1497984182-3983513578 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://id.search.yah...psg&type=HPNTDF
SearchScopes: HKU\S-1-5-80-3188738194-1912865064-2563333431-1497984182-3983513578 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKU\S-1-5-80-771732568-2983420133-2210906521-522062425-3275482924 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-80-771732568-2983420133-2210906521-522062425-3275482924 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-80-771732568-2983420133-2210906521-522062425-3275482924 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/we...&l=dis&o=HPNTDF
SearchScopes: HKU\S-1-5-80-771732568-2983420133-2210906521-522062425-3275482924 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-80-771732568-2983420133-2210906521-522062425-3275482924 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://id.search.yah...psg&type=HPNTDF
SearchScopes: HKU\S-1-5-80-771732568-2983420133-2210906521-522062425-3275482924 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia....h={searchTerms}
BHO: AllSSaver -> {6DFF934C-265E-4EDF-BCEC-850E2635CE03} -> C:\Program Files (x86)\AllSSaver\d8ZBQjp28K3NKh.x64.dll [2015-06-29] ()
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{075D9B8C-0025-4FC3-B6CF-A58F1C996B6E}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{1B86BCA7-6621-4E16-9860-B4B15399D217}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2CBC345F-5772-44D4-B02F-07018B0000FF}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{356C5CBD-3163-44AE-A8D8-E98B1DF5B446}: [NameServer] 10.0.28.18 10.0.28.3
Tcpip\..\Interfaces\{521BB429-17C4-4E6C-BE52-42869AC3D700}: [NameServer] 10.0.28.18 10.0.28.3
Tcpip\..\Interfaces\{7DE099D1-FF3E-4FE4-AADC-4C14A4C2ABF0}: [NameServer] 192.168.130.28 0.0.0.0
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\rpq8mq8f.default-1428237532237
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-06-24] ()
FF Plugin: @java.com/DTPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-05-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-05-11] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-24] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-05-15] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-09-06] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1685673173-357443733-221515080-1000: LWAPlugin15.8 -> C:\Users\David\AppData\Roaming\Mozilla\Plugins\npLWAPlugin15.8.dll [2014-11-13] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2011-09-06] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\David\AppData\Roaming\mozilla\plugins\npLWAPlugin15.8.dll [2014-11-13] (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\key-find.xml [2014-12-02]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\omiga-plus.xml [2014-11-12]
FF Extension: Ant Video Downloader - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\rpq8mq8f.default-1428237532237\Extensions\[email protected] [2015-05-29]
FF Extension: Download YouTube Videos as MP4 - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\rpq8mq8f.default-1428237532237\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2015-05-18]
FF Extension: Adblock Edge - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\rpq8mq8f.default-1428237532237\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2015-06-28]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qml7zgsc.default-1403588290950\extensions\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qml7zgsc.default-1403588290950\extensions\[email protected]
FF HKU\S-1-5-21-1685673173-357443733-221515080-1000\...\Firefox\Extensions: [[email protected]] - C:\Users\David\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\David\AppData\Roaming\IDM\idmmzcc5 [2014-08-08]
FF HKU\S-1-5-21-1685673173-357443733-221515080-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\David\AppData\Roaming\IDM\idmmzcc5
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-30]
CHR Extension: (Google Docs) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-30]
CHR Extension: (Google Drive) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-30]
CHR Extension: (Speedial) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakijjialdiiboeaknfpmflphhmljfkd [2015-01-30]
CHR Extension: (The Latest Versions of Google ) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bibclkcoilbnbnppanidhimphmfbjaab [2015-04-10]
CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-30]
CHR Extension: (Google Search) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-30]
CHR Extension: (Google Sheets) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-30]
CHR Extension: (Taskforce) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdbfnafnalfjconpgenohfidcaeibkoc [2015-06-02]
CHR Extension: (IDM Integration Module) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2015-01-30]
CHR Extension: (Google Wallet) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-30]
CHR Extension: (Security Protection) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh [2015-01-30]
CHR Extension: (Vosteran New Tab) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce [2015-01-30]
CHR Extension: (Blocksi Web Filter) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmjaihnmedpcdkjcgigocogcbffgkbn [2015-06-29]
CHR Extension: (Gmail) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-30]
CHR HKLM\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - https://clients2.goo...ice/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.goo...ice/update2/crx
CHR HKLM\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [2014-12-02]
CHR HKLM\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - https://clients2.goo...ice/update2/crx
CHR HKU\S-1-5-21-1685673173-357443733-221515080-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - https://clients2.goo...ice/update2/crx
CHR HKU\S-1-5-21-1685673173-357443733-221515080-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eiimolhnbbbdagljikeckdkldgemmmlj] - C:\Program Files (x86)\lucky leap\eiimolhnbbbdagljikeckdkldgemmmlj.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-07-23]
CHR HKLM-x32\...\Chrome\Extension: [kiplfnciaokpcennlkldkdaeaaomamof] - C:\Users\David\AppData\Local\Torch\Plugins\TorchPlugin.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [2014-12-02]
CHR HKLM-x32\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - https://clients2.goo...ice/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [827184 2015-06-16] (Avira Operations GmbH & Co. KG)
U2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [450808 2015-06-16] (Avira Operations GmbH & Co. KG)
U2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [450808 2015-06-16] (Avira Operations GmbH & Co. KG)
U2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1188360 2015-06-16] (Avira Operations GmbH & Co. KG)
R2 Apache2.4; C:\xampp\apache\bin\httpd.exe [22016 2014-07-17] (Apache Software Foundation) [File not signed]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [217280 2015-06-02] (Avira Operations GmbH & Co. KG)
R2 Distressed Stretch; C:\Program Files (x86)\Distressed Stretch\Distressed Stretch.exe [8016413 2015-06-17] () [File not signed] <==== ATTENTION
S2 FileZilla Server; C:\xampp\filezillaftp\filezillaserver.exe [632320 2012-02-26] (FileZilla Project) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [347200 2015-02-10] (WildTangent)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2372096 2011-02-19] (Realsil Microelectronics Inc.) [File not signed]
S2 MsDtsServer110; C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe [218040 2012-06-12] (Microsoft Corporation)
S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R2 MSOLAP$SQL2012; C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\bin\msmdsrv.exe [61538904 2012-02-11] (Microsoft Corporation)
R2 MSSQL$SQL2012; C:\Program Files\Microsoft SQL Server\MSSQL11.SQL2012\MSSQL\Binn\sqlservr.exe [190904 2012-06-12] (Microsoft Corporation)
R3 MSSQLFDLauncher$SQL2012; C:\Program Files\Microsoft SQL Server\MSSQL11.SQL2012\MSSQL\Binn\fdlauncher.exe [49752 2012-02-11] (Microsoft Corporation)
R2 mysql; C:\xampp\mysql\bin\mysqld.exe [11021824 2014-09-11] () [File not signed]
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-04-01] ()
R2 ReportServer$SQL2012; C:\Program Files\Microsoft SQL Server\MSRS11.SQL2012\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2348632 2012-02-11] (Microsoft Corporation)
S3 SQL Server Distributed Replay Client; C:\Program Files (x86)\Microsoft SQL Server\110\Tools\DReplayClient\DReplayClient.exe [137304 2012-02-11] (Microsoft Corporation)
S3 SQL Server Distributed Replay Controller; C:\Program Files (x86)\Microsoft SQL Server\110\Tools\DReplayController\DReplayController.exe [342104 2012-02-11] (Microsoft Corporation)
S3 SQLAgent$SQL2012; C:\Program Files\Microsoft SQL Server\MSSQL11.SQL2012\MSSQL\Binn\SQLAGENT.EXE [608696 2012-06-12] (Microsoft Corporation)
R2 VSSS; C:\Users\David\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe [98107264 2015-06-23] (Microsoft Corporation) [File not signed] <==== ATTENTION
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [426160 2015-05-04] (Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION
S2 AdobeARMservice; "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-06-16] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132656 2015-06-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-06-16] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-06-16] (Avira Operations GmbH & Co. KG)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [243200 2009-10-21] (Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S3 plkusbser; C:\Windows\System32\DRIVERS\plkusbser.sys [113664 2008-01-23] (QUALCOMM Incorporated)
R1 RsFx0200; C:\Windows\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation)
R1 {3b232d24-d5de-4194-b4d7-d53b41a09748}w64; C:\Windows\System32\drivers\{3b232d24-d5de-4194-b4d7-d53b41a09748}w64.sys [61120 2014-04-24] (StdLib)
R1 {9d5747ee-0448-4681-8337-1555de75a3b6}w64; C:\Windows\System32\drivers\{9d5747ee-0448-4681-8337-1555de75a3b6}w64.sys [61120 2014-09-08] (StdLib)
R1 {ecd6aae4-019c-44b2-a0e5-570904275d66}w64; C:\Windows\System32\drivers\{ecd6aae4-019c-44b2-a0e5-570904275d66}w64.sys [48792 2015-01-16] (StdLib)
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 esyvrrjc; \??\C:\Windows\system32\drivers\esyvrrjc.sys [X]
S3 hxsyol; \??\C:\GAMES\AuraKingdom\avital\hxsy64.sys [X]
R4 KProcessHacker2; \??\C:\Program Files\kprocesshacker.sys [X]
S1 kvbqyqvg; \??\C:\Windows\system32\drivers\kvbqyqvg.sys [X]
S1 ojqlethn; \??\C:\Windows\system32\drivers\ojqlethn.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\5.0.0.0\PCFApiUtil64.sys [X]
S3 Spring; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\Spring64.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\BatteryCare\WinRing0x64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-01 16:37 - 2015-07-01 16:38 - 00039829 _____ C:\Users\David\Desktop\FRST.txt
2015-07-01 16:37 - 2015-07-01 16:37 - 00000000 ____D C:\FRST
2015-07-01 16:35 - 2015-07-01 16:36 - 02112512 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2015-07-01 16:35 - 2015-07-01 16:36 - 01636352 _____ (Farbar) C:\Users\David\Desktop\FRST.exe
2015-07-01 16:23 - 2015-07-01 16:22 - 00960000 _____ C:\Users\David\Desktop\xigncode.log
2015-07-01 16:17 - 2015-07-01 16:21 - 00000000 _____ C:\dfu.log
2015-07-01 10:08 - 2015-07-01 10:12 - 00013511 _____ C:\Users\David\Documents\Juli.xlsx
2015-07-01 09:26 - 2015-07-01 09:26 - 01415680 _____ (wj32) C:\Program Files\KU159DKS.exe
2015-07-01 09:25 - 2015-07-01 09:25 - 01415680 _____ (wj32) C:\Program Files\ZSZ37BIW.exe
2015-07-01 09:25 - 2015-07-01 09:25 - 01415680 _____ (wj32) C:\Program Files\OSZ3W07L.exe
2015-07-01 09:25 - 2015-07-01 09:25 - 01415680 _____ (wj32) C:\Program Files\IS0AKUSN.exe
2015-07-01 09:25 - 2015-07-01 09:25 - 01415680 _____ (wj32) C:\Program Files\G5JKCH95.exe
2015-07-01 09:25 - 2015-07-01 09:25 - 01415680 _____ (wj32) C:\Program Files\4BFJNJNF.exe
2015-06-30 15:21 - 2015-07-01 01:14 - 00036864 _____ C:\Users\David\Desktop\SE Rev1.xls
2015-06-30 11:56 - 2015-06-30 11:56 - 00000000 ____D C:\Users\David\AppData\Roaming\Avira
2015-06-30 11:53 - 2015-06-16 09:36 - 00153256 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-06-30 11:53 - 2015-06-16 09:36 - 00132656 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-06-30 11:53 - 2015-06-16 09:36 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-06-30 11:53 - 2015-06-16 09:36 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-06-30 11:49 - 2015-06-30 11:49 - 00001148 _____ C:\Users\Public\Desktop\Avira.lnk
2015-06-30 11:48 - 2015-06-30 11:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-06-30 11:48 - 2015-06-30 11:53 - 00000000 ____D C:\Program Files (x86)\Avira
2015-06-30 11:48 - 2015-06-30 11:48 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-30 10:52 - 2015-06-30 10:52 - 01415680 _____ (wj32) C:\Program Files\JW6GK3DN.exe
2015-06-30 10:52 - 2015-06-30 10:52 - 01415680 _____ (wj32) C:\Program Files\9DHLSLPT.exe
2015-06-30 10:52 - 2015-06-30 10:52 - 01415680 _____ (wj32) C:\Program Files\7BF8FJNR.exe
2015-06-29 21:39 - 2015-06-29 21:39 - 00000775 _____ C:\Users\David\Desktop\kisi2 CB.txt
2015-06-29 12:00 - 2015-06-29 12:00 - 00000000 _____ C:\Users\David\AppData\Local\Temp.dat
2015-06-29 11:44 - 2015-07-01 00:59 - 00000000 ____D C:\Program Files (x86)\Blocksi Web Filter
2015-06-29 11:44 - 2015-07-01 00:59 - 00000000 ____D C:\Program Files (x86)\AllSaVer
2015-06-29 11:44 - 2015-06-30 12:05 - 00000000 ____D C:\Program Files (x86)\AllSSaver
2015-06-29 11:06 - 2015-06-29 11:06 - 01415680 _____ (wj32) C:\Program Files\OSWSW07W.exe
2015-06-29 11:06 - 2015-06-29 11:06 - 01415680 _____ (wj32) C:\Program Files\8IS2FPZX.exe
2015-06-28 17:10 - 2015-06-28 17:10 - 01415680 _____ (wj32) C:\Program Files\OSW3737F.exe
2015-06-28 17:09 - 2015-06-28 17:09 - 01415680 _____ (wj32) C:\Program Files\SWPW048J.exe
2015-06-28 17:09 - 2015-06-28 17:09 - 01415680 _____ (wj32) C:\Program Files\E7BIMKU5.exe
2015-06-27 15:33 - 2015-06-27 15:35 - 00000000 ____D C:\Windows\rescache
2015-06-27 12:59 - 2015-06-27 12:59 - 01415680 _____ (wj32) C:\Program Files\OKOSW37O.exe
2015-06-27 12:58 - 2015-06-27 12:58 - 01415680 _____ (wj32) C:\Program Files\EOYBLV5Y.exe
2015-06-27 01:05 - 2015-06-30 22:28 - 00008832 _____ C:\Users\David\Desktop\Book1.xlsx
2015-06-26 17:28 - 2015-06-26 17:28 - 01415680 _____ (wj32) C:\Program Files\XVIG83K6.exe
2015-06-26 17:28 - 2015-06-26 17:28 - 01415680 _____ (wj32) C:\Program Files\UY5959D5.exe
2015-06-26 17:28 - 2015-06-26 17:28 - 01415680 _____ (wj32) C:\Program Files\26A3AEIA.exe
2015-06-26 11:47 - 2015-06-26 11:47 - 00001456 _____ C:\Users\David\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-06-26 09:24 - 2015-06-26 09:24 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-26 09:24 - 2015-06-26 09:24 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-26 02:12 - 2012-02-11 15:43 - 00253016 _____ (Microsoft Corporation) C:\Windows\system32\SQSRVRES.DLL
2015-06-25 11:39 - 2015-06-25 11:39 - 01415680 _____ (wj32) C:\Program Files\R1BOY8IV.exe
2015-06-25 11:38 - 2015-06-25 11:38 - 01415680 _____ (wj32) C:\Program Files\6AELEIMT.exe
2015-06-25 11:26 - 2015-06-25 11:26 - 01415680 _____ (wj32) C:\Program Files\LPTPTX12.exe
2015-06-25 11:26 - 2015-06-25 11:26 - 01415680 _____ (wj32) C:\Program Files\9MW6G2PN.exe
2015-06-25 11:25 - 2015-06-25 11:25 - 01415680 _____ (wj32) C:\Program Files\HLSW6Z6E.exe
2015-06-25 11:00 - 2015-04-18 10:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-06-25 11:00 - 2015-04-18 09:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-06-25 10:59 - 2015-05-26 01:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-25 10:59 - 2015-05-26 01:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-25 10:59 - 2015-05-26 01:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-25 10:59 - 2015-05-26 01:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-25 10:59 - 2015-05-26 01:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-25 10:59 - 2015-05-26 01:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-25 10:59 - 2015-05-26 01:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-25 10:59 - 2015-05-26 01:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-25 10:59 - 2015-05-26 01:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-25 10:59 - 2015-05-26 01:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-25 10:59 - 2015-05-26 01:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-25 10:59 - 2015-05-26 01:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-25 10:59 - 2015-05-26 01:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-25 10:59 - 2015-05-26 01:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-25 10:59 - 2015-05-26 01:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-25 10:59 - 2015-05-26 01:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-25 10:59 - 2015-05-26 01:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-25 10:59 - 2015-05-26 01:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-25 10:59 - 2015-05-26 01:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-25 10:59 - 2015-05-26 01:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-25 10:59 - 2015-05-26 01:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-25 10:59 - 2015-05-26 01:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-25 10:59 - 2015-05-26 01:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-25 10:59 - 2015-05-26 01:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-25 10:59 - 2015-05-26 01:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-25 10:59 - 2015-05-26 01:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-25 10:59 - 2015-05-26 01:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-25 10:59 - 2015-05-26 01:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-25 10:59 - 2015-05-26 01:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-25 10:59 - 2015-05-26 01:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-25 10:59 - 2015-05-26 01:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-25 10:59 - 2015-05-26 01:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-25 10:59 - 2015-05-26 01:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-25 10:59 - 2015-05-26 01:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-25 10:59 - 2015-05-26 01:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-25 10:59 - 2015-05-26 01:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-25 10:59 - 2015-05-26 01:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-25 10:59 - 2015-05-26 01:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-25 10:59 - 2015-05-26 01:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-25 10:59 - 2015-05-26 01:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-25 10:59 - 2015-05-26 01:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-25 10:59 - 2015-05-26 01:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-25 10:59 - 2015-05-26 01:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-25 10:59 - 2015-05-26 01:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 01:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 01:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 01:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 01:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 01:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 01:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 01:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 01:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 01:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 01:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-25 10:59 - 2015-05-26 01:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-25 10:59 - 2015-05-26 01:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-25 10:59 - 2015-05-26 01:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-25 10:59 - 2015-05-26 01:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-25 10:59 - 2015-05-26 01:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-25 10:59 - 2015-05-26 01:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-25 10:59 - 2015-05-26 01:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-25 10:59 - 2015-05-26 01:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-25 10:59 - 2015-05-26 01:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-25 10:59 - 2015-05-26 01:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-25 10:59 - 2015-05-26 01:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-25 10:59 - 2015-05-26 01:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-25 10:59 - 2015-05-26 01:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-25 10:59 - 2015-05-26 01:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-25 10:59 - 2015-05-26 01:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-25 10:59 - 2015-05-26 01:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-25 10:59 - 2015-05-26 01:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-25 10:59 - 2015-05-26 01:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-25 10:59 - 2015-05-26 01:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-25 10:59 - 2015-05-26 01:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-25 10:59 - 2015-05-26 01:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-25 10:59 - 2015-05-26 01:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-25 10:59 - 2015-05-26 00:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-25 10:59 - 2015-05-26 00:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-25 10:59 - 2015-05-26 00:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-25 10:59 - 2015-05-26 00:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-25 10:59 - 2015-05-26 00:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-25 10:59 - 2015-05-26 00:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-25 10:59 - 2015-05-26 00:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-25 10:59 - 2015-05-26 00:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-25 10:59 - 2015-05-26 00:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 00:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 00:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 00:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 00:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 00:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 00:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 00:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 00:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 00:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 00:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 00:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 00:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 00:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 00:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 00:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 00:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 00:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 00:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 00:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 00:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 00:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 00:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 00:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-25 10:59 - 2015-05-26 00:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-25 10:59 - 2015-05-25 23:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-25 10:59 - 2015-05-25 23:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-25 10:59 - 2015-05-25 23:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-25 10:59 - 2015-05-25 23:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-25 10:59 - 2015-05-25 23:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-25 10:59 - 2015-05-25 23:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-25 10:59 - 2015-04-30 01:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-25 10:59 - 2015-04-30 01:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-25 10:59 - 2015-04-30 01:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-25 10:59 - 2015-04-30 01:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-25 10:59 - 2015-04-30 01:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-25 10:59 - 2015-04-30 01:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-25 10:59 - 2015-04-30 01:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-25 10:59 - 2015-04-30 01:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-25 10:59 - 2015-04-30 01:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-25 10:59 - 2015-04-30 01:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-25 10:45 - 2015-06-25 10:45 - 01415680 _____ (wj32) C:\Program Files\IMTX15C2.exe
2015-06-25 10:44 - 2015-06-25 10:44 - 01415680 _____ (wj32) C:\Program Files\W3AHLHOD.exe
2015-06-25 10:38 - 2015-06-25 10:38 - 01415680 _____ (wj32) C:\Program Files\SW3704BM.exe
2015-06-25 07:40 - 2015-05-01 20:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-06-25 07:40 - 2015-05-01 20:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-06-25 07:13 - 2015-01-09 10:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-06-25 07:13 - 2015-01-09 10:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-06-25 07:13 - 2015-01-09 10:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-06-25 07:13 - 2015-01-09 09:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-06-25 06:38 - 2015-04-13 10:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-06-25 06:37 - 2015-05-23 01:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-25 06:37 - 2015-05-23 01:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-25 06:37 - 2015-05-23 01:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-25 06:37 - 2015-05-23 01:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-25 06:37 - 2015-05-23 01:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-25 06:37 - 2015-05-23 01:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-25 06:37 - 2015-05-23 01:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-25 06:37 - 2015-05-21 20:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-25 06:37 - 2015-01-28 06:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-06-25 06:36 - 2015-04-25 01:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-25 06:36 - 2015-04-25 00:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-25 06:36 - 2015-04-20 10:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-06-25 06:36 - 2015-04-20 10:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-06-25 06:36 - 2015-04-20 09:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-06-25 06:36 - 2015-04-08 10:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-06-25 06:36 - 2015-04-08 10:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-06-25 06:36 - 2015-03-25 10:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-06-25 06:36 - 2015-03-25 10:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-06-25 06:36 - 2015-03-25 10:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-06-25 06:36 - 2015-03-25 10:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-06-25 06:36 - 2015-03-25 10:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-06-25 06:36 - 2015-03-25 10:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-06-25 06:36 - 2015-03-25 10:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-06-25 06:36 - 2015-03-25 10:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-06-25 06:36 - 2015-03-25 10:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-06-25 06:36 - 2015-03-25 10:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-06-25 06:36 - 2015-03-25 10:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-06-25 06:36 - 2015-03-25 10:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-06-25 06:36 - 2015-03-25 10:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-06-25 06:36 - 2015-03-25 10:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-06-25 06:36 - 2015-03-25 10:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-06-25 06:36 - 2015-03-25 10:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-06-25 06:36 - 2015-03-10 10:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-06-25 06:36 - 2015-03-10 10:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-06-25 06:36 - 2015-03-10 10:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-06-25 06:36 - 2015-03-10 10:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-06-25 06:36 - 2015-03-05 12:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-06-25 06:36 - 2015-03-05 11:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-06-25 06:36 - 2015-01-29 10:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-06-25 06:36 - 2015-01-29 10:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-06-25 06:36 - 2012-06-01 12:39 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2015-06-25 06:36 - 2012-06-01 12:36 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2015-06-25 06:36 - 2012-06-01 12:36 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2015-06-25 06:36 - 2012-06-01 12:35 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2015-06-25 06:36 - 2012-06-01 12:34 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2015-06-25 06:36 - 2012-06-01 12:33 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2015-06-25 06:36 - 2012-06-01 11:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2015-06-25 06:36 - 2012-06-01 11:37 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2015-06-25 06:36 - 2012-06-01 11:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2015-06-25 06:36 - 2012-06-01 11:35 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2015-06-25 06:36 - 2012-06-01 11:35 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2015-06-25 06:36 - 2012-06-01 11:34 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2015-06-25 06:35 - 2015-05-26 00:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-25 06:34 - 2015-05-31 08:05 - 17884672 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-25 06:34 - 2015-05-31 07:50 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-25 06:34 - 2015-05-31 07:49 - 10935296 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-25 06:34 - 2015-05-31 07:48 - 02343424 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-25 06:34 - 2015-05-31 07:42 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-25 06:34 - 2015-05-31 07:42 - 01387520 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-25 06:34 - 2015-05-31 07:41 - 02158080 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-25 06:34 - 2015-05-31 07:41 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-25 06:34 - 2015-05-31 07:41 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-25 06:34 - 2015-05-31 07:41 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-25 06:34 - 2015-05-31 07:41 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-25 06:34 - 2015-05-31 07:41 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-06-25 06:34 - 2015-05-31 07:41 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-25 06:34 - 2015-05-31 07:41 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-25 06:34 - 2015-05-31 07:40 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-25 06:34 - 2015-05-31 07:40 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-25 06:34 - 2015-05-31 07:40 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-25 06:34 - 2015-05-31 07:40 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-25 06:34 - 2015-05-31 07:40 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-25 06:34 - 2015-05-31 07:40 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-06-25 06:34 - 2015-05-31 07:40 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-06-25 06:34 - 2015-05-31 07:40 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-06-25 06:34 - 2015-05-31 07:03 - 12385280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-25 06:34 - 2015-05-31 06:55 - 01809920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-25 06:34 - 2015-05-31 06:54 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-25 06:34 - 2015-05-31 06:53 - 09750528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-25 06:34 - 2015-05-31 06:50 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-25 06:34 - 2015-05-31 06:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-25 06:34 - 2015-05-31 06:49 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-25 06:34 - 2015-05-31 06:49 - 00718336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-25 06:34 - 2015-05-31 06:49 - 00421888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-25 06:34 - 2015-05-31 06:48 - 01804288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-25 06:34 - 2015-05-31 06:48 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-25 06:34 - 2015-05-31 06:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-25 06:34 - 2015-05-31 06:48 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-06-25 06:34 - 2015-05-31 06:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-25 06:34 - 2015-05-31 06:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-25 06:34 - 2015-05-31 06:48 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-25 06:34 - 2015-05-31 06:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-06-25 06:34 - 2015-05-31 06:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-25 06:34 - 2015-05-31 06:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-25 06:34 - 2015-05-31 06:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-25 06:34 - 2015-05-31 06:47 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-06-25 06:34 - 2015-05-31 06:47 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-06-25 06:34 - 2015-04-11 10:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-25 06:34 - 2015-02-25 10:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-06-25 06:34 - 2015-02-18 14:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-06-25 06:34 - 2015-02-18 14:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-06-25 06:32 - 2015-03-04 11:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-06-25 06:32 - 2015-03-04 11:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-06-25 06:32 - 2015-03-04 11:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-06-25 06:32 - 2015-03-04 11:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-06-25 06:32 - 2015-03-04 11:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-06-25 06:32 - 2015-03-04 11:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-06-25 06:32 - 2015-03-04 11:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-06-25 06:32 - 2015-03-04 11:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-06-25 06:32 - 2015-03-04 11:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-06-25 06:32 - 2015-03-04 11:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-06-25 06:04 - 2015-06-25 06:04 - 00002976 _____ C:\Windows\System32\Tasks\{96B35852-3F50-4A28-A954-B03FCA8218EC}
2015-06-25 06:02 - 2015-06-25 06:02 - 00002117 _____ C:\Users\David\Desktop\Microsoft Security Essentials.lnk
2015-06-25 06:00 - 2015-06-25 06:00 - 01415680 _____ (wj32) C:\Program Files\SHPK3KC5.exe
2015-06-25 06:00 - 2015-06-25 06:00 - 01415680 _____ (wj32) C:\Program Files\JNRY26AR.exe
2015-06-25 06:00 - 2015-06-25 06:00 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-06-25 06:00 - 2015-06-25 06:00 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-06-25 06:00 - 2015-06-25 06:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2015-06-25 05:32 - 2015-06-25 05:32 - 01415680 _____ (wj32) C:\Program Files\X2IH05I5.exe
2015-06-25 05:32 - 2015-06-25 05:32 - 01415680 _____ (wj32) C:\Program Files\FMKU159K.exe
2015-06-25 05:31 - 2015-06-25 05:31 - 01415680 _____ (wj32) C:\Program Files\CG9DKOGU.exe
2015-06-25 05:30 - 2015-06-25 05:30 - 01415680 _____ (wj32) C:\Program Files\AZIKFNFG.exe
2015-06-25 05:30 - 2015-06-25 05:30 - 01415680 _____ (wj32) C:\Program Files\48CJNRK9.exe
2015-06-25 05:27 - 2015-06-25 05:27 - 01415680 _____ (wj32) C:\Program Files\4818CJNM.exe
2015-06-25 05:22 - 2015-06-25 05:22 - 01415680 _____ (wj32) C:\Program Files\OVZ3737T.exe
2015-06-25 05:22 - 2015-06-25 05:22 - 01415680 _____ (wj32) C:\Program Files\L15AEUNF.exe
2015-06-25 05:22 - 2015-06-25 05:22 - 01415680 _____ (wj32) C:\Program Files\BOK9PO4D.exe
2015-06-25 05:22 - 2015-06-25 05:22 - 01415680 _____ (wj32) C:\Program Files\9VONCHCP.exe
2015-06-25 05:22 - 2015-06-25 05:22 - 01415680 _____ (wj32) C:\Program Files\9GKOSZ3K.exe
2015-06-25 05:22 - 2015-06-25 05:22 - 01415680 _____ (wj32) C:\Program Files\6BLV8IV0.exe
2015-06-25 05:22 - 2015-06-25 05:22 - 01415680 _____ (wj32) C:\Program Files\5Y59DHO2.exe
2015-06-25 05:22 - 2015-06-25 05:22 - 01415680 _____ (wj32) C:\Program Files\59DKOSLJ.exe
2015-06-25 05:22 - 2015-06-25 05:22 - 01415680 _____ (wj32) C:\Program Files\3GK0ANXV.exe
2015-06-25 05:21 - 2015-06-25 05:21 - 01415680 _____ (wj32) C:\Program Files\HR1BJT3Y.exe
2015-06-25 05:21 - 2015-06-25 05:21 - 01415680 _____ (wj32) C:\Program Files\ER12159T.exe
2015-06-25 05:21 - 2015-06-25 05:21 - 01415680 _____ (wj32) C:\Program Files\BLV8IS20.exe
2015-06-25 05:21 - 2015-06-25 05:21 - 01415680 _____ (wj32) C:\Program Files\8LV8IS2S.exe
2015-06-25 05:20 - 2015-06-25 05:20 - 01415680 _____ (wj32) C:\Program Files\VRVZ3AES.exe
2015-06-25 05:20 - 2015-06-25 05:20 - 01415680 _____ (wj32) C:\Program Files\3W04BFJ6.exe
2015-06-25 05:20 - 2015-06-25 05:20 - 01415680 _____ (wj32) C:\Program Files\15929AHP.exe
2015-06-25 05:15 - 2015-06-25 05:15 - 01415680 _____ (wj32) C:\Program Files\LV8ISXAK.exe
2015-06-25 05:15 - 2015-06-25 05:15 - 01415680 _____ (wj32) C:\Program Files\EIMKX15Y.exe
2015-06-25 05:15 - 2015-06-25 05:15 - 01415680 _____ (wj32) C:\Program Files\CGKRKOS3.exe
2015-06-25 05:15 - 2015-06-25 05:15 - 01415680 _____ (wj32) C:\Program Files\8CGCGKO5.exe
2015-06-24 09:48 - 2015-06-24 09:48 - 01415680 _____ (wj32) C:\Program Files\KLJH4WCB.exe
2015-06-24 09:47 - 2015-06-24 09:47 - 01415680 _____ (wj32) C:\Program Files\HR1EOY8L.exe
2015-06-23 15:11 - 2015-06-23 15:11 - 01415680 _____ (wj32) C:\Program Files\CMW6JT31.exe
2015-06-17 11:33 - 2015-06-17 11:33 - 00000000 ____D C:\Program Files (x86)\Distressed Stretch
2015-06-15 10:44 - 2015-07-01 00:59 - 00000000 ____D C:\Program Files (x86)\NetoCOUpaon
2015-06-15 10:44 - 2015-07-01 00:59 - 00000000 ____D C:\Program Files (x86)\NetioCoupon
2015-06-15 10:44 - 2015-06-15 10:44 - 00000000 ____D C:\Program Files (x86)\Color Icons for
2015-06-14 18:04 - 2015-06-28 21:08 - 00000000 ____D C:\Users\David\Desktop\uas
2015-06-14 00:28 - 2015-06-14 00:28 - 00000000 ____D C:\Users\David\AppData\Local\{5152806D-364E-452C-BE54-B0C625AAB4C7}
2015-06-10 23:06 - 2015-06-10 23:06 - 75165696 __RSH (Kareo) C:\Users\David\AppData\Roaming\obfavqufsr.exe
2015-06-10 15:44 - 2015-06-10 15:44 - 00000000 ____D C:\Users\David\AppData\Local\{0D56AB00-84F1-4EC6-B9B8-AB9BB0AF8881}
2015-06-05 17:29 - 2015-06-28 20:41 - 00000024 _____ C:\Users\David\AppData\Roaming\appdataFr25.bin
2015-06-04 16:02 - 2015-06-05 23:26 - 00000188 _____ C:\Users\David\.packettracer
2015-06-04 16:02 - 2015-06-04 16:03 - 00000000 ____D C:\Users\David\Cisco Packet Tracer 6.2sv
2015-06-04 16:00 - 2015-06-04 16:00 - 00001205 _____ C:\Users\David\Desktop\Cisco Packet Tracer Student.lnk
2015-06-04 16:00 - 2015-06-04 16:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Packet Tracer Student
2015-06-04 16:00 - 2015-06-04 16:00 - 00000000 ____D C:\Program Files (x86)\Cisco Packet Tracer 6.2sv
2015-06-01 20:55 - 2015-07-01 10:08 - 00014870 _____ C:\Users\David\Documents\Juni.xlsx
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-01 16:38 - 2009-07-14 11:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-01 16:38 - 2009-07-14 11:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-01 16:00 - 2013-09-02 08:16 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-01 15:57 - 2014-06-17 10:57 - 00000292 _____ C:\Windows\Tasks\Speedial.job
2015-07-01 15:53 - 2015-01-30 12:37 - 00001012 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-01 09:32 - 2015-01-14 23:04 - 00000000 ____D C:\Users\David\AppData\Local\Adobe
2015-07-01 09:26 - 2015-03-11 09:04 - 00002740 _____ C:\Windows\System32\Tasks\AutoKMSDaily
2015-07-01 09:26 - 2015-01-06 20:24 - 00000202 _____ C:\Windows\Tasks\AutoKMSDaily.job
2015-07-01 09:26 - 2015-01-06 20:24 - 00000200 _____ C:\Windows\Tasks\AutoKMS.job
2015-07-01 09:26 - 2015-01-06 20:23 - 00078848 _____ C:\Windows\KMSEmulator.exe
2015-07-01 09:26 - 2014-07-05 10:47 - 00099969 _____ C:\Windows\AutoKMS.log
2015-07-01 09:24 - 2015-01-30 12:37 - 00001008 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-01 09:23 - 2014-07-03 19:56 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-07-01 09:21 - 2014-06-25 08:23 - 00186092 _____ C:\Windows\PFRO.log
2015-07-01 09:21 - 2014-06-18 18:53 - 00084758 _____ C:\Windows\setupact.log
2015-07-01 09:21 - 2009-07-14 12:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-01 01:36 - 2011-06-23 15:43 - 01252338 _____ C:\Windows\WindowsUpdate.log
2015-07-01 01:35 - 2013-03-07 15:41 - 00000000 ____D C:\Users\David\AppData\Roaming\DMCache
2015-07-01 00:59 - 2015-04-08 13:41 - 00000000 ____D C:\ProgramData\Extreme Blocker
2015-07-01 00:59 - 2015-04-03 19:51 - 00000000 ____D C:\Program Files (x86)\Ciuvo Price Comparison
2015-07-01 00:59 - 2015-04-03 19:42 - 00000000 ____D C:\Program Files (x86)\SalePluus
2015-07-01 00:59 - 2015-04-03 19:41 - 00000000 ____D C:\ProgramData\{a5ad44da-0da2-14b8-a5ad-d44da0da1368}
2015-07-01 00:59 - 2014-12-02 15:28 - 00000000 ____D C:\Program Files (x86)\WinZipper
2015-06-30 14:23 - 2015-04-09 20:10 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForDavid
2015-06-30 14:23 - 2015-04-09 20:10 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForDavid.job
2015-06-30 12:04 - 2015-04-03 19:53 - 00000000 ____D C:\Program Files (x86)\keepsbrowse
2015-06-30 11:57 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\tracing
2015-06-30 11:53 - 2013-03-11 11:19 - 00000000 ____D C:\ProgramData\Avira
2015-06-29 11:44 - 2015-04-03 19:42 - 00000000 ____D C:\ProgramData\8512343586972888826
2015-06-28 17:57 - 2014-06-17 11:57 - 00000196 _____ C:\Users\David\AppData\Roaming\WB.CFG
2015-06-27 14:31 - 2015-01-16 23:48 - 00000000 ____D C:\Users\David\Desktop\3teria
2015-06-27 13:16 - 2009-07-14 12:13 - 01021254 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-27 13:01 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\AppCompat
2015-06-26 12:09 - 2015-04-10 21:04 - 00000132 _____ C:\Users\David\AppData\Roaming\Adobe PNG Format CC Prefs
2015-06-26 11:47 - 2015-01-14 23:04 - 00000000 ____D C:\Users\David\AppData\Roaming\Adobe
2015-06-26 09:47 - 2015-01-22 16:52 - 00047324 _____ C:\Windows\IE11_main.log
2015-06-26 02:48 - 2015-04-10 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010
2015-06-26 02:41 - 2013-03-03 15:22 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-26 02:40 - 2013-04-17 18:07 - 01007166 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-06-26 02:40 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\system32\inetsrv
2015-06-26 02:17 - 2013-09-06 20:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010 Express
2015-06-26 02:03 - 2015-03-18 12:12 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-06-26 02:03 - 2015-03-18 12:05 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2015-06-25 14:28 - 2013-03-21 18:19 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2015-06-25 11:34 - 2013-03-07 19:34 - 00000000 ____D C:\Windows\pss
2015-06-25 10:45 - 2015-04-11 23:41 - 00022316 _____ C:\Windows\iis7.log
2015-06-25 10:43 - 2009-07-14 11:45 - 05143096 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-25 10:39 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2015-06-25 10:39 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-06-25 10:39 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-25 07:39 - 2015-01-22 00:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-06-25 07:38 - 2015-01-22 00:44 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-06-25 07:38 - 2015-01-22 00:44 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-06-25 06:00 - 2014-01-05 08:37 - 00001945 _____ C:\Windows\epplauncher.mif
2015-06-24 11:00 - 2013-09-02 08:16 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-24 11:00 - 2013-03-03 13:35 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-24 11:00 - 2013-03-03 13:35 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-23 22:40 - 2013-03-06 14:06 - 00000000 ____D C:\Users\David\AppData\Local\CrashDumps
2015-06-23 06:55 - 2015-01-30 12:40 - 00002143 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-21 21:28 - 2015-04-10 18:05 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQL2012
2015-06-21 16:46 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\system32\NDF
2015-06-14 09:03 - 2015-04-10 18:06 - 00000000 ____D C:\Users\MsDtsServer110
2015-06-14 03:02 - 2014-06-10 23:43 - 00000000 ____D C:\Users\David\AppData\Local\Windows Live
2015-06-13 14:14 - 2015-05-30 20:51 - 00000000 ____D C:\Users\David\Desktop\infinity challenge duet songs
2015-06-11 22:51 - 2013-05-31 18:31 - 00000000 ____D C:\Users\David\AppData\Roaming\IDM
2015-06-11 15:47 - 2014-02-04 01:17 - 00001023 _____ C:\ProgramData\Microsoft\Windows\Start Menu\LINE.lnk
2015-06-11 15:47 - 2014-02-04 01:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LINE
2015-06-08 09:51 - 2013-08-09 12:41 - 00000000 ____D C:\Users\David\AppData\Roaming\uTorrent
2015-06-07 01:06 - 2015-05-25 20:48 - 00001166 _____ C:\Users\David\Desktop\IC.txt
2015-06-06 10:46 - 2014-02-08 22:03 - 00000000 ____D C:\Users\David\Desktop\BNMC
2015-06-05 11:48 - 2013-03-03 13:01 - 00111288 _____ C:\Users\David\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-04 20:29 - 2015-04-10 18:04 - 00000000 ____D C:\Users\David\Documents\SQL Server Management Studio
2015-06-04 16:02 - 2013-03-03 12:57 - 00000000 ____D C:\Users\David
2015-06-02 11:09 - 2015-03-27 12:22 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-06-01 20:55 - 2015-05-02 16:57 - 00015216 _____ C:\Users\David\Documents\Mei.xlsx
2015-06-01 17:07 - 2013-09-06 20:20 - 00000000 ____D C:\Users\David\Documents\Visual Studio 2010
==================== Files in the root of some directories =======
2015-06-25 05:20 - 2015-06-25 05:20 - 1415680 _____ (wj32) C:\Program Files\15929AHP.exe
2015-06-26 17:28 - 2015-06-26 17:28 - 1415680 _____ (wj32) C:\Program Files\26A3AEIA.exe
2015-06-25 05:22 - 2015-06-25 05:22 - 1415680 _____ (wj32) C:\Program Files\3GK0ANXV.exe
2015-06-25 05:20 - 2015-06-25 05:20 - 1415680 _____ (wj32) C:\Program Files\3W04BFJ6.exe
2015-06-25 05:27 - 2015-06-25 05:27 - 1415680 _____ (wj32) C:\Program Files\4818CJNM.exe
2015-06-25 05:30 - 2015-06-25 05:30 - 1415680 _____ (wj32) C:\Program Files\48CJNRK9.exe
2015-07-01 09:25 - 2015-07-01 09:25 - 1415680 _____ (wj32) C:\Program Files\4BFJNJNF.exe
2015-06-25 05:22 - 2015-06-25 05:22 - 1415680 _____ (wj32) C:\Program Files\59DKOSLJ.exe
2015-06-25 05:22 - 2015-06-25 05:22 - 1415680 _____ (wj32) C:\Program Files\5Y59DHO2.exe
2015-06-25 11:38 - 2015-06-25 11:38 - 1415680 _____ (wj32) C:\Program Files\6AELEIMT.exe
2015-06-25 05:22 - 2015-06-25 05:22 - 1415680 _____ (wj32) C:\Program Files\6BLV8IV0.exe
2015-06-30 10:52 - 2015-06-30 10:52 - 1415680 _____ (wj32) C:\Program Files\7BF8FJNR.exe
2015-06-25 05:15 - 2015-06-25 05:15 - 1415680 _____ (wj32) C:\Program Files\8CGCGKO5.exe
2015-06-29 11:06 - 2015-06-29 11:06 - 1415680 _____ (wj32) C:\Program Files\8IS2FPZX.exe
2015-06-25 05:21 - 2015-06-25 05:21 - 1415680 _____ (wj32) C:\Program Files\8LV8IS2S.exe
2015-06-30 10:52 - 2015-06-30 10:52 - 1415680 _____ (wj32) C:\Program Files\9DHLSLPT.exe
2015-06-25 05:22 - 2015-06-25 05:22 - 1415680 _____ (wj32) C:\Program Files\9GKOSZ3K.exe
2015-06-25 11:26 - 2015-06-25 11:26 - 1415680 _____ (wj32) C:\Program Files\9MW6G2PN.exe
2015-06-25 05:22 - 2015-06-25 05:22 - 1415680 _____ (wj32) C:\Program Files\9VONCHCP.exe
2015-06-25 05:30 - 2015-06-25 05:30 - 1415680 _____ (wj32) C:\Program Files\AZIKFNFG.exe
2015-06-25 05:21 - 2015-06-25 05:21 - 1415680 _____ (wj32) C:\Program Files\BLV8IS20.exe
2015-06-25 05:22 - 2015-06-25 05:22 - 1415680 _____ (wj32) C:\Program Files\BOK9PO4D.exe
2015-06-25 05:31 - 2015-06-25 05:31 - 1415680 _____ (wj32) C:\Program Files\CG9DKOGU.exe
2015-06-25 05:15 - 2015-06-25 05:15 - 1415680 _____ (wj32) C:\Program Files\CGKRKOS3.exe
2015-06-23 15:11 - 2015-06-23 15:11 - 1415680 _____ (wj32) C:\Program Files\CMW6JT31.exe
2015-06-28 17:09 - 2015-06-28 17:09 - 1415680 _____ (wj32) C:\Program Files\E7BIMKU5.exe
2015-06-25 05:15 - 2015-06-25 05:15 - 1415680 _____ (wj32) C:\Program Files\EIMKX15Y.exe
2015-06-27 12:58 - 2015-06-27 12:58 - 1415680 _____ (wj32) C:\Program Files\EOYBLV5Y.exe
2015-06-25 05:21 - 2015-06-25 05:21 - 1415680 _____ (wj32) C:\Program Files\ER12159T.exe
2015-06-25 05:32 - 2015-06-25 05:32 - 1415680 _____ (wj32) C:\Program Files\FMKU159K.exe
2015-07-01 09:25 - 2015-07-01 09:25 - 1415680 _____ (wj32) C:\Program Files\G5JKCH95.exe
2015-06-25 11:25 - 2015-06-25 11:25 - 1415680 _____ (wj32) C:\Program Files\HLSW6Z6E.exe
2015-06-25 05:21 - 2015-06-25 05:21 - 1415680 _____ (wj32) C:\Program Files\HR1BJT3Y.exe
2015-06-24 09:47 - 2015-06-24 09:47 - 1415680 _____ (wj32) C:\Program Files\HR1EOY8L.exe
2015-06-25 10:45 - 2015-06-25 10:45 - 1415680 _____ (wj32) C:\Program Files\IMTX15C2.exe
2015-07-01 09:25 - 2015-07-01 09:25 - 1415680 _____ (wj32) C:\Program Files\IS0AKUSN.exe
2015-06-25 06:00 - 2015-06-25 06:00 - 1415680 _____ (wj32) C:\Program Files\JNRY26AR.exe
2015-06-30 10:52 - 2015-06-30 10:52 - 1415680 _____ (wj32) C:\Program Files\JW6GK3DN.exe
2015-06-24 09:48 - 2015-06-24 09:48 - 1415680 _____ (wj32) C:\Program Files\KLJH4WCB.exe
2015-07-01 09:26 - 2015-07-01 09:26 - 1415680 _____ (wj32) C:\Program Files\KU159DKS.exe
2015-06-25 05:22 - 2015-06-25 05:22 - 1415680 _____ (wj32) C:\Program Files\L15AEUNF.exe
2015-06-25 11:26 - 2015-06-25 11:26 - 1415680 _____ (wj32) C:\Program Files\LPTPTX12.exe
2015-06-25 05:15 - 2015-06-25 05:15 - 1415680 _____ (wj32) C:\Program Files\LV8ISXAK.exe
2015-06-27 12:59 - 2015-06-27 12:59 - 1415680 _____ (wj32) C:\Program Files\OKOSW37O.exe
2015-06-28 17:10 - 2015-06-28 17:10 - 1415680 _____ (wj32) C:\Program Files\OSW3737F.exe
2015-06-29 11:06 - 2015-06-29 11:06 - 1415680 _____ (wj32) C:\Program Files\OSWSW07W.exe
2015-07-01 09:25 - 2015-07-01 09:25 - 1415680 _____ (wj32) C:\Program Files\OSZ3W07L.exe
2015-06-25 05:22 - 2015-06-25 05:22 - 1415680 _____ (wj32) C:\Program Files\OVZ3737T.exe
2015-06-25 11:39 - 2015-06-25 11:39 - 1415680 _____ (wj32) C:\Program Files\R1BOY8IV.exe
2015-06-25 06:00 - 2015-06-25 06:00 - 1415680 _____ (wj32) C:\Program Files\SHPK3KC5.exe
2015-06-25 10:38 - 2015-06-25 10:38 - 1415680 _____ (wj32) C:\Program Files\SW3704BM.exe
2015-06-28 17:09 - 2015-06-28 17:09 - 1415680 _____ (wj32) C:\Program Files\SWPW048J.exe
2015-06-26 17:28 - 2015-06-26 17:28 - 1415680 _____ (wj32) C:\Program Files\UY5959D5.exe
2015-06-25 05:20 - 2015-06-25 05:20 - 1415680 _____ (wj32) C:\Program Files\VRVZ3AES.exe
2015-06-25 10:44 - 2015-06-25 10:44 - 1415680 _____ (wj32) C:\Program Files\W3AHLHOD.exe
2015-06-25 05:32 - 2015-06-25 05:32 - 1415680 _____ (wj32) C:\Program Files\X2IH05I5.exe
2015-06-26 17:28 - 2015-06-26 17:28 - 1415680 _____ (wj32) C:\Program Files\XVIG83K6.exe
2015-07-01 09:25 - 2015-07-01 09:25 - 1415680 _____ (wj32) C:\Program Files\ZSZ37BIW.exe
2014-10-01 21:43 - 2014-04-04 20:55 - 535287324 _____ () C:\Program Files (x86)\adt-bundle-windows-x86_64-20140321.zip
2006-08-14 17:08 - 2006-08-14 17:08 - 1348242 _____ () C:\Program Files (x86)\Apr2005_d3dx9_25_x64.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 1079850 _____ () C:\Program Files (x86)\Apr2005_d3dx9_25_x86.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 1398718 _____ () C:\Program Files (x86)\Apr2006_d3dx9_30_x64.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 1116109 _____ () C:\Program Files (x86)\Apr2006_d3dx9_30_x86.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 0917318 _____ () C:\Program Files (x86)\Apr2006_MDX1_x86.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 4163518 _____ () C:\Program Files (x86)\Apr2006_MDX1_x86_Archive.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 0180021 _____ () C:\Program Files (x86)\Apr2006_XACT_x64.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 0133991 _____ () C:\Program Files (x86)\Apr2006_XACT_x86.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 0087989 _____ () C:\Program Files (x86)\Apr2006_xinput_x64.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 0046898 _____ () C:\Program Files (x86)\Apr2006_xinput_x86.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 1351430 _____ () C:\Program Files (x86)\Aug2005_d3dx9_27_x64.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 1078532 _____ () C:\Program Files (x86)\Aug2005_d3dx9_27_x86.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 0183863 _____ () C:\Program Files (x86)\AUG2006_XACT_x64.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 0138195 _____ () C:\Program Files (x86)\AUG2006_XACT_x86.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 0088102 _____ () C:\Program Files (x86)\AUG2006_xinput_x64.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 0047018 _____ () C:\Program Files (x86)\AUG2006_xinput_x86.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 0703080 _____ () C:\Program Files (x86)\BDA.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 1156363 _____ () C:\Program Files (x86)\BDANT.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 0976020 _____ () C:\Program Files (x86)\BDAXP.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 1358864 _____ () C:\Program Files (x86)\Dec2005_d3dx9_28_x64.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 1080344 _____ () C:\Program Files (x86)\Dec2005_d3dx9_28_x86.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 15493481 _____ () C:\Program Files (x86)\DirectX.cab
2013-04-02 10:44 - 2011-09-30 14:01 - 0746688 _____ () C:\Program Files (x86)\DotaToolKit v3.2d_2.rar
2013-04-02 10:44 - 2011-01-28 19:48 - 0880609 _____ () C:\Program Files (x86)\DotaToolKit.exe
2006-08-14 17:08 - 2006-08-14 17:08 - 0074520 _____ (Microsoft Corporation) C:\Program Files (x86)\DSETUP.dll
2006-08-14 17:08 - 2006-08-14 17:08 - 2248984 _____ (Microsoft Corporation) C:\Program Files (x86)\dsetup32.dll
2010-10-18 02:34 - 2013-04-04 08:31 - 0001095 ___SH () C:\Program Files (x86)\DTKConfig.ini
2013-04-02 10:44 - 2010-12-08 19:07 - 0005570 ___SH () C:\Program Files (x86)\DTKItemBuild.ini
2013-04-02 10:44 - 2010-12-08 19:05 - 0007558 ___SH () C:\Program Files (x86)\DTKSkillBuild.ini
2006-08-14 17:08 - 2006-08-14 17:08 - 0041995 _____ () C:\Program Files (x86)\dxdllreg_x86.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 13265040 _____ () C:\Program Files (x86)\dxnt.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 0484632 _____ (Microsoft Corporation) C:\Program Files (x86)\DXSETUP.exe
2006-08-14 17:08 - 2006-08-14 17:08 - 0082338 _____ () C:\Program Files (x86)\dxupdate.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 1248387 _____ () C:\Program Files (x86)\Feb2005_d3dx9_24_x64.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 1014113 _____ () C:\Program Files (x86)\Feb2005_d3dx9_24_x86.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 1363684 _____ () C:\Program Files (x86)\Feb2006_d3dx9_29_x64.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 1085608 _____ () C:\Program Files (x86)\Feb2006_d3dx9_29_x86.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 0179247 _____ () C:\Program Files (x86)\Feb2006_XACT_x64.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 0133297 _____ () C:\Program Files (x86)\Feb2006_XACT_x86.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 1336890 _____ () C:\Program Files (x86)\Jun2005_d3dx9_26_x64.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 1065813 _____ () C:\Program Files (x86)\Jun2005_d3dx9_26_x86.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 0181745 _____ () C:\Program Files (x86)\JUN2006_XACT_x64.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 0134631 _____ () C:\Program Files (x86)\JUN2006_XACT_x86.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 0086925 _____ () C:\Program Files (x86)\Oct2005_xinput_x64.cab
2006-08-14 17:08 - 2006-08-14 17:08 - 0046247 _____ () C:\Program Files (x86)\Oct2005_xinput_x86.cab
2015-04-10 21:04 - 2015-06-26 12:09 - 0000132 _____ () C:\Users\David\AppData\Roaming\Adobe PNG Format CC Prefs
2015-06-05 17:29 - 2015-06-28 20:41 - 0000024 _____ () C:\Users\David\AppData\Roaming\appdataFr25.bin
2015-04-09 22:47 - 2015-05-14 10:36 - 0000020 _____ () C:\Users\David\AppData\Roaming\appdataFr3.bin
2015-06-10 23:06 - 2015-06-10 23:06 - 75165696 __RSH (Kareo) C:\Users\David\AppData\Roaming\obfavqufsr.exe
2014-06-17 11:57 - 2015-06-28 17:57 - 0000196 _____ () C:\Users\David\AppData\Roaming\WB.CFG
2015-04-11 00:23 - 2015-04-11 00:24 - 184702896 _____ () C:\Users\David\AppData\Local\ACCCx2_9_1_474.zip.aamdownload
2015-04-11 00:23 - 2015-04-11 00:24 - 0002216 _____ () C:\Users\David\AppData\Local\ACCCx2_9_1_474.zip.aamdownload.aamd
2015-06-26 11:47 - 2015-06-26 11:47 - 0001456 _____ () C:\Users\David\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-01-16 23:56 - 2015-01-16 23:56 - 0000001 _____ () C:\Users\David\AppData\Local\DSI.DAT
2015-01-16 23:56 - 2015-01-16 23:56 - 0022528 _____ () C:\Users\David\AppData\Local\dsisetup35403172.exe
2013-12-11 17:19 - 2015-05-03 20:17 - 0007601 _____ () C:\Users\David\AppData\Local\Resmon.ResmonCfg
2015-04-10 09:50 - 2015-06-12 11:40 - 0004932 _____ () C:\Users\David\AppData\Local\Temp-log.txt
2015-06-29 12:00 - 2015-06-29 12:00 - 0000000 _____ () C:\Users\David\AppData\Local\Temp.dat
Some files in TEMP:
====================
C:\Users\David\AppData\Local\Temp\42bb54162217efda71fdf88108e80481.dll
C:\Users\David\AppData\Local\Temp\AdobeApplicationManager.exe
C:\Users\David\AppData\Local\Temp\avgnt.exe
C:\Users\David\AppData\Local\Temp\cdo1173590977.dll
C:\Users\David\AppData\Local\Temp\cdo1305527100.dll
C:\Users\David\AppData\Local\Temp\cdo1503787821.dll
C:\Users\David\AppData\Local\Temp\cdo1506618427.dll
C:\Users\David\AppData\Local\Temp\cdo1553406804.dll
C:\Users\David\AppData\Local\Temp\cdo2099779554.dll
C:\Users\David\AppData\Local\Temp\cdo2120812858.dll
C:\Users\David\AppData\Local\Temp\cdo2318958718.dll
C:\Users\David\AppData\Local\Temp\cdo2513425846.dll
C:\Users\David\AppData\Local\Temp\cdo2554159057.dll
C:\Users\David\AppData\Local\Temp\cdo258423599.dll
C:\Users\David\AppData\Local\Temp\cdo2670956611.dll
C:\Users\David\AppData\Local\Temp\cdo2674462611.dll
C:\Users\David\AppData\Local\Temp\cdo2727024908.dll
C:\Users\David\AppData\Local\Temp\cdo2731991123.dll
C:\Users\David\AppData\Local\Temp\cdo2833358564.dll
C:\Users\David\AppData\Local\Temp\cdo2970217409.dll
C:\Users\David\AppData\Local\Temp\cdo3035797659.dll
C:\Users\David\AppData\Local\Temp\cdo3304090639.dll
C:\Users\David\AppData\Local\Temp\cdo3340593771.dll
C:\Users\David\AppData\Local\Temp\cdo77378844.dll
C:\Users\David\AppData\Local\Temp\cdo877757230.dll
C:\Users\David\AppData\Local\Temp\cmicname.exe
C:\Users\David\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbtp45x.dll
C:\Users\David\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\David\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\David\AppData\Local\Temp\Extract.exe
C:\Users\David\AppData\Local\Temp\IrsoDLL.dll
C:\Users\David\AppData\Local\Temp\kdqsceig.dll
C:\Users\David\AppData\Local\Temp\mpam-37520608.exe
C:\Users\David\AppData\Local\Temp\mpam-c22794f4.exe
C:\Users\David\AppData\Local\Temp\mpam-cf73a34f.exe
C:\Users\David\AppData\Local\Temp\qmtuq2yz.dll
C:\Users\David\AppData\Local\Temp\Quarantine.exe
C:\Users\David\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\David\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\David\AppData\Local\Temp\setacl.exe
C:\Users\David\AppData\Local\Temp\SP54714.exe
C:\Users\David\AppData\Local\Temp\SP55031.exe
C:\Users\David\AppData\Local\Temp\SP55152.exe
C:\Users\David\AppData\Local\Temp\SP57965.exe
C:\Users\David\AppData\Local\Temp\sp58915.exe
C:\Users\David\AppData\Local\Temp\SP59202.exe
C:\Users\David\AppData\Local\Temp\tmAss_up.exe
C:\Users\David\AppData\Local\Temp\uttD8AB.tmp.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-24 18:51
==================== End of log ============================
Addition.txt
Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by David at 2015-07-01 16:38:40
Running from C:\Users\David\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1685673173-357443733-221515080-500 - Administrator - Disabled)
David (S-1-5-21-1685673173-357443733-221515080-1000 - Administrator - Enabled) => C:\Users\David
Guest (S-1-5-21-1685673173-357443733-221515080-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1685673173-357443733-221515080-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Dreamweaver CS5 (HKLM-x32\...\{C79312BD-3E76-4474-A10C-1435D1856A4B}) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Dreamweaver CS5.5 (HKLM-x32\...\{0215A652-E081-4B09-9333-DC85AAB67FFA}) (Version: 11.5 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player Packages (HKU\S-1-5-21-1685673173-357443733-221515080-1000\...\Adobe Flash Player Packages) (Version: - ) <==== ATTENTION
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.1) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 6.2 - PainteR)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
ATI Catalyst Install Manager (HKLM\...\{127BEDB9-CFBA-91A2-BCC1-A3A21AFA02F6}) (Version: 3.0.808.0 - ATI Technologies, Inc.)
Avira (HKLM-x32\...\{8467e01f-0496-42ce-b247-88ef205b4880}) (Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.11.579 - Avira Operations GmbH & Co. KG)
Battlefield 2 Complete Collection (HKLM-x32\...\Battlefield 2 Complete Collection_R.G._Element_Arts_is1) (Version: 1.5.3153.802.0 - R.G. Element Arts, Zerstoren)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Broadcom 2070 Bluetooth 3.0 (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: - Broadcom Corporation)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
ccc-core-static (x32 Version: 2011.0407.736.11742 - ATI) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco Packet Tracer 6.2 Student (HKLM-x32\...\Cisco Packet Tracer 6.2 Student_is1) (Version: - Cisco Systems, Inc.)
CodeBlocks (HKU\S-1-5-21-1685673173-357443733-221515080-1000\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6_is1) (Version: Counter-Strike 1.6 No Steam - KingSOFT DVD)
CPUID HWMonitor 1.21 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
Evernote v. 4.2.2 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.2.3979 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
FreeArc 0.666 (HKLM-x32\...\FreeArc) (Version: 0.666 - Bulat Ziganshin)
Freemake Video Converter version 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
GDR 2218 for SQL Server 2012 (KB2716442) (64-bit) (HKLM\...\KB2716442) (Version: 11.0.2218.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
HP Connection Manager (HKLM-x32\...\{795AADBF-58C2-42D0-B779-E730702A247E}) (Version: 4.0.45.1 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{B86FB076-3531-4AF4-86CC-68CA36BFF48A}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP On Screen Display (HKLM-x32\...\{9B9B8EE4-2EDB-41C2-AF2E-63E75D37CDDF}) (Version: 1.1.2 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{872B1C80-38EC-4A31-A25C-980820593900}) (Version: 1.2.3 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{EB58480C-0721-483C-B354-9D35A147999F}) (Version: 2.3.6 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E92D47A1-D27D-430A-8368-0BAFD956507D}) (Version: 5.2.9.2 - Hewlett-Packard Company)
HPAsset component for HP Active Support Library (x32 Version: 3.0.2.2 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6324.0 - IDT)
IIS Search Engine Optimization Toolkit 1.0 (HKLM\...\{BC5929D3-9D88-4B35-8E37-CD1F2849292C}) (Version: 1.0.0731 - Microsoft Corporation)
Intel® Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
Java 7 Update 79 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417079FF}) (Version: 7.0.790 - Oracle)
Java SE Development Kit 7 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
Java SE Development Kit 7 Update 55 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170550}) (Version: 1.7.0.550 - Oracle)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
Java 6 Update 24 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416024FF}) (Version: 6.0.240 - Oracle)
Java 6 Update 24 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216024FF}) (Version: 6.0.240 - Oracle)
Java SE Development Kit 6 Update 1 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160010}) (Version: 1.6.0.10 - Sun Microsystems, Inc.)
Java SE Runtime Environment 6 Update 1 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160010}) (Version: 1.6.0.10 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 8.0.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.0.0 - )
LenovoUsbDriver 1.0.10 (HKLM-x32\...\LenovoUsbDriver) (Version: 1.0.10 - Lenovo)
LINE (HKLM-x32\...\LINE) (Version: 4.0.3.367 - LINE Corporation)
Macromedia Dreamweaver 8 (HKLM-x32\...\{0837A661-FEC3-48B3-876C-91E7D32048A9}) (Version: 8.0.0.2734 - Macromedia)
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Lync Web App Plug-in (HKLM\...\{BFEF7F89-A8EF-440A-8CBF-90BE1B7DFB7A}) (Version: 15.8.8928.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{9CCE40CE-A9E6-4916-8729-B008558EEF3F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version: - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{A007BD05-ECFD-4F64-89F6-7E95F91F0DFB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{587F8B5C-D30D-4EEC-849B-FC410EA38AAF}) (Version: 11.0.2218.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Policies (HKLM-x32\...\{DC487E40-046E-42A9-9C7C-5D2B1A7EB211}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 RS Add-in for SharePoint (HKLM\...\{1527F893-FB8F-45D1-8B83-488E9F5C516C}) (Version: 11.0.2218.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM\...\{977887EC-1C9B-47FA-8489-88E5E7F43D5E}) (Version: 11.2.5058.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{03A2AE02-CBC9-4746-A376-0F7BF6AF5F39}) (Version: 11.0.2218.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM\...\{CC8B009A-98C9-497F-99AF-CEBE35D8C0CF}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools – Database Projects – Web installer entry point (HKLM-x32\...\{F3BBC56F-2282-4464-952F-A89772181F30}) (Version: 10.3.20116.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - ENU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Integrated) - ENU (HKLM-x32\...\{012D26C3-E12A-3BDA-8ECE-DF14E721A507}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications Design-Time 3.0 (HKLM-x32\...\{5A03C202-08B4-3F1D-9A60-A4F53EF1B636}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x64 Runtime 3.0 (HKLM\...\{F14401A9-F0A0-33CC-8444-F60823A60DEB}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 (HKLM-x32\...\{191A6F65-6878-398D-A272-EF011B80F371}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Web Platform Installer 5.0 (HKLM\...\{4D84C195-86F0-4B34-8FDE-4A17EB41306A}) (Version: 5.0.50430.0 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 16.001.05.00.45 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
NBA 2K13 (HKLM-x32\...\{D96B6543-A0C0-4351-AF96-73DEF1DD6820}) (Version: 1.0.0 - 2K Sports)
NetBeans IDE 7.2.1 (HKLM\...\nbi-nb-base-7.2.1.0.201210100934) (Version: 7.2.1 - NetBeans.org)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PointerConnector (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{869b9e4a}) (Version: - PointerConnector) <==== ATTENTION
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Prerequisites for SSDT (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
Rise of Nations Gold (HKLM-x32\...\Rise of Nations Gold_is1) (Version: - Microsoft)
SalePluus (HKLM-x32\...\{B696F285-F54E-2524-58B1-E06A70ABE6BE}) (Version: - ) <==== ATTENTION
SecondLifeViewer (remove only) (HKLM-x32\...\SecondLifeViewer) (Version: - )
Slingo Supreme (x32 Version: 2.2.0.95 - WildTangent) Hidden
SQL Server 2012 Analysis Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 BI Development Studio (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Client Tools (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Common Files (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality client (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality service (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Distributed Replay (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Documentation Components (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Full text search (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Integration Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Management Studio (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Master Data Services (Version: 11.0.2218.0 - Microsoft Corporation) Hidden
SQL Server 2012 Reporting Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 RS_SharePoint_SharedService (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 SQL Data Quality Common (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.0.2100.60 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.4.4 - Synaptics Incorporated)
Update 4.0.2 for Microsoft .NET Framework 4 Client Profile (KB2544514) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2544514) (Version: 1 - Microsoft Corporation)
Update 4.0.2 for Microsoft .NET Framework 4 Extended (KB2544514) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2544514) (Version: 1 - Microsoft Corporation)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
VitalSource Bookshelf (HKLM-x32\...\{ACBF0550-A317-4C22-AC93-0DDB73087412}) (Version: 6.01.0018 - Ingram Content Group)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WindowsMangerProtect20.0.0.1277 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.1277 - WindowsProtect LIMITED) <==== ATTENTION
WinRAR 4.10 beta 1 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.10.1 - win.rar GmbH)
WinZipper (HKLM-x32\...\WinZipper) (Version: 1.5.95 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812ASIA}_is1) (Version: - Wargaming.net)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.3-0 - Bitnami)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1685673173-357443733-221515080-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\David\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
==================== Restore Points =========================
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 09:34 - 2009-06-11 04:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {08A1113C-A2DA-4B2A-883C-44BD490449A3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-30] (Google Inc.)
Task: {107B4BE5-F490-445A-ACCE-549F256B8EEC} - System32\Tasks\PCRegistryShield_Popup => C:\Program Files (x86)\PC Registry Shield\Splash.exe <==== ATTENTION
Task: {15F7E6A4-30D5-4C0A-832D-F257AB53FFD6} - System32\Tasks\PCRegistryShield_Start => C:\Program Files (x86)\PC Registry Shield\PcRegistryShield.exe <==== ATTENTION
Task: {25938748-7616-4E43-9632-EC6A53A099FC} - System32\Tasks\{0AB6AF86-822A-4734-BABE-37E5EE267EB9} => C:\Game\Warcraft III\w3l.exe
Task: {2ECA2BD1-1A80-41F9-A26C-C4A4B55E6D47} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-24] (Adobe Systems Incorporated)
Task: {2ED5F245-5710-49C0-A6F6-B29BD5023A8A} - System32\Tasks\{85BFD318-7D84-4871-A7D2-762BFF77EA25} => C:\Game\Warcraft III\w3l.exe
Task: {30DD0ACD-0013-4E52-B72A-3B98C7091978} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Ghost Resign Task => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe [2015-06-17] (Microsoft)
Task: {55FA7F85-E46C-410E-9A45-6AAA167EF060} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-03-23] (CyberLink)
Task: {6B53199F-814C-4648-8FB4-6C138DB6F16D} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-01-31] ()
Task: {6BAB7E0B-06A9-43E3-901A-4F52E67D4328} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [2015-01-06] ()
Task: {70DD3BEB-BE15-4BF4-8D26-FB28695BAB02} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company)
Task: {79FF2895-84D2-46F4-9267-F299C3A8339B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-30] (Google Inc.)
Task: {81895BEE-A4CF-46D6-934A-A111C0E4F5A3} - System32\Tasks\AppSafe => C:\Program Files (x86)\AppSafe\AppSafe.exe <==== ATTENTION
Task: {8FB05FC7-AED1-4BC0-964A-E42D85BDE710} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {97FCC845-F557-4706-8859-41F6C4775A84} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company)
Task: {AB7553D1-A081-4A70-B7C5-14254D501212} - System32\Tasks\Speedial => C:\Users\David\AppData\Roaming\Speedial\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {B20721BE-F0F3-47D5-9152-9B77291D750C} - System32\Tasks\HPCeeScheduleForDavid => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {B47A7F60-50F9-4475-8B2E-8DFFA4B74633} - System32\Tasks\{AD666397-DC06-4640-B0AA-42A4BBE16AFD} => C:\Game\Warcraft III\w3l.exe
Task: {D07410B1-FA85-4514-92C5-06F55E48E4E7} - System32\Tasks\{96B35852-3F50-4A28-A954-B03FCA8218EC} => C:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30] (Microsoft Corporation)
Task: {D4D36EA5-A92B-4381-B7D6-DD7E4DC58398} - System32\Tasks\AdobeAAMUpdater-1.0-DAVIDHOHO-David => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: {F482E15A-101E-47A0-8E53-C739A097BF9E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2015-06-17] (Microsoft)
Task: {F7DF8D19-7D6B-4732-B5F0-26FA08A58452} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS.exe [2015-01-06] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AppSafe.job => C:\Program Files (x86)\AppSafe\AppSafe.exe <==== ATTENTION
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForDavid.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\Speedial.job => C:\Users\David\AppData\Roaming\Speedial\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
==================== Loaded Modules (Whitelisted) ==============
2015-06-17 11:33 - 2015-06-17 11:33 - 08016413 _____ () C:\Program Files (x86)\Distressed Stretch\Distressed Stretch.exe
2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:40 - 2010-01-21 01:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-03-11 11:18 - 2011-10-18 20:49 - 00193536 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2015-01-05 19:49 - 2014-09-11 21:13 - 11021824 _____ () C:\xampp\mysql\bin\mysqld.exe
2011-01-08 07:57 - 2011-01-08 07:57 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-04-01 19:32 - 2013-04-01 19:32 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-12-02 15:28 - 2014-11-26 10:42 - 00612528 _____ () C:\Program Files (x86)\WinZipper\sqlite3.dll
2015-01-05 19:47 - 2014-07-17 18:18 - 00219648 _____ () C:\xampp\apache\bin\pcre.dll
2015-01-05 19:50 - 2014-11-13 08:41 - 00127488 _____ () C:\xampp\php\libpq.dll
2015-01-05 19:47 - 2014-11-13 08:41 - 00117760 _____ () C:\xampp\apache\bin\libssh2.dll
2015-04-09 00:39 - 2015-04-09 00:39 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\67e9010a82d780d45c4fd2d359927737\IsdiInterop.ni.dll
2011-06-23 15:42 - 2011-01-13 07:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2010-01-09 20:18 - 2010-01-09 20:18 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:34 - 2010-01-21 01:34 - 08793952 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:55B41E6A
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1685673173-357443733-221515080-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\David\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HDDlife.lnk => C:\Windows\pss\HDDlife.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2010 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WhatsApp.lnk => C:\Windows\pss\WhatsApp.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: cmpbcsvc => C:\Users\David\AppData\Local\Temp\clicXP32.exe
MSCONFIG\startupreg: cngaxapi => C:\Users\David\AppData\Local\Temp\cmicname.exe
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe
MSCONFIG\startupreg: FDPRO-516 => C:\Program Files (x86)\Fighters\FighterLauncher.exe FDPRO
MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: HP Quick Launch => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
MSCONFIG\startupreg: HPConnectionManager => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
MSCONFIG\startupreg: HPOSD => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IDMan => C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: swg => C:\Program Files (x86)\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: uTorrent => "C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{6B3740EB-5D99-48F1-B0D2-53B539BCED33}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3A4B2587-D697-44D1-BDAE-201688BC23FC}] => (Allow) LPort=2869
FirewallRules: [{809E009A-CE7B-4969-8990-AB43964FE3C3}] => (Allow) LPort=1900
FirewallRules: [{00D5614A-9AE8-4661-8D51-58AA18B43CDE}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{8B3C2753-344A-4D03-935D-71C9463C29C2}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{1CF0B2B8-3D1A-4DF9-99A3-2E739EB20CEB}] => (Allow) C:\Program Files (x86)\2K Sports\NBA 2K13\nba2k13.exe
FirewallRules: [{B4A194DD-D351-40D5-97D5-E3A3DBC4E1C2}] => (Allow) C:\Program Files (x86)\2K Sports\NBA 2K13\nba2k13.exe
FirewallRules: [{075ECCBD-73B5-492F-9A78-E2DF6962F3A1}] => (Allow) C:\GAMES\Counter-Strike Online\Bin\cstrike-online.exe
FirewallRules: [{1F5DF9C7-81AF-470A-AF90-E01CF3A3BE5A}] => (Allow) C:\GAMES\Counter-Strike Online\Bin\cstrike-online.exe
FirewallRules: [{BC998806-E740-403B-A806-9343D22A574D}] => (Allow) C:\GAMES\Counter-Strike Online\Bin\NMService.exe
FirewallRules: [{A348BB80-9B62-4C94-8B8E-8745364BB51E}] => (Allow) C:\GAMES\Counter-Strike Online\Bin\NMService.exe
FirewallRules: [{614C3048-4256-4F0C-BE16-E97F5D89F7F6}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{7D0CD4F5-8520-42AE-AAD0-A6B5D66134E0}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{A6973349-4389-4418-B8A4-7CF433B910DC}] => (Allow) C:\Users\David\Downloads\Programs\CodecPerformerSetup.exe
FirewallRules: [{0990733B-0955-464D-BA6D-AA5B1E8A4BB6}] => (Allow) C:\Users\David\Downloads\Programs\CodecPerformerSetup.exe
FirewallRules: [{5ACA60A4-8FD6-4CD8-AAE0-3225CC90C7B4}] => (Allow) C:\Program Files (x86)\Naver\LINE\Line.exe
FirewallRules: [{B06B07F3-38CE-4230-8654-4B32EA827074}] => (Allow) C:\Program Files (x86)\Naver\LINE\Line.exe
FirewallRules: [{78C78202-E329-413C-9D10-0E1BA507AFC1}] => (Allow) C:\GAMES\AuraKingdom\game.bin
FirewallRules: [{DC801EC6-260A-4370-A37E-7E171372DC82}] => (Allow) C:\GAMES\AuraKingdom\game.bin
FirewallRules: [TCP Query User{241564F6-FF73-4B71-B5EB-799C3232AE7F}C:\program files (x86)\r.g. element arts\battlefield 2 complete collection\bf2.exe] => (Allow) C:\program files (x86)\r.g. element arts\battlefield 2 complete collection\bf2.exe
FirewallRules: [UDP Query User{DB3F80BB-A7D0-4921-965F-0FC7211A06AB}C:\program files (x86)\r.g. element arts\battlefield 2 complete collection\bf2.exe] => (Allow) C:\program files (x86)\r.g. element arts\battlefield 2 complete collection\bf2.exe
FirewallRules: [TCP Query User{6A6AB493-35EC-4760-A78C-10A31DC29BD4}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{A4913ABD-DCA1-4293-8E51-E34D771EFC9D}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{23F54A62-2D33-4515-AE53-F3E939BAE786}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{2988892D-CE7A-48F9-B41C-7CE19EDC82DB}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{8D91D658-2E6E-451B-BD09-F77639443AA6}] => (Allow) C:\Program Files (x86)\baidu\SparkSafe\Spark.exe
FirewallRules: [{AFB0601B-C348-449C-84B9-D230FE4E62F8}] => (Allow) C:\Program Files (x86)\baidu\SparkSafe\Spark.exe
FirewallRules: [{190113EB-035D-400E-BBC9-640DE05B4912}] => (Allow) C:\Program Files (x86)\baidu\SparkSafe\CrashUL.exe
FirewallRules: [{A5163DA0-3BAA-418D-8346-A8078A68104D}] => (Allow) C:\Program Files (x86)\baidu\SparkSafe\CrashUL.exe
FirewallRules: [TCP Query User{ED1F8A2D-2A2B-4798-BD89-34D4101BC132}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{7936885E-68BF-43DE-88F1-583DEEDE9786}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [{A9225E45-8C09-4BE9-A3F3-D31625C802F2}] => (Block) C:\Program Files (x86)\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [TCP Query User{5706E12E-4B6B-4364-A277-D4757F8C6D45}C:\program files (x86)\ea\crysis 3\bin32\crysis3.exe] => (Allow) C:\program files (x86)\ea\crysis 3\bin32\crysis3.exe
FirewallRules: [UDP Query User{ED49BCDB-8F6D-4785-B9CE-B903DF32EFF3}C:\program files (x86)\ea\crysis 3\bin32\crysis3.exe] => (Allow) C:\program files (x86)\ea\crysis 3\bin32\crysis3.exe
FirewallRules: [TCP Query User{705435AC-F8B1-4067-B858-C84D34EC3109}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Allow) C:\program files (x86)\secondlifeviewer\slvoice.exe
FirewallRules: [UDP Query User{7669D051-0976-4C82-A9C9-B247D327DDF8}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Allow) C:\program files (x86)\secondlifeviewer\slvoice.exe
FirewallRules: [TCP Query User{87E9AF7D-6069-4B47-8C77-B9141071385E}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{D0514609-3A98-4491-ACE0-22A875DC9F08}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{0033148A-C5D6-4E99-98BC-B0CE6A55A87D}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{17EC4BDA-9421-415D-9664-2B46F18D4976}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [TCP Query User{92F5E274-3BD1-45B7-B6D5-0B70CD105DA9}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{E81FC4D9-88A6-4FA2-8CED-6CFFCC0261FD}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{8C120001-792A-4D69-8D28-081DE1C0AC57}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{D88BE0EF-6363-4605-BE19-46FF90691F42}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [TCP Query User{DAD03EAB-1478-4202-9222-853B38F16CB0}C:\users\david\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe] => (Allow) C:\users\david\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe
FirewallRules: [UDP Query User{72B3BC66-9774-4502-8BB3-E13C5A63579C}C:\users\david\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe] => (Allow) C:\users\david\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe
FirewallRules: [{D25FBC46-871C-4356-9103-A73308B17BBD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9AA31033-3D4D-43F9-B171-7BF0F36553B0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{544CB9E2-03DD-4E62-9A2A-E3780E864A09}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{20A7AF5E-0430-4664-8E13-EEA8F1733061}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe
FirewallRules: [TCP Query User{CBD5C76A-ECBE-47B1-89C2-8069E7A8E352}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{B7CF26EA-3EFC-4ADA-B9CF-ED605D399193}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{915BD1D5-9B87-4EDD-8482-9F43EC773C79}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{689A810A-EDC6-4618-B0F5-80DE851B9066}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{ACAC4C4F-4C5C-4FF0-9A52-31E7949B1DA3}C:\games\left 4 dead 2\left4dead2.exe] => (Allow) C:\games\left 4 dead 2\left4dead2.exe
FirewallRules: [UDP Query User{25266BD3-D02C-47D5-B623-71B833884EF6}C:\games\left 4 dead 2\left4dead2.exe] => (Allow) C:\games\left 4 dead 2\left4dead2.exe
FirewallRules: [TCP Query User{D92F72F5-3D5F-4060-A95B-75140A595086}C:\games\needforspeed hot persuit\need for speed hot pursuit\nfs11.exe] => (Allow) C:\games\needforspeed hot persuit\need for speed hot pursuit\nfs11.exe
FirewallRules: [UDP Query User{23871980-9305-4EB9-949C-BDA231E5054F}C:\games\needforspeed hot persuit\need for speed hot pursuit\nfs11.exe] => (Allow) C:\games\needforspeed hot persuit\need for speed hot pursuit\nfs11.exe
FirewallRules: [{93765379-A439-4FE3-98DB-B13BFCA5F247}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{00C7B376-0E75-4506-AB6F-F18BDF289FF6}] => (Allow) C:\GAMES\Special Force 2\SpecialForce2\Binaries\Win32\sf2.exe
FirewallRules: [{0B144DB6-B19F-4B07-B58C-FEABDCE9077A}] => (Allow) C:\GAMES\Special Force 2\SpecialForce2\Binaries\Win32\sf2.exe
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/01/2015 02:58:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program mpc-hc.exe version 1.5.3.3752 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 7b8
Start Time: 01d0b3d25a9ec63e
Termination Time: 33
Application Path: C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe
Report Id: 02bed1f9-1fc7-11e5-ae3f-cc52afa0a36e
Error: (07/01/2015 09:25:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/30/2015 00:59:51 PM) (Source: MSOLAP$SQL2012) (EventID: 11) (User: )
Description: An error occurred while writing a trace event to the file, \\?\C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\Log\FlightRecorderCurrent.trc.
Error: (06/30/2015 00:59:51 PM) (Source: MSOLAP$SQL2012) (EventID: 11) (User: )
Description: An error occurred while writing a trace event to the file, \\?\C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\Log\FlightRecorderCurrent.trc.
Error: (06/30/2015 00:59:51 PM) (Source: MSOLAP$SQL2012) (EventID: 11) (User: )
Description: An error occurred while writing a trace event to the file, \\?\C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\Log\FlightRecorderCurrent.trc.
Error: (06/30/2015 00:59:51 PM) (Source: MSOLAP$SQL2012) (EventID: 11) (User: )
Description: An error occurred while writing a trace event to the file, \\?\C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\Log\FlightRecorderCurrent.trc.
Error: (06/30/2015 00:59:51 PM) (Source: MSOLAP$SQL2012) (EventID: 11) (User: )
Description: An error occurred while writing a trace event to the file, \\?\C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\Log\FlightRecorderCurrent.trc.
Error: (06/30/2015 00:59:51 PM) (Source: MSOLAP$SQL2012) (EventID: 11) (User: )
Description: An error occurred while writing a trace event to the file, \\?\C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\Log\FlightRecorderCurrent.trc.
Error: (06/30/2015 00:59:51 PM) (Source: MSOLAP$SQL2012) (EventID: 11) (User: )
Description: An error occurred while writing a trace event to the file, \\?\C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\Log\FlightRecorderCurrent.trc.
Error: (06/30/2015 00:59:51 PM) (Source: MSOLAP$SQL2012) (EventID: 11) (User: )
Description: An error occurred while writing a trace event to the file, \\?\C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\Log\FlightRecorderCurrent.trc.
System errors:
=============
Error: (07/01/2015 09:27:02 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Microsoft Antimalware Service service terminated unexpectedly. It has done this 3 time(s).
Error: (07/01/2015 09:26:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Microsoft Antimalware Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
Error: (07/01/2015 09:26:31 AM) (Source: HTTP) (EventID: 15005) (User: )
Description: \Device\Http\ReqQueue[::]:80
Error: (07/01/2015 09:26:31 AM) (Source: HTTP) (EventID: 15005) (User: )
Description: \Device\Http\ReqQueue[::]:80
Error: (07/01/2015 09:26:23 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Avira Scheduler service, but this action failed with the following error:
%%1058
Error: (07/01/2015 09:26:23 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Avira Real-Time Protection service, but this action failed with the following error:
%%1058
Error: (07/01/2015 09:26:23 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Avira Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
Error: (07/01/2015 09:26:23 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Avira Real-Time Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
Error: (07/01/2015 09:26:23 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
Error: (07/01/2015 09:26:21 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for DeleteFlag with the following error:
%%5
Microsoft Office:
=========================
Error: (07/01/2015 02:58:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: mpc-hc.exe1.5.3.37527b801d0b3d25a9ec63e33C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe02bed1f9-1fc7-11e5-ae3f-cc52afa0a36e
Error: (07/01/2015 09:25:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/30/2015 00:59:51 PM) (Source: MSOLAP$SQL2012) (EventID: 11) (User: )
Description: \\?\C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\Log\FlightRecorderCurrent.trc
Error: (06/30/2015 00:59:51 PM) (Source: MSOLAP$SQL2012) (EventID: 11) (User: )
Description: \\?\C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\Log\FlightRecorderCurrent.trc
Error: (06/30/2015 00:59:51 PM) (Source: MSOLAP$SQL2012) (EventID: 11) (User: )
Description: \\?\C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\Log\FlightRecorderCurrent.trc
Error: (06/30/2015 00:59:51 PM) (Source: MSOLAP$SQL2012) (EventID: 11) (User: )
Description: \\?\C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\Log\FlightRecorderCurrent.trc
Error: (06/30/2015 00:59:51 PM) (Source: MSOLAP$SQL2012) (EventID: 11) (User: )
Description: \\?\C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\Log\FlightRecorderCurrent.trc
Error: (06/30/2015 00:59:51 PM) (Source: MSOLAP$SQL2012) (EventID: 11) (User: )
Description: \\?\C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\Log\FlightRecorderCurrent.trc
Error: (06/30/2015 00:59:51 PM) (Source: MSOLAP$SQL2012) (EventID: 11) (User: )
Description: \\?\C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\Log\FlightRecorderCurrent.trc
Error: (06/30/2015 00:59:51 PM) (Source: MSOLAP$SQL2012) (EventID: 11) (User: )
Description: \\?\C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\Log\FlightRecorderCurrent.trc
==================== Memory info ===========================
Processor: Intel® Core i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 65%
Total physical RAM: 4043.86 MB
Available physical RAM: 1396.16 MB
Total Pagefile: 8085.93 MB
Available Pagefile: 4900.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:231.51 GB) (Free:12.65 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (David) (Fixed) (Total:220.53 GB) (Free:10.36 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: B45026AF)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=220.5 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=13.4 GB) - (Type=07 NTFS)
==================== End of log ============================
Attached Files
Edited by davidhoho, 01 July 2015 - 06:47 AM.