Addition.txtMalwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 10/21/2014Scan Time: 5:21:29 PMLogfile: Administrator: Yes Version: 2.00.3.1025Malware Database: v2014.10.21.11Rootkit Database: v2014.10.20.01License: FreeMalware Protection: DisabledMalicious Website Protection: DisabledSelf-protection: Disabled OS: Windows 8.1CPU: x64File System: NTFSUser: Allan Scan Type: Threat ScanResult: CompletedObjects Scanned: 302398Time Elapsed: 15 min, 34 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 36PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\CLSID\{A2716DF7-6671-3058-5900-D407C42B8D0F}, Quarantined, [b3a460b7017bd660d51e7c3e18e9a060], PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A2716DF7-6671-3058-5900-D407C42B8D0F}, Quarantined, [b3a460b7017bd660d51e7c3e18e9a060], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A2716DF7-6671-3058-5900-D407C42B8D0F}, Quarantined, [b3a460b7017bd660d51e7c3e18e9a060], PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\ApPttoUa.ApPttoUa, Quarantined, [b3a460b7017bd660d51e7c3e18e9a060], PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\ApPttoUa.ApPttoUa.4.61, Quarantined, [b3a460b7017bd660d51e7c3e18e9a060], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ApPttoUa.ApPttoUa, Quarantined, [b3a460b7017bd660d51e7c3e18e9a060], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ApPttoUa.ApPttoUa.4.61, Quarantined, [b3a460b7017bd660d51e7c3e18e9a060], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A2716DF7-6671-3058-5900-D407C42B8D0F}, Quarantined, [b3a460b7017bd660d51e7c3e18e9a060], PUP.Optional.MultiPlug, HKU\S-1-5-21-3513599277-296145143-110265111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A2716DF7-6671-3058-5900-D407C42B8D0F}, Quarantined, [b3a460b7017bd660d51e7c3e18e9a060], PUP.Optional.MultiPlug, HKU\S-1-5-21-3513599277-296145143-110265111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A2716DF7-6671-3058-5900-D407C42B8D0F}, Quarantined, [b3a460b7017bd660d51e7c3e18e9a060], PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{A2716DF7-6671-3058-5900-D407C42B8D0F}, Quarantined, [b3a460b7017bd660d51e7c3e18e9a060], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{A2716DF7-6671-3058-5900-D407C42B8D0F}, Quarantined, [b3a460b7017bd660d51e7c3e18e9a060], PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\CLSID\{A2716DF7-6671-3058-5900-D407C42B8D0F}\INPROCSERVER32, Quarantined, [b3a460b7017bd660d51e7c3e18e9a060], PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\CLSID\{D936026D-D41D-0A11-21FB-5C396664AF29}, Quarantined, [0a4d30e73646181eab4852685ca59e62], PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D936026D-D41D-0A11-21FB-5C396664AF29}, Quarantined, [0a4d30e73646181eab4852685ca59e62], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D936026D-D41D-0A11-21FB-5C396664AF29}, Quarantined, [0a4d30e73646181eab4852685ca59e62], PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\surffkeepIt.surffkeepIt, Quarantined, [0a4d30e73646181eab4852685ca59e62], PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\surffkeepIt.surffkeepIt.8.1, Quarantined, [0a4d30e73646181eab4852685ca59e62], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\surffkeepIt.surffkeepIt, Quarantined, [0a4d30e73646181eab4852685ca59e62], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\surffkeepIt.surffkeepIt.8.1, Quarantined, [0a4d30e73646181eab4852685ca59e62], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D936026D-D41D-0A11-21FB-5C396664AF29}, Quarantined, [0a4d30e73646181eab4852685ca59e62], PUP.Optional.MultiPlug, HKU\S-1-5-21-3513599277-296145143-110265111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D936026D-D41D-0A11-21FB-5C396664AF29}, Quarantined, [0a4d30e73646181eab4852685ca59e62], PUP.Optional.MultiPlug, HKU\S-1-5-21-3513599277-296145143-110265111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D936026D-D41D-0A11-21FB-5C396664AF29}, Quarantined, [0a4d30e73646181eab4852685ca59e62], PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{D936026D-D41D-0A11-21FB-5C396664AF29}, Quarantined, [0a4d30e73646181eab4852685ca59e62], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{D936026D-D41D-0A11-21FB-5C396664AF29}, Quarantined, [0a4d30e73646181eab4852685ca59e62], PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\CLSID\{D936026D-D41D-0A11-21FB-5C396664AF29}\INPROCSERVER32, Quarantined, [0a4d30e73646181eab4852685ca59e62], PUP.Optional.DynConIE.A, HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, Quarantined, [c98e8295314b24122d1595123bc79769], PUP.Optional.DynConIE.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, Quarantined, [c98e8295314b24122d1595123bc79769], PUP.Optional.SweetIM.A, HKU\S-1-5-21-3513599277-296145143-110265111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{DEDAF650-12B8-48F5-A843-BBA100716106}, Quarantined, [bd9aad6a601c0f27091a8c1d58aa42be], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{01B91C29-337A-1FFD-7CFC-473451D2F861}, Quarantined, [5ef95eb9ee8e1125c92bb307be434db3], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{594FD08C-0622-F9B8-CB02-7C1355D33CB8}, Quarantined, [5205d83fb4c8ac8ad51fe4d644bd649c], PUP.Optional.Booster.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5F189DF5-2D05-472B-9091-84D9848AE48B}{892cc6a3}, Quarantined, [e0771dfa6e0e5bdb07c63ff1a06334cc], PUP.Optional.MultiIE.A, HKU\S-1-5-21-3513599277-296145143-110265111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\DynConIE, Quarantined, [bf980e092953053106a2c9bf59ab7c84], PUP.Optional.SuperFish.A, HKU\S-1-5-21-3513599277-296145143-110265111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, Quarantined, [114658bfaece6ec8bdbf2908f211e020], PUP.Optional.TidyNetwork.A, HKLM\SOFTWARE\CLASSES\CLSID\{0FEB2313-F89B-4AC6-8153-84025604A06A}, Quarantined, [32251ef9f7854ee8da239f513bc78b75], PUP.Optional.TidyNetwork.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{0FEB2313-F89B-4AC6-8153-84025604A06A}, Quarantined, [32251ef9f7854ee8da239f513bc78b75], Registry Values: 1PUP.Optional.FindWide, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|Tabs, http://search.findwide.com/?guid={0A93A8F6-6514-4EA7-8F30-1292F20EBE0A}&action=homepage_search, Quarantined, [b6a150c7483448ee51fea5d721e3cf31] Registry Data: 1PUP.Optional.FindWide, HKU\S-1-5-21-3513599277-296145143-110265111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://search.findwide.com/?guid={0A93A8F6-6514-4EA7-8F30-1292F20EBE0A}&action=homepage_search, Good: (www.google.com), Bad: (http://search.findwide.com/?guid={0A93A8F6-6514-4EA7-8F30-1292F20EBE0A}&action=homepage_search),Replaced,[a0b764b33745171f5de6be6a29dc629e] Folders: 5Rogue.Multiple, C:\ProgramData\374311380, Quarantined, [72e57b9ce9932e08df9fb42b6f93b44c], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2, Quarantined, [32251ef9f7854ee8da239f513bc78b75], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\2.0.0.1829, Quarantined, [32251ef9f7854ee8da239f513bc78b75], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\Profiles, Quarantined, [32251ef9f7854ee8da239f513bc78b75], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\Profiles\10887, Quarantined, [32251ef9f7854ee8da239f513bc78b75], Files: 14Trojan.Agent, C:\ProgramData\Performance Optimizer\PERFORMANCEOPTIMIZER.DLL, Delete-on-Reboot, [54031106ec90f244800de734cf366898], PUP.Optional.MultiPlug, C:\ProgramData\APptaoiU\OUA.X64.DLL, Quarantined, [b3a460b7017bd660d51e7c3e18e9a060], PUP.Optional.MultiPlug, C:\ProgramData\APptaoiU\Oua.dll, Quarantined, [b3a460b7017bd660d51e7c3e18e9a060], PUP.Optional.MultiPlug, C:\ProgramData\surfukeepIt\CVSMM.X64.DLL, Quarantined, [0a4d30e73646181eab4852685ca59e62], PUP.Optional.MultiPlug, C:\ProgramData\surfukeepIt\cVsMM.dll, Quarantined, [0a4d30e73646181eab4852685ca59e62], PUP.Optional.MultiPlug, C:\ProgramData\APptaoiU\Oua.exe, Quarantined, [5ef95eb9ee8e1125c92bb307be434db3], PUP.Optional.MultiPlug, C:\ProgramData\surfukeepIt\cVsMM.exe, Quarantined, [5205d83fb4c8ac8ad51fe4d644bd649c], PUP.Optional.Proxy.A, C:\Users\Allan\AppData\Local\proxy.log, Quarantined, [4215c354c4b8a59130471a0e9e650bf5], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\TNT2UserPS.dll, Quarantined, [32251ef9f7854ee8da239f513bc78b75], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\TNT2UserPS64.dll, Quarantined, [32251ef9f7854ee8da239f513bc78b75], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\2.0.0.1829\IEToolbar.dll, Quarantined, [32251ef9f7854ee8da239f513bc78b75], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\2.0.0.1829\IEToolbar64.dll, Quarantined, [32251ef9f7854ee8da239f513bc78b75], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\Profiles\10887\passport.dll, Quarantined, [32251ef9f7854ee8da239f513bc78b75], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\Profiles\10887\passport64.dll, Quarantined, [32251ef9f7854ee8da239f513bc78b75], Physical Sectors: 0(No malicious items detected) (end) (FRST.txt) (x64) Version: 21-10-2014Ran by Allan (administrator) on OFFICEPC on 21-10-2014 17:47:41Running from C:\Users\Allan\DesktopLoaded Profile: Allan (Available profiles: Allan)Platform: Windows 8.1 Connected (X64) OS Language: English (United States)Internet Explorer Version 11Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe(Intel® Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe(Microsoft Corporation) C:\Windows\System32\dasHost.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe(Intel Corporation) C:\Windows\System32\igfxsrvc.exe(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe(Intel Corporation) C:\Windows\System32\igfxtray.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-04-18] (ASUSTek Computer Inc.)HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)HKU\S-1-5-21-3513599277-296145143-110265111-1001\...\Run: [Advanced SystemCare 7] => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2281248 2014-08-22] (IObit)AppInit_DLLs: C:\PROGRA~3\Performance Optimizer\PerformanceOptimizer_x64.dll => C:\ProgramData\Performance Optimizer\PerformanceOptimizer_x64.dll [4303360 2014-09-24] ()AppInit_DLLs-x32: c:\progra~3\performance optimizer\performanceoptimizer.dll => "c:\progra~3\performance optimizer\performanceoptimizer.dll" File Not FoundStartup: C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnkShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com/SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJBSearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJBSearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJBSearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJBSearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}SearchScopes: HKCU - {18E7AD89-69B9-45E9-9395-4A6ABCB797C8} URL = http://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10887SearchScopes: HKCU - {3E32A54C-5C24-4EB2-97A0-855A502D1856} URL = http://search.findwide.com/serp?guid={0A93A8F6-6514-4EA7-8F30-1292F20EBE0A}&action=default_search&k={searchTerms}BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKCU - No Name - {7909531A-9D66-4361-BD71-3E34B6FBDECE} - No FileTcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 FireFox:========FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) Chrome: =======CHR HomePage: Default -> https://mail.aol.com/38798-516/aol-6/en-us/suite.aspxCHR StartupUrls: Default -> "hxxp://aol.com/"CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}CHR Profile: C:\Users\Allan\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Slides) - C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-20]CHR Extension: (Google Docs) - C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-20]CHR Extension: (Google Drive) - C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-20]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-20]CHR Extension: (YouTube) - C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-20]CHR Extension: (Adblock Plus) - C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-10-21]CHR Extension: (Google Search) - C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-20]CHR Extension: (Google Sheets) - C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-20]CHR Extension: (Google Wallet) - C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-20]CHR Extension: (Gmail) - C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-20] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 892cc6a3; c:\ProgramData\performance optimizer\performanceoptimizerSvc.dll [186192 2014-09-24] () [File not signed]R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [893216 2014-08-18] (IObit)R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-27] (WildTangent)R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel® Corporation) [File not signed]S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel® Corporation)R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-09-06] (Microsoft Corporation)S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2282272 2014-08-19] (IObit)S4 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-09-06] (Microsoft Corporation)R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-09-06] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-07] (Qualcomm Atheros Communications, Inc.)R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [71952 2014-03-31] (ASUS Corporation)R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-05] ( )R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-27] (Intel Corporation)R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-09-06] (Microsoft Corporation)U0 msahci; system32\drivers\msahci.sys ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-21 17:47 - 2014-10-21 17:48 - 00012689 _____ () C:\Users\Allan\Desktop\FRST.txt2014-10-21 17:47 - 2014-10-21 17:47 - 00000000 ____D () C:\FRST2014-10-21 17:46 - 2014-10-21 17:46 - 02110976 _____ (Farbar) C:\Users\Allan\Desktop\FRST64.exe2014-10-21 17:38 - 2014-10-21 17:38 - 00004672 _____ () C:\Windows\PFRO.log2014-10-21 00:45 - 2014-10-21 00:58 - 00025026 _____ () C:\Users\Allan\Desktop\log.xml2014-10-21 00:11 - 2014-10-21 17:40 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-10-21 00:10 - 2014-10-21 00:10 - 00001132 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-10-21 00:10 - 2014-10-21 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-10-21 00:10 - 2014-10-21 00:10 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-10-21 00:10 - 2014-10-21 00:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-10-21 00:10 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-10-21 00:10 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2014-10-21 00:10 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-10-20 23:51 - 2014-10-20 23:51 - 00000000 ____D () C:\ProgramData\Sun2014-10-20 23:51 - 2014-10-20 23:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java2014-10-20 23:51 - 2014-10-20 23:50 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2014-10-20 23:50 - 2014-10-20 23:51 - 00000000 ____D () C:\ProgramData\Oracle2014-10-20 23:50 - 2014-10-20 23:50 - 00000000 ____D () C:\Program Files (x86)\Java2014-10-20 23:21 - 2014-10-21 17:39 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-10-20 23:21 - 2014-10-21 17:26 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-10-20 23:21 - 2014-10-20 23:21 - 00003886 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2014-10-20 23:21 - 2014-10-20 23:21 - 00003650 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2014-10-20 23:21 - 2014-10-20 23:21 - 00002279 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2014-10-20 23:21 - 2014-10-20 23:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome2014-10-20 22:49 - 2014-10-20 22:49 - 21197152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll2014-10-20 22:49 - 2014-10-20 22:49 - 18723112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll2014-10-20 22:49 - 2014-10-20 22:49 - 13424128 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll2014-10-20 22:49 - 2014-10-20 22:49 - 11820544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll2014-10-20 22:49 - 2014-10-20 22:49 - 07484224 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2014-10-20 22:49 - 2014-10-20 22:49 - 02714112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll2014-10-20 22:49 - 2014-10-20 22:49 - 02497344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys2014-10-20 22:49 - 2014-10-20 22:49 - 02480128 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll2014-10-20 22:49 - 2014-10-20 22:49 - 02030592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll2014-10-20 22:49 - 2014-10-20 22:49 - 01420288 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2014-10-20 22:49 - 2014-10-20 22:49 - 01053184 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00836176 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00822272 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00670384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00561416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys2014-10-20 22:49 - 2014-10-20 22:49 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00474432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys2014-10-20 22:49 - 2014-10-20 22:49 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00436224 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS2014-10-20 22:49 - 2014-10-20 22:49 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00389176 _____ () C:\Windows\system32\ApnDatabase.xml2014-10-20 22:49 - 2014-10-20 22:49 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00236864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys2014-10-20 22:49 - 2014-10-20 22:49 - 00177472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys2014-10-20 22:49 - 2014-10-20 22:49 - 00148800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS2014-10-20 22:46 - 2014-10-20 22:46 - 03117568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll2014-10-20 22:46 - 2014-10-20 22:46 - 02779648 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll2014-10-20 22:46 - 2014-10-20 22:46 - 00921600 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll2014-10-20 22:46 - 2014-10-20 22:46 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll2014-10-20 22:46 - 2014-10-20 22:46 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll2014-10-20 21:48 - 2014-10-20 21:54 - 00000005 _____ () C:\end2014-10-20 21:48 - 2014-10-20 21:48 - 00000000 ____D () C:\Program Files\CouponArific2014-10-20 21:27 - 2014-10-20 21:27 - 00078848 _____ () C:\Users\Allan\Downloads\2014_ROUNDS_Jim.xls2014-10-20 21:26 - 2014-10-20 21:26 - 00032768 _____ () C:\Users\Allan\Downloads\Membership_Log_YrA.xls2014-10-20 20:57 - 2014-10-20 20:58 - 00000000 ____D () C:\Users\Allan\AppData\Local\Google2014-10-20 20:57 - 2014-10-20 20:58 - 00000000 ____D () C:\Program Files (x86)\Google2014-10-20 20:56 - 2014-10-20 23:20 - 00000000 ____D () C:\Users\Allan\AppData\Local\Deployment2014-10-20 20:56 - 2014-10-20 23:20 - 00000000 ____D () C:\Users\Allan\AppData\Local\Apps\2.02014-10-20 16:11 - 2014-10-20 16:11 - 66973696 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak2014-10-20 16:11 - 2014-10-20 16:11 - 00237568 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak2014-10-20 16:11 - 2014-10-20 16:11 - 00028672 _____ () C:\Windows\system32\config\SAM.iodefrag.bak2014-10-20 16:11 - 2014-10-20 16:11 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak2014-10-20 16:11 - 2014-10-20 16:11 - 00000000 _____ () C:\asc_rdflag2014-10-19 17:58 - 2014-02-17 13:41 - 00027456 _____ (IObit) C:\Windows\system32\RegistryDefragBootTime.exe2014-10-19 17:55 - 2014-10-19 17:55 - 66973696 _____ () C:\Windows\system32\config\SOFTWARE.iobit2014-10-19 17:55 - 2014-10-19 17:55 - 00237568 _____ () C:\Windows\system32\config\DEFAULT.iobit2014-10-19 17:55 - 2014-10-19 17:55 - 00028672 _____ () C:\Windows\system32\config\SAM.iobit2014-10-19 17:55 - 2014-10-19 17:55 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iobit2014-10-19 17:26 - 2014-09-29 18:45 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2014-10-19 17:26 - 2014-09-29 18:45 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2014-10-17 15:12 - 2014-10-17 15:12 - 00000000 ____D () C:\ProgramData\LowPricesApp2014-10-16 10:20 - 2014-10-21 17:37 - 00000000 ____D () C:\ProgramData\surfukeepIt2014-10-16 10:11 - 2014-08-16 00:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll2014-10-16 10:11 - 2014-08-16 00:01 - 01710184 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll2014-10-16 10:11 - 2014-08-15 23:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll2014-10-16 10:11 - 2014-08-15 23:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll2014-10-16 10:11 - 2014-08-15 23:03 - 01467384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll2014-10-16 10:11 - 2014-08-15 21:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll2014-10-16 10:11 - 2014-08-15 21:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll2014-10-16 10:11 - 2014-08-15 20:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll2014-10-16 10:11 - 2014-08-15 20:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll2014-10-16 10:11 - 2014-08-15 20:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll2014-10-16 10:11 - 2014-08-15 20:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll2014-10-16 10:11 - 2014-08-15 20:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll2014-10-16 10:11 - 2014-08-15 20:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll2014-10-16 10:11 - 2014-08-15 20:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll2014-10-16 10:11 - 2014-08-15 20:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll2014-10-16 10:11 - 2014-08-15 20:29 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll2014-10-16 10:11 - 2014-08-15 20:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll2014-10-16 10:11 - 2014-08-15 20:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll2014-10-16 10:11 - 2014-08-15 20:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll2014-10-16 10:11 - 2014-08-15 20:19 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll2014-10-16 10:11 - 2014-08-15 20:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll2014-10-16 10:11 - 2014-08-15 20:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll2014-10-16 10:11 - 2014-08-15 20:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll2014-10-16 10:11 - 2014-08-15 20:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll2014-10-16 10:11 - 2014-08-15 20:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll2014-10-16 10:11 - 2014-08-15 20:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll2014-10-16 10:11 - 2014-08-15 20:11 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll2014-10-16 10:11 - 2014-08-15 20:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe2014-10-16 10:11 - 2014-08-15 20:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll2014-10-16 10:11 - 2014-08-15 20:07 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll2014-10-16 10:10 - 2014-09-27 18:25 - 04183040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2014-10-16 10:09 - 2014-09-07 23:15 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe2014-10-16 10:09 - 2014-09-07 21:46 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll2014-10-16 10:09 - 2014-09-07 21:46 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll2014-10-16 10:09 - 2014-09-07 20:08 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe2014-10-16 10:09 - 2014-09-07 20:07 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll2014-10-16 10:09 - 2014-09-07 20:05 - 03448320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll2014-10-16 10:09 - 2014-09-07 20:04 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll2014-10-16 10:09 - 2014-09-07 20:04 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll2014-10-16 10:09 - 2014-09-07 20:03 - 01702400 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll2014-10-16 10:09 - 2014-09-07 20:03 - 00839680 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll2014-10-16 10:09 - 2014-09-07 19:59 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll2014-10-16 10:09 - 2014-09-07 19:59 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe2014-10-16 10:09 - 2014-09-07 19:56 - 00672256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll2014-10-16 10:09 - 2014-09-07 19:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll2014-10-16 10:08 - 2014-09-18 22:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-10-16 10:08 - 2014-09-18 21:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-10-16 10:07 - 2014-09-25 18:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-10-16 10:07 - 2014-09-25 18:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2014-10-16 10:07 - 2014-09-25 18:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2014-10-16 10:07 - 2014-09-25 18:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-10-16 10:07 - 2014-09-25 18:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-10-16 10:07 - 2014-09-25 18:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-10-16 10:07 - 2014-09-18 21:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-10-16 10:07 - 2014-09-18 21:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-10-16 10:07 - 2014-09-18 21:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2014-10-16 10:07 - 2014-09-18 21:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-10-16 10:07 - 2014-09-18 21:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-10-16 10:07 - 2014-09-18 21:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2014-10-16 10:07 - 2014-09-18 21:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2014-10-16 10:07 - 2014-09-18 21:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-10-16 10:07 - 2014-09-18 20:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2014-10-16 10:07 - 2014-09-18 20:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2014-10-16 10:07 - 2014-09-18 20:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-10-16 10:07 - 2014-09-18 20:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-10-16 10:07 - 2014-09-18 20:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-10-16 10:07 - 2014-09-18 20:42 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2014-10-16 10:07 - 2014-09-18 20:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-10-16 10:07 - 2014-09-18 20:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-10-16 10:07 - 2014-09-18 20:20 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2014-10-16 10:07 - 2014-09-18 20:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-10-16 10:07 - 2014-09-18 19:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-10-16 10:07 - 2014-09-18 19:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-10-16 10:07 - 2014-09-18 19:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-10-16 10:07 - 2014-09-18 19:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-10-16 10:07 - 2014-09-13 02:29 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll2014-10-16 10:07 - 2014-09-13 01:49 - 00068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll2014-10-16 10:07 - 2014-08-28 21:58 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll2014-10-16 10:07 - 2014-08-28 19:56 - 02646016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll2014-10-16 10:07 - 2014-08-28 19:47 - 02321920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll2014-10-16 10:06 - 2014-09-03 20:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll2014-10-16 10:06 - 2014-09-03 20:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll2014-10-07 11:17 - 2014-10-07 11:17 - 00002487 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk2014-09-28 13:18 - 2014-10-21 17:37 - 00000000 ____D () C:\ProgramData\APptaoiU2014-09-28 13:18 - 2014-10-16 10:20 - 00000000 ____D () C:\ProgramData\3b90f368c5ba7f552014-09-24 21:20 - 2014-07-24 11:03 - 02141920 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll2014-09-24 21:20 - 2014-07-24 09:36 - 02145472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll2014-09-24 21:20 - 2014-07-24 05:44 - 16874496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll2014-09-24 21:20 - 2014-07-24 05:16 - 12730880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll2014-09-24 21:20 - 2014-06-14 02:03 - 02389504 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll2014-09-24 21:19 - 2014-07-24 11:28 - 00143680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys2014-09-24 21:19 - 2014-07-24 11:20 - 00645592 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll2014-09-24 21:19 - 2014-07-24 11:16 - 02574208 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL2014-09-24 21:19 - 2014-07-24 11:07 - 02009920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys2014-09-24 21:19 - 2014-07-24 11:03 - 00882136 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll2014-09-24 21:19 - 2014-07-24 11:03 - 00205512 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll2014-09-24 21:19 - 2014-07-24 09:48 - 02410976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL2014-09-24 21:19 - 2014-07-24 09:46 - 00477200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll2014-09-24 21:19 - 2014-07-24 09:36 - 00707536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll2014-09-24 21:19 - 2014-07-24 09:36 - 00180720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll2014-09-24 21:19 - 2014-07-24 07:44 - 00674816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys2014-09-24 21:19 - 2014-07-24 07:43 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys2014-09-24 21:19 - 2014-07-24 07:42 - 01200640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys2014-09-24 21:19 - 2014-07-24 06:20 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll2014-09-24 21:19 - 2014-07-24 05:39 - 00770048 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll2014-09-24 21:19 - 2014-07-24 05:33 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll2014-09-24 21:19 - 2014-07-24 05:03 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll2014-09-24 21:19 - 2014-07-24 04:53 - 01261056 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll2014-09-24 21:19 - 2014-07-24 04:39 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll2014-09-24 21:19 - 2014-07-24 04:38 - 00371200 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll2014-09-24 21:19 - 2014-07-24 04:32 - 01532416 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll2014-09-24 21:19 - 2014-07-24 04:29 - 00439296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll2014-09-24 21:19 - 2014-07-24 04:21 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll2014-09-24 21:19 - 2014-07-24 04:21 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll2014-09-24 21:19 - 2014-07-24 04:18 - 00795136 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe2014-09-24 21:19 - 2014-07-24 04:10 - 00889344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll2014-09-24 21:19 - 2014-07-24 04:10 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv2014-09-24 21:19 - 2014-07-24 04:01 - 01992192 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll2014-09-24 21:19 - 2014-07-24 03:50 - 01182208 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll2014-09-24 21:19 - 2014-07-24 03:44 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll2014-09-24 21:19 - 2014-07-24 03:28 - 01600000 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll2014-09-24 21:19 - 2014-07-24 00:11 - 00513544 _____ () C:\Windows\SysWOW64\locale.nls2014-09-24 21:19 - 2014-07-24 00:11 - 00513544 _____ () C:\Windows\system32\locale.nls2014-09-24 21:19 - 2014-07-04 05:30 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll2014-09-24 21:19 - 2014-07-04 05:27 - 00474112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll2014-09-24 21:19 - 2014-06-14 01:46 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll2014-09-24 21:19 - 2014-06-05 06:18 - 01018368 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll2014-09-24 21:19 - 2014-05-06 00:41 - 00486744 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll2014-09-24 21:19 - 2014-05-05 20:55 - 00391000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll2014-09-24 21:18 - 2014-07-24 11:28 - 00468288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS2014-09-24 21:18 - 2014-07-24 11:28 - 00419648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys2014-09-24 21:18 - 2014-07-24 11:28 - 00412992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys2014-09-24 21:18 - 2014-07-24 11:23 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll2014-09-24 21:18 - 2014-07-24 11:23 - 00125472 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll2014-09-24 21:18 - 2014-07-24 11:16 - 00211216 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe2014-09-24 21:18 - 2014-07-24 11:05 - 01660048 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi2014-09-24 21:18 - 2014-07-24 11:05 - 01519560 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe2014-09-24 21:18 - 2014-07-24 11:05 - 01488008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi2014-09-24 21:18 - 2014-07-24 11:05 - 01356840 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe2014-09-24 21:18 - 2014-07-24 11:03 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll2014-09-24 21:18 - 2014-07-24 11:03 - 00233888 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll2014-09-24 21:18 - 2014-07-24 09:36 - 00355800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll2014-09-24 21:18 - 2014-07-24 07:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys2014-09-24 21:18 - 2014-07-24 07:45 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys2014-09-24 21:18 - 2014-07-24 07:42 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys2014-09-24 21:18 - 2014-07-24 07:42 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NdisImPlatform.sys2014-09-24 21:18 - 2014-07-24 07:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys2014-09-24 21:18 - 2014-07-24 07:05 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll2014-09-24 21:18 - 2014-07-24 06:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll2014-09-24 21:18 - 2014-07-24 06:10 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll2014-09-24 21:18 - 2014-07-24 06:10 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe2014-09-24 21:18 - 2014-07-24 06:09 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll2014-09-24 21:18 - 2014-07-24 05:52 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll2014-09-24 21:18 - 2014-07-24 05:24 - 01817088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll2014-09-24 21:18 - 2014-07-24 05:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll2014-09-24 21:18 - 2014-07-24 05:11 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe2014-09-24 21:18 - 2014-07-24 05:10 - 00540672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll2014-09-24 21:18 - 2014-07-24 04:53 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll2014-09-24 21:18 - 2014-07-24 04:30 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll2014-09-24 21:18 - 2014-07-24 04:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll2014-09-24 21:18 - 2014-07-24 04:23 - 01404416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll2014-09-24 21:18 - 2014-07-24 04:22 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv2014-09-24 21:18 - 2014-07-24 04:16 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll2014-09-24 21:18 - 2014-07-24 04:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll2014-09-24 21:18 - 2014-07-24 04:15 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll2014-09-24 21:18 - 2014-07-24 03:49 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll2014-09-24 21:18 - 2014-07-24 03:47 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll2014-09-24 21:18 - 2014-07-24 03:33 - 03360768 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll2014-09-24 21:18 - 2014-07-12 01:55 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll2014-09-24 21:18 - 2014-07-12 00:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll2014-09-24 21:18 - 2014-07-04 08:59 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys2014-09-24 21:18 - 2014-07-04 06:29 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll2014-09-24 21:18 - 2014-07-04 06:06 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll2014-09-24 21:18 - 2014-06-27 02:22 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys2014-09-24 21:18 - 2014-06-19 19:37 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys2014-09-24 21:18 - 2014-06-18 22:13 - 00310080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys2014-09-24 21:18 - 2014-06-05 10:00 - 01118040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys2014-09-24 21:18 - 2014-06-05 05:42 - 00889856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll2014-09-24 21:18 - 2014-05-31 01:00 - 01463808 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll2014-09-24 21:18 - 2014-05-29 02:23 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll2014-09-24 21:18 - 2014-05-10 06:12 - 00387896 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll2014-09-24 21:18 - 2014-05-10 04:46 - 00335680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll2014-09-24 21:18 - 2014-03-24 22:27 - 00160600 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll2014-09-24 21:18 - 2014-03-24 22:27 - 00123920 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll2014-09-24 21:18 - 2014-03-24 21:20 - 00127544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll2014-09-24 21:17 - 2014-07-24 11:28 - 00280384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys2014-09-24 21:17 - 2014-07-24 11:20 - 00263400 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe2014-09-24 21:17 - 2014-07-24 09:50 - 00098048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll2014-09-24 21:17 - 2014-07-24 09:48 - 00180208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe2014-09-24 21:17 - 2014-07-24 07:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll2014-09-24 21:17 - 2014-07-24 07:05 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll2014-09-24 21:17 - 2014-07-24 06:18 - 01089024 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll2014-09-24 21:17 - 2014-07-24 06:12 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll2014-09-24 21:17 - 2014-07-24 06:10 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll2014-09-24 21:17 - 2014-07-24 06:10 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasnap.dll2014-09-24 21:17 - 2014-07-24 06:05 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll2014-09-24 21:17 - 2014-07-24 05:53 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll2014-09-24 21:17 - 2014-07-24 05:32 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll2014-09-24 21:17 - 2014-07-24 05:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll2014-09-24 21:17 - 2014-07-24 05:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll2014-09-24 21:17 - 2014-07-24 05:02 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll2014-09-24 21:17 - 2014-07-24 04:49 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll2014-09-24 21:17 - 2014-07-24 04:47 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll2014-09-24 21:17 - 2014-07-24 04:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll2014-09-24 21:17 - 2014-07-24 04:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll2014-09-24 21:17 - 2014-07-24 04:08 - 00162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll2014-09-24 21:17 - 2014-07-24 04:05 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll2014-09-24 21:17 - 2014-07-24 03:58 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll2014-09-24 21:17 - 2014-07-24 03:54 - 01290752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll2014-09-24 21:17 - 2014-07-04 06:20 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll2014-09-24 21:17 - 2014-06-25 20:29 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll2014-09-24 21:17 - 2014-06-07 08:46 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll2014-09-24 21:17 - 2014-06-07 06:20 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll2014-09-24 21:17 - 2014-05-31 00:18 - 01319936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll2014-09-24 21:17 - 2014-05-29 01:25 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll2014-09-24 21:17 - 2014-05-26 03:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll2014-09-24 21:17 - 2014-03-24 21:20 - 00128568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll2014-09-24 21:16 - 2014-07-24 07:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL2014-09-24 21:16 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL2014-09-24 21:16 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTT102.DLL2014-09-24 21:16 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL2014-09-24 21:16 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL2014-09-24 21:16 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL2014-09-24 21:16 - 2014-07-24 07:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL2014-09-24 21:16 - 2014-07-24 07:47 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll2014-09-24 21:16 - 2014-07-24 07:41 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys2014-09-24 21:16 - 2014-07-24 07:22 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll2014-09-24 21:16 - 2014-07-24 06:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL2014-09-24 21:16 - 2014-07-24 06:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTT102.DLL2014-09-24 21:16 - 2014-07-24 06:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL2014-09-24 21:16 - 2014-07-24 06:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL2014-09-24 21:16 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL2014-09-24 21:16 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL2014-09-24 21:16 - 2014-07-24 06:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL2014-09-24 21:16 - 2014-07-24 06:33 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll2014-09-24 21:16 - 2014-07-24 06:32 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl2014-09-24 21:16 - 2014-07-24 05:42 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl2014-09-24 21:16 - 2014-07-24 05:40 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll2014-09-24 21:16 - 2014-07-24 05:27 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe2014-09-24 21:16 - 2014-07-24 05:25 - 00832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll2014-09-24 21:16 - 2014-07-24 05:21 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll2014-09-24 21:16 - 2014-07-24 05:18 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll2014-09-24 21:16 - 2014-07-24 05:14 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll2014-09-24 21:16 - 2014-07-24 05:11 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll2014-09-24 21:16 - 2014-07-24 05:04 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll2014-09-24 21:16 - 2014-07-24 05:04 - 00183808 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe2014-09-24 21:16 - 2014-07-24 04:58 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll2014-09-24 21:16 - 2014-07-24 04:49 - 01361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll2014-09-24 21:16 - 2014-07-24 04:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll2014-09-24 21:16 - 2014-07-24 04:48 - 00659968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll2014-09-24 21:16 - 2014-07-24 04:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll2014-09-24 21:16 - 2014-07-24 04:36 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll2014-09-24 21:16 - 2014-07-24 04:18 - 01144320 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll2014-09-24 21:16 - 2014-07-24 04:15 - 00432128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll2014-09-24 21:16 - 2014-07-24 04:13 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll2014-09-24 21:16 - 2014-07-24 04:00 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll2014-09-24 21:16 - 2014-07-24 03:58 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll2014-09-24 21:16 - 2014-07-24 03:43 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll2014-09-24 21:16 - 2014-07-24 03:41 - 00459264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll2014-09-24 21:16 - 2014-07-04 06:00 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll2014-09-24 21:16 - 2014-06-25 20:32 - 01029632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll2014-09-24 21:09 - 2014-10-21 17:38 - 00000000 ____D () C:\ProgramData\Performance Optimizer2014-09-21 14:04 - 2014-10-20 22:30 - 00000000 ___SD () C:\Windows\system32\CompatTel2014-09-21 13:53 - 2014-10-21 01:33 - 00000000 ____D () C:\Windows\system32\MRT2014-09-21 13:53 - 2014-10-21 01:30 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2014-09-21 12:45 - 2014-08-23 03:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe2014-09-21 12:45 - 2014-08-23 03:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe2014-09-21 12:45 - 2014-08-23 02:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll2014-09-21 12:45 - 2014-08-23 01:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll2014-09-21 12:45 - 2014-08-23 00:44 - 02860032 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll2014-09-21 12:45 - 2014-08-23 00:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll2014-09-21 12:45 - 2014-08-23 00:31 - 01038336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll2014-09-21 12:45 - 2014-08-14 20:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys2014-09-21 12:45 - 2014-07-29 21:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll2014-09-21 12:45 - 2014-07-29 01:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-21 17:40 - 2014-09-03 12:27 - 00000074 _____ () C:\Users\Allan\AppData\Roaming\sp_data.sys2014-10-21 17:39 - 2014-09-03 12:30 - 00000000 ___DO () C:\Users\Allan\OneDrive2014-10-21 17:38 - 2013-08-22 11:36 - 00000000 ___HD () C:\Windows\ELAMBKUP2014-10-21 17:38 - 2013-08-22 10:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-10-21 17:37 - 2014-09-06 12:00 - 00000260 _____ () C:\Windows\Tasks\ASC7_SkipUac_Allan.job2014-10-21 17:37 - 2014-05-02 18:21 - 01599971 _____ () C:\Windows\WindowsUpdate.log2014-10-21 17:37 - 2013-08-22 09:25 - 00262144 ___SH () C:\Windows\system32\config\BBI2014-10-21 17:00 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\sru2014-10-21 15:54 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\rescache2014-10-21 15:43 - 2014-09-03 12:31 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3513599277-296145143-110265111-10012014-10-21 15:35 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\AppReadiness2014-10-21 15:26 - 2014-09-03 12:35 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{A1B232CD-DBBC-42B5-8FB8-AB0B5F5A001F}2014-10-21 01:37 - 2013-08-22 11:20 - 00000000 ____D () C:\Windows\CbsTemp2014-10-20 23:02 - 2013-08-22 11:36 - 00000000 ___RD () C:\Windows\ToastData2014-10-20 23:02 - 2013-08-22 11:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel2014-10-20 23:02 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\MediaViewer2014-10-20 23:02 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\FileManager2014-10-20 23:02 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\Camera2014-10-20 22:50 - 2014-09-06 12:00 - 00002223 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk2014-10-20 22:37 - 2014-09-03 12:25 - 00000000 ____D () C:\Users\Allan2014-10-20 22:30 - 2014-09-06 12:01 - 00000000 ____D () C:\Users\Allan\AppData\Roaming\ProductData2014-10-20 22:30 - 2014-09-06 12:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 72014-10-20 22:30 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\setup2014-10-20 22:30 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\Sysprep2014-10-20 22:29 - 2013-08-22 11:36 - 00000000 ___HD () C:\Windows\system32\GroupPolicy2014-10-20 22:29 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy2014-10-20 22:20 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\registration2014-10-20 22:17 - 2014-09-06 11:58 - 00000000 ____D () C:\ProgramData\IObit2014-10-19 17:35 - 2014-03-18 05:47 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI2014-10-19 17:25 - 2013-08-22 10:44 - 00353736 _____ () C:\Windows\system32\FNTCACHE.DAT2014-10-19 17:22 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\WinStore2014-10-02 17:11 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility2014-10-02 17:11 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility2014-10-02 17:10 - 2014-03-18 05:33 - 00000000 ____D () C:\Program Files\Windows Journal2014-10-02 17:10 - 2014-03-18 05:31 - 00000000 ____D () C:\Windows\SysWOW64\winrm2014-10-02 17:10 - 2014-03-18 05:31 - 00000000 ____D () C:\Windows\SysWOW64\WCN2014-10-02 17:10 - 2014-03-18 05:31 - 00000000 ____D () C:\Windows\SysWOW64\slmgr2014-10-02 17:10 - 2014-03-18 05:31 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts2014-10-02 17:10 - 2014-03-18 05:31 - 00000000 ____D () C:\Windows\system32\winrm2014-10-02 17:10 - 2014-03-18 05:31 - 00000000 ____D () C:\Windows\system32\WCN2014-10-02 17:10 - 2014-03-18 05:31 - 00000000 ____D () C:\Windows\system32\slmgr2014-10-02 17:10 - 2014-03-18 05:31 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts2014-10-02 17:10 - 2013-08-22 11:36 - 00000000 ___SD () C:\Windows\system32\dsc2014-10-02 17:10 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\SysWOW64\setup2014-10-02 17:10 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\SysWOW64\MUI2014-10-02 17:10 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod2014-10-02 17:10 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\SysWOW64\Com2014-10-02 17:10 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform2014-10-02 17:10 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\MUI2014-10-02 17:10 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\migwiz2014-10-02 17:10 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\Com2014-10-02 17:10 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\PolicyDefinitions2014-10-02 17:10 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\IME2014-10-02 17:10 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\Help2014-10-02 17:10 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer2014-10-02 17:10 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Common Files\System2014-10-02 17:10 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer2014-10-02 17:10 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender2014-10-02 17:10 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe2014-10-02 17:10 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism2014-10-02 17:10 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\oobe2014-10-02 17:10 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\Dism2014-09-22 02:42 - 2014-09-06 11:39 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe2014-09-21 16:31 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Defender2014-09-21 16:31 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\servicing2014-09-21 16:11 - 2014-09-06 13:24 - 00000000 ____D () C:\ProgramData\Adobe2014-09-21 16:11 - 2014-09-03 12:27 - 00000000 ____D () C:\ProgramData\USBChargerPlus2014-09-21 14:03 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools2014-09-21 14:03 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools2014-09-21 14:03 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates Files to move or delete:====================C:\ProgramData\SetStretch.exeC:\ProgramData\SetStretch.VBSC:\ProgramData\Setup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed