Random pop-ups in Chrome Win8

Holistr · March 11, 2014

Hello Guys,

I came here through a search for a solution to random pop-ups in my brand new laptop with Win8, google chrome.

Like yesterday first a random page opened and it seemed valid...today it happened again. Both of the pages are pretty well done. Unfortunatelly I have no screen, will make screen nextime if necessary.

The pup-ups came out of nowhere and I am sure I did not even click anything.

I started to use the new computer mainly cause my oldone with XP was infected. I use flashdisc to copy necessary data from one computer to another...maybe that caused the infection transfere - I used this flashdisc to install KasperskyAV on the new system.

Ofcourse I run a scan right away but nothing was found.

Now I looked at this thread:

https://forums.malwarebytes.org/index.php?showtopic=124537

And am pretty scared what is in front of me.

The system is brand new, so not many applications are intalled and used only for several days.

PLEASE let me know how to procede in order to get rid of any possible infection.

Thank you

H.

Psychotic · March 11, 2014

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
Perform everything in the correct order. Sometimes one step requires the previous one.
If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)

Run FRST.
Don´t change one of the checkboxes and hit Scan.
Logfiles are created on your desktop.
Poste the FRST.txt and (after the first scan only!) the Addition.txt.

Scan with Gmer rootkit scanner

Please download Gmer from here by clicking on the "Download EXE" Button.

Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
In the right panel, you will see several boxes that have been checked. Uncheck the following ...
- Sections
- IAT/EAT
- Show All ( should be unchecked by default )
[*]Leave everything else as it is. [*]Close all other running programs as well as your Browser. [*]Click the Scan button & wait for it to finish. [*]Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post. [*]Save it where you can easily find it, such as your desktop. [*]Please post the content of the ark.txt here.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Holistr · March 12, 2014

Hello Psychotic,

I did what you asked for, below you can see the 3 outputs.

Note that I run gmer several times cause not all programs were shut down, though every time the scan stopped with error message: C_windows_system32_config_system and ntuser.dat files(can send screen of one of them if you ask for) were inaccessible because of used by another process.

Logs too long to paste them. Sending as attachment.

ark.txt Addition.txt FRST_13-03-2014_00-33-20.txt

Holistr · March 12, 2014

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2014

Ran by Martin (administrator) on HOLISTR on 13-03-2014 00:32:16

Running from C:\Users\Martin\Downloads

Windows 8.1 (X64) OS Language: English(US)

Internet Explorer Version 11

Boot Mode: Normal

The only official download link for FRST:

Download link for 32-Bit version:

Download link for 64-Bit Version:

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Lenovo.) C:\WINDOWS\system32\ibmpmsvc.exe

(Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe

(Alipay Inc. ) C:\Program Files (x86)\alipay\alieditplus\AlipaySecSvc.exe

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe

(Conexant Systems Inc.) C:\WINDOWS\system32\CxAudMsg64.exe

(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Conexant Systems, Inc.) C:\WINDOWS\SysWOW64\SAsrv.exe

(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

(Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe

(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe

(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\tpnumlkd.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\mkrmsg.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe

(Microsoft Corporation) C:\Windows\System32\skydrive.exe

(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe

(Microsoft Corporation) C:\WINDOWS\system32\wwahost.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe

(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe

() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\extapsup.exe

(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

(Microsoft Corporation) C:\WINDOWS\system32\AUDIODG.EXE

(Microsoft Corporation) C:\WINDOWS\syswow64\wwahost.exe

(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe

(Microsoft Corporation) C:\Windows\System32\WWAHost.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [intelWirelessWiMAX] - C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [1626112 2012-07-26] (Intel® Corporation)

HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-04-24] (Synaptics Incorporated)

HKLM\...\Run: [smartAudio] - C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)

HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-14] (Conexant Systems, Inc.)

HKLM\...\Run: [ForteConfig] - C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()

HKLM\...\Run: [LenovoOptMouseUpdate] - C:\Program Files\Lenovo\HOTKEY\extapsup.exe [250976 2012-08-31] (Lenovo Group Limited)

HKLM-x32\...\Run: [iMSS] - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [134616 2013-05-14] (Intel Corporation)

Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)

Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk

ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/

BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)

BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)

BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)

BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)

BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)

BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)

BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)

BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\..\Interfaces\{71B995F2-8017-4977-9F48-9D894D207EBF}: [NameServer]8.8.8.8 8.8.4.4

Chrome:

=======

CHR Extension: (Dokumenty Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-03]

CHR Extension: (Disk Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-03]

CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-03]

CHR Extension: (Vyhledávání Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-03]

CHR Extension: (Kaspersky URL Advisor) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-03-03]

CHR Extension: (Safe Money) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-03-03]

CHR Extension: (Dangerous Websites Blocker) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-03-03]

CHR Extension: (Virtuální klávesnice) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-03-03]

CHR Extension: (Peněženka Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-03]

CHR Extension: (Evernote Web Clipper) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2014-03-11]

CHR Extension: (Gmail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-03]

CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-11-26]

CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-11-26]

CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-11-26]

CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-11-26]

CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-11-26]

==================== Services (Whitelisted) =================

R2 AlipaySecSvc; C:\Program Files (x86)\alipay\alieditplus\AlipaySecSvc.exe [540032 2014-03-07] (Alipay Inc. )

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-11-26] (Kaspersky Lab ZAO)

S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-11] (Intel® Corporation)

R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-14] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-14] (Intel Corporation)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-29] ()

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2014-03-12] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-12] (Microsoft Corporation)

R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-29] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)

S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows ® Win 7 DDK provider)

S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-31] (Intel Corporation)

S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-26] (Intel Corporation)

S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)

R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-03-12] (Microsoft Corporation)

R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-11-26] (Kaspersky Lab ZAO)

S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2013-11-26] (Kaspersky Lab)

S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-03] (Kaspersky Lab ZAO)

R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [624224 2014-03-03] (Kaspersky Lab ZAO)

R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-11-26] (Kaspersky Lab ZAO)

R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-03-03] (Kaspersky Lab ZAO)

R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-11-26] (Kaspersky Lab ZAO)

R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)

R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [64608 2013-11-26] (Kaspersky Lab ZAO)

R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-03-03] (Kaspersky Lab ZAO)

S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)

R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)

S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)

R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-09] (Intel Corporation)

S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)

S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-03-12] (Microsoft Corporation)

S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)

S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2014-03-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-03-13 00:32 - 2014-03-13 00:32 - 00014956 _____ () C:\Users\Martin\Downloads\FRST.txt

2014-03-13 00:31 - 2014-03-13 00:32 - 00000000 ____D () C:\FRST

2014-03-13 00:27 - 2014-03-13 00:28 - 02157056 _____ (Farbar) C:\Users\Martin\Downloads\FRST64.exe

2014-03-13 00:13 - 2014-03-13 00:13 - 00000000 ____D () C:\Program Files\Lenovo

2014-03-13 00:13 - 2014-03-13 00:13 - 00000000 ____D () C:\Program Files\Common Files\Lenovo

2014-03-13 00:13 - 2014-03-13 00:13 - 00000000 ____D () C:\Program Files (x86)\Lenovo

2014-03-13 00:11 - 2012-08-09 16:31 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\WINDOWS\SysWOW64\CSVer.dll

2014-03-13 00:07 - 2012-01-12 13:16 - 00002060 _____ () C:\WINDOWS\system32\Drivers\SamSfPa.dat

2014-03-13 00:06 - 2014-03-13 00:06 - 00002998 _____ () C:\WINDOWS\System32\Tasks\Dolby Selector

2014-03-13 00:06 - 2014-03-13 00:06 - 00000000 ____D () C:\Program Files (x86)\Dolby Advanced Audio v2

2014-03-13 00:06 - 2012-06-08 17:07 - 00201376 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CxAudMsg64.exe

2014-03-13 00:06 - 2011-01-07 12:28 - 00446592 _____ (Conexant Systems, Inc.) C:\WINDOWS\SysWOW64\SASrv.exe

2014-03-13 00:05 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEP64A.dll

2014-03-13 00:05 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\WINDOWS\system32\EED64A.dll

2014-03-13 00:05 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEL64A.dll

2014-03-13 00:05 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEA64A.dll

2014-03-13 00:05 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEG64A.dll

2014-03-12 23:30 - 2014-03-12 23:30 - 00380416 _____ () C:\Users\Martin\Downloads\gvo4tdpt.exe

2014-03-12 22:55 - 2014-03-12 22:57 - 00000000 ____D () C:\Users\Martin\Documents\Tencent Files

2014-03-12 21:10 - 2014-03-12 21:10 - 00000000 ____D () C:\Users\Martin\Downloads\lenovo_thinkpad_edge_e530_windows_8_x64_drivers_full_package

2014-03-12 21:06 - 2014-03-13 00:16 - 00000000 __RDO () C:\Users\Martin\SkyDrive

2014-03-12 20:48 - 2014-03-12 20:48 - 00000000 __SHD () C:\Recovery

2014-03-12 20:48 - 2014-03-12 15:00 - 00000000 ___DC () C:\WINDOWS\Panther

2014-03-12 20:47 - 2014-03-12 20:47 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2014-03-12 20:47 - 2014-03-12 20:47 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2014-03-12 20:47 - 2014-03-12 20:47 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll

2014-03-12 20:47 - 2014-03-12 20:47 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll

2014-03-12 20:47 - 2014-03-12 20:47 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2014-03-12 20:47 - 2014-03-12 20:47 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2014-03-12 20:47 - 2014-03-12 20:47 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll

2014-03-12 20:47 - 2014-03-12 20:47 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll

2014-03-12 20:47 - 2014-03-12 20:47 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll

2014-03-12 20:47 - 2014-03-12 20:47 - 00000000 ____D () C:\Windows.old

2014-03-12 20:46 - 2014-03-12 20:46 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2014-03-12 20:46 - 2014-03-12 20:46 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb

2014-03-12 20:46 - 2014-03-12 20:46 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb

2014-03-12 20:46 - 2014-03-12 20:46 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2014-03-12 20:46 - 2014-03-12 20:46 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2014-03-12 20:46 - 2014-03-12 20:46 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

2014-03-12 20:46 - 2014-03-12 20:46 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe

2014-03-12 20:46 - 2014-03-12 20:46 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe

2014-03-12 20:46 - 2014-03-12 20:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2014-03-12 20:46 - 2014-03-12 20:46 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe

2014-03-12 20:46 - 2014-03-12 20:46 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe

2014-03-12 20:46 - 2014-03-12 20:46 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe

2014-03-12 20:46 - 2014-03-12 20:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe

2014-03-12 20:46 - 2014-03-12 20:46 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll

2014-03-12 20:46 - 2014-03-12 20:46 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe

2014-03-12 20:46 - 2014-03-12 20:46 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe

2014-03-12 20:46 - 2014-03-12 20:46 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll

2014-03-12 20:45 - 2014-03-12 20:45 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2014-03-12 20:45 - 2014-03-12 20:45 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2014-03-12 20:45 - 2014-03-12 20:45 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll

2014-03-12 20:45 - 2014-03-12 20:45 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll

2014-03-12 20:45 - 2014-03-12 20:45 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll

2014-03-12 20:45 - 2014-03-12 20:45 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll

2014-03-12 20:45 - 2014-03-12 20:45 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll

2014-03-12 20:45 - 2014-03-12 20:45 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll

2014-03-12 20:45 - 2014-03-12 20:45 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll

2014-03-12 20:45 - 2014-03-12 20:45 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll

2014-03-12 20:45 - 2014-03-12 20:45 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll

2014-03-12 20:45 - 2014-03-12 20:45 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe

2014-03-12 20:45 - 2014-03-12 20:45 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll

2014-03-12 20:45 - 2014-03-12 20:45 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll

2014-03-12 20:45 - 2014-03-12 20:45 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll

2014-03-12 20:45 - 2014-03-12 20:45 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll

2014-03-12 20:45 - 2014-03-12 20:45 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll

2014-03-12 20:45 - 2014-03-12 20:45 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll

2014-03-12 20:45 - 2014-03-12 20:45 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms

2014-03-12 20:45 - 2014-03-12 20:45 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms

2014-03-12 20:44 - 2014-03-12 20:44 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys

2014-03-12 20:44 - 2014-03-12 20:44 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys

2014-03-12 20:44 - 2014-03-12 20:44 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys

2014-03-12 20:44 - 2014-03-12 20:44 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys

2014-03-12 20:44 - 2014-03-12 20:44 - 00142680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS

2014-03-12 20:44 - 2014-03-12 20:44 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe

2014-03-12 20:44 - 2014-03-12 20:44 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys

2014-03-12 20:44 - 2014-03-12 20:44 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe

2014-03-12 20:44 - 2014-03-12 20:44 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys

2014-03-12 20:44 - 2014-03-12 20:44 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll

2014-03-12 20:44 - 2014-03-12 20:44 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys

2014-03-12 20:43 - 2014-03-12 20:43 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll

2014-03-12 20:43 - 2014-03-12 20:43 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe

2014-03-12 20:43 - 2014-03-12 20:43 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll

2014-03-12 20:43 - 2014-03-12 20:43 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll

2014-03-12 20:43 - 2014-03-12 20:43 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll

2014-03-12 20:43 - 2014-03-12 20:43 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2014-03-12 20:43 - 2014-03-12 20:43 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll

2014-03-12 20:43 - 2014-03-12 20:43 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll

2014-03-12 20:43 - 2014-03-12 20:43 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll

2014-03-12 20:43 - 2014-03-12 20:43 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll

2014-03-12 20:43 - 2014-03-12 20:43 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll

2014-03-12 20:43 - 2014-03-12 20:43 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll

2014-03-12 20:43 - 2014-03-12 20:43 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll

2014-03-12 20:43 - 2014-03-12 20:43 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll

2014-03-12 20:43 - 2014-03-12 20:43 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll

2014-03-12 20:43 - 2014-03-12 20:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll

2014-03-12 20:43 - 2014-03-12 20:43 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll

2014-03-12 20:43 - 2014-03-12 20:43 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll

2014-03-12 20:43 - 2014-03-12 20:43 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll

2014-03-12 20:43 - 2014-03-12 20:43 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe

2014-03-12 20:43 - 2014-03-12 20:43 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll

2014-03-12 20:43 - 2014-03-12 20:43 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe

2014-03-12 20:43 - 2014-03-12 20:43 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll

2014-03-12 20:43 - 2014-03-12 20:43 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml

2014-03-12 20:43 - 2014-03-12 20:43 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll

2014-03-12 20:43 - 2014-03-12 20:43 - 00311640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys

2014-03-12 20:43 - 2014-03-12 20:43 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll

2014-03-12 20:43 - 2014-03-12 20:43 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll

2014-03-12 20:43 - 2014-03-12 20:43 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll

2014-03-12 20:43 - 2014-03-12 20:43 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE

2014-03-12 20:43 - 2014-03-12 20:43 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE

2014-03-12 20:43 - 2014-03-12 20:43 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll

2014-03-12 20:43 - 2014-03-12 20:43 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll

2014-03-12 20:42 - 2014-03-12 20:42 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2014-03-12 20:42 - 2014-03-12 20:42 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2014-03-12 20:42 - 2014-03-12 20:42 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2014-03-12 20:42 - 2014-03-12 20:42 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2014-03-12 20:42 - 2014-03-12 20:42 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll

2014-03-12 20:42 - 2014-03-12 20:42 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2014-03-12 20:42 - 2014-03-12 20:42 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2014-03-12 20:42 - 2014-03-12 20:42 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2014-03-12 20:42 - 2014-03-12 20:42 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll

2014-03-12 20:42 - 2014-03-12 20:42 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll

2014-03-12 20:42 - 2014-03-12 20:42 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2014-03-12 20:42 - 2014-03-12 20:42 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll

2014-03-12 20:42 - 2014-03-12 20:42 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll

2014-03-12 20:42 - 2014-03-12 20:42 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll

2014-03-12 20:42 - 2014-03-12 20:42 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2014-03-12 20:42 - 2014-03-12 20:42 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll

2014-03-12 20:42 - 2014-03-12 20:42 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll

2014-03-12 20:42 - 2014-03-12 20:42 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll

2014-03-12 20:42 - 2014-03-12 20:42 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe

2014-03-12 20:42 - 2014-03-12 20:42 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll

2014-03-12 20:42 - 2014-03-12 20:42 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll

2014-03-12 20:42 - 2014-03-12 20:42 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe

2014-03-12 20:42 - 2014-03-12 20:42 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll

2014-03-12 20:42 - 2014-03-12 20:42 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll

2014-03-12 20:42 - 2014-03-12 20:42 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys

2014-03-12 20:42 - 2014-03-12 20:42 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2014-03-12 20:42 - 2014-03-12 20:42 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll

2014-03-12 20:42 - 2014-03-12 20:42 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll

2014-03-12 20:42 - 2014-03-12 20:42 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll

2014-03-12 20:42 - 2014-03-12 20:42 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS

2014-03-12 20:42 - 2014-03-12 20:42 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll

2014-03-12 20:42 - 2014-03-12 20:42 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll

2014-03-12 20:42 - 2014-03-12 20:42 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll

2014-03-12 20:42 - 2014-03-12 20:42 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll

2014-03-12 20:42 - 2014-03-12 20:42 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll

2014-03-12 20:42 - 2014-03-12 20:42 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll

2014-03-12 20:42 - 2014-03-12 20:42 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll

2014-03-12 20:42 - 2014-03-12 20:42 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe

2014-03-12 20:42 - 2014-03-12 20:42 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll

2014-03-12 20:41 - 2014-03-12 20:41 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2014-03-12 20:41 - 2014-03-12 20:41 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll

2014-03-12 20:41 - 2014-03-12 20:41 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll

2014-03-12 20:41 - 2014-03-12 20:41 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll

2014-03-12 20:41 - 2014-03-12 20:41 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2014-03-12 20:41 - 2014-03-12 20:41 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll

2014-03-12 20:41 - 2014-03-12 20:41 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll

2014-03-12 20:41 - 2014-03-12 20:41 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll

2014-03-12 20:41 - 2014-03-12 20:41 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll

2014-03-12 20:41 - 2014-03-12 20:41 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2014-03-12 20:41 - 2014-03-12 20:41 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe

2014-03-12 20:41 - 2014-03-12 20:41 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi

2014-03-12 20:41 - 2014-03-12 20:41 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe

2014-03-12 20:41 - 2014-03-12 20:41 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe

2014-03-12 20:41 - 2014-03-12 20:41 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2014-03-12 20:41 - 2014-03-12 20:41 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll

2014-03-12 20:41 - 2014-03-12 20:41 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll

2014-03-12 20:41 - 2014-03-12 20:41 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll

2014-03-12 20:41 - 2014-03-12 20:41 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll

2014-03-12 20:41 - 2014-03-12 20:41 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll

2014-03-12 20:41 - 2014-03-12 20:41 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll

2014-03-12 20:41 - 2014-03-12 20:41 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys

2014-03-12 20:41 - 2014-03-12 20:41 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll

2014-03-12 20:41 - 2014-03-12 20:41 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll

2014-03-12 20:41 - 2014-03-12 20:41 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll

2014-03-12 20:41 - 2014-03-12 20:41 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll

2014-03-12 20:41 - 2014-03-12 20:41 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys

2014-03-12 20:41 - 2014-03-12 20:41 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys

2014-03-12 20:41 - 2014-03-12 20:41 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys

2014-03-12 20:41 - 2014-03-12 20:41 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll

2014-03-12 20:41 - 2014-03-12 20:41 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll

2014-03-12 20:40 - 2014-03-12 20:40 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll

2014-03-12 20:40 - 2014-03-12 20:40 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll

2014-03-12 20:40 - 2014-03-12 20:40 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff

2014-03-12 16:22 - 2014-03-12 16:29 - 34082966 _____ () C:\Users\Martin\Downloads\Novicorp WinToFlash 0.8.0009 beta Portable.zip

2014-03-12 15:00 - 2014-03-12 15:00 - 00001438 _____ () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-03-12 14:59 - 2014-03-12 14:59 - 00000020 ___SH () C:\Users\Martin\ntuser.ini

2014-03-12 05:02 - 2014-03-13 00:14 - 00205213 _____ () C:\WINDOWS\WindowsUpdate.log

2014-03-12 05:01 - 2014-03-12 05:01 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat

2014-03-12 04:55 - 2014-03-12 04:55 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate

2014-03-12 04:54 - 2014-03-12 21:06 - 00000000 ____D () C:\Users\Martin

2014-03-12 04:54 - 2014-03-12 05:01 - 00020958 _____ () C:\WINDOWS\diagwrn.xml

2014-03-12 04:54 - 2014-03-12 05:01 - 00020958 _____ () C:\WINDOWS\diagerr.xml

2014-03-12 04:54 - 2014-03-12 04:55 - 00000000 ___RD () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2014-03-12 04:54 - 2014-03-12 04:55 - 00000000 ___RD () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2014-03-12 04:54 - 2013-08-22 23:36 - 00000000 ___RD () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-03-12 04:54 - 2013-08-22 23:36 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2014-03-12 04:51 - 2014-03-13 00:11 - 00000000 ____D () C:\Program Files (x86)\Intel

2014-03-12 04:51 - 2014-03-12 04:51 - 00000264 _____ () C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job

2014-03-12 04:51 - 2014-03-12 04:51 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf

2014-03-12 04:51 - 2014-03-12 04:51 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf

2014-03-12 04:51 - 2014-03-12 04:51 - 00000000 ____D () C:\Program Files\Synaptics

2014-03-12 04:51 - 2014-01-25 02:23 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL

2014-03-12 04:51 - 2014-01-25 02:23 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL

2014-03-12 04:50 - 2014-03-13 00:07 - 00000000 ____D () C:\Program Files\CONEXANT

2014-03-12 04:50 - 2014-03-12 04:55 - 00000000 ____D () C:\Program Files\Intel

2014-03-12 04:30 - 2014-03-12 04:30 - 00000000 ____D () C:\alipay

2014-03-12 04:11 - 2014-03-12 05:01 - 00006530 _____ () C:\WINDOWS\comsetup.log

2014-03-12 01:05 - 2014-03-12 01:09 - 22180353 _____ (Audacity Team ) C:\Users\Martin\Downloads\audacity-win-2.0.5.exe

2014-03-12 01:01 - 2014-03-12 01:25 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Audacity

2014-03-12 00:52 - 2014-03-12 00:56 - 11236618 _____ () C:\Users\Martin\Downloads\lenovo_thinkpad_edge_e530_windows_8_x64_drivers_full_package.zip

2014-03-12 00:45 - 2014-03-12 00:45 - 00000000 ____D () C:\Users\Martin\AppData\Local\alipay

2014-03-11 22:39 - 2014-03-11 22:39 - 00987442 _____ () C:\Users\Martin\Downloads\SecurityCheck.exe

2014-03-11 22:31 - 2014-03-12 01:14 - 00000000 ____D () C:\Program Files (x86)\Audacity

2014-03-11 22:22 - 2014-03-12 04:56 - 00000000 ____D () C:\WINDOWS\SysWOW64\aliedit

2014-03-11 22:22 - 2014-03-11 22:37 - 00000000 ____D () C:\Program Files (x86)\alipay

2014-03-11 22:22 - 2014-03-11 22:25 - 00001078 _____ () C:\Users\Martin\AppData\Roaming\base64.cer

2014-03-09 20:09 - 2014-03-09 20:13 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Crystal Player

2014-03-09 20:09 - 2014-03-09 20:09 - 00000000 ____D () C:\Program Files (x86)\Crystal Player

2014-03-09 20:08 - 2014-03-09 20:08 - 04166950 _____ () C:\Users\Martin\Downloads\CrystalPro.exe

2014-03-09 17:16 - 2014-03-09 17:16 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf

2014-03-09 17:06 - 2014-03-09 17:06 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf

2014-03-09 03:33 - 2014-03-09 03:33 - 00000000 ____D () C:\Users\Martin\AppData\Local\Conexant

2014-03-09 02:42 - 2014-03-09 02:42 - 00000000 ____H () C:\ProgramData\DP45977C.lfl

2014-03-09 02:41 - 2014-03-12 23:56 - 00000000 ____D () C:\ProgramData\Conexant

2014-03-09 02:40 - 2012-09-20 14:11 - 01609376 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\Drivers\CHDRT64.sys

2014-03-09 02:40 - 2012-09-12 11:35 - 02535520 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll

2014-03-09 02:40 - 2012-08-08 13:12 - 01780896 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64AP74.dll

2014-03-09 02:40 - 2012-06-29 13:04 - 00050848 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CxPageMaster64.dll

2014-03-09 02:40 - 2012-03-20 03:48 - 00568960 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\UCI64A89.dll

2014-03-09 02:40 - 2012-01-16 10:42 - 00666240 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\C3DHPExt64.dll

2014-03-09 02:40 - 2011-01-18 11:35 - 00030893 _____ () C:\WINDOWS\system32\Drivers\Mixer.ini

2014-03-09 02:33 - 2014-03-09 02:39 - 86614568 _____ (Lenovo Group Limited ) C:\Users\Martin\Downloads\h0ac09ww.exe

2014-03-09 01:48 - 2014-03-12 01:48 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Skype

2014-03-09 01:48 - 2014-03-09 14:35 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk

2014-03-09 01:48 - 2014-03-09 14:35 - 00000000 ____D () C:\ProgramData\Skype

2014-03-09 01:48 - 2014-03-09 01:48 - 00000000 ___RD () C:\Program Files (x86)\Skype

2014-03-09 01:48 - 2014-03-09 01:48 - 00000000 ____D () C:\Users\Martin\AppData\Local\Skype

2014-03-09 01:45 - 2014-03-09 01:47 - 34820256 _____ (Skype Technologies S.A.) C:\Users\Martin\Downloads\SkypeSetupFull.exe

2014-03-06 21:19 - 2014-03-06 21:19 - 00000000 ____D () C:\Users\Martin\AppData\Local\Evernote

2014-03-06 21:18 - 2014-03-06 21:18 - 00000000 ____D () C:\Program Files (x86)\Evernote

2014-03-06 21:10 - 2014-03-06 21:15 - 83157856 _____ (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Users\Martin\Downloads\Evernote_5.2.0.2946.exe

2014-03-04 18:47 - 2014-03-04 18:47 - 00000000 _____ () C:\Users\Martin\agent.log

2014-03-03 23:14 - 2014-03-03 23:14 - 00002049 _____ () C:\Users\Public\Desktop\Tencent QQ.lnk

2014-03-03 23:14 - 2014-03-03 23:14 - 00000000 ____D () C:\Users\Public\Documents\Tencent

2014-03-03 23:14 - 2014-03-03 23:14 - 00000000 ____D () C:\Program Files (x86)\Tencent

2014-03-03 23:13 - 2014-03-12 22:56 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Tencent

2014-03-03 23:13 - 2009-02-18 14:51 - 00018760 _____ () C:\WINDOWS\SysWOW64\QQVistaHelper.dll

2014-03-03 22:38 - 2014-03-03 22:38 - 00001321 _____ () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security.lnk

2014-03-03 22:23 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll

2014-03-03 22:22 - 2014-03-13 00:15 - 00000000 ____D () C:\ProgramData\Kaspersky Lab

2014-03-03 22:22 - 2014-03-03 22:46 - 00624224 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klif.sys

2014-03-03 22:22 - 2014-03-03 22:45 - 00115296 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klflt.sys

2014-03-03 22:22 - 2014-03-03 22:22 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab

2014-03-03 22:09 - 2014-03-03 22:09 - 00000000 ____D () C:\Users\Martin\AppData\Local\GHISLER

2014-03-03 22:06 - 2014-03-03 22:06 - 00065232 _____ (Malwarebytes) C:\Users\Martin\Downloads\regassassin-setup-1.03.exe

2014-03-03 22:05 - 2014-03-03 22:06 - 01440846 _____ () C:\Users\Martin\Downloads\mbam-chameleon-1.62.1.1000.zip

2014-03-03 21:56 - 2014-03-13 00:16 - 00000964 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2014-03-03 21:56 - 2014-03-13 00:01 - 00000968 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2014-03-03 21:56 - 2014-03-03 21:56 - 00003940 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2014-03-03 21:56 - 2014-03-03 21:56 - 00003704 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2014-03-03 21:52 - 2014-03-03 21:52 - 00000291 _____ () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Computer.lnk

2014-03-03 21:51 - 2014-03-03 22:08 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Martin\Downloads\mbam-setup-1-75-0-1300.exe

2014-03-03 21:47 - 2014-03-03 21:47 - 00733432 _____ () C:\Users\Martin\Downloads\chrome-lista-centrumcz-pro-internet-explorer.exe

2014-03-03 21:45 - 2014-03-03 22:16 - 232061760 _____ (Kaspersky Lab) C:\Users\Martin\Downloads\kis14.0.0.4651en_5449_trial.exe

2014-03-03 21:28 - 2014-03-03 22:12 - 00000000 ____D () C:\Program Files (x86)\Google

2014-03-03 21:28 - 2014-03-03 21:40 - 00000000 ____D () C:\Users\Martin\AppData\Local\Google

2014-03-03 21:07 - 2014-03-03 21:53 - 414810493 _____ () C:\Users\Martin\Downloads\NORSKO.ZIP

2014-03-03 20:06 - 2014-03-03 22:07 - 00000000 ____D () C:\totalcmd

2014-03-03 20:06 - 2014-03-03 20:06 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\GHISLER

2014-03-03 20:02 - 2014-03-03 20:03 - 04605952 _____ (Ghisler Software GmbH) C:\Users\Martin\Downloads\tcm850x64.exe

2014-03-03 19:40 - 2014-03-03 19:40 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Macromedia

2014-03-03 19:36 - 2014-03-13 00:20 - 00003592 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1901417010-66602696-720837262-1001

2014-03-03 19:30 - 2014-03-12 22:57 - 00000000 ____D () C:\Users\Martin\AppData\Local\VirtualStore

2014-03-03 19:30 - 2014-03-12 15:01 - 00000000 ____D () C:\Users\Martin\AppData\Local\Packages

2014-03-03 19:30 - 2014-03-12 15:00 - 00000000 ___RD () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-03-03 19:30 - 2014-03-12 15:00 - 00000000 ___RD () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2014-03-03 19:30 - 2014-03-03 19:30 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Intel

2014-03-03 19:30 - 2014-03-03 19:30 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Adobe

Holistr · March 12, 2014

==================== One Month Modified Files and Folders =======

2014-03-13 00:32 - 2014-03-13 00:32 - 00014956 _____ () C:\Users\Martin\Downloads\FRST.txt

2014-03-13 00:32 - 2014-03-13 00:31 - 00000000 ____D () C:\FRST

2014-03-13 00:28 - 2014-03-13 00:27 - 02157056 _____ (Farbar) C:\Users\Martin\Downloads\FRST64.exe

2014-03-13 00:21 - 2013-11-14 15:28 - 00818732 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2014-03-13 00:20 - 2014-03-03 19:36 - 00003592 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1901417010-66602696-720837262-1001

2014-03-13 00:16 - 2014-03-12 21:06 - 00000000 __RDO () C:\Users\Martin\SkyDrive

2014-03-13 00:16 - 2014-03-03 21:56 - 00000964 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2014-03-13 00:15 - 2014-03-03 22:22 - 00000000 ____D () C:\ProgramData\Kaspersky Lab

2014-03-13 00:14 - 2014-03-12 05:02 - 00205213 _____ () C:\WINDOWS\WindowsUpdate.log

2014-03-13 00:14 - 2013-08-22 22:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2014-03-13 00:14 - 2013-08-22 21:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI

2014-03-13 00:13 - 2014-03-13 00:13 - 00000000 ____D () C:\Program Files\Lenovo

2014-03-13 00:13 - 2014-03-13 00:13 - 00000000 ____D () C:\Program Files\Common Files\Lenovo

2014-03-13 00:13 - 2014-03-13 00:13 - 00000000 ____D () C:\Program Files (x86)\Lenovo

2014-03-13 00:11 - 2014-03-12 04:51 - 00000000 ____D () C:\Program Files (x86)\Intel

2014-03-13 00:07 - 2014-03-12 04:50 - 00000000 ____D () C:\Program Files\CONEXANT

2014-03-13 00:06 - 2014-03-13 00:06 - 00002998 _____ () C:\WINDOWS\System32\Tasks\Dolby Selector

2014-03-13 00:06 - 2014-03-13 00:06 - 00000000 ____D () C:\Program Files (x86)\Dolby Advanced Audio v2

2014-03-13 00:05 - 2013-08-22 22:46 - 00285001 _____ () C:\WINDOWS\setupact.log

2014-03-13 00:01 - 2014-03-03 21:56 - 00000968 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2014-03-13 00:00 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\system32\sru

2014-03-12 23:57 - 2013-11-14 15:20 - 00004136 _____ () C:\WINDOWS\PFRO.log

2014-03-12 23:56 - 2014-03-09 02:41 - 00000000 ____D () C:\ProgramData\Conexant

2014-03-12 23:30 - 2014-03-12 23:30 - 00380416 _____ () C:\Users\Martin\Downloads\gvo4tdpt.exe

2014-03-12 23:30 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\tracing

2014-03-12 22:57 - 2014-03-12 22:55 - 00000000 ____D () C:\Users\Martin\Documents\Tencent Files

2014-03-12 22:57 - 2014-03-03 19:30 - 00000000 ____D () C:\Users\Martin\AppData\Local\VirtualStore

2014-03-12 22:56 - 2014-03-03 23:13 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Tencent

2014-03-12 21:10 - 2014-03-12 21:10 - 00000000 ____D () C:\Users\Martin\Downloads\lenovo_thinkpad_edge_e530_windows_8_x64_drivers_full_package

2014-03-12 21:06 - 2014-03-12 04:54 - 00000000 ____D () C:\Users\Martin