Jump to content

Recommended Posts

All,

 

I got a notification from Windows Defender that somehow I got infected with Malware-win32/Caphaw. I downloaded Malwarebytes and ran a scan, and was shown the following items, which were quarantined (please see the attached screenshot)

 

Are these ok to delete?

 

Thank you!

post-172115-0-98904900-1409167515_thumb.

Link to post
Share on other sites

Hi, Yes, it's OK to delete them, however we sould check your machine for any other malicious things.


 

Minion%20Welcome.jpg


My name's Naathim and I'm a GeekU Minion! Now that we are mates and will be working together to clean your machine out of any junkware, feel free to call me Naat :)

Before we start please note the following:

  • Analysis and research take some time, also sometimes real life gets in the way, please be patient.
  • Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Paste the logs in your posts, attachments make my work harder and more complicated.
  • Stay with me to the end, the absence of symtoms doesn't mean that your machine is fully operational.
  • Note that we may live in totally different time zones, what may cause some delays between answers.

I can't foresee everything, so if anything unexpected happens, please stop and inform me!
There are no silly questions. Never be afraid to ask if in doubt!

Let's start and enjoy the fight! :)



warning.gif Rules and policies

We won't support any piracy.
That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!
The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!

Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.






51a46ae42d560-malwarebytes_anti_malware. Scan with Malwarebytes' Anti-Malware

Please download and install Malwarebytes Anti-Malware, or re-run it if you already have it installed.
  • First of all select update.
  • Once updated, click the Settings tab, in the left panel choose Detctions & protection and tick Scan for rootkits.
  • Click the Scan tab, choose Threat Scan is checked and click Scan Now.
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • At the bottom click Export and choose Text file.

Save the file to your desktop and include its content in your next reply.



51a612a8b27e2-Zoek.png Scan with ZOEK
Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    createsrpoint;process;services-list;systemspecs;startupall;skipfix-iedefaults;firefoxlook;chromelook;filesrcm;installedprogs;
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Please include its content in your next reply.
Don't forget to re-enable your switched-off protection software!

Link to post
Share on other sites

Naathim,

 

Thank you for the quick response! Below is the output you requested...

 

MalwareBytes Output:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 8/26/2014
Scan Time: 11:29:08 PM
Logfile: MB Scan Log.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.08.27.01
Rootkit Database: v2014.08.21.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8
CPU: x64
File System: NTFS
User: Chris

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 312215
Time Elapsed: 16 min, 22 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 2
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-2008387046-3269437854-4107736601-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, Quarantined, [9207874204774cea37599ad922e0f10f],
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{9d5747ee-0448-4681-8337-1555de75a3b6}Gw64, Quarantined, [52476c5d94e7fe38c14d925dad5545bb],

Registry Values: 0
(No malicious items detected)

Registry Data: 1
PUP.Optional.Trovi.A, HKU\S-1-5-21-2008387046-3269437854-4107736601-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.trovi.com/?gd=&ctid=CT3330390&octid=EB_ORIGINAL_CTID&ISID=M2C3B3F69-7305-4925-9AAF-CC7472BC813B&SearchSource=55&CUI=&UM=6&UP=SPBAEA2E08-8C75-4C18-9BE4-DAD17388A0C4&SSPV=, Good: (www.google.com), Bad: (http://www.trovi.com/?gd=&ctid=CT3330390&octid=EB_ORIGINAL_CTID&ISID=M2C3B3F69-7305-4925-9AAF-CC7472BC813B&SearchSource=55&CUI=&UM=6&UP=SPBAEA2E08-8C75-4C18-9BE4-DAD17388A0C4&SSPV=),Replaced,[69300ebbd9a2d660bb9527afa75de719]

Folders: 2
PUP.Optional.Extutil.A, C:\Users\Chris\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B, Quarantined, [6b2ef9d0e893e74f560208d0f50d9070],
PUP.Optional.Managera.A, C:\Users\Chris\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42, Quarantined, [14852e9b1368f1457ddc15c3837fc739],

Files: 18
PUP.Optional.Sanbreel.A, C:\Windows\System32\Drivers\{9d5747ee-0448-4681-8337-1555de75a3b6}Gw64.sys, Delete-on-Reboot, [28b67ec9b0b29afb3feacf6c937f256a],
PUP.Optional.OptimunInstaller, C:\$Recycle.Bin\S-1-5-21-2008387046-3269437854-4107736601-1001\$RXCXKV2.exe, Quarantined, [e2b7e9e0b9c212249544a4a5c33de61a],
PUP.Optional.Conduit.A, C:\Users\Chris\AppData\Local\Temp\nsf729D.exe, Quarantined, [0396facf22590c2aa63fc3cbad544ab6],
PUP.Optional.Conduit.A, C:\Users\Chris\AppData\Local\Temp\nsr431D.exe, Quarantined, [d2c70ebbea91e0565194d6b839c8d828],
PUP.Optional.Conduit.A, C:\Users\Chris\AppData\Local\Temp\nss4679.exe, Quarantined, [aced6b5e5922979f4c994b4350b130d0],
PUP.Optional.Conduit.A, C:\Users\Chris\AppData\Local\Temp\nst381F.exe, Quarantined, [21783e8b54274cea95502866fb06b947],
PUP.Optional.Conduit.A, C:\Users\Chris\AppData\Local\Temp\nsw7609.exe, Quarantined, [673205c436453303af365f2f42bf35cb],
PUP.Optional.BetterDeals.A, C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.betterdeals00.betterdeals.co_0.localstorage, Quarantined, [4d4c63662f4c61d56f3ff8031ee4629e],
PUP.Optional.BetterDeals.A, C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.betterdeals00.betterdeals.co_0.localstorage-journal, Quarantined, [564308c14338eb4b00ae718a03ff5fa1],
PUP.Optional.Superfish.A, C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Quarantined, [3c5d5376a2d94ee83dabac54fe0522de],
PUP.Optional.Superfish.A, C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, Quarantined, [fd9c3e8b93e8f93dc226b14ff01343bd],
PUP.Optional.Extutil.A, C:\Users\Chris\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\bk.js, Quarantined, [6b2ef9d0e893e74f560208d0f50d9070],
PUP.Optional.Extutil.A, C:\Users\Chris\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\cs.js, Quarantined, [6b2ef9d0e893e74f560208d0f50d9070],
PUP.Optional.Extutil.A, C:\Users\Chris\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\manifest.json, Quarantined, [6b2ef9d0e893e74f560208d0f50d9070],
PUP.Optional.Managera.A, C:\Users\Chris\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\cs.js, Quarantined, [14852e9b1368f1457ddc15c3837fc739],
PUP.Optional.Managera.A, C:\Users\Chris\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\manifest.json, Quarantined, [14852e9b1368f1457ddc15c3837fc739],
PUP.Optional.Conduit, C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "suggest_url": "http://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}",), Replaced,[891099303b40ab8b9a27c64bb74e738d]
PUP.Optional.Trovi.A, C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "startup_urls": [ "http://www.trovi.com/?gd=&ctid=CT3330390&octid=EB_ORIGINAL_CTID&ISID=M2C3B3F69-7305-4925-9AAF-CC7472BC813B&SearchSource=55&CUI=&UM=6&UP=SPBAEA2E08-8C75-4C18-9BE4-DAD17388A0C4&SSPV=" ],), Replaced,[5148c603e19a1a1c53fc779b2cd9cc34]

Physical Sectors: 0
(No malicious items detected)


(end)

 

Zoek Output:

 

oek.exe v5.0.0.0 Updated 27-08-2014
Tool run by Chris on Thu 08/28/2014 at 11:26:10.83.
Microsoft Windows 8 Pro 6.2.9200  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Chris\Downloads\zoek.exe [scan all users] [script inserted]

==== Older Logs ======================

C:\zoek-results2014-08-28-152226.log    63611 bytes

==== System Restore Info ======================

8/28/2014 11:27:38 AM Zoek.exe System Restore Point Created Succesfully.

==== Installed Programs ======================

 PowerDVD Create 10  
64 Bit HP CIO Components Installer  
Absolute Reminder  
Adobe AIR  
Adobe Reader XI (11.0.08)  
Bonjour  
Bonjour Print Services  
Conexant HD Audio  
CyberLink Power2Go 7  
CyberLink PowerDVD 10  
CyberLink PowerProducer 5.5  
GIMP 2.8.14  
Integrated Camera  
Intel AppUp® center  
Intel® Control Center  
Intel® Management Engine Components  
Intel® PRO/Wireless Driver  
Intel® Processor Graphics  
Intel® PROSet/Wireless for Bluetooth® + High Speed  
Intel® PROSet/Wireless Software for Bluetooth® Technology  
Intel® SDK for OpenCL - CPU Only Runtime Package  
Intel® Update Manager  
Intel® WiDi  
Intelr PROSet/Wireless Software  
Intelr PROSet/Wireless WiFi Software  
Intelr Trusted Connect Service Client  
Lenovo Auto Scroll Utility  
Lenovo Dependency Package  
Lenovo Fingerprint Manager  
Lenovo Patch Utility  
Lenovo Patch Utility 64 bit  
Lenovo Power Management Driver  
Lenovo Settings - Camera Audio  
Lenovo Settings - Location Awareness  
Lenovo Settings - Power  
Lenovo Settings Dependency Package  
Lenovo Settings Mobile Hotspot  
Lenovo Solution Center  
Lenovo Solutions for Small Business  
Lenovo Solutions for Small Business Customizations  
Lenovo System Update  
Lenovo User Guide  
Lenovo Warranty Information  
Malwarebytes Anti-Malware version 2.0.2.1012  
Microsoft Office Home and Business 2013 - en-us  
Microsoft SkyDrive  
Microsoft Visual C++ 2005 Redistributable  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219  
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219  
Mozilla Firefox 31.0 (x86 en-US)  
Mozilla Maintenance Service  
Nitro Pro 8  
Office 15 Click-to-Run Extensibility Component  
Office 15 Click-to-Run Licensing Component  
Office 15 Click-to-Run Localization Component  
On Screen Display  
PowerDVD Create  
RapidBoot HDD Accelerator  
Realtek Card Reader  
Realtek Ethernet Controller Driver  
SugarSync Manager  
ThinkPad Hotkey Features Integration Setup  
ThinkPad UltraNav Driver  
ThinkVantage Active Protection System  
WaveEditor  
WD My Cloud  
Windows Driver Package - Intel Corporation (iaStorA) HDC  (09/01/2012 11.6.0.1030)  
Windows Driver Package - Lenovo 1.66.00.22 (11/30/2012 1.66.00.22)  

==== Running Processes ======================

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\windows\SysWOW64\NLSSRV32.EXE
C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
C:\windows\SysWOW64\SAsrv.exe
C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
C:\Program Files\Lenovo\Communications Utility\CamMute.exe
C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\USB Camera\VM331STI.EXE
C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
C:\Program Files\Lenovo\Communications Utility\vcamsvchlpr.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXE
C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Chris\Downloads\zoek.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\SysWOW64\cmd.exe

==== Services (whitelist) ======================
Powered by E Dev

R2 - [AdobeARMservice] - Adobe Acrobat Update Service - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
R2 - [AMPPALR3] - Intel® Centrino® Wireless Bluetooth® + High Speed Service - "C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
R2 - [bluetooth Device Monitor] - Bluetooth Device Monitor - "C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
R2 - [bluetooth OBEX Service] - Bluetooth OBEX Service - "C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
R2 - [bonjour Service] - Bonjour Service - "C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
R2 - [bTHSSecurityMgr] - Intel® Centrino® Wireless Bluetooth® + High Speed Security Service - "C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
R2 - [ClickToRunSvc] - Microsoft Office ClickToRun Service - "C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
R2 - [CxAudMsg] - Conexant Audio Message Service - C:\windows\system32\CxAudMsg64.exe
R2 - [EvtEng] - Intel® PROSet/Wireless Event Log - "C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
R2 - [FastbootService] - FastbootService - "C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe"
R2 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
R2 - [intel® Capability Licensing Service Interface] - Intel® Capability Licensing Service Interface - "C:\Program Files\Intel\iCLS Client\HeciServer.exe"
R2 - [intel® ME Service] - Intel® ME Service - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
R2 - [jhi_service] - Intel® Dynamic Application Loader Host Interface Service - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
R2 - [Lenovo QuickSnip Service] - Lenovo QuickSnip Service - C:\Program Files\lenovo\QuickSnipService\QuickSnipService.exe
R2 - [Lenovo Settings Service] - Lenovo Settings Service - "C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe"
R2 - [Lenovo System Agent Service] - Lenovo System Agent Service - "C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe"
R2 - [LENOVO.MICMUTE] - Lenovo Microphone Mute - "C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe"
R2 - [Lenovo.VIRTSCRLSVC] - Lenovo Auto Scroll - "C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe"
R2 - [LMS] - Intel® Management and Security Application Local Management Service - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
R2 - [LnvHotSpotSvc] - LnvMHService - "C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe"
R2 - [LocationTaskManager] - Location Task Manager - "C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe"
R2 - [MBAMScheduler] - MBAMScheduler - "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
R2 - [MBAMService] - MBAMService - "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
R2 - [nlsX86cc] - Nalpeiron Licensing Service - C:\windows\SysWOW64\NLSSRV32.EXE
R2 - [Power Manager DBC Service] - Lenovo Settings Power Service - "C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE"
R2 - [RegSrvc] - Intel® PROSet/Wireless Registry Service - "C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
R2 - [sAService] - Conexant SmartAudio service - C:\windows\system32\SAsrv.exe
R2 - [TPHKLOAD] - Lenovo Hotkey Client Loader - "C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
R2 - [uNS] - Intel® Management and Security Application User Notification Service - "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"
R2 - [ValBioService] - ValBioService - "C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe"
R2 - [valWBFPolicyService] - Validity WBF Policy Service - C:\windows\system32\valWBFPolicyService.exe
R2 - [WSearch] - Windows Search - C:\windows\system32\SearchIndexer.exe /Embedding
R2 - [ZeroConfigService] - Intel® PROSet/Wireless Zero Configuration Service - "C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
R3 - [AVControlCenter] - AVControlCenter - "C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe"
R3 - [LENOVO.CAMMUTE] - Lenovo AVFramework Camera Privacy Controller - "C:\Program Files\Lenovo\Communications Utility\CamMute.exe"
R3 - [LENOVO.TPKNRSVC] - Lenovo AVFramework Microphone Volume Controller and Dolby Interface - "C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe"
R3 - [LENOVO.TVTVCAM] - Lenovo AVFramework Virtual Camera Controller Service - "C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe"
R3 - [VSS] - Volume Shadow Copy - C:\windows\system32\vssvc.exe
S2 - [sppsvc] - Software Protection - C:\windows\system32\sppsvc.exe
S2 - [TrustedInstaller] - Windows Modules Installer - C:\windows\servicing\TrustedInstaller.exe
S3 - [ALG] - Application Layer Gateway Service - C:\windows\System32\alg.exe
S3 - [COMSysApp] - COM+ System Application - C:\windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
S3 - [cphs] - Intel® Content Protection HECI Service - C:\windows\SysWow64\IntelCpHeciSvc.exe
S3 - [Fax] - Fax - C:\windows\system32\fxssvc.exe
S3 - [intelsba] - Intel® Small Business Advantage - "C:\Program Files\Intel\Intel® Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe"
S3 - [LSCWinService] - LSCWinService - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
S3 - [MozillaMaintenance] - Mozilla Maintenance Service - "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe"
S3 - [MSDTC] - Distributed Transaction Coordinator - C:\windows\System32\msdtc.exe
S3 - [msiserver] - Windows Installer - C:\windows\system32\msiexec.exe /V
S3 - [MyWiFiDHCPDNS] - Wireless PAN DHCP Server - "C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe"
S3 - [ose] - Office  Source Engine - "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
S3 - [PerfHost] - Performance Counter DLL Host - C:\windows\SysWow64\perfhost.exe
S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - C:\windows\system32\locator.exe
S3 - [sNMPTRAP] - SNMP Trap - C:\windows\System32\snmptrap.exe
S3 - [sUService] - System Update - "C:\Program Files (x86)\Lenovo\System Update\SUService.exe"
S3 - [TPHDEXLGSVC] - ThinkPad HDD APS Logging Service - System32\TPHDEXLG64.exe
S3 - [vds] - Virtual Disk - C:\windows\System32\vds.exe
S3 - [wbengine] - Block Level Backup Engine Service - "C:\windows\system32\wbengine.exe"
S3 - [WinDefend] - Windows Defender Service - "C:\Program Files\Windows Defender\MsMpEng.exe"
S3 - [wmiApSrv] - WMI Performance Adapter - C:\windows\system32\wbem\WmiApSrv.exe
S3 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - "C:\Program Files\Windows Media Player\wmpnetwk.exe"

==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 3914 MB
CPU Info: Intel® Core i5-3230M CPU @ 2.60GHz
CPU Speed: 2668.9 MHz
Sound Card: Speakers (Conexant 20671 SmartA |
Display Adapters: Intel® HD Graphics 4000 | Intel® HD Graphics 4000 | Intel® HD Graphics 4000
Monitors: 2x; ThinkPad Display 1366x768 | 2060L |
Screen Resolution: 1366 X 768 - 32 bit
Network: Network Present
Network Adapters: Microsoft Hosted Network Virtual Adapter | Microsoft Wi-Fi Direct Virtual Adapter | Bluetooth Device (Personal Area Network) | Realtek PCIe GBE Family Controller | Intel® Centrino® Wireless-N 2230
CD / DVD Drives: No optical drives found.
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C:  451.3GB
Hard Disks - Free: C:  412.7GB
Manufacturer *: LENOVO
BIOS Info: AT/AT COMPATIBLE |  | LENOVO - 1140
Time Zone: Eastern Standard Time
Motherboard *: LENOVO 68862XU
Country: United States
Language: ENU

==== System Specs (Software) ======================

Anti-Virus: Windows Defender On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Default Browser: Firefox    31.0
Internet Explorer Version: 10.0.9200.17054
Mozilla Firefox version: 31.0 (x86 en-US)
Adobe Reader version: 11.0.8.4

==== Files Recently Created / Modified ======================

====== C:\windows ====
====== C:\Users\Chris\AppData\Local\Temp ====
2014-08-26 18:50:32    40395C175553CB14D2050888EFCCDF00    4961800    ----a-w-    C:\Users\Chris\AppData\Local\Temp\vcredist_x64.exe
2014-08-26 18:50:29    1F08DDF5ADD3F28BB879EA37F507CC24    5556040    ----a-w-    C:\Users\Chris\AppData\Local\Temp\CloudBackup5920.exe
2014-08-26 18:50:05    9C1C08F606BE4A289A5787D04613FBA5    98304    ----a-w-    C:\Users\Chris\AppData\Local\Temp\post2.exe
2014-08-26 18:50:05    1D29077ECB9D636907929622A9CFB23F    390144    ----a-w-    C:\Users\Chris\AppData\Local\Temp\post1.exe
2014-08-26 18:50:05    08ED039D0147A5DCD84DB43721569C77    86528    ----a-w-    C:\Users\Chris\AppData\Local\Temp\post2.dll
====== Java Cache =====
====== C:\windows\SysWOW64 =====
2014-08-25 18:12:44    BC587C9D241C638A825B4D55BF91BAFA    86528    ----a-w-    C:\windows\SysWOW64\wudriver.dll
2014-08-25 18:12:39    9C8920D4E47E3591203739E051248E42    629248    ----a-w-    C:\windows\SysWOW64\wuapi.dll
2014-08-25 18:12:33    7285D8DF13AA1F2BBDF8BE0C3FB65AF4    128000    ----a-w-    C:\windows\SysWOW64\wuwebv.dll
2014-08-25 18:12:33    0AA8927C7DAE50EBDBFD9D5523A21020    35328    ----a-w-    C:\windows\SysWOW64\wuapp.exe
2014-08-15 13:35:55    38045850ACB96313A1983A8803302906    35480    ----a-w-    C:\windows\SysWOW64\TsWpfWrp.exe
2014-08-15 13:01:43    9C464C1D692BADC68A56F103B228B9D9    1023488    ----a-w-    C:\windows\SysWOW64\gdi32.dll
2014-08-15 13:01:25    59519C658518AA899B76AEEFA7719112    14371328    ----a-w-    C:\windows\SysWOW64\mshtml.dll
2014-08-15 13:01:22    DDB6F474132BDF69835C2EA520C27727    13757440    ----a-w-    C:\windows\SysWOW64\ieframe.dll
2014-08-15 13:01:22    7672B85494FCB5349DC6CACA32E87F9C    2054656    ----a-w-    C:\windows\SysWOW64\iertutil.dll
2014-08-15 13:01:21    791868870510413B81F7FFD62912B883    2861568    ----a-w-    C:\windows\SysWOW64\jscript9.dll
2014-08-15 13:01:21    2046CAAF97A0FB7D7F7A799A320C9266    1180672    ----a-w-    C:\windows\SysWOW64\urlmon.dll
2014-08-15 13:01:20    7951C75E6B680204BD624A0C3CE2C573    1766400    ----a-w-    C:\windows\SysWOW64\wininet.dll
2014-08-15 13:01:19    F9A7AF5CEB19DC16C093D7D3C95997A8    1440768    ----a-w-    C:\windows\SysWOW64\inetcpl.cpl
2014-08-15 13:01:19    02389BD2FA7CBAB52BFB5BDA68782043    357888    ----a-w-    C:\windows\SysWOW64\dxtmsft.dll
2014-08-15 13:01:18    C582896705A6EA678D874FDFE49E5AD8    44032    ----a-w-    C:\windows\SysWOW64\UXInit.dll
2014-08-15 13:01:18    BE7707F5514A414DB7B2639A7A00A410    226816    ----a-w-    C:\windows\SysWOW64\iedkcs32.dll
2014-08-15 13:01:18    5C37961676E91B41E42360CB355707FA    493056    ----a-w-    C:\windows\SysWOW64\msfeeds.dll
2014-08-15 13:01:18    44EB410A565D7DD5910C2AC9D7AD6A58    80384    ----a-w-    C:\windows\SysWOW64\mshtmled.dll
2014-08-15 13:01:18    3DE90B458BC31E029A7009F51F4B0F6A    690688    ----a-w-    C:\windows\SysWOW64\jscript.dll
2014-08-15 13:01:18    30D7BFA0009C4D2ACFFEEBB2F5663CAB    163840    ----a-w-    C:\windows\SysWOW64\msrating.dll
2014-08-15 13:01:18    1DD42CA0D3338A1A97DFFBC2DA05333D    226816    ----a-w-    C:\windows\SysWOW64\dxtrans.dll
2014-08-15 13:01:18    0424E6D3747B6269963D4671040663A2    109056    ----a-w-    C:\windows\SysWOW64\iesysprep.dll
2014-08-15 13:01:17    DC7056A6F354D67916BE4AEA79D9C24C    534528    ----a-w-    C:\windows\SysWOW64\uxtheme.dll
2014-08-15 13:01:17    BDF3562108CF3EB71D50B3E47BB53717    39936    ----a-w-    C:\windows\SysWOW64\jsproxy.dll
2014-08-15 13:01:17    B02AF4F75B3280E10468A7E1698DDCD1    2706432    ----a-w-    C:\windows\SysWOW64\mshtml.tlb
2014-08-15 13:01:17    9679A6F7708D6C894B1817EFEB62351F    33280    ----a-w-    C:\windows\SysWOW64\iernonce.dll
2014-08-15 13:01:17    6FE26E630593A71C2AF4F7222A6F7239    61440    ----a-w-    C:\windows\SysWOW64\iesetup.dll
2014-08-15 13:01:09    A1E0D8F0F686C402B1F398227A4FDD05    8857600    ----a-w-    C:\windows\SysWOW64\twinui.dll
2014-08-15 13:01:08    CD4AD60802EE2C6E6506018D42FE5236    2416128    ----a-w-    C:\windows\SysWOW64\msi.dll
2014-08-15 13:01:07    CF11DC5D87D5FBF3EB2CDE3FC5580873    2037760    ----a-w-    C:\windows\SysWOW64\authui.dll
2014-08-15 13:01:07    05B751A750FF7CD2164A1671AC65D23C    754176    ----a-w-    C:\windows\SysWOW64\actxprxy.dll
2014-08-15 13:01:06    FC55D667EDC08B5D4157536A3F6C2641    295424    ----a-w-    C:\windows\SysWOW64\msihnd.dll
2014-08-15 13:01:02    7C57257903BBE73B2DBBC6E7104EB867    694272    ----a-w-    C:\windows\SysWOW64\rpcrt4.dll
====== C:\windows\SysWOW64\drivers =====
====== C:\windows\Sysnative =====
2014-08-25 18:12:44    2762E48274640A6E8F17CACF49AA8DF0    100352    ----a-w-    C:\windows\Sysnative\wudriver.dll
2014-08-25 18:12:44    07DE21A44C96710A2696CAC2D60942FC    176640    ----a-w-    C:\windows\Sysnative\storewuauth.dll
2014-08-25 18:12:41    C7D91C7FF92B935FBEB1285DF720AE89    253440    ----a-w-    C:\windows\Sysnative\WUSettingsProvider.dll
2014-08-25 18:12:41    7B0A0BE4B067C9CC4898CFFC30BAD425    59416    ----a-w-    C:\windows\Sysnative\wuauclt.exe
2014-08-25 18:12:39    F2463B2E9818D242B4F72B237E9BD545    3286528    ----a-w-    C:\windows\Sysnative\wuaueng.dll
2014-08-25 18:12:39    B9E015C3C45556C39AD9A3F1C0F73639    1623040    ----a-w-    C:\windows\Sysnative\wucltux.dll
2014-08-25 18:12:39    3B61E09694F82333A4A0609714469E1E    773632    ----a-w-    C:\windows\Sysnative\wuapi.dll
2014-08-25 18:12:33    E07104ADA4972888FC2FADAC22CE4591    40448    ----a-w-    C:\windows\Sysnative\wuapp.exe
2014-08-25 18:12:33    56BCA2F14F696FBB619D042770859D7B    144384    ----a-w-    C:\windows\Sysnative\wuwebv.dll
2014-08-15 13:35:55    6DBE73C09215E281F4283641144110A5    35480    ----a-w-    C:\windows\Sysnative\TsWpfWrp.exe
2014-08-15 13:01:44    CC5B978B9A7EBFF2BB154A816554F51C    199680    ----a-w-    C:\windows\Sysnative\cdd.dll
2014-08-15 13:01:44    A5F88AEFDE2AB3C7B3215B30122754E8    1300992    ----a-w-    C:\windows\Sysnative\gdi32.dll
2014-08-15 13:01:44    67DD4FFD6AE0F380E473BAFE002728BC    4035072    ----a-w-    C:\windows\Sysnative\win32k.sys
2014-08-15 13:01:43    CA887E878FB8CE16C4ACB2F0408D0F0B    712192    ----a-w-    C:\windows\Sysnative\aepdu.dll
2014-08-15 13:01:42    39680DBF9A2A8AFEFE3F745461716133    556544    ----a-w-    C:\windows\Sysnative\aeinv.dll
2014-08-15 13:01:29    90B1DA995893F25DE3438B152D29B089    19279872    ----a-w-    C:\windows\Sysnative\mshtml.dll
2014-08-15 13:01:24    D1CC29A03CC49A819031527FEF5C20E0    15399936    ----a-w-    C:\windows\Sysnative\ieframe.dll
2014-08-15 13:01:23    2DC29B4B1380BEE4412FF4BD2CFBEB7C    2655232    ----a-w-    C:\windows\Sysnative\iertutil.dll
2014-08-15 13:01:23    0F57CF6FBA7331C01EF7732902EB544C    3959296    ----a-w-    C:\windows\Sysnative\jscript9.dll
2014-08-15 13:01:21    F49B3E58C3812042D946551FA487A9FF    1407488    ----a-w-    C:\windows\Sysnative\urlmon.dll
2014-08-15 13:01:21    A56400B83371EAD36B9E62FAF0546595    2240000    ----a-w-    C:\windows\Sysnative\wininet.dll
2014-08-15 13:01:20    4FC4D8947E40600FB0B8A3171E3F5F4B    451584    ----a-w-    C:\windows\Sysnative\dxtmsft.dll
2014-08-15 13:01:19    F0E9B12CB933FB1594907D05C963F3D2    281600    ----a-w-    C:\windows\Sysnative\dxtrans.dll
2014-08-15 13:01:19    6A025A6C2D17C325B76FCFC5A9B7DE91    855552    ----a-w-    C:\windows\Sysnative\jscript.dll
2014-08-15 13:01:19    2F12547498513DDAE30713753C05B728    1508864    ----a-w-    C:\windows\Sysnative\inetcpl.cpl
2014-08-15 13:01:19    19FD12A3AF7E0262282AF4F028504F0E    603136    ----a-w-    C:\windows\Sysnative\msfeeds.dll
2014-08-15 13:01:19    0E62277BD6441508410372DCC43A2DB5    97280    ----a-w-    C:\windows\Sysnative\mshtmled.dll
2014-08-15 13:01:18    ADF4159B1C39869B46AE1E8F0E6D7F65    197120    ----a-w-    C:\windows\Sysnative\msrating.dll
2014-08-15 13:01:18    AC351C1ECAD2701E06F96ABFAB02B773    136704    ----a-w-    C:\windows\Sysnative\iesysprep.dll
2014-08-15 13:01:18    A15BACAC115B922F246750770D2378E3    915968    ----a-w-    C:\windows\Sysnative\uxtheme.dll
2014-08-15 13:01:18    93F27C7FD64D0E3CDB7454ACF28F160B    255488    ----a-w-    C:\windows\Sysnative\iedkcs32.dll
2014-08-15 13:01:18    3013C41E885F370F75F297A0415611C1    51712    ----a-w-    C:\windows\Sysnative\ie4uinit.exe
2014-08-15 13:01:18    21FE64FECC172DD1D159936B6C983750    39936    ----a-w-    C:\windows\Sysnative\iernonce.dll
2014-08-15 13:01:17    E9E4DB15809472C8F8E211F9F080FCC1    53760    ----a-w-    C:\windows\Sysnative\jsproxy.dll
2014-08-15 13:01:17    8F90D2E05A51C76EA423902B5C4DD6FF    53760    ----a-w-    C:\windows\Sysnative\UXInit.dll
2014-08-15 13:01:17    334C98698434D534E82FE6C7AF8E2531    67072    ----a-w-    C:\windows\Sysnative\iesetup.dll
2014-08-15 13:01:17    283DD1D3C3E9D0B3D258BC6610540E80    2706432    ----a-w-    C:\windows\Sysnative\mshtml.tlb
2014-08-15 13:01:11    4079B9196F0353E57EFBB5E16B5727C0    10116608    ----a-w-    C:\windows\Sysnative\twinui.dll
2014-08-15 13:01:08    DE5D9300DAE9279D6554E5875A079093    2146304    ----a-w-    C:\windows\Sysnative\actxprxy.dll
2014-08-15 13:01:08    60B4FDF22A85713621E6528E68CD8FC9    2885632    ----a-w-    C:\windows\Sysnative\msi.dll
2014-08-15 13:01:07    B8CDF3317BD77FCF8C798EEB9DEFC5C9    393216    ----a-w-    C:\windows\Sysnative\msihnd.dll
2014-08-15 13:01:07    65DF4D0333CFC7AE430F5D210F77F4CE    112984    ----a-w-    C:\windows\Sysnative\consent.exe
2014-08-15 13:01:07    1BE70D6051837B74BCD06DCE040F102E    2306560    ----a-w-    C:\windows\Sysnative\authui.dll
2014-08-15 13:01:02    F39B36FC340ED4F322E0FB41FC7307BA    1312768    ----a-w-    C:\windows\Sysnative\rpcrt4.dll
====== C:\windows\Sysnative\drivers =====
2014-08-27 03:27:50    8A50D5304E6AE48664CF5838EC32F647    122584    ----a-w-    C:\windows\Sysnative\drivers\MBAMSwissArmy.sys
2014-08-27 03:27:25    F92B0E478C0FAA6D6661E6E977247E60    25816    ----a-w-    C:\windows\Sysnative\drivers\mbam.sys
2014-08-27 03:27:25    9D9ED48F841EA37AA5310D54B9E5D3C7    91352    ----a-w-    C:\windows\Sysnative\drivers\mbamchameleon.sys
2014-08-27 03:27:25    0664F6335F108F38FE08C3CA747311EE    64216    ----a-w-    C:\windows\Sysnative\drivers\mwac.sys
2014-08-26 18:50:09    D41D8CD98F00B204E9800998ECF8427E    0    ---ha-w-    C:\windows\Sysnative\drivers\Msft_Kernel_webinstr_01009.Wdf
2014-08-15 13:37:15    58CC013EFA9893057160EDA018D8ADCE    71168    ----a-w-    C:\windows\Sysnative\drivers\hdaudbus.sys
2014-08-15 13:01:45    2BB5627EB587FA995086C3D8C21B6D3F    1453400    ----a-w-    C:\windows\Sysnative\drivers\dxgkrnl.sys
2014-08-15 13:01:00    E7E9DBFDD3F25ED0C05B99AE9FA18BDE    94552    ----a-w-    C:\windows\Sysnative\drivers\mountmgr.sys
2014-08-15 13:01:00    05FACF485F44D1B70E35551D7BB668ED    328024    ----a-w-    C:\windows\Sysnative\drivers\Classpnp.sys
====== C:\windows\Tasks ======
2014-08-26 18:51:01    3FB5EF4460BBE85C420D677C86DA2942    4034    ----a-w-    C:\windows\Sysnative\Tasks\LaunchSignup
2014-08-26 18:49:06    8D218C7D810E2A871D9EEF57FC800974    3570    ----a-w-    C:\windows\Sysnative\Tasks\Secure Fast PC Autorun
2014-08-26 18:49:05    30285E440BA491E002FD5057DDC65916    3902    ----a-w-    C:\windows\Sysnative\Tasks\Alert Job Task At Windows Start
2014-08-05 19:37:31    51BF831E6723BD98380A2F5A55740624    4988    ----a-w-    C:\windows\Sysnative\Tasks\Microsoft Office 15 Sync Maintenance for LENOVO-E431T-Chris Lenovo-E431T
====== C:\windows\Temp ======
======= C:\Program Files =====
2014-08-28 13:27:04    --------    d-----w-    C:\Program Files\GIMP 2
======= C:\PROGRA~2 =====
2014-08-26 19:15:28    --------    d-----w-    C:\PROGRA~2\Mozilla Maintenance Service
2014-08-26 18:48:56    --------    d-----w-    C:\PROGRA~2\Windows Service
======= C: =====
====== C:\Users\Chris\AppData\Roaming ======
2014-08-28 14:28:44    26E2B3EE2B69D9BEABE16B35D79611A9    1561    ----a-w-    C:\Users\Chris\AppData\Local\recently-used.xbel
2014-08-28 14:25:45    --------    d-----w-    C:\Users\Chris\AppData\Local\gtk-2.0
2014-08-28 14:24:44    --------    d-----w-    C:\Users\Chris\AppData\Local\webkit
2014-08-28 13:32:03    --------    d-----w-    C:\Users\Chris\AppData\Local\fontconfig
2014-08-28 13:31:56    --------    d-----w-    C:\Users\Chris\AppData\Local\gegl-0.2
2014-08-26 19:15:33    --------    d-----w-    C:\Users\Chris\AppData\Roaming\Mozilla
2014-08-26 19:15:33    --------    d-----w-    C:\Users\Chris\AppData\Local\Mozilla
2014-08-26 18:49:03    --------    d-----w-    C:\Users\Chris\AppData\Roaming\Developerts LLC USA
2014-08-26 18:49:03    --------    d-----w-    C:\Users\Chris\AppData\Local\Developerts_LLC
2014-08-26 18:48:32    --------    d-----w-    C:\windows\sysWoW64\config\systemprofile\AppData\Roaming\Microsoft
====== C:\Users\Chris ======
2014-08-28 14:22:27    --------    d-----w-    C:\Users\Chris\.thumbnails
2014-08-28 13:31:56    --------    d-----w-    C:\Users\Chris\.gimp-2.8
2014-08-28 13:24:31    7854ADF749A86B60535BD2E0E03BE804    91670064    ----a-w-    C:\Users\Chris\Downloads\gimp-2.8.14-setup.exe
2014-08-27 18:38:46    F37712FF52764C11F922C771426C5ECE    895120    ----a-w-    C:\Users\Chris\Downloads\ChromeSetup(1).exe
2014-08-27 18:32:49    2999946EC39303A57BB29A109DD942DA    895120    ----a-w-    C:\Users\Chris\Downloads\ChromeSetup.exe
2014-08-27 03:22:31    E90BF9E1562F40140161573B79CD5720    17292760    ----a-w-    C:\Users\Chris\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-27 03:15:03    D6BCEDDBC13A4BA05A273CF539F3F5E3    30517960    ----a-w-    C:\Users\Chris\Downloads\Windows-KB890830-x64-V5.15.exe
2014-08-26 19:15:28    --------    d-----w-    C:\ProgramData\Mozilla

====== C: exe-files ==
2014-08-28 13:27:59    ED0FDE686788CAEC4F2CB1EC9C31680C    61440    ----a-w-    C:\Program Files\GIMP 2\Python\Lib\distutils\command\wininst-8.0.exe
2014-08-28 13:27:59    AE6CE17005C63B7E9BF15A2A21ABB315    65536    ----a-w-    C:\Program Files\GIMP 2\Python\Lib\distutils\command\wininst-7.1.exe
2014-08-28 13:27:59    8AA98031128EF0C81D34207E3C60D003    196096    ----a-w-    C:\Program Files\GIMP 2\Python\Lib\distutils\command\wininst-9.0.exe
2014-08-28 13:27:59    7B112B1FB864C90EC5B65EAB21CB40B8    61440    ----a-w-    C:\Program Files\GIMP 2\Python\Lib\distutils\command\wininst-6.0.exe
2014-08-28 13:27:59    5F1707646575D375C50155832477A437    223744    ----a-w-    C:\Program Files\GIMP 2\Python\Lib\distutils\command\wininst-9.0-amd64.exe
2014-08-28 13:27:55    ABB1207D5EC529BE26D2EACBF4030689    27136    ----a-w-    C:\Program Files\GIMP 2\Python\pythonw.exe
2014-08-28 13:27:55    9FA6C2DDAFDE611B3C877D58F97E8530    26624    ----a-w-    C:\Program Files\GIMP 2\Python\python.exe
2014-08-28 13:27:55    4075972C6429C9616DED25458209DAD7    41100    ----a-w-    C:\Program Files\GIMP 2\libexec\dbus-bash-completion-helper.exe
2014-08-28 13:27:54    DE5A888D95B11161B614645431048A99    42729    ----a-w-    C:\Program Files\GIMP 2\bin\bzip2.exe
2014-08-28 13:27:54    79099B05530C91884018841A6FE3244C    22353    ----a-w-    C:\Program Files\GIMP 2\bin\gspawn-win64-helper-console.exe
2014-08-28 13:27:54    56F4F9559F1E63065A066D5908C83555    22865    ----a-w-    C:\Program Files\GIMP 2\bin\gspawn-win64-helper.exe
2014-08-28 13:27:45    F711C6256C819353241E30573F60FBC4    43560    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\waves.exe
2014-08-28 13:27:45    CFBE68F9CB727EB33A492F6BC1AE3CC5    80256    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-ps.exe
2014-08-28 13:27:45    BAB5360304A31DE7A70635B21615F779    34752    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\value-invert.exe
2014-08-28 13:27:45    A72C3AC6E59B40C1DD8CED6962BE7D34    45656    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\unsharp-mask.exe
2014-08-28 13:27:45    A052F0990C515337AE98A7EF3DF59F14    44936    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\wind.exe
2014-08-28 13:27:45    95E0AED586786EE1130A76CA2A917019    48096    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\van-gogh-lic.exe
2014-08-28 13:27:45    8D483CF9FBE644EFF5F6770DDCAF7844    62304    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\warp.exe
2014-08-28 13:27:45    879810D604C006E74B9F7BEA05A77478    45952    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\win-snap.exe
2014-08-28 13:27:45    8638286CE546045C5AD2A40ED5144B63    49384    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\value-propagate.exe
2014-08-28 13:27:45    3AF6AF7B1E426E8FD5DBE21CD4629ADE    74352    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\video.exe
2014-08-28 13:27:45    246814D243AC77D56504CEFD686B57FB    48456    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\whirl-pinch.exe
2014-08-28 13:27:45    0AB2FAC6F6DC5CB3B078581192ABC1D0    45480    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\web-page.exe
2014-08-28 13:27:45    03ADA44FC8FD816B187030C2D8DFBA9C    32080    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\web-browser.exe
2014-08-28 13:27:44    F6FCF176F29CFE7DF9A790C66FB90A29    41888    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\smooth-palette.exe
2014-08-28 13:27:44    F3D027CA93866772BEAF0C4596FEF9A5    41568    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\tile-glass.exe
2014-08-28 13:27:44    ECED4FAF6EA99C56FA3E0DCB0B01DDE1    38424    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\threshold-alpha.exe
2014-08-28 13:27:44    EB350CA0CCBDB41EA08DA3FF702298A9    81416    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\pagecurl.exe
2014-08-28 13:27:44    E5DA67E2CA10A0DF281D080F6043CCD5    35648    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\tile-seamless.exe
2014-08-28 13:27:44    DD74CDAA4728692EE64EA03EB754A481    82296    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\print.exe
2014-08-28 13:27:44    D2D2EBE45EB5EA56A47C35BFCE95ABDB    45864    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\ripple.exe
2014-08-28 13:27:44    B6FFF1C82EF770AC3061D23498E300EF    53192    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\nova.exe
2014-08-28 13:27:44    B6F7EBA8726E29A54A418479A4F62C69    40936    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\noise-spread.exe
2014-08-28 13:27:44    B48791EA61CF97ABDB1A4BA945EA3283    50568    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\unit-editor.exe
2014-08-28 13:27:44    B04D4D7BB8F6D4973CF80499E463C8F1    51688    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\tile-small.exe
2014-08-28 13:27:44    AFE92C4DF218A37AF502C8866F8901EC    47400    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\qbist.exe
2014-08-28 13:27:44    937E25C4E31936252C6A21EC209D2014    46688    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\polar-coords.exe
2014-08-28 13:27:44    8ECE1667FF92A364BAF9AECF3358B287    32552    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\procedure-browser.exe
2014-08-28 13:27:44    7FA73328FFB63F6BE63FA7F33CA27710    182760    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\script-fu.exe
2014-08-28 13:27:44    7A05D68F4122499836AB5E08C61C8459    48248    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\plugin-browser.exe
2014-08-28 13:27:44    662C558B3F4D0280D6A279104477A69D    50224    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\oilify.exe
2014-08-28 13:27:44    622F247C3CA91ED4FBC4814B3522148C    73768    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\sample-colorize.exe
2014-08-28 13:27:44    5DE03DD959CB25ED918E9D848468E1CF    80984    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\selection-to-path.exe
2014-08-28 13:27:44    58E07A00ADB0090A701A52F3D47AA3B3    50160    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\photocopy.exe
2014-08-28 13:27:44    584C7FA4924FE6B01DC80A5A5BEEB89E    40168    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\red-eye-removal.exe
2014-08-28 13:27:44    4366302B7B62988695CDCB3EAAD7037C    59328    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\sparkle.exe
2014-08-28 13:27:44    4348008610335537172579A1B25A07BD    41960    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\shift.exe
2014-08-28 13:27:44    43386E481DCCB4CFB4F2DA3F72DBB091    49008    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\tile-paper.exe
2014-08-28 13:27:44    38FC7F42A0935F17C5625C8F475FA9F2    41808    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\tile.exe
2014-08-28 13:27:44    3182AC152C7E880AE246630D33C6DF39    46576    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\softglow.exe
2014-08-28 13:27:44    2F744F3EB3C791C466C4F5F3FDAC5DAC    56792    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\sinus.exe
2014-08-28 13:27:44    2DDABC1B2C076165B4B154204BD1C1C0    38904    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\rotate.exe
2014-08-28 13:27:44    2C6E9ECAC5B0FA5B40DBBF5BF3041BFA    32800    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\semi-flatten.exe
2014-08-28 13:27:44    25C73C6234ED36F671EC06AF0234A7D5    86008    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\sphere-designer.exe
2014-08-28 13:27:44    1A47B4A963DB130EBFFB80B5A46FB0B2    43976    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\pixelize.exe
2014-08-28 13:27:44    182FF867C9E587E77A9D0A6E1B57836D    41840    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\sharpen.exe
2014-08-28 13:27:44    0373323D424E99AF87ECED5EA1E2E4A7    42768    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\plasma.exe
2014-08-28 13:27:43    FED76B14FCD556F8C51CA7096727394F    43304    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\illusion.exe
2014-08-28 13:27:43    F71F3C2D837E384DB7C767CD8590D43A    46728    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\lens-distortion.exe
2014-08-28 13:27:43    ED95C0D7517B417C5A15337C97A41B7E    59024    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\lcms.exe
2014-08-28 13:27:43    E9EB5CBDCBB8A60FBFA58A1B952DF3C0    43848    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\lens-apply.exe
2014-08-28 13:27:43    E8B345BB7DF77557E01B08C56C390435    52664    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\grid.exe
2014-08-28 13:27:43    DE8066F49B488B370CAC5FAA25481E0A    35248    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\guillotine.exe
2014-08-28 13:27:43    C9CFAB3D8A5CAC3FEABB3CD1F751801F    45192    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\noise-solid.exe
2014-08-28 13:27:43    C5DC0553C7F1FF2AD8E4408E65CA3C96    170424    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\gfig.exe
2014-08-28 13:27:43    B25A3B9DCBE684AA5C50148D535F5AEA    35304    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\gradient-map.exe
2014-08-28 13:27:43    A1666A9041B4F85FC925BA08ED3CFB2E    45160    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\help.exe
2014-08-28 13:27:43    998B8DA5958CADC721B888EB87A65031    47400    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\nl-filter.exe
2014-08-28 13:27:43    8467C367DB76C8A0C38DDD1D85A45A83    213200    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\imagemap.exe
2014-08-28 13:27:43    81F92F3ED09555980459B10C7CC9EF8F    49632    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\lens-flare.exe
2014-08-28 13:27:43    7D959BA13E798598A0BC7CBE9F211FCE    66752    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\jigsaw.exe
2014-08-28 13:27:43    75BEFA69F624B4EC612EACB940BAB8BE    65512    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\iwarp.exe
2014-08-28 13:27:43    6BA8A24C5D20DF0D27E840AB052AB107    95576    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\metadata.exe
2014-08-28 13:27:43    68C330B702F7C3DDE8D0D2486B9FAE9F    84008    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\help-browser.exe
2014-08-28 13:27:43    5E15F7417B640A614F510F51BA2CA975    101336    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\gradient-flare.exe
2014-08-28 13:27:43    4D3CF4B59BE240F5C2774EF0890253C0    43744    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\noise-rgb.exe
2014-08-28 13:27:43    4950AB6D6080751C4334C28EB6034FDD    68384    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\mosaic.exe
2014-08-28 13:27:43    481298F49ECFC03702803028F38173F6    44728    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\noise-randomize.exe
2014-08-28 13:27:43    3C76EA3F86ED61BE852AE9F7EA8FA1E9    56176    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\maze.exe
2014-08-28 13:27:43    3B31698610E2AE4DD83FD94801F3FD59    62600    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\newsprint.exe
2014-08-28 13:27:43    32EE23778C783BD101D746173F17B899    41272    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\noise-hsv.exe
2014-08-28 13:27:43    18946CC887652143636FA1136C761623    150352    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\gimpressionist.exe
2014-08-28 13:27:43    15A5315F49BE455609C31F4D7ED7AB71    139960    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\lighting.exe
2014-08-28 13:27:43    0E64B1283E5497D397F0406F13E3949E    157656    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\map-object.exe
2014-08-28 13:27:43    0895FE3ABC49D9E3E77F7DD44AF43E6F    37512    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\max-rgb.exe
2014-08-28 13:27:43    05049BD4542F0859E96A50C3535582DA    45152    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\hot.exe
2014-08-28 13:27:43    01ED1BA06A5D5ED1624F0FDDDEC48288    99032    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\ifs-compose.exe
2014-08-28 13:27:42    EF643A0909CECACBA25560C58BED3E9B    79456    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\filter-pack.exe
2014-08-28 13:27:42    EEE6BDAD8CCCC83704AFC41E24342770    73088    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-psd-load.exe
2014-08-28 13:27:42    E9446C5833F1963ED0304DDA1C435AF4    58984    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\film.exe
2014-08-28 13:27:42    DF2EDF68E2ACFB728FA4B002AABE35B4    38976    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-uri.exe
2014-08-28 13:27:42    D9F6CBAEBF3FC66579266A3B1F53CD89    88208    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-jpeg.exe
2014-08-28 13:27:42    CF76B6F785063E179B089BBFDB974C3F    58800    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-pdf-load.exe
2014-08-28 13:27:42    CD1DBF4BACFE378EAA59EB44C0EC3825    52072    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-xwd.exe
2014-08-28 13:27:42    BD25BA8D91890C6CDA54FAF1855E5B2A    58552    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-mng.exe
2014-08-28 13:27:42    B156314D53A98133819C1E7B8339F67B    51608    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-raw.exe
2014-08-28 13:27:42    A5C52C9F42443A4B8C081AAC0EDB2136    46104    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-sgi.exe
2014-08-28 13:27:42    A2CC509EE0976B6F4E217C9ADD38C52B    33720    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-glob.exe
2014-08-28 13:27:42    9DB803C4539E472388EB9EBC8307456E    37768    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-pix.exe
2014-08-28 13:27:42    940A7E2CEAF68013C0846E1794505424    64680    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-ico.exe
2014-08-28 13:27:42    80A697D68BB68BD86A00EA636814138C    46976    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\fractal-trace.exe
2014-08-28 13:27:42    7D2E27AD9D25FFD23C80A1260EE25C47    38944    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-jp2-load.exe
2014-08-28 13:27:42    7CC1DD73A4C9BA25D9EC0FE52260C0DF    59056    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-tiff-load.exe
2014-08-28 13:27:42    79475DFABA149C69D3C7BCD47CF8552F    54472    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-gif-save.exe
2014-08-28 13:27:42    75745BA0611F7182E4745A6B6EA8D50D    42712    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-pat.exe
2014-08-28 13:27:42    716CD0C72D0D9124D09B8C48928048D2    44136    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-xpm.exe
2014-08-28 13:27:42    64C5A2F0D019E3BC2E17B0FCFAA86FA4    55640    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-gih.exe
2014-08-28 13:27:42    60CE03EF71167F39D9F1FB3839E82A9B    65920    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-png.exe
2014-08-28 13:27:42    5F1670CE57E62311521D2AD4749010BB    49504    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-psd-save.exe
2014-08-28 13:27:42    583F4094884916EBAD9CA000EBCC4DDC    47888    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-tga.exe
2014-08-28 13:27:42    48E32614A2D29E6E00E247DED4AB845F    52720    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-svg.exe
2014-08-28 13:27:42    4462A8A36A23486C1D58D4CD9D6FB7BE    46880    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-html-table.exe
2014-08-28 13:27:42    338383006C7FC5EA35BB7F3D76A1F2E2    49416    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-sunras.exe
2014-08-28 13:27:42    2A06ED5D760FA9559C292AC67AC94FC7    51704    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-tiff-save.exe
2014-08-28 13:27:42    26CEF5D76B8FB04283C2461391C01430    35600    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-header.exe
2014-08-28 13:27:42    257B74B2C55D1C9F6DB4B1B524AF8588    149736    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\flame.exe
2014-08-28 13:27:42    20A01AEDBA871E1F187B3794CF8552FC    47968    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-pnm.exe
2014-08-28 13:27:42    1A2F5DC38441414A8BC01E734108DAFF    52488    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-wmf.exe
2014-08-28 13:27:42    18FB084231736E52D9E7C2A818C7C90A    64040    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-pdf-save.exe
2014-08-28 13:27:42    16E8A5655035387525D9B9C72C005C5F    41160    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-pcx.exe
2014-08-28 13:27:42    14CE897B95B2EB37DDD78E34CA488C42    51224    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-xbm.exe
2014-08-28 13:27:42    0628FF1B13D5CB7F044F36E085D057FE    50976    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-psp.exe
2014-08-28 13:27:42    06120E3AEE09C8F345C3BF0761A6AB59    85112    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\fractal-explorer.exe
2014-08-28 13:27:41    F4A3A081E8DDDABE0A4CBA36CC727620    54744    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-fli.exe
2014-08-28 13:27:41    E992D2433AE23DB6A1E348BE5C23A06A    32808    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-compressor.exe
2014-08-28 13:27:41    D4DAA030A826713F26F8530169149048    36616    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\crop-auto.exe
2014-08-28 13:27:41    D476B1EA086D34C661EB2F1648CEBC43    48024    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-csource.exe
2014-08-28 13:27:41    C322E636D7BE5B3C3439DA7973826E7A    34576    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\contrast-stretch.exe
2014-08-28 13:27:41    C29B0D17E8099BD87FCB3747C6121FF9    34040    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\contrast-normalize.exe
2014-08-28 13:27:41    BC7921C48D48C379353C3BBEE5A49159    40816    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\engrave.exe
2014-08-28 13:27:41    BA424F5004A623189020BA1196510B6A    49696    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\convolution-matrix.exe
2014-08-28 13:27:41    B559D61D1630C1A1CE7902FFA41D5FC2    43352    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-gif-load.exe
2014-08-28 13:27:41    B36D22AF911C906F591FEC82A271611D    43312    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\emboss.exe
2014-08-28 13:27:41    A5EAF8EA007F2B2D842A91D1A6F77FD8    46584    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\despeckle.exe
2014-08-28 13:27:41    A28620E782EC95EE57298F5B14083AF7    75048    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\curve-bend.exe
2014-08-28 13:27:41    98F461E6294A425182B32E8B47709D7E    60120    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-bmp.exe
2014-08-28 13:27:41    98A4EB7D712D7A0AA9B63A7B160542A8    57344    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\decompose.exe
2014-08-28 13:27:41    94D08F58D1541CF3157E3FDFE8C8671C    35744    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\edge-laplace.exe
2014-08-28 13:27:41    8FFB7494352B3CBBA3FC9576073847A5    49720    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\depth-merge.exe
2014-08-28 13:27:41    7ADD5AF813EA18BC046288E81D418DB3    34192    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\contrast-stretch-hsv.exe
2014-08-28 13:27:41    6F97347539E901A70EEA5E60ECED78A7    49104    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\displace.exe
2014-08-28 13:27:41    6E06F0FB926BA8AADAF690A12A09E700    48712    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\contrast-retinex.exe
2014-08-28 13:27:41    6545EB15F6578152C94BC3A9927908D6    46056    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\diffraction.exe
2014-08-28 13:27:41    5D65EED9C321F5D6FCD6A1DA4BFE90D4    45320    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-gbr.exe
2014-08-28 13:27:41    5B58F01FAC90EB798AB4B2FC06706D68    47544    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\edge-neon.exe
2014-08-28 13:27:41    579328435221671D8DC7167ED71597B8    65280    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-fits.exe
2014-08-28 13:27:41    55D293FE20A4C58031CBF64CB94FFFD1    47504    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-dicom.exe
2014-08-28 13:27:41    4ED03A9A983DA5B0B687E5B0DBE8EE2D    32576    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-desktop-link.exe
2014-08-28 13:27:41    4DB1C3389209F10CD7584B3692F9BE5D    35496    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\crop-zealous.exe
2014-08-28 13:27:41    48D42EFA6B8E00CB3AD570DFD15D8648    50408    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\edge-dog.exe
2014-08-28 13:27:41    439099AF994CC23FCD752D1FD2D922EF    40464    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\destripe.exe
2014-08-28 13:27:41    407AA8C9B28532F252DA009BDDF41A40    39480    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\deinterlace.exe
2014-08-28 13:27:41    275663097B1024D73B2E714064B75EFB    48352    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\edge.exe
2014-08-28 13:27:41    26C4D7FF824414D4CB16E7F0ECE2C2F0    40792    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-faxg3.exe
2014-08-28 13:27:41    0AEF929FF21DF804D674F4E7C80C0C6C    42256    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\edge-sobel.exe
2014-08-28 13:27:41    03A4E05C2E876728BC7971764751500D    42536    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\file-cel.exe
2014-08-28 13:27:41    017A67680605C3F2596120E5FF1F0C9E    46680    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\cubism.exe
2014-08-28 13:27:40    F998F3C00EBF3A1F190E048EE8E33A0E    41832    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\border-average.exe
2014-08-28 13:27:40    F13FE7CB7B77379589BE0D50AEDC2B71    42272    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\align-layers.exe
2014-08-28 13:27:40    F13A231D995AE89D25725556746B3184    35240    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\blur.exe
2014-08-28 13:27:40    E40CDDE14F38CB74246B0DDF4E53758F    40664    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\checkerboard.exe
2014-08-28 13:27:40    D7F52F990A0A9E4346D66CA262E19A43    46080    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\alien-map.exe
2014-08-28 13:27:40    D0AABB8656FE17BF59138AF3BB3482CB    43752    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\animation-optimize.exe
2014-08-28 13:27:40    CD742EB60FC8E49B56CD6A538900F60C    2542464    ----a-w-    C:\Program Files\GIMP 2\bin\gimp-console-2.8.exe
2014-08-28 13:27:40    CCFC1F5B8B4B46F61EC906320CF8AB8C    41392    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\color-cube-analyze.exe
2014-08-28 13:27:40    C69AAD344C0D252E18BE82AAA697B4A3    5413488    ----a-w-    C:\Program Files\GIMP 2\bin\gimp-2.8.exe
2014-08-28 13:27:40    BC71867FFE4E9258280EF2BD598E7E6A    57992    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\animation-play.exe
2014-08-28 13:27:40    BB48CD48D5239D31D8C193FF3C36A1E1    48328    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\colormap-remap.exe
2014-08-28 13:27:40    B7473D5FFC202DC242C05D9A0A593CAB    81648    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\color-rotate.exe
2014-08-28 13:27:40    B4DA2D5C357CAFAE64A8DB873921CE25    44536    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\blinds.exe
2014-08-28 13:27:40    A5F17C0C549DF8A29B31274FD98852FD    35088    ----a-w-    C:\Program Files\GIMP 2\bin\gimptool-2.0.exe
2014-08-28 13:27:40    A493D27AB9E2B7BE035582F3B1D1AD7B    51632    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\color-exchange.exe
2014-08-28 13:27:40    A0E301E671EC67D2EB1B7659D571CAD5    61000    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\compose.exe
2014-08-28 13:27:40    8CC8299F111DD9CB331502D621B4BA12    36200    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\antialias.exe
2014-08-28 13:27:40    7FD0FD2130E192A0954AB3AE790FF1A2    82120    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\cml-explorer.exe
2014-08-28 13:27:40    79F683274FBD78B6B564EEC65679F6A9    52376    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\blur-gauss-selective.exe
2014-08-28 13:27:40    67F149CB4CF29567006775B6128B7B72    54008    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\channel-mixer.exe
2014-08-28 13:27:40    58B094D7D4321E7FE3DB7081D3E79B41    38968    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\colorify.exe
2014-08-28 13:27:40    4AD5DFB4182FF6DC98164E1B118076E0    52592    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\blur-motion.exe
2014-08-28 13:27:40    3B48EED6ED624120C9D2F63C35BBEDF2    55296    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\bump-map.exe
2014-08-28 13:27:40    33EF2007E9FBCFAD72FA840FD30D8099    57576    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\apply-canvas.exe
2014-08-28 13:27:40    2CB1338C609F37F1D83C820F884F8CC3    40320    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\color-to-alpha.exe
2014-08-28 13:27:40    260A69C7048917B05C046E15E276C4C7    57224    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\blur-gauss.exe
2014-08-28 13:27:40    2288F04D60345EA3DA538163AEC1FDDC    34752    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\color-enhance.exe
2014-08-28 13:27:40    20162A1979BD59B0D82799402DA21728    49248    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\cartoon.exe
2014-08-28 13:27:36    85650A72C869E3F1903D5341D3E48AD3    40624    ----a-w-    C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\twain.exe
2014-08-28 13:27:35    9914A8E798B574D7CF45CC85832395B1    17718    ----a-w-    C:\Program Files\GIMP 2\32\bin\gspawn-win32-helper-console.exe
2014-08-28 13:27:35    630B0ADE175CE64A0258DBA6A36F7764    17718    ----a-w-    C:\Program Files\GIMP 2\32\bin\gspawn-win32-helper.exe
2014-08-28 13:27:04    3F784538B43FA85A94C6F273C7C7F14A    1179248    ----a-w-    C:\Program Files\GIMP 2\uninst\unins000.exe
2014-08-28 13:24:31    7854ADF749A86B60535BD2E0E03BE804    91670064    ----a-w-    C:\Users\Chris\Downloads\gimp-2.8.14-setup.exe
2014-08-27 18:38:46    F37712FF52764C11F922C771426C5ECE    895120    ----a-w-    C:\Users\Chris\Downloads\ChromeSetup(1).exe
2014-08-27 18:32:49    2999946EC39303A57BB29A109DD942DA    895120    ----a-w-    C:\Users\Chris\Downloads\ChromeSetup.exe
2014-08-27 03:22:31    E90BF9E1562F40140161573B79CD5720    17292760    ----a-w-    C:\Users\Chris\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-27 03:15:03    D6BCEDDBC13A4BA05A273CF539F3F5E3    30517960    ----a-w-    C:\Users\Chris\Downloads\Windows-KB890830-x64-V5.15.exe
2014-08-26 20:03:57    D741359CAD4ED3D90BE624E48B60C47B    217768    ----a-w-    C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\MSOXMLED.EXE
2014-08-26 20:03:57    57D6258A397472FB775A4EBCC34AD804    550584    ----a-w-    C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\MSOSQM.EXE
2014-08-26 20:03:56    F3FB31D65AB7A568755E567F6C96F72D    842448    ----a-w-    C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\DW20.EXE
2014-08-26 20:03:54    D5C775DBE5AD42530F48CB0A270A9B45    49848    ----a-w-    C:\Program Files\Microsoft Office 15\root\flattener\Flattener.exe
2014-08-26 20:03:54    D2919EC9519325F0B6A79478917D32EA    39584    ----a-w-    C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\AppSharingHookController64.exe
2014-08-26 20:03:54    B0C5592CE01E444CD21B4613362A35E1    7501528    ----a-w-    C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CMigrate.exe
2014-08-26 20:03:54    AE41EF6C152BE960EAF8C92223BEAA06    79592    ----a-w-    C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
2014-08-26 20:03:53    E8E3518A752004AF04B9BE7BCB1B8420    207008    ----a-w-    C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\MSOXMLED.EXE
2014-08-26 20:03:52    94C2D7135ED56A82D7A421B505838FC6    9597104    ----a-w-    C:\Program Files\Microsoft Office 15\root\office15\PDFREFLOW.EXE
2014-08-26 20:03:52    8539AA0CF39764B796959634EB2BE858    5532368    ----a-w-    C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CMigrate.exe
2014-08-26 20:03:50    F0D7F46D13D296BFB0D1B30F9D757037    873640    ----a-w-    C:\Program Files\Microsoft Office 15\root\office15\protocolhandler.exe
2014-08-26 20:03:50    72ECCF99AC76B470A1FB523F06295415    474336    ----a-w-    C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\DWTRIG20.EXE
2014-08-26 20:03:49    3C283C1BFA1D88C2D4D52148CE62A7C7    543360    ----a-w-    C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\EQUATION\EQNEDT32.EXE
2014-08-26 20:03:49    30B5F9FB0C35AE6B4A0851D24CE2EE8B    150600    ----a-w-    C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Source Engine\OSE.EXE
2014-08-26 20:03:49    1A46825F604C22732FC882D06A70D473    150704    ----a-w-    C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\FLTLDR.EXE
2014-08-26 20:03:32    4F88B937C9C562C5F957A3495815B0CE    1076432    ----a-w-    C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe
2014-08-26 20:03:29    FCA3E61A4AE185EC00213D8CA55AA666    4522680    ----a-w-    C:\Program Files\Microsoft Office 15\root\office15\GRAPH.EXE
2014-08-26 20:03:29    E9281B71BB74C4D3CCF12B8FB140446B    480976    ----a-w-    C:\Program Files\Microsoft Office 15\root\office15\SELFCERT.EXE
2014-08-26 20:03:29    DE04FC6E222DDC51D04AD6BB4592954A    228536    ----a-w-    C:\Program Files\Microsoft Office 15\root\office15\CLVIEW.EXE
2014-08-26 20:03:29    8D4AEC178A5C121D42AF14A59772577E    449208    ----a-w-    C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE
2014-08-26 20:03:29    85C3F3CAE9739F8930016A589916CCDA    21930144    ----a-w-    C:\Program Files\Microsoft Office 15\root\office15\excelcnv.exe
2014-08-26 20:03:29    6BB54F315CB980DE281DB7D4F392D297    497848    ----a-w-    C:\Program Files\Microsoft Office 15\root\office15\MSOUC.EXE
2014-08-26 20:03:29    4C3B97A5E937EA214096F4DF33D34FE3    700064    ----a-w-    C:\Program Files\Microsoft Office 15\root\office15\MSQRY32.EXE
2014-08-26 20:03:28    EEE48A7B4C43AFF0E7C54F1E0EE311C2    569584    ----a-w-    C:\Program Files\Microsoft Office 15\root\office15\ORGCHART.EXE
2014-08-26 20:03:28    762CCDB877509BDAA29C38A5B9080311    517352    ----a-w-    C:\Program Files\Microsoft Office 15\root\office15\IEContentService.exe
2014-08-26 20:03:28    020A73C52D446814998572D467DCADD9    528584    ----a-w-    C:\Program Files\Microsoft Office 15\root\office15\VPREVIEW.EXE
2014-08-26 20:03:09    878841B7459A8DA3FDBB303A01B09690    590536    ----a-w-    C:\Program Files\Microsoft Office 15\root\Integration\Integrator.exe
2014-08-26 20:02:49    6098179B617AA2D39DDB699C47F4329F    18944160    ----a-w-    C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
2014-08-26 20:02:45    92701E8B8026521C4554200D031E23EB    1746080    ----a-w-    C:\Program Files\Microsoft Office 15\root\office15\ONENOTE.EXE
2014-08-26 20:02:34    CA7EB396E5D8618855A87C1E51072E7B    1923224    ----a-w-    C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE
2014-08-26 20:02:32    AD45B49D72FB602DE4BF12B91ABA7ED8    25698968    ----a-w-    C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE
2014-08-26 20:02:27    8FE47065C6F470D6C85D5F3C2F7B0853    991904    ----a-w-    C:\Program Files\Microsoft Office 15\root\office15\FIRSTRUN.EXE
2014-08-26 20:02:09    4A92A194C4D44862D576F44004D2DE17    1431720    ----a-w-    C:\Program Files\Microsoft Office 15\ClientX64\appvcleaner.exe
2014-08-26 19:39:27    F9B1C76A0B9F6CCF41690BDF7F1B379C    544    ----a-w-    C:\$Recycle.Bin\S-1-5-21-2008387046-3269437854-4107736601-1001\$IXCXKV2.exe
2014-08-26 19:39:25    B273323600C83D1615FD0108822060AC    544    ----a-w-    C:\$Recycle.Bin\S-1-5-21-2008387046-3269437854-4107736601-1001\$IGWL9RA.exe
2014-08-26 19:15:28    BC24422CC00B3A862C60F8E71AB24A9F    109886    ----a-w-    C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe
2014-08-26 19:15:28    4E9D8041D352A33332FD6F59A3A78B03    119408    ----a-w-    C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
2014-08-26 19:14:33    2D122754D6884B01B54ACCEC9FB9CAAD    244120    ----a-w-    C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\44I81XGD\Firefox Setup Stub 31.0.exe
2014-08-26 18:59:23    C14FC68CD6B89313DA3266210BC73B1F    90396104    ----a-w-    C:\$Recycle.Bin\S-1-5-21-2008387046-3269437854-4107736601-1001\$RGWL9RA.exe
2014-08-26 18:50:32    40395C175553CB14D2050888EFCCDF00    4961800    ----a-w-    C:\Users\Chris\AppData\Local\Temp\vcredist_x64.exe
2014-08-26 18:50:29    1F08DDF5ADD3F28BB879EA37F507CC24    5556040    ----a-w-    C:\Users\Chris\AppData\Local\Temp\CloudBackup5920.exe
2014-08-26 18:50:05    9C1C08F606BE4A289A5787D04613FBA5    98304    ----a-w-    C:\Users\Chris\AppData\Local\Temp\post2.exe
2014-08-26 18:50:05    1D29077ECB9D636907929622A9CFB23F    390144    ----a-w-    C:\Users\Chris\AppData\Local\Temp\post1.exe
2014-08-25 18:12:41    7B0A0BE4B067C9CC4898CFFC30BAD425    59416    ----a-w-    C:\Windows\System32\wuauclt.exe
2014-08-25 18:12:33    E07104ADA4972888FC2FADAC22CE4591    40448    ----a-w-    C:\Windows\System32\wuapp.exe
2014-08-25 18:12:33    0AA8927C7DAE50EBDBFD9D5523A21020    35328    ----a-w-    C:\Windows\SysWOW64\wuapp.exe
=== C: other files ==
2014-08-28 14:56:00    CC457CA028B5262819370917A986BAD7    7384062    -----tr-    C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Outlook\8D9BID8W\Interview Transcripts ALL.zip
2014-08-28 13:28:01    5DD3DC514DB4843357AE370DA738FE8B    177    ----a-w-    C:\Program Files\GIMP 2\Python\Lib\idlelib\idle.bat
2014-08-27 03:27:50    8A50D5304E6AE48664CF5838EC32F647    122584    ----a-w-    C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2014-08-27 03:27:25    F92B0E478C0FAA6D6661E6E977247E60    25816    ----a-w-    C:\Windows\System32\Drivers\mbam.sys
2014-08-27 03:27:25    9D9ED48F841EA37AA5310D54B9E5D3C7    91352    ----a-w-    C:\Windows\System32\Drivers\mbamchameleon.sys
2014-08-27 03:27:25    0664F6335F108F38FE08C3CA747311EE    64216    ----a-w-    C:\Windows\System32\Drivers\mwac.sys

==== Startup Registry Enabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMSS"="C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"
"331BigDog"="C:\Program Files (x86)\USB Camera\VM331STI.EXE"
"Fastboot"="C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe /analysis"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="C:\windows\system32\hkcmd.exe"
"Persistence"="C:\windows\system32\igfxpers.exe"
"LenovoOptMouseUpdate"="C:\Program Files\Lenovo\HOTKEY\extapsup.exe"
"BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll,TrayApp"
"SmartAudio"="C:\Program Files\CONEXANT\SAII\SACpl.exe /t"
"cAudioFilterAgent"="C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe"
"ForteConfig"="C:\Program Files\Conexant\ForteConfig\fmapp.exe"
"TpShocks"="TpShocks.exe"
"LnvMobHotspotClient"="C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe"
"LENOVO.TPKNRRES"="C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe"

==== Other Scheduled Tasks ======================

"C:\windows\SysNative\tasks\Alert Job Task At Windows Start" [C:\Program Files (x86)\Windows Service\Alert.exe]
"C:\windows\SysNative\tasks\CLMLSvc" [C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe]
"C:\windows\SysNative\tasks\Dolby Selector" [C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe]
"C:\windows\SysNative\tasks\LaunchSignup" [C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe]
"C:\windows\SysNative\tasks\Secure Fast PC Autorun" [C:\Program Files (x86)\Developerts LLC\Secure Fast PC\Secure Fast PC.exe]
"C:\windows\SysNative\tasks\StartPowerDVDService" ["C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"]
"C:\windows\SysNative\tasks\Synaptics TouchPad Enhancements" ["C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"]
"C:\windows\SysNative\tasks\Intel\Intel Service Manager" ["C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe"]
"C:\windows\SysNative\tasks\Intel® Small Business Advantage\Notifier" ["C:\Program Files\Intel\Intel® Small Business Advantage\UI\SBA_Notifier.exe"]
"C:\windows\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program" ["%ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"]
"C:\windows\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program 64" ["%ProgramFiles(x86)%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"]
"C:\windows\SysNative\tasks\Lenovo\Lenovo Solution Center Launcher" [%programfiles%\lenovo\lenovo solution center\App\LSCService.exe]
"C:\windows\SysNative\tasks\Lenovo\LenovoDependencyVersionTask" [C:\Program Files\lenovo\SystemAgent\DependencyVersion.exe]
"C:\windows\SysNative\tasks\Lenovo\LenovoMachineInformation" [C:\Program Files\lenovo\SystemAgent\MachineInformation.exe]
"C:\windows\SysNative\tasks\Lenovo\LenovoUserguidesCopy" [C:\Program Files\lenovo\SystemAgent\UserguidesCopy.exe]
"C:\windows\SysNative\tasks\Lenovo\LenovoWarrantyChinaTask" [C:\Program Files\lenovo\SystemAgent\ChinaWarrantyService.exe]
"C:\windows\SysNative\tasks\Lenovo\LSC\LSCHardwareScan" ["C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan]
"C:\windows\SysNative\tasks\Lenovo\LSC\RebootCountTask" ["C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe"]
"C:\windows\SysNative\tasks\Lenovo\LSC\Time72Task" ["C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe"]
"C:\windows\SysNative\tasks\TVT\LenovoWERMonitor" ["C:\Program Files (x86)\Common Files\lenovo\SUP\sup_wermonitor.exe"]
"C:\windows\SysNative\tasks\TVT\TVSUUpdateTask" ["C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe"]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\g562jqgp.default
18CF51689186AEB9D1D149AEB0E92D03    - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL -    Microsoft Office 2013


==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{BDD2CFDD-E5A4-46BF-AEBE-8FFF71B0013A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{BDD2CFDD-E5A4-46BF-AEBE-8FFF71B0013A} Unknown  Url="Not_Found"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on Thu 08/28/2014 at 11:30:02.99 ======================
 

 

 

 

Thanks again,

Chris

Link to post
Share on other sites

Hi :)



JRTbythisisu.png Fix with Junkware Removal Tool

Please download JRT by Thisisu and save the file to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on JRTbythisisu.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and let this process run uninterrupted.
  • This scan can take a while, depending on your System specs.
  • Upon completion, a log (JRT.txt) will open on your desktop.

Please include the contents of that file in your reply.
Do not forget to re-enable your previously switched off protection software!
Please also manually reboot your machine after this procedure.



adwcleaner_new.png Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your desktop.

  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and click Scan.
  • When finished, please click Clean.
  • Upon completion, click Report. A log (AdwCleaner[s*].txt) will open.

Please include the contents of that file in your reply.

Link to post
Share on other sites
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.