Jump to content

Keylogger detected on my computer, but I don't think it's removed


isaacjr7
 Share

Recommended Posts

I think my computer is affected by keylogger, this all started when I downloaded an addon for a game I like to play. Windows defender picked up malware, It showed up on the top right hand corner of my screen, I did a full scan on windows defender and malwarebytes, neither of them picked up anything, I then went to 'history' on windows defender and saw that it found something caled 'perfectkeylogger' I removed it straight away, I did another scan, but nothing could be found. I still think there could be a virus on my computer, but I don't know how to find it, or how to remove it, I have logs from FRST 64:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014
Ran by Isaac (administrator) on ISAAC on 31-12-2014 15:34:58
Running from C:\Users\Isaac\Downloads
Loaded Profiles: Isaac &  (Available profiles: Isaac)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(LoL Skin Installer) C:\Users\Isaac\Desktop\SIU 4.34-Lite\Skin Installer Ultimate.exe
(Microsoft Corporation) C:\Windows\System32\SndVol.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12937872 2012-07-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [btPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-11-01] ()
HKLM\...\Run: [synLenovoGestureMgr] => C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [665400 2012-11-30] (Synaptics)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2013-03-19] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2013-03-19] (Lenovo(beijing) Limited)
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3008824 2012-11-30] (Synaptics Incorporated)
HKLM-x32\...\Run: [332BigDog] => C:\Program Files (x86)\USB Camera2\VM332STI.EXE [548864 2012-03-20] (Vimicro)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-07-26] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [MuteSync] => C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe [343040 2012-02-04] (Lenovo)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-778363092-4269730154-400294747-1001\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [1940160 2014-11-18] (Valve Corporation)
HKU\S-1-5-21-778363092-4269730154-400294747-1001\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30873192 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-778363092-4269730154-400294747-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095328 2014-09-16] (Nota Inc.)
HKU\S-1-5-21-778363092-4269730154-400294747-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [1940160 2014-11-18] (Valve Corporation)
HKU\S-1-5-21-778363092-4269730154-400294747-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30873192 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-778363092-4269730154-400294747-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095328 2014-09-16] (Nota Inc.)
ShellIconOverlayIdentifiers: [sugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [sugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [sugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [sugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-778363092-4269730154-400294747-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-778363092-4269730154-400294747-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-778363092-4269730154-400294747-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-778363092-4269730154-400294747-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
HKU\S-1-5-21-778363092-4269730154-400294747-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
HKU\S-1-5-21-778363092-4269730154-400294747-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-778363092-4269730154-400294747-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
HKU\S-1-5-21-778363092-4269730154-400294747-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
SearchScopes: HKU\S-1-5-21-778363092-4269730154-400294747-1001 -> DefaultScope {12DCC037-EDE2-4208-8285-54B6BBFF8718} URL = 
SearchScopes: HKU\S-1-5-21-778363092-4269730154-400294747-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {12DCC037-EDE2-4208-8285-54B6BBFF8718} URL = 
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095} 
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
 
FireFox:
========
FF ProfilePath: C:\Users\Isaac\AppData\Roaming\Mozilla\Firefox\Profiles\3hgc6nfp.default
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Extension: Adblock Plus - C:\Users\Isaac\AppData\Roaming\Mozilla\Firefox\Profiles\3hgc6nfp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-29]
 
Chrome: 
=======
CHR Profile: C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-21]
CHR Extension: (Google Docs) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-21]
CHR Extension: (Google Drive) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-21]
CHR Extension: (YouTube) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-21]
CHR Extension: (Adblock Plus) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-09-21]
CHR Extension: (Ratings Preview for YouTube™) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbhdenfmgbagncdmgbholejjpmmiank [2014-09-23]
CHR Extension: (Google Search) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-21]
CHR Extension: (Help Me) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcnpiaklebapgfbhkdibfgemmajmgkon [2014-11-25]
CHR Extension: (Tampermonkey) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-12-31]
CHR Extension: (Google Sheets) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-21]
CHR Extension: (Google Wallet) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-21]
CHR Extension: (Gmail) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-21]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231040 2012-11-01] (Qualcomm Atheros Commnucations)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [182304 2014-11-29] (EasyAntiCheat Ltd)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-12-14] (Nitro PDF Software)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2014-12-07] ()
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-12-02] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-12-02] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-11-01] (Atheros) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-11-01] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45112 2014-12-13] (LogMeIn Inc.)
R3 HP8107Fltr; C:\Windows\System32\drivers\HP8107.sys [13824 2010-02-04] (Windows ® Win 7 DDK provider)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-31] (Malwarebytes Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31032 2012-11-30] (Synaptics Incorporated)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-12-02] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-31 15:34 - 2014-12-31 15:36 - 00018574 _____ () C:\Users\Isaac\Downloads\FRST.txt
2014-12-31 15:34 - 2014-12-31 15:35 - 00000000 ____D () C:\FRST
2014-12-31 15:34 - 2014-12-31 15:34 - 02123264 _____ (Farbar) C:\Users\Isaac\Downloads\FRST64.exe
2014-12-31 15:34 - 2014-12-31 15:34 - 02123264 _____ (Farbar) C:\Users\Isaac\Desktop\FRST64.exe
2014-12-31 03:30 - 2014-12-31 03:30 - 00304000 _____ () C:\Users\Isaac\Downloads\greasemonkey-2.3-fx.xpi
2014-12-30 17:24 - 2014-12-31 15:16 - 00000000 ____D () C:\Users\Isaac\Desktop\SIU 4.34-Lite
2014-12-30 17:24 - 2014-12-30 16:33 - 07916654 _____ () C:\Users\Isaac\Desktop\SIU 4.34-Lite.zip
2014-12-30 16:39 - 2014-12-30 16:39 - 07916654 _____ () C:\Users\Isaac\Downloads\SIU 4.34-Lite (1).zip
2014-12-30 16:33 - 2014-12-30 16:33 - 07916654 _____ () C:\Users\Isaac\Downloads\SIU 4.34-Lite.zip
2014-12-30 13:33 - 2014-12-30 13:33 - 00000949 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-12-30 13:33 - 2014-12-30 13:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-30 13:33 - 2014-12-30 13:33 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-28 19:43 - 2014-12-28 19:43 - 05806592 _____ () C:\Users\Isaac\Downloads\adap_gc_1515.ppt
2014-12-26 17:44 - 2014-12-26 17:44 - 00000219 _____ () C:\Users\Isaac\Desktop\Left 4 Dead 2.url
2014-12-25 11:18 - 2014-12-25 11:18 - 00000000 ____D () C:\Users\Isaac\AppData\Roaming\MMFApplications
2014-12-25 11:10 - 2014-12-25 11:10 - 00000222 _____ () C:\Users\Isaac\Desktop\Five Nights at Freddy's.url
2014-12-14 13:13 - 2014-12-30 13:35 - 00000000 ____D () C:\Users\Isaac\AppData\Local\LogMeIn Hamachi
2014-12-14 13:13 - 2014-12-14 13:13 - 00000000 ____D () C:\Users\Isaac\AppData\Local\LogMeIn
2014-12-14 13:13 - 2014-12-14 13:13 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-12-14 13:10 - 2014-12-14 13:10 - 08527872 _____ () C:\Users\Isaac\Downloads\Hamachi.msi
2014-12-14 12:55 - 2014-12-14 12:56 - 00000000 ____D () C:\Users\Isaac\AppData\Roaming\mineshafter_squared
2014-12-14 12:55 - 2014-12-14 12:55 - 01405498 _____ () C:\Users\Isaac\Downloads\MineshafterSquared.exe
2014-12-13 20:28 - 2014-12-13 20:28 - 00125138 _____ () C:\Users\Isaac\Downloads\XRay-1.8.1-v2.15.2.jar
2014-12-13 20:24 - 2014-12-13 20:25 - 01148074 _____ () C:\Users\Isaac\Downloads\(1.2)TheSimpleXrayModInstaller(2.0)(MC1.8)thehen101.jar
2014-12-13 19:58 - 2014-12-13 19:58 - 00675988 _____ () C:\Users\Isaac\Downloads\Minecraft (1).exe
2014-12-13 19:58 - 2014-12-13 19:58 - 00675988 _____ () C:\Users\Isaac\Desktop\Minecraft (1).exe
2014-12-13 17:01 - 2014-12-13 17:01 - 00045112 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2014-12-12 23:03 - 2014-12-12 23:03 - 00000222 _____ () C:\Users\Isaac\Desktop\Awesomenauts.url
2014-12-12 19:23 - 2014-12-12 19:23 - 00000000 ____D () C:\Users\Isaac\Documents\Klei
2014-12-12 19:21 - 2014-12-12 19:21 - 00000222 _____ () C:\Users\Isaac\Desktop\Don't Starve Together Beta.url
2014-12-12 17:49 - 2014-10-30 22:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-12 17:49 - 2014-10-30 22:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-12 02:01 - 2014-12-12 02:01 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2014-12-10 23:09 - 2014-11-10 02:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-10 23:09 - 2014-11-10 01:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-10 23:09 - 2014-10-30 23:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-10 23:09 - 2014-10-30 23:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-10 23:00 - 2014-12-03 23:37 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-12-10 23:00 - 2014-12-03 23:09 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2014-12-10 23:00 - 2014-12-02 23:09 - 01083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-12-10 23:00 - 2014-12-02 23:09 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2014-12-10 23:00 - 2014-12-02 23:09 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-12-10 23:00 - 2014-12-02 23:09 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-12-10 23:00 - 2014-12-02 23:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-12-10 23:00 - 2014-11-22 03:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-10 23:00 - 2014-11-22 02:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-10 23:00 - 2014-11-22 02:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-10 23:00 - 2014-11-22 02:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-10 23:00 - 2014-11-22 02:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-10 23:00 - 2014-11-22 02:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-10 23:00 - 2014-11-22 02:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-10 23:00 - 2014-11-22 02:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-10 23:00 - 2014-11-22 02:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-10 23:00 - 2014-11-22 02:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-10 23:00 - 2014-11-22 02:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-10 23:00 - 2014-11-22 02:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-10 23:00 - 2014-11-22 02:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-10 23:00 - 2014-11-22 02:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-10 23:00 - 2014-11-22 02:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-10 23:00 - 2014-11-22 01:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-10 23:00 - 2014-11-22 01:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-10 23:00 - 2014-11-22 01:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-10 23:00 - 2014-11-22 01:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-10 23:00 - 2014-11-22 01:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-10 23:00 - 2014-11-22 01:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-10 23:00 - 2014-11-22 01:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-10 23:00 - 2014-11-22 01:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-10 23:00 - 2014-11-22 01:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-10 23:00 - 2014-11-22 01:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-10 23:00 - 2014-11-22 01:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-10 23:00 - 2014-11-22 01:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-10 23:00 - 2014-11-22 01:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-10 23:00 - 2014-11-22 01:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-10 23:00 - 2014-11-22 01:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-10 23:00 - 2014-11-22 01:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-10 23:00 - 2014-11-22 01:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-10 23:00 - 2014-11-22 01:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-10 23:00 - 2014-11-22 01:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-10 23:00 - 2014-11-22 01:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-10 23:00 - 2014-11-22 01:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-10 23:00 - 2014-11-22 01:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-10 23:00 - 2014-11-22 00:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-10 23:00 - 2014-11-22 00:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-10 23:00 - 2014-11-07 04:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-10 23:00 - 2014-11-07 03:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-10 23:00 - 2014-10-31 23:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-10 23:00 - 2014-10-31 23:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-07 18:45 - 2014-12-07 18:52 - 107672480 _____ () C:\Users\Isaac\Downloads\J. Cole - 2014 Forest Hills Drive.zip
2014-12-07 18:42 - 2014-12-07 18:42 - 00013118 _____ () C:\Users\Isaac\Downloads\J._Cole_-_2014_Forest_Hills_Drive_[MP3_320_KBPS].torrent
2014-12-07 14:01 - 2014-12-07 14:06 - 00347464 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2014-12-07 14:01 - 2014-12-07 14:01 - 00000000 ____D () C:\Users\Isaac\AppData\Local\PunkBuster
2014-12-07 13:15 - 2014-12-07 14:06 - 00347464 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-12-07 13:15 - 2014-12-07 14:06 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-12-07 13:15 - 2014-12-07 14:01 - 00281288 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-12-06 21:32 - 2014-12-06 21:32 - 00000000 ____D () C:\Users\Isaac\AppData\Roaming\StunlockStudios
2014-12-04 22:12 - 2014-12-04 22:14 - 297327075 _____ () C:\Users\Isaac\Downloads\Holiday Extras Consol Sales AS IF CHANGES SEPT14.xlsx
2014-12-04 17:55 - 2014-12-04 17:55 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-12-04 16:00 - 2014-11-26 21:10 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-12-04 16:00 - 2014-11-26 21:10 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-04 15:55 - 2014-12-04 16:04 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-12-02 16:22 - 2014-08-23 07:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-12-02 16:22 - 2014-08-23 07:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-12-02 16:22 - 2014-08-23 06:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-12-02 16:22 - 2014-08-23 05:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-12-02 16:22 - 2014-08-23 04:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-12-02 16:22 - 2014-08-15 00:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-12-02 16:21 - 2014-08-16 04:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-12-02 16:21 - 2014-08-16 04:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-12-02 16:21 - 2014-08-16 03:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-12-02 16:21 - 2014-08-16 03:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-12-02 16:21 - 2014-08-16 03:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-12-02 16:21 - 2014-08-16 01:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-12-02 16:21 - 2014-08-16 01:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-12-02 16:21 - 2014-08-16 00:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-12-02 16:21 - 2014-08-16 00:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-12-02 16:21 - 2014-08-16 00:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-12-02 16:21 - 2014-08-16 00:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-12-02 16:21 - 2014-08-16 00:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-12-02 16:21 - 2014-08-16 00:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-12-02 16:21 - 2014-08-16 00:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-12-02 16:21 - 2014-08-16 00:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-12-02 16:21 - 2014-08-16 00:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-12-02 16:21 - 2014-08-16 00:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-12-02 16:21 - 2014-08-16 00:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-12-02 16:21 - 2014-08-16 00:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-12-02 16:21 - 2014-08-16 00:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-12-02 16:21 - 2014-08-16 00:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-12-02 16:21 - 2014-08-16 00:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-12-02 16:21 - 2014-08-16 00:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-12-02 16:21 - 2014-08-16 00:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-12-02 16:21 - 2014-08-16 00:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-12-02 16:21 - 2014-08-16 00:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-12-02 16:21 - 2014-08-16 00:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-12-02 16:21 - 2014-08-16 00:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-12-02 16:21 - 2014-08-16 00:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-12-02 16:21 - 2014-08-16 00:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-12-02 16:14 - 2014-08-02 00:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-12-02 16:13 - 2014-07-15 18:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-12-02 16:13 - 2014-07-15 08:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-12-02 16:13 - 2014-07-15 08:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-12-02 16:13 - 2014-07-15 08:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-12-02 16:13 - 2014-06-09 22:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-12-02 16:13 - 2014-06-09 22:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-12-02 16:12 - 2014-07-10 04:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lockscreencn.dll
2014-12-02 16:12 - 2014-06-02 02:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-12-02 16:12 - 2014-05-31 06:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-12-02 16:12 - 2014-05-31 06:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-12-02 16:12 - 2014-05-31 04:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-12-02 16:12 - 2014-05-31 04:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-12-02 16:12 - 2014-05-31 04:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-12-02 16:12 - 2014-05-27 09:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-12-02 16:12 - 2014-05-27 09:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-12-02 16:12 - 2014-05-03 05:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-12-02 16:12 - 2014-05-03 05:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-12-02 16:12 - 2014-05-03 05:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-12-02 16:12 - 2014-05-03 05:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-12-02 16:12 - 2014-05-03 04:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-12-02 16:12 - 2014-05-03 04:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-12-02 16:12 - 2014-05-03 04:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-12-02 16:12 - 2014-05-02 23:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-12-02 16:12 - 2014-04-30 06:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-12-02 16:12 - 2014-04-30 06:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-12-02 16:12 - 2014-04-30 06:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-12-02 16:12 - 2014-04-30 06:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-12-02 16:12 - 2014-04-30 05:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-12-02 16:12 - 2014-04-30 04:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-12-02 16:12 - 2014-04-30 04:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-12-02 16:12 - 2014-04-30 04:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-12-02 16:12 - 2014-04-30 04:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-12-02 16:12 - 2014-04-30 04:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-12-02 16:12 - 2014-04-30 04:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-12-02 16:12 - 2014-04-30 03:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-12-02 16:12 - 2014-04-30 03:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-12-02 16:12 - 2014-04-30 03:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-12-02 16:12 - 2014-04-30 03:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-12-02 16:12 - 2014-04-30 03:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-12-02 16:12 - 2014-04-30 03:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-12-02 16:12 - 2014-04-28 22:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-12-02 16:12 - 2014-04-26 16:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-12-02 16:12 - 2014-04-14 09:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-12-02 16:12 - 2014-04-14 08:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-12-02 16:12 - 2014-04-14 05:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-12-02 16:11 - 2014-07-24 03:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-12-02 16:11 - 2014-07-24 03:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-12-02 16:11 - 2014-07-12 04:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-12-02 07:46 - 2014-12-30 13:36 - 00000000 ____D () C:\Users\Isaac\OneDrive
2014-12-02 07:46 - 2014-12-02 07:46 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2014-12-02 07:42 - 2014-12-02 07:42 - 00001453 _____ () C:\Users\Isaac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-02 07:41 - 2014-12-02 07:41 - 00000020 ___SH () C:\Users\Isaac\ntuser.ini
2014-12-02 05:25 - 2014-12-02 05:25 - 00000000 __SHD () C:\Recovery
2014-12-02 05:24 - 2014-12-03 00:00 - 00000000 ___DC () C:\WINDOWS\Panther
2014-12-02 05:24 - 2014-12-02 05:24 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-12-02 05:24 - 2014-12-02 05:24 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-12-02 05:24 - 2014-12-02 05:24 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-12-02 05:24 - 2014-12-02 05:24 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-12-02 05:23 - 2014-12-02 05:23 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-12-02 05:23 - 2014-12-02 05:23 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-12-02 05:23 - 2014-12-02 05:23 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-12-02 05:23 - 2014-12-02 05:23 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-12-02 05:23 - 2014-12-02 05:23 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-12-02 05:23 - 2014-12-02 05:23 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-12-02 05:23 - 2014-12-02 05:23 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-12-02 05:23 - 2014-12-02 05:23 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-12-02 05:23 - 2014-12-02 05:23 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-12-02 05:23 - 2014-12-02 05:23 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-12-02 05:23 - 2014-12-02 05:23 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-12-02 05:23 - 2014-12-02 05:23 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-12-02 05:23 - 2014-12-02 05:23 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-12-02 05:23 - 2014-12-02 05:23 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-12-02 05:23 - 2014-12-02 05:23 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-12-02 05:23 - 2014-12-02 05:23 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-12-02 05:23 - 2014-12-02 05:23 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-02 05:23 - 2014-12-02 05:23 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-12-02 05:23 - 2014-12-02 05:23 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2014-12-02 05:23 - 2014-12-02 05:23 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-02 05:23 - 2014-12-02 05:23 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-12-02 05:23 - 2014-12-02 05:23 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-12-02 05:23 - 2014-12-02 05:23 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2014-12-02 05:23 - 2014-12-02 05:23 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-12-02 05:23 - 2014-12-02 05:23 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-12-02 05:23 - 2014-12-02 05:23 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-02 05:23 - 2014-12-02 05:23 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-12-02 05:23 - 2014-12-02 05:23 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-12-02 05:23 - 2014-12-02 05:23 - 00054592 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdusb.dll
2014-12-02 05:23 - 2014-12-02 05:23 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-02 05:22 - 2014-12-02 05:22 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-12-02 05:22 - 2014-12-02 05:22 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-12-02 05:22 - 2014-12-02 05:22 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-12-02 05:22 - 2014-12-02 05:22 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2014-12-02 05:22 - 2014-12-02 05:22 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2014-12-02 05:22 - 2014-12-02 05:22 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-12-02 05:22 - 2014-12-02 05:22 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2014-12-02 05:22 - 2014-12-02 05:22 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2014-12-02 05:22 - 2014-12-02 05:22 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-12-02 05:22 - 2014-12-02 05:22 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-12-02 05:22 - 2014-12-02 05:22 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-12-02 05:22 - 2014-12-02 05:22 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2014-12-02 05:22 - 2014-12-02 05:22 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2014-12-02 05:22 - 2014-12-02 05:22 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-12-02 05:22 - 2014-12-02 05:22 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2014-12-02 05:22 - 2014-12-02 05:22 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2014-12-02 05:22 - 2014-12-02 05:22 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2014-12-02 05:22 - 2014-12-02 05:22 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2014-12-02 05:22 - 2014-12-02 05:22 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2014-12-02 05:22 - 2014-12-02 05:22 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2014-12-02 05:20 - 2014-12-02 05:20 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-12-02 05:20 - 2014-12-02 05:20 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-12-02 05:20 - 2014-12-02 05:20 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-12-02 05:20 - 2014-12-02 05:20 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-12-02 05:20 - 2014-12-02 05:20 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-12-02 05:20 - 2014-12-02 05:20 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-12-02 05:20 - 2014-12-02 05:20 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-12-02 05:20 - 2014-12-02 05:20 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-12-02 05:20 - 2014-12-02 05:20 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-12-02 05:20 - 2014-12-02 05:20 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-12-02 05:20 - 2014-12-02 05:20 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-12-02 05:20 - 2014-12-02 05:20 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-12-02 05:20 - 2014-12-02 05:20 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-12-02 05:20 - 2014-12-02 05:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-12-02 05:20 - 2014-12-02 05:20 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-12-02 05:20 - 2014-12-02 05:20 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2014-12-02 05:20 - 2014-12-02 05:20 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-12-02 05:20 - 2014-12-02 05:20 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-12-02 05:20 - 2014-12-02 05:20 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-12-02 05:20 - 2014-12-02 05:20 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-12-02 05:20 - 2014-12-02 05:20 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-12-02 05:20 - 2014-12-02 05:20 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-12-02 05:20 - 2014-12-02 05:20 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-12-02 05:20 - 2014-12-02 05:20 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2014-12-02 05:20 - 2014-12-02 05:20 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2014-12-02 05:20 - 2014-12-02 05:20 - 00148800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-12-02 05:20 - 2014-12-02 05:20 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-12-02 05:20 - 2014-12-02 05:20 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-12-02 05:19 - 2014-12-02 05:19 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-12-02 05:19 - 2014-12-02 05:19 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-12-02 05:19 - 2014-12-02 05:19 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-12-02 05:19 - 2014-12-02 05:19 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-12-02 05:19 - 2014-12-02 05:19 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-12-02 05:19 - 2014-12-02 05:19 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-12-02 05:19 - 2014-12-02 05:19 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-12-02 05:19 - 2014-12-02 05:19 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-12-02 05:19 - 2014-12-02 05:19 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-12-02 05:19 - 2014-12-02 05:19 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-12-02 05:19 - 2014-12-02 05:19 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-12-02 05:19 - 2014-12-02 05:19 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-12-02 05:19 - 2014-12-02 05:19 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-12-02 05:19 - 2014-12-02 05:19 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-12-02 05:19 - 2014-12-02 05:19 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-12-02 05:19 - 2014-12-02 05:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-12-02 05:19 - 2014-12-02 05:19 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-12-02 05:19 - 2014-12-02 05:19 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-12-02 05:18 - 2014-12-02 05:18 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-12-02 05:18 - 2014-12-02 05:18 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-12-02 05:15 - 2014-12-02 05:15 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-12-02 05:15 - 2014-12-02 05:15 - 00000000 ____D () C:\Program Files\MSBuild
2014-12-02 05:15 - 2014-12-02 05:15 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-12-02 05:15 - 2014-12-01 21:42 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-12-02 05:14 - 2013-08-03 04:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-12-02 05:14 - 2013-08-03 04:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-12-02 05:14 - 2013-08-03 04:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-12-02 05:14 - 2013-08-03 04:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-12-01 21:57 - 2014-12-31 15:32 - 01593545 _____ () C:\WINDOWS\WindowsUpdate.log
2014-12-01 21:56 - 2014-12-01 21:56 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-12-01 21:44 - 2014-12-01 21:44 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-12-01 21:37 - 2014-12-01 21:37 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-12-01 21:35 - 2014-12-21 04:26 - 00000000 ____D () C:\Users\Isaac
2014-12-01 21:35 - 2014-12-01 21:56 - 00020958 _____ () C:\WINDOWS\diagwrn.xml
2014-12-01 21:35 - 2014-12-01 21:56 - 00020958 _____ () C:\WINDOWS\diagerr.xml
2014-12-01 21:35 - 2014-12-01 21:37 - 00000000 ___RD () C:\Users\Isaac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-01 21:35 - 2014-12-01 21:37 - 00000000 ___RD () C:\Users\Isaac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-12-01 21:35 - 2014-09-24 07:23 - 00000369 _____ () C:\Users\Isaac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-12-01 21:35 - 2014-09-24 07:23 - 00000369 _____ () C:\Users\Isaac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-12-01 21:35 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Isaac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-01 21:35 - 2013-08-22 15:36 - 00000000 ____D () C:\Users\Isaac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-01 21:30 - 2014-12-01 21:30 - 00000000 ____D () C:\Program Files (x86)\USB Camera2
2014-12-01 21:29 - 2014-12-01 21:42 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-12-01 21:29 - 2014-12-01 21:29 - 00000264 _____ () C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
2014-12-01 21:29 - 2014-12-01 21:29 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-12-01 21:28 - 2014-12-01 21:42 - 00000000 ____D () C:\Program Files\Intel
2014-12-01 21:28 - 2014-10-01 19:54 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2014-12-01 21:28 - 2014-10-01 19:54 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2014-12-01 21:27 - 2014-12-01 21:27 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2014-12-01 21:27 - 2014-12-01 21:27 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-12-01 21:27 - 2014-12-01 21:27 - 00000000 ____D () C:\Program Files\Synaptics
2014-12-01 21:27 - 2014-12-01 21:27 - 00000000 ____D () C:\Program Files\Realtek
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-31 15:31 - 2014-09-21 15:16 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-31 15:17 - 2014-09-26 14:56 - 00000000 ____D () C:\Users\Isaac\AppData\Roaming\Skype
2014-12-31 15:16 - 2014-09-22 15:58 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-12-31 15:00 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-12-31 13:58 - 2014-09-21 15:19 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-778363092-4269730154-400294747-1001
2014-12-31 13:47 - 2014-09-22 17:42 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-30 21:31 - 2014-09-21 15:16 - 00000914 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-30 13:33 - 2013-08-22 14:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-30 13:32 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-12-30 13:31 - 2014-10-25 07:22 - 00000000 ____D () C:\Users\Isaac\AppData\Local\Battle.net
2014-12-30 04:36 - 2014-10-28 15:20 - 00000000 ____D () C:\Users\Isaac\AppData\Roaming\TS3Client
2014-12-28 13:34 - 2013-08-22 14:46 - 00289384 _____ () C:\WINDOWS\setupact.log
2014-12-28 00:15 - 2014-09-24 14:28 - 00000000 ___RD () C:\Users\Isaac\Desktop\Lenovo Stuff
2014-12-27 22:58 - 2014-11-30 17:19 - 00000000 ____D () C:\Users\Isaac\AppData\Local\Pokemon Showdown
2014-12-26 22:19 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-12-26 17:44 - 2014-09-23 15:10 - 00000000 ____D () C:\Users\Isaac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-26 11:10 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\tracing
2014-12-25 14:17 - 2014-09-24 14:29 - 00000000 ___RD () C:\Users\Isaac\Desktop\Other Stuff
2014-12-25 14:17 - 2014-09-23 16:42 - 00000000 ___RD () C:\Users\Isaac\Desktop\My Games
2014-12-24 15:21 - 2014-11-08 21:24 - 00000000 ____D () C:\Users\Isaac\AppData\Roaming\.minecraft
2014-12-23 20:21 - 2014-10-04 18:14 - 00000024 _____ () C:\Users\Isaac\random.dat
2014-12-23 18:43 - 2014-10-17 17:31 - 00000044 _____ () C:\Users\Isaac\jagex_cl_oldschool_LIVE.dat
2014-12-23 06:51 - 2014-09-26 14:56 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-23 06:51 - 2014-09-26 14:55 - 00000000 ____D () C:\ProgramData\Skype
2014-12-22 18:48 - 2014-09-22 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-22 18:48 - 2014-09-22 15:58 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-22 01:08 - 2014-11-07 22:13 - 00000000 ____D () C:\Program Files (x86)\Glyph
2014-12-18 08:06 - 2012-07-26 07:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-18 07:46 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-12-17 09:03 - 2014-10-25 07:23 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-12-14 13:56 - 2014-10-25 07:22 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-12-14 12:05 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-12 19:23 - 2014-10-10 23:54 - 00001558 _____ () C:\Users\Isaac\songList.txt
2014-12-12 19:23 - 2014-10-10 23:54 - 00000013 _____ () C:\Users\Isaac\rlvote.txt
2014-12-12 17:19 - 2014-09-21 18:05 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-12 17:12 - 2014-09-21 18:05 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-12 02:01 - 2014-09-24 09:50 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-12-12 02:01 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-12 02:01 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-12 02:01 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-09 16:00 - 2014-09-24 07:15 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-09 15:54 - 2014-09-24 07:03 - 00085334 _____ () C:\WINDOWS\PFRO.log
2014-12-07 13:56 - 2014-09-26 18:49 - 00061918 _____ () C:\WINDOWS\DirectX.log
2014-12-07 13:16 - 2014-09-23 16:29 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-04 16:04 - 2014-09-21 15:11 - 00000000 ____D () C:\Users\Isaac\AppData\Local\Packages
2014-12-04 15:59 - 2013-08-22 14:44 - 00337840 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-12-04 15:55 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-12-04 15:55 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-12-04 15:54 - 2014-10-31 02:05 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2014-12-03 23:28 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-12-02 07:46 - 2013-08-22 14:46 - 00000262 _____ () C:\WINDOWS\setuperr.log
2014-12-02 07:46 - 2013-03-19 21:49 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite
2014-12-02 07:42 - 2014-09-22 15:46 - 00000451 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-12-02 05:24 - 2013-08-22 15:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-12-02 05:22 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-02 05:22 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-02 05:22 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-12-02 05:22 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-12-02 05:20 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-12-02 05:20 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-12-02 05:20 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-12-02 05:20 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-12-01 21:57 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-12-01 21:57 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-12-01 21:56 - 2014-11-05 20:04 - 00008139 _____ () C:\WINDOWS\comsetup.log
2014-12-01 21:54 - 2013-08-22 15:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-12-01 21:54 - 2013-08-22 15:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-12-01 21:47 - 2014-09-23 16:44 - 00000000 ____D () C:\WINDOWS\SysWOW64\1033
2014-12-01 21:47 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-12-01 21:46 - 2014-11-16 00:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-01 21:46 - 2014-11-07 22:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph
2014-12-01 21:46 - 2014-10-30 22:03 - 00000000 ____D () C:\Users\Isaac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-12-01 21:46 - 2014-10-29 16:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
2014-12-01 21:46 - 2014-10-28 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-12-01 21:46 - 2014-10-25 07:58 - 00000000 ____D () C:\Users\Isaac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-12-01 21:46 - 2014-10-25 07:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-12-01 21:46 - 2014-10-25 07:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-12-01 21:46 - 2014-10-25 07:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-12-01 21:46 - 2014-09-26 14:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-12-01 21:46 - 2014-09-26 14:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
2014-12-01 21:46 - 2014-09-23 16:44 - 00000000 ____D () C:\WINDOWS\system32\1033
2014-12-01 21:46 - 2014-09-23 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013
2014-12-01 21:46 - 2014-09-22 17:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-01 21:46 - 2014-09-22 17:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy
2014-12-01 21:46 - 2014-09-21 15:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-12-01 21:46 - 2014-09-21 15:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-01 21:46 - 2013-03-19 22:21 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneKey Recovery
2014-12-01 21:46 - 2013-03-19 22:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel AppUp(SM) center
2014-12-01 21:46 - 2013-03-19 22:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-12-01 21:46 - 2013-03-19 22:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2014-12-01 21:44 - 2014-09-24 06:33 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-12-01 21:44 - 2014-09-24 06:33 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-12-01 21:44 - 2014-09-24 06:33 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-12-01 21:44 - 2013-08-22 15:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log
2014-12-01 21:44 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-12-01 21:44 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-12-01 21:44 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-12-01 21:44 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-12-01 21:44 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-12-01 21:44 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-12-01 21:44 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-12-01 21:44 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-12-01 21:44 - 2013-03-19 21:59 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2014-12-01 21:44 - 2012-07-26 05:37 - 00000000 ____D () C:\Users\Default.migrated
2014-12-01 21:42 - 2014-10-24 15:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
2014-12-01 21:42 - 2014-09-23 16:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2014-12-01 21:42 - 2013-08-22 15:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-12-01 21:42 - 2013-08-22 15:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-12-01 21:42 - 2013-08-22 15:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-12-01 21:42 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\Resources
2014-12-01 21:42 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\Help
2014-12-01 21:42 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-12-01 21:42 - 2012-10-09 23:10 - 00000000 ____D () C:\ProgramData\PRICache
2014-12-01 21:37 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-12-01 21:30 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\System
2014-12-01 21:26 - 2013-08-22 13:36 - 00000000 __RHD () C:\Users\Default
2014-12-01 21:05 - 2013-03-19 21:30 - 02022479 _____ () C:\WINDOWS\WindowsUpdate (1).log
2014-12-01 16:51 - 2012-07-26 08:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
 
Files to move or delete:
====================
C:\Users\Isaac\alotic_preferences.dat
C:\Users\Isaac\alotic_preferences2.dat
C:\Users\Isaac\guardian_noregret_LIVE.dat
C:\Users\Isaac\jagex_cl_loginapplet_LIVE.dat
C:\Users\Isaac\jagex_cl_oldschool_LIVE.dat
C:\Users\Isaac\jagex_cl_runescape_LIVE.dat
C:\Users\Isaac\random.dat
C:\Users\Isaac\Vindictus.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-12-31 13:59
 
==================== End Of Log ============================

 

 

If anyone could help me, I'd appreciate it

Addition.txt

FRST.txt

Link to post
Share on other sites

That's a legitimate program:
http://www.blazingtools.com/bpk.html

==========================

The logs look OK

Download and run rkill (post the log):
http://www.bleepingcomputer.com/download/rkill/dl/132/

Then......
 Please download and run RogueKiller 32 bit to your desktop.

RogueKiller<---use this one for 64 bit systems

Which system am I using?

Quit all running programs.

For Windows XP, double-click to start.
For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.


Wait for the Prescan to finish

Click Scan to scan the system.
When the scan completes > Don't Fix anything! > Click on the Report Button and post the Report back here.

Don't run any other options, they're not all bad!!!!!!!

RogueKiller logs will also be located here:
%programdata%/RogueKiller/Logs <-------W7
C:\Documents and Settings\All Users\Application Data\RogueKiller\Logs <-------XP

MrC

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.