Solved 2 Csrss.exe running at the same time win8 64-bit

Dara_Nero · Jan 29, 2014

There are 2 Csrss.exe running on my laptop and I don't know if it's a virus or not. Also, there's an svchost.exe that runs in 83,000+ k memory and I don't think it's normal. please help me.

Broni · Jan 29, 2014

Welcome aboard

Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

Dara_Nero · Jan 30, 2014

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.30.03

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16476
hp 13 :: HP [administrator]

Protection: Enabled

1/30/2014 7:59:21 PM
mbam-log-2014-01-30 (19-59-21).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 237019
Time elapsed: 10 minute(s), 11 second(s)

Memory Processes Detected: 1
C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe (PUP.Optional.Iminent) -> 2436 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 88
HKLM\SYSTEM\CurrentControlSet\Services\SProtection (PUP.Optional.Iminent) -> Quarantined and deleted successfully.
HKCR\AppID\{562B9316-C08A-444A-9482-62080DD851AE} (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7} (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{24F3378A-5B52-491F-AD90-88D583C42C77} (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{A09B0156-EFCE-46B4-9118-BC270EA654C1} (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0} (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
HKCR\Speed Analysis 3.ScriptHostObject.1 (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
HKCR\Speed Analysis 3.ScriptHostObject (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0} (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0} (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0} (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
HKCR\Speed Analysis 3.Tool.1 (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
HKCR\Speed Analysis 3.Tool (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{58B849FB-ECBE-4F1B-BEE0-2DC418CF68F7} (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{15998F3C-BBA9-476D-8FC2-09BE9E3B8751} (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
HKCR\Speed Analysis 3.Navbar.1 (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
HKCR\Speed Analysis 3.Navbar (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC} (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113} (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\IminentWebBooster.BrowserHelperObject.1 (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\IminentWebBooster.BrowserHelperObject (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{ACE0D5AB-50C8-4052-BD02-977569E56291} (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{0771C34F-730F-4535-AD4C-37B74D27188E} (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
HKCR\Speed Analysis 3.BackgroundHostObject.1 (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
HKCR\Speed Analysis 3.BackgroundHostObject (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
HKCR\Typelib\{D88E0FD9-31EB-48EF-BC89-35EBCE0E813C} (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
HKCR\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020} (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0af350d9-3916-454b-ac53-0b0b65f41301} (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08} (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Speed Analysis 3 (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
HKCR\iminent (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Business.Tinyfying.DownloadArgs (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Business.Tinyfying.LinkToPromoteArgs (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Business.Tinyfying.RawDataArgs (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Business.Tinyfying.TinyUrlArgs (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Business.Tinyfying.ViralLinkArgs (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.ClientCallback (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.ContractBase (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.DataContracts.GameOverCallback (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.DataContracts.GetCreditCommand (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.DataContracts.GetVariableCommand (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.DataContracts.GetVariableResult (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.DataContracts.InstallationContextResult (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.DataContracts.LoadContentCommand (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.DataContracts.LoginCommand (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.DataContracts.LogoutCommand (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.DataContracts.MyAccountCommand (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.DataContracts.PlayContentCommand (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.DataContracts.PostContentCallback (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.DataContracts.SetVariableCommand (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.DataContracts.TestContentCommand (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.DataContracts.WarmUpCommand (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.DataContracts.WelcomeCommand (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.ServerCommand (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.Communication.ServerResult (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.LightContent (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.LightUri (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\Iminent.Mediator.MediatorServiceProxy (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\IminentWebBooster.ScriptExtender (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\IminentWebBooster.ScriptExtender.1 (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCR\AppID\Iminent.WebBooster.InternetExplorer.DLL (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCU\Software\Iminent (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
HKCU\Software\InstallCore\1I1T1Q1S (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\UMBRELLA (PUP.Optional.Umbrella.A) -> Quarantined and deleted successfully.
HKLM\Software\Iminent (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.

Registry Values Detected: 5
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0M1K1N1M1T -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Umbrella|MUpdBlock (PUP.Optional.Umbrella.A) -> Data: {
"MASSUPDATE" : {
"CHROME_MBAR" : {
"Checked" : 1,
"RetryIdx" : 0,
"Version" : 1
},
"FIREFOX_MBAR" : {
"Checked" : 1,
"RetryIdx" : 0,
"Version" : 0,
"cmd" : "",
"url" : "http://vzapp.iminent.com/vz/C2C3AC84-2B90-47A7-8E0B-A48CBCAC2CEC/1/MbFfx.exe"
},
"IEXPLORE_BHO" : {
"Checked" : 1,
"RetryIdx" : 0,
"Version" : 1
}
}
}
-> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\SProtection|ImagePath (PUP.Optional.Iminent.A) -> Data: C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe -> Quarantined and deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Iminent (PUP.Optional.Iminent.A) -> Data: C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C" -> Quarantined and deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run|IminentMessenger (PUP.Optional.Iminent.A) -> Data: C:\Program Files (x86)\Iminent\Iminent.Messengers.exe -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 13
C:\ProgramData\IBUpdaterService (Adware.InstallBrain) -> Quarantined and deleted successfully.
C:\Users\hp 13\AppData\Roaming\SpeedAnalysis3 (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3 (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\mz (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Users\hp 13\AppData\Roaming\7go (PUP.Optional.7Go.A) -> Quarantined and deleted successfully.
C:\ProgramData\Iminent\Mediator (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
C:\ProgramData\Iminent\Mediator\Datas (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
C:\ProgramData\Iminent\Mediator\Datas\Cache (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
C:\ProgramData\Iminent\Mediator\Datas\Cache\api.iminent.com (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
C:\ProgramData\Iminent\Mediator\Datas\Cache\apix.iminent.com (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
C:\Users\hp 13\AppData\Roaming\Iminent\Mediator (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
C:\Users\hp 13\AppData\Roaming\Iminent\Mediator\Datas (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
C:\Users\hp 13\AppData\Roaming\File Scout (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.

Files Detected: 45
C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe (PUP.Optional.Iminent) -> Delete on reboot.
C:\Program Files (x86)\Speed Analysis 3\ScriptHost.dll (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\ButtonSite.dll (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\BackgroundHost.exe (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\AddonsFramework.Typelib.dll (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Windows\Installer\5c673324.msi (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
C:\ProgramData\IBUpdaterService\repository.xml (Adware.InstallBrain) -> Quarantined and deleted successfully.
C:\Users\hp 13\AppData\Roaming\speedanalysis.ico (PUP.Optional.SpeedAnalysis2.A) -> Quarantined and deleted successfully.
C:\Users\hp 13\AppData\Roaming\SpeedAnalysis3\speedanalysis.crx (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\background.html (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\AddonsFramework.Typelib64.dll (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\BackgroundHost64.exe (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\bg.js (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\ButtonSite64.dll (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\config.xml (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\content.js (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\icon128.ico (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\icon128.png (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\icon16.ico (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\icon16.png (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\icon18.ico (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\icon18.png (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\icon24.ico (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\icon24.png (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\icon32.ico (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\icon32.png (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\icon48.ico (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\icon48.png (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\icon64.ico (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\icon64.png (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\jquery-1.9.1.min.js (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\json2.min.js (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\options.htm (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\ScriptHost64.dll (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\uninst.exe (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\uninstall.exe (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\updater.js (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\updaterWrapper.js (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\mz\background.js (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Speed Analysis 3\mz\content.js (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully.
C:\Users\hp 13\AppData\Roaming\7go\7go.crx (PUP.Optional.7Go.A) -> Quarantined and deleted successfully.
C:\Users\hp 13\AppData\Roaming\7go\icon.ico (PUP.Optional.7Go.A) -> Quarantined and deleted successfully.
C:\Users\hp 13\AppData\Roaming\Iminent\Mediator\Datas\globalcache.dat (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
C:\Users\hp 13\AppData\Roaming\Iminent\Mediator\Datas\user.dat (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
C:\Users\hp 13\AppData\Roaming\File Scout\uninst.exe (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.

(end)

Dara_Nero · Jan 30, 2014

I have some concerns about the DDS step. The DDS.com isn't working and it says that it runs in 'compatibility mode' and I can't run it in compatibility mode. What will I do?

Dara_Nero · Jan 30, 2014

Damn. Someone updated my windows to 8.1. that's why it was not compatible with DDS. It was updated before I even started the cleaning. -__-

Broni · Jan 30, 2014

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please copy and paste it to your reply.

Dara_Nero · Jan 30, 2014

This is from FRST.txt.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-01-2014 01
Ran by hp 13 (administrator) on HP on 31-01-2014 07:26:36
Running from C:\Users\hp 13\Downloads
Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: https://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html
Download link for 64-Bit Version: https://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST:

==================== Processes (Whitelisted) =================

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Program Files (x86)\Nextel\ADN\RUS.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
() C:\Program Files (x86)\Garena Plus\ggdllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\chromeextension\NativeMessageHost\ToolbarNativeMsgHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.16470_none_fa2491fd9b3cfcb2\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\msfeedssync.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-28] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1664000 2014-01-14] (IDT, Inc.)
HKLM\...\Run: [Trend Micro Client Framework] - C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [229824 2013-10-09] (Trend Micro Inc.)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [BtTray] - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [379904 2013-01-10] (IVT Corporation)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [BlueStacks Agent] - C:\Program Files (x86)\BlueStacks\HD-Agent.exe [811792 2014-01-20] (BlueStack Systems, Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe" Update [21720 2014-01-28] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
MountPoints2: F - "F:\HTC_Sync_Manager_PC.exe"
MountPoints2: {d21e1bfc-7d98-11e3-bf2e-68942376b0a2} - "F:\HTC_Sync_Manager_PC.exe"

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM - {325FE238-DB55-4525-8D0A-92B59D70C25F} URL = http://www.amazon.com/s/ref=azs_osd...ode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 - {325FE238-DB55-4525-8D0A-92B59D70C25F} URL = http://www.amazon.com/s/ref=azs_osd...ode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-search.com/?q={se...mntrId=50A668942376B0A3&affID=123477&tsp=5000
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKCU - {325FE238-DB55-4525-8D0A-92B59D70C25F} URL = http://www.amazon.com/s/ref=azs_osd...ode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: TSToolbarBHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
BHO: TmIEPlugInBHO Class - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg.dll (Trend Micro Inc.)
BHO: Speed Analysis 3 - {A66261FC-B82E-4EC7-9F6D-C2F36B871DF0} - C:\Program Files (x86)\Speed Analysis 3\ScriptHost64.dll No File
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\TmBpIe64.dll (Trend Micro Inc.)
BHO-x32: TSToolbarBHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TmIEPlugInBHO Class - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg32.dll (Trend Micro Inc.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\TmBpIe64.dll (Trend Micro Inc.)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg.dll (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll (Skype Technologies)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\TmBpIe32.dll (Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg32.dll (Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 114.108.195.1 114.108.193.201

Chrome:
=======
CHR DefaultSearchKeyword: google.com.ph
CHR Extension: (Google Docs) - C:\Users\hp 13\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-12]
CHR Extension: (Google Drive) - C:\Users\hp 13\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-12]
CHR Extension: (YouTube) - C:\Users\hp 13\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-12]
CHR Extension: (TrendMicro BEP Extension) - C:\Users\hp 13\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee [2014-01-15]
CHR Extension: (Google Search) - C:\Users\hp 13\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-12]
CHR Extension: (Trend Micro Osprey Chrome Extension) - C:\Users\hp 13\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmgckcapmffomaifonnhgkfdgljnkpgi [2014-01-15]
CHR Extension: (TrendMicro Toolbar) - C:\Users\hp 13\AppData\Local\Google\Chrome\User Data\Default\Extensions\heoldelcflnigdllmlopiefhkkobendj [2014-01-15]
CHR Extension: (Google Wallet) - C:\Users\hp 13\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-12]
CHR Extension: (Gmail) - C:\Users\hp 13\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-12]
CHR HKLM\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\chrome_tmbep.crx [2014-01-15]
CHR HKLM-x32\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\chrome_tmbep.crx [2014-01-15]
CHR HKLM-x32\...\Chrome\Extension: [fmgckcapmffomaifonnhgkfdgljnkpgi] - C:\Program Files\Trend Micro\AMSP\module\20013\ChromeExt\chromeextension\TmOspreychromeExt.crx [2014-01-15]
CHR HKLM-x32\...\Chrome\Extension: [gjajpkikblccgefaibcafkfbanllpefi] - C:\Users\hp 13\AppData\Roaming\7go\7go.crx [2014-01-15]
CHR HKLM-x32\...\Chrome\Extension: [heoldelcflnigdllmlopiefhkkobendj] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\chromeextension\chromeextension.crx [2014-01-15]

==================== Services (Whitelisted) =================

R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1619704 2013-03-26] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2013-01-10] (IVT Corporation)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-01-20] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-01-20] (BlueStack Systems, Inc.)
S3 dblhost; C:\Program Files (x86)\Nextel\ADN\dblhost.exe [81968 2011-09-19] (Diginext B.V.)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-10] (Nero AG)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [655712 2012-03-06] ()
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1872568 2013-04-19] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 RUS; C:\Program Files (x86)\Nextel\ADN\RUS.exe [27696 2011-09-19] ()
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-01-14] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [x]

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows (R) Win 7 DDK provider)
S3 BlueletAudio; C:\Windows\system32\DRIVERS\blueletaudio.sys [33968 2012-12-19] (IVT Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [115472 2014-01-20] (BlueStack Systems)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
R4 BthA2DP;
S4 BthAvrcpTg;
S4 BthHFEnum;
S4 bthhfhid;
R4 BthHFSrv;
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
R0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-01-14] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [266896 2012-06-13] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1149232 2013-03-09] (Ralink Technology, Corp.)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-01-14] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-10] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-10] (Synaptics Incorporated)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-13] (Microsoft Corporation)
R1 tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [116264 2013-09-03] (Trend Micro Inc.)
R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [282624 2013-09-03] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [50976 2013-06-30] (Trend Micro Inc.)
R3 tmeevw; C:\Windows\system32\DRIVERS\tmeevw.sys [100640 2013-06-12] (Trend Micro Inc.)
S0 tmel; C:\Windows\System32\DRIVERS\tmel.sys [37904 2013-07-10] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [85424 2013-09-03] (Trend Micro Inc.)
R3 tmnciesc; C:\Windows\system32\DRIVERS\tmnciesc.sys [303392 2013-05-14] (Trend Micro Inc.)
R2 tmusa; C:\Windows\system32\DRIVERS\tmusa.sys [103712 2013-07-07] (Trend Micro Inc.)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-01-31 07:26 - 2014-01-31 07:28 - 00022894 _____ C:\Users\hp 13\Downloads\FRST.txt
2014-01-31 07:26 - 2014-01-31 07:26 - 00000000 ____D C:\FRST
2014-01-31 07:24 - 2014-01-31 07:25 - 02079744 _____ (Farbar) C:\Users\hp 13\Downloads\FRST64.exe
2014-01-31 01:50 - 2014-01-31 01:50 - 00000000 ____D C:\Users\hp 13\Documents\Plants vs. Zombies
2014-01-31 01:50 - 2014-01-31 01:50 - 00000000 ____D C:\Users\hp 13\Documents\Games
2014-01-31 01:39 - 2014-01-31 01:39 - 00000000 ____D C:\Users\hp 13\Documents\NDS
2014-01-31 00:19 - 2014-01-31 05:04 - 00000130 _____ C:\WINDOWS\SysWOW64\REMOTEDEVICE.INI
2014-01-30 23:13 - 2014-01-30 23:13 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\xim
2014-01-30 20:31 - 2014-01-30 20:32 - 00688992 _____ (Swearware) C:\Users\hp 13\Downloads\dds.scr
2014-01-30 20:04 - 2014-01-30 20:05 - 00688992 _____ (Swearware) C:\Users\hp 13\Desktop\dds.com
2014-01-30 19:56 - 2014-01-30 19:56 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\Malwarebytes
2014-01-30 19:55 - 2014-01-30 19:55 - 00001121 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-30 19:55 - 2014-01-30 19:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-30 19:55 - 2014-01-30 19:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-30 19:55 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-01-30 19:53 - 2014-01-30 19:55 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\hp 13\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-30 13:16 - 2014-01-30 13:16 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\LolClient
2014-01-30 13:08 - 2014-01-30 13:08 - 00001065 _____ C:\Users\Public\Desktop\League of Legends.lnk
2014-01-30 12:58 - 2014-01-30 13:08 - 00000000 ____D C:\Program Files (x86)\GarenaLoLPH
2014-01-29 23:41 - 2014-01-29 23:41 - 00000000 ____D C:\Users\hp 13\AppData\Local\Garena
2014-01-29 23:40 - 2014-01-29 23:40 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\Garena
2014-01-29 23:40 - 2014-01-29 23:40 - 00000000 ____D C:\ProgramData\Garena
2014-01-29 23:40 - 2014-01-29 23:40 - 00000000 ____D C:\GarenaDownload
2014-01-29 23:39 - 2014-01-31 07:24 - 00003496 _____ C:\WINDOWS\System32\Tasks\gg_uac_daemon_hp 13
2014-01-29 23:39 - 2014-01-30 23:13 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\GarenaPlus
2014-01-29 23:39 - 2014-01-29 23:39 - 00001075 _____ C:\Users\Public\Desktop\Garena Plus.lnk
2014-01-29 23:39 - 2014-01-29 23:39 - 00000000 ____D C:\Program Files (x86)\Garena Plus
2014-01-29 23:38 - 2014-01-30 23:13 - 00000000 ____D C:\ProgramData\GarenaMessenger
2014-01-29 23:27 - 2014-01-29 23:34 - 72040576 _____ C:\Users\hp 13\Downloads\GarenaPlus_Install.exe
2014-01-25 10:27 - 2014-01-25 10:27 - 00000000 ____D C:\Users\hp 13\AppData\Local\DOSBox
2014-01-25 10:26 - 2014-01-25 10:26 - 00001930 _____ C:\Users\Public\Desktop\DOSBox 0.74.lnk
2014-01-25 10:26 - 2014-01-25 10:26 - 00000000 ____D C:\Program Files (x86)\DOSBox-0.74
2014-01-25 10:22 - 2014-01-25 10:23 - 01448809 _____ (DOSBox Team) C:\Users\hp 13\Downloads\DOSBox0.74-win32-installer.exe
2014-01-25 10:17 - 2014-01-25 10:17 - 00000000 ____D C:\Users\hp 13\Downloads\WINDOWS 64bit Assembly Tool
2014-01-25 10:15 - 2014-01-25 10:15 - 00303833 _____ C:\Users\hp 13\Downloads\WINDOWS 64bit Assembly Tool.zip
2014-01-25 10:11 - 2014-01-29 18:35 - 00000000 ____D C:\TASM
2014-01-23 21:12 - 2014-01-23 21:12 - 00001836 _____ C:\Users\Public\Desktop\Apps.lnk
2014-01-23 21:12 - 2014-01-23 21:12 - 00001819 _____ C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-01-23 21:12 - 2014-01-23 21:12 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2014-01-23 20:56 - 2014-01-23 21:39 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2014-01-23 20:56 - 2014-01-23 21:12 - 00000000 ____D C:\ProgramData\BlueStacks
2014-01-23 19:22 - 2014-01-23 19:23 - 10414824 _____ (BlueStack Systems Inc.) C:\Users\hp 13\Downloads\BlueStacks-SplitInstaller_native.exe
2014-01-22 02:53 - 2014-01-22 02:53 - 00000000 ____D C:\Users\hp 13\Documents\NetBeansProjects
2014-01-22 02:48 - 2014-01-22 02:51 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\NetBeans
2014-01-22 02:48 - 2014-01-22 02:48 - 00000000 ____D C:\Users\hp 13\AppData\Local\NetBeans
2014-01-22 02:36 - 2014-01-30 20:28 - 00000000 ____D C:\Users\hp 13\AppData\Local\HTC MediaHub
2014-01-22 02:36 - 2014-01-22 02:40 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\HTC
2014-01-22 02:36 - 2014-01-22 02:36 - 00000000 ____D C:\Users\hp 13\Documents\HTC
2014-01-22 02:36 - 2014-01-22 02:36 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\Apple Computer
2014-01-22 02:36 - 2014-01-22 02:36 - 00000000 ____D C:\Users\hp 13\AppData\Local\Apple Computer
2014-01-22 02:35 - 2014-01-22 02:35 - 00002047 _____ C:\Users\Public\Desktop\HTC Sync Manager.lnk
2014-01-22 02:35 - 2014-01-22 02:35 - 00000000 ____D C:\Users\hp 13\.android
2014-01-22 02:34 - 2014-01-22 02:34 - 00000000 ____D C:\Program Files (x86)\Spirent Communications
2014-01-22 02:07 - 2014-01-22 02:09 - 00000000 ____D C:\Program Files (x86)\glassfish-4.0
2014-01-22 02:02 - 2014-01-22 02:02 - 00002077 _____ C:\Users\Public\Desktop\NetBeans IDE 7.4.lnk
2014-01-22 01:59 - 2014-01-22 02:09 - 00000000 ____D C:\Program Files (x86)\NetBeans 7.4
2014-01-22 01:58 - 2014-01-22 02:11 - 00000000 ____D C:\Users\hp 13\.nbi
2014-01-22 01:49 - 2014-01-22 01:49 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-01-22 01:49 - 2014-01-22 01:49 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-01-22 01:49 - 2014-01-22 01:49 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-01-22 01:49 - 2014-01-22 01:49 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-01-22 01:49 - 2014-01-22 01:49 - 00000000 ____D C:\ProgramData\Sun
2014-01-22 01:49 - 2014-01-22 01:49 - 00000000 ____D C:\ProgramData\Oracle
2014-01-22 01:47 - 2014-01-22 01:49 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-22 01:28 - 2014-01-22 01:42 - 129640864 _____ (Oracle Corporation) C:\Users\hp 13\Downloads\jdk-7u51-windows-i586.exe
2014-01-22 00:12 - 2014-01-22 00:33 - 213568720 _____ C:\Users\hp 13\Downloads\netbeans-7.4-windows.exe
2014-01-21 18:54 - 2014-01-22 02:35 - 00022286 _____ C:\WINDOWS\DPINST.LOG
2014-01-21 18:54 - 2014-01-22 02:35 - 00000000 ____D C:\Program Files (x86)\HTC
2014-01-21 18:54 - 2014-01-21 18:54 - 00000000 ____D C:\ProgramData\HTC
2014-01-21 18:54 - 2009-11-02 01:16 - 00033736 _____ (HTC, Corporation) C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys
2014-01-21 18:54 - 2009-06-09 04:41 - 01122664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01007.dll
2014-01-21 18:51 - 2014-01-22 02:05 - 00000000 ____D C:\Users\hp 13\Documents\Back up HTC
2014-01-17 01:15 - 2013-12-08 15:15 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-01-17 01:15 - 2013-11-27 06:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-01-17 01:15 - 2013-11-27 02:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-01-17 01:15 - 2013-11-27 01:34 - 00138240 _____ C:\WINDOWS\system32\OEMLicense.dll
2014-01-17 01:15 - 2013-11-27 00:54 - 00103936 _____ C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-01-17 01:15 - 2013-11-26 23:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-17 01:15 - 2013-11-26 23:45 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-01-17 01:15 - 2013-11-26 23:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-17 01:15 - 2013-11-26 23:38 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-01-17 01:15 - 2013-11-26 23:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-01-17 01:15 - 2013-11-26 23:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-01-15 10:12 - 2014-01-15 11:46 - 00000000 ____D C:\Users\towkie\AppData\Roaming\vlc
2014-01-15 10:01 - 2014-01-15 10:01 - 00001389 _____ C:\Users\towkie\Desktop\Trend Micro Titanium Internet Security.lnk
2014-01-15 10:01 - 2014-01-15 10:01 - 00000000 ____D C:\Users\towkie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
2014-01-15 00:45 - 2014-01-15 00:45 - 00000000 ___HD C:\TMRescueDisk
2014-01-15 00:41 - 2014-01-15 00:41 - 00001461 _____ C:\Users\hp 13\Desktop\Trend Micro Titanium Internet Security.lnk
2014-01-15 00:41 - 2014-01-15 00:41 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
2014-01-15 00:41 - 2013-09-03 21:24 - 00116264 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmactmon.sys
2014-01-15 00:41 - 2013-09-03 21:22 - 00085424 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmevtmgr.sys
2014-01-15 00:41 - 2013-09-03 21:17 - 00282624 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmcomm.sys
2014-01-15 00:41 - 2013-07-10 12:39 - 00037904 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmel.sys
2014-01-15 00:41 - 2013-06-30 23:08 - 00050976 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\TMEBC64.sys
2014-01-15 00:41 - 2013-06-12 16:35 - 00100640 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmeevw.sys
2014-01-15 00:41 - 2013-05-14 20:23 - 00303392 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmnciesc.sys
2014-01-15 00:40 - 2014-01-15 00:40 - 00003256 _____ C:\WINDOWS\System32\Tasks\Titanium BTC
2014-01-15 00:38 - 2014-01-15 00:38 - 00000059 _____ C:\WINDOWS\system32\SupportTool.exe.bat
2014-01-15 00:37 - 2014-01-15 00:38 - 00000000 ____D C:\Program Files\Trend Micro
2014-01-14 22:28 - 2014-01-14 22:28 - 00000000 ____D C:\Users\towkie\AppData\Local\Google
2014-01-14 22:22 - 2014-01-14 22:22 - 00000000 ____D C:\Users\towkie\Documents\Bluetooth
2014-01-14 22:21 - 2014-01-14 22:21 - 00001442 _____ C:\Users\towkie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-14 22:21 - 2014-01-14 22:21 - 00000020 ___SH C:\Users\towkie\ntuser.ini
2014-01-14 16:37 - 2014-01-30 20:29 - 00000000 __RDO C:\Users\hp 13\SkyDrive
2014-01-14 16:35 - 2014-01-14 22:22 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2014-01-14 16:34 - 2014-01-14 16:34 - 00001442 _____ C:\Users\hp 13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-14 16:33 - 2014-01-14 16:33 - 00000020 ___SH C:\Users\hp 13\ntuser.ini
2014-01-14 16:12 - 2014-01-31 07:25 - 01628756 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-14 16:12 - 2014-01-14 16:12 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2014-01-14 16:00 - 2014-01-14 16:00 - 00000000 ____D C:\Users\Default\Documents\hp.system.package.metadata
2014-01-14 16:00 - 2014-01-14 16:00 - 00000000 ____D C:\Users\Default User\Documents\hp.system.package.metadata
2014-01-14 15:57 - 2014-01-14 15:57 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2014-01-14 15:55 - 2014-01-22 02:35 - 00000000 ____D C:\Users\hp 13
2014-01-14 15:55 - 2014-01-14 22:21 - 00000000 ____D C:\Users\towkie
2014-01-14 15:55 - 2014-01-14 16:12 - 00028578 _____ C:\WINDOWS\diagwrn.xml
2014-01-14 15:55 - 2014-01-14 16:12 - 00028578 _____ C:\WINDOWS\diagerr.xml
2014-01-14 15:55 - 2014-01-14 15:56 - 00000000 ___RD C:\Users\towkie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-01-14 15:55 - 2014-01-14 15:56 - 00000000 ___RD C:\Users\towkie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-01-14 15:55 - 2014-01-14 15:56 - 00000000 ___RD C:\Users\hp 13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-01-14 15:55 - 2013-08-22 06:36 - 00000000 ___RD C:\Users\towkie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-01-14 15:55 - 2013-08-22 06:36 - 00000000 ___RD C:\Users\hp 13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-01-14 15:55 - 2013-08-22 06:36 - 00000000 ___RD C:\Users\hp 13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-01-14 15:55 - 2013-08-22 06:36 - 00000000 ____D C:\Users\towkie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-01-14 15:55 - 2013-08-22 06:36 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-01-14 15:51 - 2014-01-14 15:56 - 00012096 _____ C:\WINDOWS\iis.log
2014-01-14 15:51 - 2014-01-14 15:51 - 00930400 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-01-14 15:49 - 2014-01-14 15:49 - 00000264 _____ C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
2014-01-14 15:49 - 2014-01-14 15:49 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-01-14 15:49 - 2014-01-14 15:49 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_BtL2caScoIf_01009.Wdf
2014-01-14 15:49 - 2014-01-14 15:49 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2014-01-14 15:48 - 2014-01-14 15:58 - 00000000 ____D C:\Program Files (x86)\Intel
2014-01-14 15:48 - 2014-01-14 15:48 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2014-01-14 15:48 - 2014-01-14 15:48 - 00000000 ____D C:\Program Files\Synaptics
2014-01-14 15:48 - 2013-12-21 00:02 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2014-01-14 15:48 - 2013-12-21 00:02 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2014-01-14 15:10 - 2014-01-14 16:12 - 00006602 _____ C:\WINDOWS\comsetup.log
2014-01-14 14:46 - 2014-01-16 22:19 - 00000000 ___DC C:\WINDOWS\Panther
2014-01-14 14:46 - 2014-01-14 14:46 - 00000000 __SHD C:\Recovery
2014-01-14 14:45 - 2014-01-14 14:45 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-01-14 14:45 - 2014-01-14 14:45 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-01-14 14:44 - 2014-01-14 14:44 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-01-14 14:44 - 2014-01-14 14:44 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-01-14 14:44 - 2014-01-14 14:44 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-01-14 14:44 - 2014-01-14 14:44 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-01-14 14:44 - 2014-01-14 14:44 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-01-14 14:43 - 2014-01-14 14:43 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-01-14 14:43 - 2014-01-14 14:43 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-01-14 14:43 - 2014-01-14 14:43 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-01-14 14:43 - 2014-01-14 14:43 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-01-14 14:43 - 2014-01-14 14:43 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-01-14 14:43 - 2014-01-14 14:43 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-01-14 14:43 - 2014-01-14 14:43 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-01-14 14:43 - 2014-01-14 14:43 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-01-14 14:43 - 2014-01-14 14:43 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe

Dara_Nero · Jan 30, 2014

2014-01-14 14:43 - 2014-01-14 14:43 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-01-14 14:43 - 2014-01-14 14:43 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-01-14 14:43 - 2014-01-14 14:43 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-01-14 14:43 - 2014-01-14 14:43 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-01-14 14:43 - 2014-01-14 14:43 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-01-14 14:43 - 2014-01-14 14:43 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-01-14 14:43 - 2014-01-14 14:43 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-01-14 14:43 - 2014-01-14 14:43 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-01-14 14:42 - 2014-01-14 14:42 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2014-01-14 14:39 - 2014-01-14 14:39 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2014-01-14 14:39 - 2014-01-14 14:39 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2014-01-14 14:39 - 2014-01-14 14:39 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00000000 ____D C:\Program Files\Reference Assemblies
2014-01-14 14:39 - 2014-01-14 14:39 - 00000000 ____D C:\Program Files\MSBuild
2014-01-14 14:39 - 2014-01-14 14:39 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2014-01-14 14:39 - 2014-01-14 14:39 - 00000000 ____D C:\Program Files (x86)\MSBuild
2014-01-14 14:39 - 2014-01-14 14:39 - 00000000 ____D C:\inetpub
2014-01-14 14:38 - 2014-01-14 14:38 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2014-01-14 14:38 - 2013-08-02 19:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-01-14 14:38 - 2013-08-02 19:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-01-14 14:38 - 2013-08-02 19:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-01-14 14:38 - 2013-08-02 19:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-01-14 14:38 - 2013-08-02 19:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-01-14 14:38 - 2013-08-02 19:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-01-14 09:54 - 2014-01-16 00:01 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-469892394-312036809-2011439782-1002
2014-01-14 09:42 - 2014-01-15 10:04 - 00003906 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{709D5681-6DD7-4B5C-BDAD-F9332C018D02}
2014-01-14 09:42 - 2014-01-14 22:21 - 00000000 ___RD C:\Users\towkie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-14 09:42 - 2014-01-14 22:21 - 00000000 ___RD C:\Users\towkie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-14 09:42 - 2014-01-14 09:42 - 00002255 _____ C:\Users\towkie\Desktop\Google Chrome.lnk
2014-01-14 09:42 - 2014-01-14 09:42 - 00000000 ____D C:\Users\towkie\Documents\Simply Super Software
2014-01-14 09:42 - 2014-01-14 09:42 - 00000000 ____D C:\Users\towkie\AppData\Roaming\Synaptics
2014-01-14 09:42 - 2014-01-14 09:42 - 00000000 ____D C:\Users\towkie\AppData\Roaming\Adobe
2014-01-14 09:42 - 2014-01-14 09:42 - 00000000 ____D C:\Users\towkie\AppData\Local\bluesoleil
2014-01-14 09:35 - 2014-01-14 22:23 - 00000000 ____D C:\Users\towkie\AppData\Local\Packages
2014-01-14 09:35 - 2014-01-14 09:35 - 00000000 ____D C:\Users\towkie\AppData\Local\VirtualStore
2014-01-14 09:35 - 2014-01-14 09:35 - 00000000 ____D C:\Users\towkie\AppData\Local\Power2Go8
2014-01-14 09:35 - 2014-01-14 09:35 - 00000000 ____D C:\Users\towkie\AppData\Local\Hewlett-Packard
2014-01-14 09:34 - 2012-08-16 16:10 - 00000000 ___HD C:\Users\towkie\Documents\hp.system.package.metadata
2014-01-14 09:25 - 2014-01-14 09:25 - 00000650 _____ C:\Users\hp 13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop.lnk
2014-01-14 08:31 - 2014-01-14 08:30 - 08013312 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNHP.dll
2014-01-14 08:31 - 2014-01-14 08:30 - 08003072 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNGUI.exe
2014-01-14 08:31 - 2014-01-14 08:30 - 06102016 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll
2014-01-14 08:31 - 2014-01-14 08:30 - 02216448 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNX.dll
2014-01-14 08:31 - 2014-01-14 08:30 - 02189312 _____ (IDT, Inc.) C:\WINDOWS\system32\stapo64.dll
2014-01-14 08:31 - 2014-01-14 08:30 - 01821184 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNC64.cpl
2014-01-14 08:31 - 2014-01-14 08:30 - 01664000 _____ (IDT, Inc.) C:\WINDOWS\sttray64.exe
2014-01-14 08:31 - 2014-01-14 08:30 - 00672256 ____N (IDT, Inc.) C:\WINDOWS\system32\stapi64.dll
2014-01-14 08:31 - 2014-01-14 08:30 - 00543744 _____ (IDT, Inc.) C:\WINDOWS\system32\Drivers\stwrt64.sys
2014-01-14 08:31 - 2014-01-14 08:30 - 00499200 _____ (IDT, Inc.) C:\WINDOWS\system32\stcplx64.dll
2014-01-14 08:31 - 2014-01-14 08:30 - 00464384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slapoi64.dll
2014-01-14 08:31 - 2014-01-14 08:30 - 00256000 _____ (IDT, Inc.) C:\WINDOWS\system32\st646433.dll
2014-01-14 08:31 - 2014-01-14 08:30 - 00253952 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNJ.exe
2014-01-14 08:31 - 2014-01-14 08:30 - 00224256 _____ (IDT, Inc.) C:\WINDOWS\system32\HPToneCtrls64.dll
2014-01-14 08:31 - 2014-01-14 08:30 - 00059256 _____ C:\WINDOWS\system32\Copley.xml
2014-01-13 23:27 - 2014-01-13 23:27 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\HewlettPackard
2014-01-13 23:08 - 2014-01-13 23:08 - 00690832 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys
2014-01-13 23:08 - 2014-01-13 23:08 - 00074344 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2014-01-13 22:55 - 2014-01-31 04:00 - 00000338 _____ C:\WINDOWS\Tasks\HPCeeScheduleForhp 13.job
2014-01-13 22:55 - 2014-01-25 10:00 - 00003152 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForhp 13
2014-01-13 10:56 - 2014-01-13 10:56 - 00000000 ____D C:\ProgramData\Licenses
2014-01-13 10:42 - 2014-01-13 10:42 - 00416528 _____ (Microsoft Corporation ) C:\Users\hp 13\Downloads\COMCT332.OCX
2014-01-13 10:16 - 2014-01-13 10:36 - 29925696 _____ (Simply Super Software ) C:\Users\hp 13\Downloads\trjsetup689.exe
2014-01-13 06:51 - 2014-01-13 22:43 - 480282204 _____ C:\WINDOWS\MEMORY.DMP
2014-01-13 02:25 - 2014-01-13 02:25 - 00000000 ____D C:\ProgramData\Google
2014-01-13 02:25 - 2014-01-13 02:25 - 00000000 ____D C:\Program Files\Google
2014-01-13 00:55 - 2014-01-13 01:32 - 91412976 _____ (AVAST Software) C:\Users\hp 13\Downloads\avast_free_antivirus_setup.exe
2014-01-13 00:48 - 2014-01-13 00:48 - 00000000 ____D C:\Users\hp 13\AppData\Local\bluesoleil
2014-01-13 00:41 - 2014-01-31 07:23 - 00003620 _____ C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2014-01-13 00:41 - 2014-01-31 07:23 - 00000043 _____ C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2014-01-13 00:40 - 2014-01-13 00:40 - 00000000 ____D C:\ProgramData\Ralink Bluetooth Stack
2014-01-13 00:33 - 2014-01-13 00:48 - 00001251 _____ C:\Users\hp 13\Desktop\Norton Installation Files.lnk
2014-01-13 00:33 - 2014-01-13 00:33 - 00000000 ____D C:\Users\Public\Downloads\Norton
2014-01-13 00:01 - 2014-01-13 00:01 - 00000000 __SHD C:\found.007
2014-01-12 13:09 - 2014-01-14 15:59 - 00000000 ____D C:\WINDOWS\system32\%LOCALAPPDATA%
2014-01-12 13:00 - 2014-01-12 13:00 - 00000000 __SHD C:\found.006
2014-01-12 12:38 - 2014-01-12 12:38 - 00000000 ____D C:\Users\hp 13\AppData\Local\{D9E761B1-4D6F-4ECE-972E-BEB84BEC099C}
2014-01-12 09:45 - 2014-01-14 15:30 - 01929707 _____ C:\WINDOWS\WindowsUpdate (1).log
2014-01-12 06:27 - 2014-01-12 06:27 - 00002772 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-01-12 06:26 - 2014-01-12 06:27 - 00000000 ____D C:\Program Files\CCleaner
2014-01-12 06:26 - 2014-01-12 06:26 - 04645232 _____ (Piriform Ltd) C:\Users\hp 13\Downloads\ccsetup409.exe
2014-01-12 06:26 - 2014-01-12 06:26 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-12 05:17 - 2014-01-12 05:18 - 00181064 _____ (Sysinternals) C:\WINDOWS\PSEXESVC.EXE
2014-01-12 05:16 - 2014-01-14 16:02 - 00000000 ____D C:\WINDOWS\SysWOW64\Tweaking.com - Reset Registry Permissions
2014-01-12 05:16 - 2014-01-12 05:16 - 01069757 _____ C:\Users\hp 13\Downloads\Tweaking.com-ResetRegistryPermissions.exe
2014-01-12 05:08 - 2014-01-12 05:15 - 00439648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswndisflt.sys
2014-01-12 04:44 - 2014-01-13 07:34 - 00000000 ____D C:\ProgramData\AVAST Software
2014-01-12 04:34 - 2014-01-31 04:44 - 00000902 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-12 04:34 - 2014-01-31 04:44 - 00000898 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-12 04:34 - 2014-01-12 04:39 - 00003874 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-12 04:34 - 2014-01-12 04:39 - 00003638 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-12 04:33 - 2014-01-12 04:33 - 00819176 _____ (Google Inc.) C:\Users\hp 13\Downloads\ChromeSetup (1).exe
2014-01-12 04:04 - 2014-01-12 04:04 - 00001830 _____ C:\Users\hp 13\Downloads\Add-Take-Ownership.reg
2014-01-12 02:48 - 2014-01-12 02:48 - 00231960 _____ C:\WINDOWS\RegBootClean64.exe
2014-01-12 02:12 - 2014-01-12 13:58 - 00000000 ____D C:\Users\hp 13\AppData\Local\Trend Micro
2014-01-12 02:11 - 2013-07-07 13:16 - 00103712 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmusa.sys
2014-01-12 02:07 - 2014-01-22 01:05 - 00000000 ____D C:\ProgramData\Trend Micro
2014-01-12 02:04 - 2014-01-12 02:04 - 00000036 _____ C:\Users\hp 13\AppData\Local\housecall.guid.cache
2014-01-12 01:50 - 2014-01-13 02:25 - 00000000 ____D C:\Program Files (x86)\Google
2014-01-12 01:50 - 2014-01-12 04:38 - 00000000 ____D C:\Users\hp 13\AppData\Local\Google
2014-01-12 01:50 - 2014-01-12 01:50 - 00819176 _____ (Google Inc.) C:\Users\hp 13\Downloads\ChromeSetup.exe

==================== One Month Modified Files and Folders =======

2014-01-31 07:28 - 2014-01-31 07:26 - 00022894 _____ C:\Users\hp 13\Downloads\FRST.txt
2014-01-31 07:27 - 2013-05-02 08:48 - 00003902 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{19658213-4E7C-41EC-AA66-9DFB62420ABC}
2014-01-31 07:26 - 2014-01-31 07:26 - 00000000 ____D C:\FRST
2014-01-31 07:26 - 2013-03-22 10:00 - 00000983 _____ C:\WINDOWS\SysWOW64\bscs.ini
2014-01-31 07:25 - 2014-01-31 07:24 - 02079744 _____ (Farbar) C:\Users\hp 13\Downloads\FRST64.exe
2014-01-31 07:25 - 2014-01-14 16:12 - 01628756 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-31 07:24 - 2014-01-29 23:39 - 00003496 _____ C:\WINDOWS\System32\Tasks\gg_uac_daemon_hp 13
2014-01-31 07:23 - 2014-01-13 00:41 - 00003620 _____ C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2014-01-31 07:23 - 2014-01-13 00:41 - 00000043 _____ C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2014-01-31 07:23 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\system32\sru
2014-01-31 05:04 - 2014-01-31 00:19 - 00000130 _____ C:\WINDOWS\SysWOW64\REMOTEDEVICE.INI
2014-01-31 04:49 - 2013-05-02 08:55 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-469892394-312036809-2011439782-1001
2014-01-31 04:44 - 2014-01-12 04:34 - 00000902 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-31 04:44 - 2014-01-12 04:34 - 00000898 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-31 04:00 - 2014-01-13 22:55 - 00000338 _____ C:\WINDOWS\Tasks\HPCeeScheduleForhp 13.job
2014-01-31 01:50 - 2014-01-31 01:50 - 00000000 ____D C:\Users\hp 13\Documents\Plants vs. Zombies
2014-01-31 01:50 - 2014-01-31 01:50 - 00000000 ____D C:\Users\hp 13\Documents\Games
2014-01-31 01:39 - 2014-01-31 01:39 - 00000000 ____D C:\Users\hp 13\Documents\NDS
2014-01-31 01:31 - 2013-11-13 22:28 - 00956476 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-31 00:20 - 2013-08-22 05:46 - 00348180 _____ C:\WINDOWS\setupact.log
2014-01-30 23:13 - 2014-01-30 23:13 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\xim
2014-01-30 23:13 - 2014-01-29 23:39 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\GarenaPlus
2014-01-30 23:13 - 2014-01-29 23:38 - 00000000 ____D C:\ProgramData\GarenaMessenger
2014-01-30 20:40 - 2013-09-06 04:38 - 00000000 _____ C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-01-30 20:40 - 2013-06-13 03:56 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2014-01-30 20:32 - 2014-01-30 20:31 - 00688992 _____ (Swearware) C:\Users\hp 13\Downloads\dds.scr
2014-01-30 20:30 - 2013-08-22 04:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2014-01-30 20:29 - 2014-01-14 16:37 - 00000000 __RDO C:\Users\hp 13\SkyDrive
2014-01-30 20:28 - 2014-01-22 02:36 - 00000000 ____D C:\Users\hp 13\AppData\Local\HTC MediaHub
2014-01-30 20:27 - 2013-11-13 22:20 - 00028670 _____ C:\WINDOWS\PFRO.log
2014-01-30 20:27 - 2013-08-22 05:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-30 20:27 - 2013-08-22 04:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2014-01-30 20:22 - 2013-06-11 10:36 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\Iminent
2014-01-30 20:22 - 2013-06-11 10:36 - 00000000 ____D C:\ProgramData\Iminent
2014-01-30 20:05 - 2014-01-30 20:04 - 00688992 _____ (Swearware) C:\Users\hp 13\Desktop\dds.com
2014-01-30 19:56 - 2014-01-30 19:56 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\Malwarebytes
2014-01-30 19:55 - 2014-01-30 19:55 - 00001121 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-30 19:55 - 2014-01-30 19:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-30 19:55 - 2014-01-30 19:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-30 19:55 - 2014-01-30 19:53 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\hp 13\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-30 13:16 - 2014-01-30 13:16 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\LolClient
2014-01-30 13:08 - 2014-01-30 13:08 - 00001065 _____ C:\Users\Public\Desktop\League of Legends.lnk
2014-01-30 13:08 - 2014-01-30 12:58 - 00000000 ____D C:\Program Files (x86)\GarenaLoLPH
2014-01-29 23:41 - 2014-01-29 23:41 - 00000000 ____D C:\Users\hp 13\AppData\Local\Garena
2014-01-29 23:40 - 2014-01-29 23:40 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\Garena
2014-01-29 23:40 - 2014-01-29 23:40 - 00000000 ____D C:\ProgramData\Garena
2014-01-29 23:40 - 2014-01-29 23:40 - 00000000 ____D C:\GarenaDownload
2014-01-29 23:39 - 2014-01-29 23:39 - 00001075 _____ C:\Users\Public\Desktop\Garena Plus.lnk
2014-01-29 23:39 - 2014-01-29 23:39 - 00000000 ____D C:\Program Files (x86)\Garena Plus
2014-01-29 23:34 - 2014-01-29 23:27 - 72040576 _____ C:\Users\hp 13\Downloads\GarenaPlus_Install.exe
2014-01-29 22:25 - 2013-05-08 06:04 - 00000000 ____D C:\Users\hp 13\Documents\Youcam
2014-01-29 21:18 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2014-01-29 18:35 - 2014-01-25 10:11 - 00000000 ____D C:\TASM
2014-01-25 10:27 - 2014-01-25 10:27 - 00000000 ____D C:\Users\hp 13\AppData\Local\DOSBox
2014-01-25 10:26 - 2014-01-25 10:26 - 00001930 _____ C:\Users\Public\Desktop\DOSBox 0.74.lnk
2014-01-25 10:26 - 2014-01-25 10:26 - 00000000 ____D C:\Program Files (x86)\DOSBox-0.74
2014-01-25 10:23 - 2014-01-25 10:22 - 01448809 _____ (DOSBox Team) C:\Users\hp 13\Downloads\DOSBox0.74-win32-installer.exe
2014-01-25 10:17 - 2014-01-25 10:17 - 00000000 ____D C:\Users\hp 13\Downloads\WINDOWS 64bit Assembly Tool
2014-01-25 10:15 - 2014-01-25 10:15 - 00303833 _____ C:\Users\hp 13\Downloads\WINDOWS 64bit Assembly Tool.zip
2014-01-25 10:00 - 2014-01-13 22:55 - 00003152 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForhp 13
2014-01-23 21:39 - 2014-01-23 20:56 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2014-01-23 21:12 - 2014-01-23 21:12 - 00001836 _____ C:\Users\Public\Desktop\Apps.lnk
2014-01-23 21:12 - 2014-01-23 21:12 - 00001819 _____ C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-01-23 21:12 - 2014-01-23 21:12 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2014-01-23 21:12 - 2014-01-23 20:56 - 00000000 ____D C:\ProgramData\BlueStacks
2014-01-23 21:12 - 2013-08-22 06:36 - 00000000 __RHD C:\Users\Public\Libraries
2014-01-23 19:23 - 2014-01-23 19:22 - 10414824 _____ (BlueStack Systems Inc.) C:\Users\hp 13\Downloads\BlueStacks-SplitInstaller_native.exe
2014-01-22 02:53 - 2014-01-22 02:53 - 00000000 ____D C:\Users\hp 13\Documents\NetBeansProjects
2014-01-22 02:51 - 2014-01-22 02:48 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\NetBeans
2014-01-22 02:51 - 2012-08-03 15:02 - 00000000 ____D C:\SWSetup
2014-01-22 02:48 - 2014-01-22 02:48 - 00000000 ____D C:\Users\hp 13\AppData\Local\NetBeans
2014-01-22 02:47 - 2013-06-11 10:35 - 00001478 _____ C:\WINDOWS\SysWOW64\InstallUtil.InstallLog
2014-01-22 02:45 - 2013-08-22 05:44 - 00344648 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2014-01-22 02:43 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\WinStore
2014-01-22 02:40 - 2014-01-22 02:36 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\HTC
2014-01-22 02:36 - 2014-01-22 02:36 - 00000000 ____D C:\Users\hp 13\Documents\HTC
2014-01-22 02:36 - 2014-01-22 02:36 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\Apple Computer
2014-01-22 02:36 - 2014-01-22 02:36 - 00000000 ____D C:\Users\hp 13\AppData\Local\Apple Computer
2014-01-22 02:35 - 2014-01-22 02:35 - 00002047 _____ C:\Users\Public\Desktop\HTC Sync Manager.lnk
2014-01-22 02:35 - 2014-01-22 02:35 - 00000000 ____D C:\Users\hp 13\.android
2014-01-22 02:35 - 2014-01-21 18:54 - 00022286 _____ C:\WINDOWS\DPINST.LOG
2014-01-22 02:35 - 2014-01-21 18:54 - 00000000 ____D C:\Program Files (x86)\HTC
2014-01-22 02:35 - 2014-01-14 15:55 - 00000000 ____D C:\Users\hp 13
2014-01-22 02:34 - 2014-01-22 02:34 - 00000000 ____D C:\Program Files (x86)\Spirent Communications
2014-01-22 02:31 - 2013-11-30 06:22 - 00000000 ____D C:\Users\hp 13\AppData\Local\Downloaded Installations
2014-01-22 02:11 - 2014-01-22 01:58 - 00000000 ____D C:\Users\hp 13\.nbi
2014-01-22 02:09 - 2014-01-22 02:07 - 00000000 ____D C:\Program Files (x86)\glassfish-4.0
2014-01-22 02:09 - 2014-01-22 01:59 - 00000000 ____D C:\Program Files (x86)\NetBeans 7.4
2014-01-22 02:05 - 2014-01-21 18:51 - 00000000 ____D C:\Users\hp 13\Documents\Back up HTC
2014-01-22 02:02 - 2014-01-22 02:02 - 00002077 _____ C:\Users\Public\Desktop\NetBeans IDE 7.4.lnk
2014-01-22 01:49 - 2014-01-22 01:49 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-01-22 01:49 - 2014-01-22 01:49 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-01-22 01:49 - 2014-01-22 01:49 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-01-22 01:49 - 2014-01-22 01:49 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-01-22 01:49 - 2014-01-22 01:49 - 00000000 ____D C:\ProgramData\Sun
2014-01-22 01:49 - 2014-01-22 01:49 - 00000000 ____D C:\ProgramData\Oracle
2014-01-22 01:49 - 2014-01-22 01:47 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-22 01:42 - 2014-01-22 01:28 - 129640864 _____ (Oracle Corporation) C:\Users\hp 13\Downloads\jdk-7u51-windows-i586.exe
2014-01-22 01:05 - 2014-01-12 02:07 - 00000000 ____D C:\ProgramData\Trend Micro
2014-01-22 00:33 - 2014-01-22 00:12 - 213568720 _____ C:\Users\hp 13\Downloads\netbeans-7.4-windows.exe
2014-01-21 18:54 - 2014-01-21 18:54 - 00000000 ____D C:\ProgramData\HTC
2014-01-21 18:32 - 2013-02-19 15:18 - 00000000 ____D C:\Program Files (x86)\Realtek
2014-01-21 17:30 - 2013-08-21 13:29 - 00000000 ____D C:\WINDOWS\system32\MRT
2014-01-21 17:28 - 2013-08-21 13:29 - 86054176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-18 12:22 - 2013-06-06 15:44 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\vlc
2014-01-16 22:41 - 2013-06-11 10:45 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\Skype
2014-01-16 22:19 - 2014-01-14 14:46 - 00000000 ___DC C:\WINDOWS\Panther
2014-01-16 13:18 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2014-01-16 00:01 - 2014-01-14 09:54 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-469892394-312036809-2011439782-1002
2014-01-15 11:46 - 2014-01-15 10:12 - 00000000 ____D C:\Users\towkie\AppData\Roaming\vlc
2014-01-15 10:04 - 2014-01-14 09:42 - 00003906 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{709D5681-6DD7-4B5C-BDAD-F9332C018D02}
2014-01-15 10:01 - 2014-01-15 10:01 - 00001389 _____ C:\Users\towkie\Desktop\Trend Micro Titanium Internet Security.lnk
2014-01-15 10:01 - 2014-01-15 10:01 - 00000000 ____D C:\Users\towkie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
2014-01-15 00:45 - 2014-01-15 00:45 - 00000000 ___HD C:\TMRescueDisk
2014-01-15 00:41 - 2014-01-15 00:41 - 00001461 _____ C:\Users\hp 13\Desktop\Trend Micro Titanium Internet Security.lnk
2014-01-15 00:41 - 2014-01-15 00:41 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
2014-01-15 00:41 - 2012-07-25 23:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2014-01-15 00:40 - 2014-01-15 00:40 - 00003256 _____ C:\WINDOWS\System32\Tasks\Titanium BTC
2014-01-15 00:38 - 2014-01-15 00:38 - 00000059 _____ C:\WINDOWS\system32\SupportTool.exe.bat
2014-01-15 00:38 - 2014-01-15 00:37 - 00000000 ____D C:\Program Files\Trend Micro
2014-01-14 22:28 - 2014-01-14 22:28 - 00000000 ____D C:\Users\towkie\AppData\Local\Google
2014-01-14 22:23 - 2014-01-14 09:35 - 00000000 ____D C:\Users\towkie\AppData\Local\Packages
2014-01-14 22:22 - 2014-01-14 22:22 - 00000000 ____D C:\Users\towkie\Documents\Bluetooth
2014-01-14 22:22 - 2014-01-14 16:35 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2014-01-14 22:21 - 2014-01-14 22:21 - 00001442 _____ C:\Users\towkie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-14 22:21 - 2014-01-14 22:21 - 00000020 ___SH C:\Users\towkie\ntuser.ini
2014-01-14 22:21 - 2014-01-14 15:55 - 00000000 ____D C:\Users\towkie
2014-01-14 22:21 - 2014-01-14 09:42 - 00000000 ___RD C:\Users\towkie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-14 22:21 - 2014-01-14 09:42 - 00000000 ___RD C:\Users\towkie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-14 18:06 - 2012-08-16 16:13 - 00000000 ____D C:\Program Files (x86)\CyberLink
2014-01-14 18:05 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\system32\restore
2014-01-14 17:16 - 2013-05-02 14:07 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\hpqlog
2014-01-14 16:37 - 2013-05-02 08:46 - 00000000 ____D C:\Users\hp 13\AppData\Local\Packages
2014-01-14 16:34 - 2014-01-14 16:34 - 00001442 _____ C:\Users\hp 13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-14 16:34 - 2013-05-02 08:48 - 00000000 ___RD C:\Users\hp 13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-14 16:34 - 2013-05-02 08:48 - 00000000 ___RD C:\Users\hp 13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-14 16:33 - 2014-01-14 16:33 - 00000020 ___SH C:\Users\hp 13\ntuser.ini
2014-01-14 16:14 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\rescache
2014-01-14 16:12 - 2014-01-14 16:12 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2014-01-14 16:12 - 2014-01-14 15:55 - 00028578 _____ C:\WINDOWS\diagwrn.xml
2014-01-14 16:12 - 2014-01-14 15:55 - 00028578 _____ C:\WINDOWS\diagerr.xml
2014-01-14 16:12 - 2014-01-14 15:10 - 00006602 _____ C:\WINDOWS\comsetup.log
2014-01-14 16:12 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\Registration
2014-01-14 16:07 - 2013-08-22 06:36 - 00000000 __RSD C:\WINDOWS\Media
2014-01-14 16:02 - 2014-01-12 05:16 - 00000000 ____D C:\WINDOWS\SysWOW64\Tweaking.com - Reset Registry Permissions
2014-01-14 16:02 - 2013-08-22 04:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2014-01-14 16:02 - 2012-08-16 16:20 - 00000000 ____D C:\WINDOWS\en
2014-01-14 16:00 - 2014-01-14 16:00 - 00000000 ____D C:\Users\Default\Documents\hp.system.package.metadata
2014-01-14 16:00 - 2014-01-14 16:00 - 00000000 ____D C:\Users\Default User\Documents\hp.system.package.metadata
2014-01-14 16:00 - 2013-08-22 06:37 - 00004893 _____ C:\WINDOWS\DtcInstall.log
2014-01-14 16:00 - 2012-07-25 20:37 - 00000000 ____D C:\Users\Default.migrated
2014-01-14 15:59 - 2014-01-12 13:09 - 00000000 ____D C:\WINDOWS\system32\%LOCALAPPDATA%
2014-01-14 15:59 - 2013-11-13 22:14 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2014-01-14 15:59 - 2013-11-13 22:14 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2014-01-14 15:59 - 2013-11-13 22:14 - 00000000 ____D C:\WINDOWS\system32\WCN
2014-01-14 15:59 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2014-01-14 15:59 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2014-01-14 15:59 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2014-01-14 15:59 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\system32\spool
2014-01-14 15:59 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\system32\MUI
2014-01-14 15:59 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\system32\IME
2014-01-14 15:59 - 2013-08-22 04:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2014-01-14 15:59 - 2013-08-22 04:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2014-01-14 15:59 - 2013-02-19 15:19 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2014-01-14 15:59 - 2012-08-16 16:17 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe
2014-01-14 15:58 - 2014-01-14 15:48 - 00000000 ____D C:\Program Files (x86)\Intel
2014-01-14 15:58 - 2013-08-22 06:43 - 00000000 ____D C:\WINDOWS\DigitalLocker
2014-01-14 15:58 - 2013-08-22 06:36 - 00000000 __SHD C:\Program Files\Windows Sidebar
2014-01-14 15:58 - 2013-08-22 06:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2014-01-14 15:58 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\Help
2014-01-14 15:58 - 2013-08-22 06:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2014-01-14 15:58 - 2012-08-03 13:29 - 00000000 ____D C:\ProgramData\PRICache
2014-01-14 15:57 - 2014-01-14 15:57 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2014-01-14 15:57 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\system32\Recovery
2014-01-14 15:56 - 2014-01-14 15:55 - 00000000 ___RD C:\Users\towkie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-01-14 15:56 - 2014-01-14 15:55 - 00000000 ___RD C:\Users\towkie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-01-14 15:56 - 2014-01-14 15:55 - 00000000 ___RD C:\Users\hp 13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-01-14 15:56 - 2014-01-14 15:51 - 00012096 _____ C:\WINDOWS\iis.log
2014-01-14 15:56 - 2013-09-09 02:05 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Performer
2014-01-14 15:56 - 2013-08-12 14:48 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LOAD Ace
2014-01-14 15:51 - 2014-01-14 15:51 - 00930400 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-01-14 15:49 - 2014-01-14 15:49 - 00000264 _____ C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
2014-01-14 15:49 - 2014-01-14 15:49 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-01-14 15:49 - 2014-01-14 15:49 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_BtL2caScoIf_01009.Wdf
2014-01-14 15:49 - 2014-01-14 15:49 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2014-01-14 15:49 - 2013-08-22 05:46 - 00000084 _____ C:\WINDOWS\setuperr.log
2014-01-14 15:48 - 2014-01-14 15:48 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2014-01-14 15:48 - 2014-01-14 15:48 - 00000000 ____D C:\Program Files\Synaptics
2014-01-14 15:47 - 2013-08-22 04:36 - 00000000 __RHD C:\Users\Default
2014-01-14 15:30 - 2014-01-12 09:45 - 01929707 _____ C:\WINDOWS\WindowsUpdate (1).log
2014-01-14 14:46 - 2014-01-14 14:46 - 00000000 __SHD C:\Recovery
2014-01-14 14:45 - 2014-01-14 14:45 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-01-14 14:45 - 2014-01-14 14:45 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-01-14 14:45 - 2013-08-22 06:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2014-01-14 14:44 - 2014-01-14 14:44 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-01-14 14:44 - 2014-01-14 14:44 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-01-14 14:44 - 2014-01-14 14:44 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-01-14 14:44 - 2014-01-14 14:44 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-01-14 14:44 - 2014-01-14 14:44 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-01-14 14:44 - 2014-01-14 14:44 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-01-14 14:43 - 2014-01-14 14:43 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-01-14 14:43 - 2014-01-14 14:43 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-01-14 14:43 - 2014-01-14 14:43 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-01-14 14:43 - 2014-01-14 14:43 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-01-14 14:43 - 2014-01-14 14:43 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-01-14 14:43 - 2014-01-14 14:43 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-01-14 14:43 - 2014-01-14 14:43 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-01-14 14:43 - 2014-01-14 14:43 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-01-14 14:43 - 2014-01-14 14:43 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-01-14 14:43 - 2014-01-14 14:43 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-01-14 14:43 - 2014-01-14 14:43 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-01-14 14:43 - 2014-01-14 14:43 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-01-14 14:43 - 2014-01-14 14:43 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-01-14 14:43 - 2014-01-14 14:43 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-01-14 14:43 - 2014-01-14 14:43 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-01-14 14:43 - 2014-01-14 14:43 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-01-14 14:43 - 2014-01-14 14:43 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-01-14 14:43 - 2013-08-22 06:36 - 00000000 ___RD C:\WINDOWS\ToastData
2014-01-14 14:43 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2014-01-14 14:43 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\FileManager
2014-01-14 14:43 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\Camera
2014-01-14 14:42 - 2014-01-14 14:42 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2014-01-14 14:39 - 2014-01-14 14:39 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2014-01-14 14:39 - 2014-01-14 14:39 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2014-01-14 14:39 - 2014-01-14 14:39 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00000000 ____D C:\Program Files\Reference Assemblies
2014-01-14 14:39 - 2014-01-14 14:39 - 00000000 ____D C:\Program Files\MSBuild
2014-01-14 14:39 - 2014-01-14 14:39 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2014-01-14 14:39 - 2014-01-14 14:39 - 00000000 ____D C:\Program Files (x86)\MSBuild
2014-01-14 14:39 - 2014-01-14 14:39 - 00000000 ____D C:\inetpub
2014-01-14 14:39 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2014-01-14 14:39 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2014-01-14 14:38 - 2014-01-14 14:38 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2014-01-14 14:37 - 2012-07-25 23:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2014-01-14 09:42 - 2014-01-14 09:42 - 00002255 _____ C:\Users\towkie\Desktop\Google Chrome.lnk
2014-01-14 09:42 - 2014-01-14 09:42 - 00000000 ____D C:\Users\towkie\Documents\Simply Super Software
2014-01-14 09:42 - 2014-01-14 09:42 - 00000000 ____D C:\Users\towkie\AppData\Roaming\Synaptics
2014-01-14 09:42 - 2014-01-14 09:42 - 00000000 ____D C:\Users\towkie\AppData\Roaming\Adobe
2014-01-14 09:42 - 2014-01-14 09:42 - 00000000 ____D C:\Users\towkie\AppData\Local\bluesoleil
2014-01-14 09:35 - 2014-01-14 09:35 - 00000000 ____D C:\Users\towkie\AppData\Local\VirtualStore
2014-01-14 09:35 - 2014-01-14 09:35 - 00000000 ____D C:\Users\towkie\AppData\Local\Power2Go8
2014-01-14 09:35 - 2014-01-14 09:35 - 00000000 ____D C:\Users\towkie\AppData\Local\Hewlett-Packard
2014-01-14 09:25 - 2014-01-14 09:25 - 00000650 _____ C:\Users\hp 13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop.lnk
2014-01-14 09:23 - 2013-12-15 14:02 - 00000000 ____D C:\Users\hp 13\AppData\Local\CrashDumps
2014-01-14 09:21 - 2013-02-19 15:26 - 00016330 _____ C:\WINDOWS\system32\results.xml
2014-01-14 08:31 - 2013-02-19 15:19 - 00000000 ____D C:\Program Files\IDT
2014-01-14 08:30 - 2014-01-14 08:31 - 08013312 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNHP.dll
2014-01-14 08:30 - 2014-01-14 08:31 - 08003072 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNGUI.exe
2014-01-14 08:30 - 2014-01-14 08:31 - 06102016 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll
2014-01-14 08:30 - 2014-01-14 08:31 - 02216448 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNX.dll
2014-01-14 08:30 - 2014-01-14 08:31 - 02189312 _____ (IDT, Inc.) C:\WINDOWS\system32\stapo64.dll
2014-01-14 08:30 - 2014-01-14 08:31 - 01821184 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNC64.cpl
2014-01-14 08:30 - 2014-01-14 08:31 - 01664000 _____ (IDT, Inc.) C:\WINDOWS\sttray64.exe
2014-01-14 08:30 - 2014-01-14 08:31 - 00672256 ____N (IDT, Inc.) C:\WINDOWS\system32\stapi64.dll
2014-01-14 08:30 - 2014-01-14 08:31 - 00543744 _____ (IDT, Inc.) C:\WINDOWS\system32\Drivers\stwrt64.sys
2014-01-14 08:30 - 2014-01-14 08:31 - 00499200 _____ (IDT, Inc.) C:\WINDOWS\system32\stcplx64.dll
2014-01-14 08:30 - 2014-01-14 08:31 - 00464384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slapoi64.dll
2014-01-14 08:30 - 2014-01-14 08:31 - 00256000 _____ (IDT, Inc.) C:\WINDOWS\system32\st646433.dll
2014-01-14 08:30 - 2014-01-14 08:31 - 00253952 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNJ.exe
2014-01-14 08:30 - 2014-01-14 08:31 - 00224256 _____ (IDT, Inc.) C:\WINDOWS\system32\HPToneCtrls64.dll
2014-01-14 08:30 - 2014-01-14 08:31 - 00059256 _____ C:\WINDOWS\system32\Copley.xml
2014-01-13 23:27 - 2014-01-13 23:27 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\HewlettPackard
2014-01-13 23:08 - 2014-01-13 23:08 - 00690832 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys
2014-01-13 23:08 - 2014-01-13 23:08 - 00074344 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2014-01-13 23:02 - 2012-08-16 16:25 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2014-01-13 22:43 - 2014-01-13 06:51 - 480282204 _____ C:\WINDOWS\MEMORY.DMP
2014-01-13 22:41 - 2012-08-16 16:27 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2014-01-13 10:56 - 2014-01-13 10:56 - 00000000 ____D C:\ProgramData\Licenses
2014-01-13 10:42 - 2014-01-13 10:42 - 00416528 _____ (Microsoft Corporation ) C:\Users\hp 13\Downloads\COMCT332.OCX
2014-01-13 10:36 - 2014-01-13 10:16 - 29925696 _____ (Simply Super Software ) C:\Users\hp 13\Downloads\trjsetup689.exe
2014-01-13 07:39 - 2013-11-29 19:38 - 00000000 ____D C:\Program Files (x86)\HUAWEI Modem Driver
2014-01-13 07:39 - 2013-06-11 05:12 - 00000000 ____D C:\ProgramData\DatacardService
2014-01-13 07:36 - 2013-06-11 10:19 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\HoolappForAndroid
2014-01-13 07:34 - 2014-01-12 04:44 - 00000000 ____D C:\ProgramData\AVAST Software
2014-01-13 02:25 - 2014-01-13 02:25 - 00000000 ____D C:\ProgramData\Google
2014-01-13 02:25 - 2014-01-13 02:25 - 00000000 ____D C:\Program Files\Google
2014-01-13 02:25 - 2014-01-12 01:50 - 00000000 ____D C:\Program Files (x86)\Google
2014-01-13 01:32 - 2014-01-13 00:55 - 91412976 _____ (AVAST Software) C:\Users\hp 13\Downloads\avast_free_antivirus_setup.exe
2014-01-13 00:50 - 2013-02-19 15:47 - 00000000 ____D C:\ProgramData\Norton
2014-01-13 00:48 - 2014-01-13 00:48 - 00000000 ____D C:\Users\hp 13\AppData\Local\bluesoleil
2014-01-13 00:48 - 2014-01-13 00:33 - 00001251 _____ C:\Users\hp 13\Desktop\Norton Installation Files.lnk
2014-01-13 00:45 - 2013-02-19 15:48 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2014-01-13 00:41 - 2013-02-19 15:22 - 00000032 _____ C:\WINDOWS\0
2014-01-13 00:40 - 2014-01-13 00:40 - 00000000 ____D C:\ProgramData\Ralink Bluetooth Stack
2014-01-13 00:33 - 2014-01-13 00:33 - 00000000 ____D C:\Users\Public\Downloads\Norton
2014-01-13 00:14 - 2012-08-16 16:14 - 00000000 ____D C:\ProgramData\CyberLink
2014-01-13 00:01 - 2014-01-13 00:01 - 00000000 __SHD C:\found.007
2014-01-12 13:58 - 2014-01-12 02:12 - 00000000 ____D C:\Users\hp 13\AppData\Local\Trend Micro
2014-01-12 13:00 - 2014-01-12 13:00 - 00000000 __SHD C:\found.006
2014-01-12 12:38 - 2014-01-12 12:38 - 00000000 ____D C:\Users\hp 13\AppData\Local\{D9E761B1-4D6F-4ECE-972E-BEB84BEC099C}
2014-01-12 06:27 - 2014-01-12 06:27 - 00002772 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-01-12 06:27 - 2014-01-12 06:26 - 00000000 ____D C:\Program Files\CCleaner
2014-01-12 06:26 - 2014-01-12 06:26 - 04645232 _____ (Piriform Ltd) C:\Users\hp 13\Downloads\ccsetup409.exe
2014-01-12 06:26 - 2014-01-12 06:26 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-12 05:18 - 2014-01-12 05:17 - 00181064 _____ (Sysinternals) C:\WINDOWS\PSEXESVC.EXE
2014-01-12 05:16 - 2014-01-12 05:16 - 01069757 _____ C:\Users\hp 13\Downloads\Tweaking.com-ResetRegistryPermissions.exe
2014-01-12 05:15 - 2014-01-12 05:08 - 00439648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswndisflt.sys
2014-01-12 04:39 - 2014-01-12 04:34 - 00003874 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-12 04:39 - 2014-01-12 04:34 - 00003638 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-12 04:38 - 2014-01-12 01:50 - 00000000 ____D C:\Users\hp 13\AppData\Local\Google
2014-01-12 04:33 - 2014-01-12 04:33 - 00819176 _____ (Google Inc.) C:\Users\hp 13\Downloads\ChromeSetup (1).exe
2014-01-12 04:18 - 2013-09-09 02:05 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\PerformerSoft
2014-01-12 04:04 - 2014-01-12 04:04 - 00001830 _____ C:\Users\hp 13\Downloads\Add-Take-Ownership.reg
2014-01-12 02:48 - 2014-01-12 02:48 - 00231960 _____ C:\WINDOWS\RegBootClean64.exe
2014-01-12 02:48 - 2013-11-21 23:58 - 00000000 ____D C:\ATI
2014-01-12 02:04 - 2014-01-12 02:04 - 00000036 _____ C:\Users\hp 13\AppData\Local\housecall.guid.cache
2014-01-12 01:50 - 2014-01-12 01:50 - 00819176 _____ (Google Inc.) C:\Users\hp 13\Downloads\ChromeSetup.exe
2014-01-06 13:31 - 2013-08-22 06:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-06 13:31 - 2013-08-22 06:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-06 10:30 - 2013-06-06 16:14 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\dvdcss
2014-01-05 21:16 - 2013-06-11 10:45 - 00000000 ___RD C:\Program Files (x86)\Skype
2014-01-05 21:16 - 2013-06-11 10:45 - 00000000 ____D C:\ProgramData\Skype

Some content of TEMP:
====================
C:\Users\hp 13\AppData\Local\Temp\Extract.exe
C:\Users\hp 13\AppData\Local\Temp\SP59593.exe
C:\Users\hp 13\AppData\Local\Temp\SP59835.exe
C:\Users\hp 13\AppData\Local\Temp\SP60051.exe
C:\Users\hp 13\AppData\Local\Temp\SP61280.exe
C:\Users\hp 13\AppData\Local\Temp\SP63752.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-01-26 21:02

==================== End Of Log ============================

Dara_Nero · Jan 30, 2014

This is the Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-01-2014 01
Ran by hp 13 at 2014-01-31 07:29:06
Running from C:\Users\hp 13\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Trend Micro Titanium Internet Security (Enabled - Up to date) {5D349EF8-873B-C657-917F-F1D93E101A7C}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Trend Micro Titanium Internet Security (Enabled - Up to date) {E6557F1C-A101-C9D9-ABCF-CAAB459750C1}

==================== Installed Programs ======================

4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
Acceso Directo Nextel (x32 Version: 4.12.0005 - Diginext B.V.)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.5.635 - Adobe Systems, Inc.)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
BlueStacks App Player (x32 Version: 0.8.5.3042 - BlueStack Systems, Inc.)
BlueStacks Notification Center (x32 Version: 0.8.5.3042 - BlueStack Systems, Inc.)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98 - WildTangent) Hidden
CCleaner (Version: 4.09 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink LabelPrint (x32 Version: 2.5.1.5407 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1.5407 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (x32 Version: 10.0.3.2608 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.3.2608 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (x32 Version: 2.0.1.3119 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.1.3119 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (x32 Version: 8.0.1.1926 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.1.1926 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925 - CyberLink Corp.) Hidden
CyberLink YouCam (x32 Version: 3.5.4.5527 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.4.5527 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star (Version: 1.0.8 - Hewlett-Packard)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE: The Cursed King (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
FlatOut 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Garena - League of Legends (x32 Version: - Garena Online Pte Ltd.)
Garena Plus (x32 Version: 2011 - Garena Online Pte Ltd.)
GlassFish Server Open Source Edition 4.0 (x32 Version: - )
Google Chrome (x32 Version: 32.0.1700.102 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP 3D DriveGuard (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Connected Backup (x32 Version: 8.7.0.0 - Autonomy)
HP Connected Music (Meridian - installer) (x32 Version: v1.0 - Meridian Audio Ltd)
HP CoolSense (x32 Version: 2.10.62 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (x32 Version: 1.1.0.0 - Hewlett-Packard)
HP Games (x32 Version: 1.0.3.0 - WildTangent)
HP MyRoom (x32 Version: 9.0.0.0 - Hewlett-Packard Company)
HP Postscript Converter (Version: 3.1.3554 - Hewlett-Packard) Hidden
HP Quick Launch (x32 Version: 3.0.6 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 7.00 - Hewlett-Packard) Hidden
HP Registration Service (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Software Framework (x32 Version: 4.6.10.1 - Hewlett-Packard Company)
HP Support Assistant (x32 Version: 7.0.32.44 - Hewlett-Packard Company)
HP Utility Center (x32 Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (x32 Version: 1.1.2.1 - Hewlett-Packard Company)
HPDetect (x32 Version: 1.0.0.0 - HP)
HTC Driver Installer (x32 Version: 4.10.0.001 - HTC Corporation)
HTC Sync Manager (x32 Version: 2.4.11.0 - HTC)
IDT Audio (x32 Version: 1.0.6433.0 - IDT)
Iminent (x32 Version: 6.23.53.0 - Iminent) Hidden <==== ATTENTION
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 10.18.10.3379 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
IPTInstaller (x32 Version: 4.0.8 - HTC)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 51 (x32 Version: 1.7.0.510 - Oracle)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Load Ace62 (ATLANTIC GRACE) (x32 Version: 6.02 - NHE)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (x32 Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office 365 Home Premium - en-us (Version: 15.0.4505.1006 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20125.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Mobile Partner (x32 Version: 23.003.07.02.486 - Huawei Technologies Co.,Ltd)
Mortimer Beckett and the Crimson Thief Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
NetBeans IDE 7.4 (x32 Version: 7.4 - NetBeans.org)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Ralink Bluetooth Stack64 (Version: 11.0.737.5 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (x32 Version: 5.0.2.0 - Ralink)
Realtek Ethernet Controller Driver (x32 Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (x32 Version: 6.1.8400.29025 - Realtek Semiconductor Corp.)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (Version: 16.2.10.12 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Trend Micro Titanium (Version: 7.0 - Trend Micro Inc.) Hidden
Trend Micro Titanium Internet Security (Version: 7.0 - Trend Micro Inc.)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 2.2.0.98 - WildTangent) Hidden
Video Performer (x32 Version: - PerformerSoft LLC)
VLC media player 2.0.0 (x32 Version: 2.0.0 - VideoLAN)
WildTangent Games (x32 Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.6 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Restore Points =========================

21-01-2014 14:17:02 Windows Update
22-01-2014 01:26:22 HPSF Applying updates
22-01-2014 03:28:57 HPSF Applying updates
22-01-2014 03:30:36 HPSF Applying updates
22-01-2014 10:47:06 Installed Java SE Development Kit 7 Update 51
22-01-2014 10:48:59 Installed Java 7 Update 51
22-01-2014 11:42:02 HPSF Applying updates
22-01-2014 11:48:36 HPSF Applying updates
29-01-2014 17:52:16 Windows Update

==================== Hosts content: ==========================

2013-08-22 04:25 - 2013-08-22 04:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0CDA1288-4F6B-46C5-B3B1-EEB223D13F86} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {27A866C7-BC42-4530-9858-FB8E5C48203A} - System32\Tasks\Hoolapp Init => C:\Users\HP13~1\AppData\Roaming\HOOLAP~1\Hoolapp.exe <==== ATTENTION
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)
Task: {37F29A08-7BDD-41F5-8949-AFC710D08F2A} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4FE2E243-157A-47B9-A0CA-69FB73274375} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-12] (Google Inc.)
Task: {4FFD69D3-314A-442E-B494-33088040870F} - System32\Tasks\HPCeeScheduleForhp 13 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {5ED98240-5459-4682-85A6-0CD67EB8D503} - System32\Tasks\Microsoft\Office\Office First Run Task => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-04-19] (Microsoft Corporation)
Task: {627AF881-BF61-4FB6-A6DA-838B4FCCAC9F} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe
Task: {6447D231-F74F-4DDF-8114-17B9F37DB944} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6BD21ADE-C365-4149-B294-7F0885B1D32E} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {80D89C67-B46D-454A-A6E7-690376ADF453} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8F69C7FF-9FBF-43F1-9E09-252C77AB8232} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-06-07] (Hewlett-Packard Development Company, L.P.)
Task: {9BAE486E-3F95-4C00-98B6-5182D4DFDC9C} - System32\Tasks\Hoolapp For Android => C:\Users\HP13~1\AppData\Roaming\HOOLAP~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A9F59889-E7F9-4A64-8B28-13A820736E25} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-07] (CyberLink)
Task: {C2CE23DB-A04A-4529-BA10-2E94598E6F2F} - System32\Tasks\{A5D0E649-1438-4D52-95C6-154BC3EA4899} => Iexplore.exe http://ui.skype.com/ui/0/6.5.0.158/en/abandoninstall?source=lightinstaller&page=tsInstall
Task: {C6BF8C75-3010-4750-84E4-24DCFB034FB7} - System32\Tasks\Titanium BTC => C:\Program Files\Trend Micro\Titanium\plugin\TMDC\TMDC.exe [2013-08-26] (Trend Micro Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D56E2730-C5CA-4222-9B35-DC82CF67478A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-01-21] (Microsoft Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E69DBE51-D6E7-4542-A397-90DE1D2FA30A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EEE10209-DFEF-40A7-BEBA-3DC75E6D6856} - System32\Tasks\{5DAE973F-D790-4373-81C0-13B0C82553A8} => Iexplore.exe http://ui.skype.com/ui/0/6.5.0.158/en/abandoninstall?source=lightinstaller&page=tsInstall
Task: {F31D16DC-9B3D-4D31-A7D8-AA22DE361636} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {FC83F4F2-12E1-44AE-B2AE-AC4C08631542} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-12] (Google Inc.)
Task: {FDE033A0-49E2-4CBF-A3D2-9D077B396203} - System32\Tasks\gg_uac_daemon_hp 13 => C:\Program Files (x86)\Garena Plus\ggdllhost.exe [2014-01-27] ()
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForhp 13.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) =============

2013-01-10 11:25 - 2013-01-10 11:25 - 00364544 _____ () C:\Windows\system32\BsExtendFunc.dll
2013-01-10 13:30 - 2013-01-10 13:30 - 00022528 _____ () C:\Windows\system32\BsTrace.dll
2013-01-10 13:35 - 2013-01-10 13:35 - 00009728 _____ () C:\Windows\system32\BsHelpCSps.dll
2013-01-10 13:35 - 2013-01-10 13:35 - 00055296 _____ () C:\Windows\system32\BlueSoleilCSps.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-01-15 00:38 - 2013-01-15 11:19 - 00048128 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc110-mt-1_49.dll
2014-01-15 00:38 - 2013-01-15 11:23 - 00058368 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc110-mt-1_49.dll
2014-01-15 00:46 - 2013-12-18 04:33 - 00057584 _____ () C:\Program Files\Trend Micro\Titanium\plugin\fcMsgDispatcher.dll
2013-01-10 13:30 - 2013-01-10 13:30 - 00022528 _____ () C:\WINDOWS\SYSTEM32\BsTrace.dll
2013-01-10 13:35 - 2013-01-10 13:35 - 00009728 _____ () C:\Windows\SYSTEM32\BsHelpCSps.dll
2013-01-10 13:35 - 2013-01-10 13:35 - 00055296 _____ () C:\Windows\SYSTEM32\BlueSoleilCSps.dll
2013-01-10 13:12 - 2013-01-10 13:12 - 00326656 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\setup.dll
2013-03-22 10:06 - 2013-03-22 10:06 - 00387936 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll
2011-07-05 10:53 - 2011-07-05 10:53 - 00012800 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\AMP\IVTAMPRL.dll
2013-11-14 21:30 - 2013-11-14 21:30 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2013-11-14 21:31 - 2013-11-14 21:31 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2013-11-14 21:31 - 2013-11-14 21:31 - 00044392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2013-11-14 21:31 - 2013-11-14 21:31 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2013-11-14 21:31 - 2013-11-14 21:31 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2013-11-14 21:33 - 2013-11-14 21:33 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2013-11-14 21:34 - 2013-11-14 21:34 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2013-06-11 05:13 - 2009-01-10 01:32 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2013-06-11 05:13 - 2009-06-22 09:42 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2013-06-11 05:13 - 2010-05-14 00:57 - 02415104 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2013-06-11 05:13 - 2010-02-10 05:10 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2013-06-11 05:13 - 2012-03-06 18:16 - 00843264 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2013-06-11 05:13 - 2010-02-10 05:06 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2014-01-27 21:37 - 2014-01-27 21:37 - 00553776 _____ () C:\Program Files (x86)\Garena Plus\ggspawn.dll
2013-01-31 17:04 - 2013-01-31 17:04 - 00080120 _____ () C:\WINDOWS\SYSTEM32\BsProfilefunc.dll
2013-01-10 11:25 - 2013-01-10 11:25 - 00364544 _____ () C:\WINDOWS\SYSTEM32\BsExtendFunc.dll
2013-02-19 15:36 - 2012-06-07 18:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 10:34 - 2012-06-08 10:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-02-19 15:18 - 2012-06-25 09:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-01-23 00:24 - 2014-01-23 00:24 - 00799024 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\gagmhook.dll
2014-01-29 08:45 - 2014-01-22 20:56 - 00715544 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\libglesv2.dll
2014-01-29 08:45 - 2014-01-22 20:56 - 00100120 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\libegl.dll
2014-01-29 08:45 - 2014-01-22 20:56 - 04055320 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll
2014-01-29 08:45 - 2014-01-22 20:57 - 00399640 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll
2014-01-29 08:45 - 2014-01-22 20:55 - 01634584 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ffmpegsumo.dll
2013-07-23 01:28 - 2013-07-23 01:28 - 00049152 _____ () C:\Program Files\Trend Micro\Titanium\UIFramework\boost_thread-vc110-mt-1_49.dll
2013-07-23 01:28 - 2013-07-23 01:28 - 00039424 _____ () C:\Program Files\Trend Micro\Titanium\UIFramework\boost_date_time-vc110-mt-1_49.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9
AlternateDataStreams: C:\Users\hp 13\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

==================== Faulty Device Manager Devices =============

Name: JABRA TALK Hands-Free Audio and Call Control HID Enumerator
Description: Bluetooth Hands-Free Audio and Call Control HID Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthHFEnum
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Could not start eventlog service, could not read events.

The requested service has already been started.

More help is available by typing NET HELPMSG 2182.

==================== Memory info ===========================

Percentage of memory in use: 40%
Total physical RAM: 6037.96 MB
Available physical RAM: 3607.32 MB
Total Pagefile: 12181.96 MB
Available Pagefile: 9268.57 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:440.16 GB) (Free:355.7 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:24.48 GB) (Free:2.89 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: CC9463E4)

Partition: GPT Partition Type
==================== End Of Log ============================

Broni · Jan 30, 2014

I don't see much there.

Download RogueKiller for 32bit or Roguekiller for 64bit to your Desktop.

Close all the running programs
Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
Otherwise just double-click on RogueKiller.exe
Pre-scan will start. Let it finish.
Click on SCAN button.
Wait until the Status box shows Scan Finished
Click on Delete.
Wait until the Status box shows Deleting Finished.
Click on Report and copy/paste the content of the Notepad into your next reply.
RKreport.txt could also be found on your desktop.
If more than one log is produced post all logs.
If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

Create new restore point before proceeding with the next step....
How to: http://www.smartestcomputing.us.com/topic/63983-how-to-create-new-restore-point-all-windows/

Download Malwarebytes Anti-Rootkit (MBAR) from HERE

Unzip downloaded file.
Open the folder where the contents were unzipped and run mbar.exe
Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
Click on the Cleanup button to remove any threats and reboot if prompted to do so.
Wait while the system shuts down and the cleanup process is performed.
Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt

Dara_Nero · Jan 30, 2014

RogueKiller V8.8.3 _x64_ [Jan 24 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : hp 13 [Admin rights]
Mode : Remove -- Date : 01/31/2014 10:17:24
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 3 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[SCREENSVR][SUSP PATH] HKCU\[...]\Desktop : SCRNSAVE.EXE (C:\Users\HP13~1\Desktop\dds.scr [x]) -> REPLACED (C:\WINDOWS\system32\logon.scr)

¤¤¤ Scheduled tasks : 2 ¤¤¤
[V2][SUSP PATH] Hoolapp For Android : C:\Users\HP13~1\AppData\Roaming\HOOLAP~1\UPDATE~1\UPDATE~1.EXE - /Check [x] -> DELETED
[V2][SUSP PATH] Hoolapp Init : C:\Users\HP13~1\AppData\Roaming\HOOLAP~1\Hoolapp.exe - /Minimized [x] -> DELETED

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) TOSHIBA MQ01ABD050 +++++
--- User ---
[MBR] 1a8d7f819f23bbaa91611dbf981c2811
[BSP] 9a9fc9fd91a288ac606b8ae6964fc605 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_D_01312014_101724.txt >>
RKreport[0]_S_01312014_101356.txt

Dara_Nero · Jan 30, 2014

Sorry if it took a little while.

Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2014.01.31.01

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16476
hp 13 :: HP [administrator]

1/31/2014 11:48:21 AM
mbar-log-2014-01-31 (11-48-21).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 255052
Time elapsed: 1 hour(s), 1 minute(s), 33 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Dara_Nero · Jan 30, 2014

This is for the system-log.txt

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009

(c) Malwarebytes Corporation 2011-2012

OS version: 6.2.9200 Windows 8 x64

Account is Administrative

Internet Explorer version: 11.0.9600.16476

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.395000 GHz
Memory total: 6331256832, free: 3787440128

Downloaded database version: v2014.01.31.01
Downloaded database version: v2013.12.18.01
=======================================
Initializing...
------------ Kernel report ------------
01/31/2014 10:39:51
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\TMEBC64.sys
\SystemRoot\System32\drivers\iaStorAV.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\system32\DRIVERS\tmcomm.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\hpdskflt.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\tmevtmgr.sys
\SystemRoot\system32\DRIVERS\tmactmon.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\CLVirtualDrive.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\System32\drivers\HECIx64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\netr28x.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\System32\drivers\rtbth.sys
\SystemRoot\system32\DRIVERS\Rt630x64.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys
\SystemRoot\system32\DRIVERS\Accelerometer.sys
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\WirelessButtonDriver64.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\Drivers\BtAudioBus.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\iwdbus.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\system32\DRIVERS\stwrt64.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\System32\Drivers\IvtUrbBtFlt.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\system32\DRIVERS\BthLEEnum.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\DRIVERS\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\System32\Drivers\BtL2caScoIf.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorAV.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\system32\drivers\luafv.sys
\??\C:\WINDOWS\system32\drivers\mbam.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\drivers\condrv.sys
\??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\DRIVERS\tmusa.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\system32\DRIVERS\tmnciesc.sys
\SystemRoot\system32\DRIVERS\tmeevw.sys
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\drivers\BthA2DP.sys
\SystemRoot\system32\drivers\btampm.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffe00001b3d060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000002f\
Lower Device Object: 0xffffe00000f9e060
Lower Device Driver Name: \Driver\iaStorAV\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffe00001b3d060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffe00001b3c040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffe00001b3d060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffe00001b3db20, DeviceName: Unknown, DriverName: \Driver\hpdskflt\
DevicePointer: 0xffffe00000f9e060, DeviceName: \Device\0000002f\, DriverName: \Driver\iaStorAV\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Read File: File "C:\Windows\System32\drivers\1394ohci.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\1394ohci.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\acpi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\acpi.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\acpipagr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\acpipagr.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\acpipmi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\acpipmi.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\acpitime.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\acpitime.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\AGP440.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\AGP440.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\amdk8.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\amdk8.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\amdppm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\amdppm.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\atapi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\atapi.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\ataport.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ataport.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\BasicDisplay.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\BasicDisplay.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\battc.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\battc.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\BtaMPM.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\BtaMPM.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\BthA2DP.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\BthA2DP.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\bthenum.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\bthenum.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\bthhfenum.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\bthhfenum.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\BthhfHid.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\BthhfHid.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\BthLEEnum.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\BthLEEnum.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\bthmodem.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\bthmodem.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\bthpan.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\bthpan.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\bthport.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\bthport.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\BTHUSB.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\BTHUSB.SYS" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\cdrom.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\cdrom.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\circlass.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\circlass.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\errdev.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\errdev.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\fdc.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\fdc.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\flpydisk.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\flpydisk.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\fxppm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\fxppm.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\hdaudbus.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hdaudbus.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\hidbatt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hidbatt.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\hidbth.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hidbth.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\hidclass.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hidclass.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\hidi2c.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hidi2c.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\hidparse.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hidparse.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\hidusb.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hidusb.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\i8042prt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\i8042prt.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\monitor.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\monitor.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\mouclass.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mouclass.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\mouhid.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mouhid.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\mssmbios.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mssmbios.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\MTConfig.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\MTConfig.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\npsvctrig.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\npsvctrig.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\BasicRender.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\BasicRender.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\sdstor.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sdstor.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\vhdmp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\vhdmp.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\wacompen.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\wacompen.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\parport.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\parport.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\pci.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\pci.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\pciide.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\pciide.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\pciidex.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\pciidex.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\pcmcia.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\pcmcia.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\portcls.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\portcls.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\processr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\processr.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\serenum.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\serenum.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\serial.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\serial.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\sermouse.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sermouse.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\sfloppy.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sfloppy.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\spaceport.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\spaceport.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\stornvme.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\stornvme.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\swenum.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\swenum.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\terminpt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\terminpt.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\tpm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\tpm.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\TsUsbGD.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\TsUsbGD.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\uaspstor.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\uaspstor.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\UCX01000.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\UCX01000.SYS" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\uefi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\uefi.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\umbus.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\umbus.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\volmgr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\volmgr.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\volsnap.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\volsnap.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\vwifibus.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\vwifibus.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\winusb.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\winusb.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\wmiacpi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\wmiacpi.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\rdpbus.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\rdpbus.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\rfcomm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\rfcomm.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\sbp2port.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sbp2port.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\sdbus.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sdbus.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\CmBatt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\CmBatt.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\CompositeBus.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\CompositeBus.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\disk.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\disk.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\drmk.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\drmk.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\drmkaud.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\drmkaud.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\dumpsd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\dumpsd.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\msgpiowin32.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\msgpiowin32.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\msisadrv.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\msisadrv.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\msiscsi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\msiscsi.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\umpass.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\umpass.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbccgp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbccgp.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbcir.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbcir.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbd.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbehci.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbehci.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbhub.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbhub.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\USBHUB3.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\USBHUB3.SYS" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbohci.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbohci.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbport.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbport.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbprint.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbprint.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\USBSTOR.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\USBSTOR.SYS" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbuhci.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbuhci.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbvideo.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbvideo.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\USBXHCI.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\USBXHCI.SYS" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\vdrvroot.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\vdrvroot.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\intelpep.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\intelpep.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\intelppm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\intelppm.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\isapnp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\isapnp.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\kbdclass.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\kbdclass.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\kbdhid.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\kbdhid.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\kdnic.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\kdnic.sys" is compressed (flags = 1)
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: CC9463E4

GPT Protective MBR Partition information:

Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

GPT Partition information:

GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 2692800906
GPT Header CurrentLba = 1 BackupLba 976773167
GPT Header FirstUsableLba 34 LastUsableLba 976773134
GPT Header Guid fe7dddf1-accc-49d7-bfa3-dbb9f49e6cf
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128

Backup GPT header Signature 4546492050415254
Backup GPT header Revision 65536 Size 92 CRC 2692800906
Backup GPT header CurrentLba = 976773167 BackupLba 1
Backup GPT header FirstUsableLba 34 LastUsableLba 976773134
Backup GPT header Guid fe7dddf1-accc-49d7-bfa3-dbb9f49e6cf
Backup GPT header Contains 128 partition entries starting at LBA 976773135
Backup GPT header Partition entry size = 128

Partition 0 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID 9e061d72-e3a0-479b-8520-9b92adc441c0
FirstLBA 2048 Last LBA 821247
Attributes 1
Partition Name Basic data partition

Partition 1 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
Partition ID e586a408-3c09-467e-8fe6-2def1351e855
FirstLBA 821248 Last LBA 1353727
Attributes 0
Partition Name EFI system partition

GPT Partition 1 is bootable
Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID a2bdaf9a-839a-4f75-9b4-ed2ed73e7f9
FirstLBA 1353728 Last LBA 1615871
Attributes 0
Partition Name Microsoft reserved partition

Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID 43e3f257-840-475c-a59-609b8cb4df8
FirstLBA 1615872 Last LBA 924700671
Attributes 0
Partition Name Basic data partition

Partition 4 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID a3a50f4-aaed-45ec-9dde-65d7ff10562f
FirstLBA 924700672 Last LBA 925417471
Attributes 1
Partition Name

Partition 5 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID acedf3ad-f70b-4465-93b5-1ee76484f83
FirstLBA 925417472 Last LBA 976758783
Attributes 1
Partition Name Basic data partition

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Done!
Scan finished
=======================================

Dara_Nero · Jan 30, 2014

Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-I.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009

(c) Malwarebytes Corporation 2011-2012

OS version: 6.2.9200 Windows 8 x64

Account is Administrative

Internet Explorer version: 11.0.9600.16476

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.395000 GHz
Memory total: 6331256832, free: 3595386880

=======================================
Initializing...
------------ Kernel report ------------
01/31/2014 11:48:15
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\TMEBC64.sys
\SystemRoot\System32\drivers\iaStorAV.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\system32\DRIVERS\tmcomm.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\hpdskflt.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\tmevtmgr.sys
\SystemRoot\system32\DRIVERS\tmactmon.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\CLVirtualDrive.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\System32\drivers\HECIx64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\netr28x.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\System32\drivers\rtbth.sys
\SystemRoot\system32\DRIVERS\Rt630x64.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys
\SystemRoot\system32\DRIVERS\Accelerometer.sys
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\WirelessButtonDriver64.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\Drivers\BtAudioBus.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\iwdbus.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\system32\DRIVERS\stwrt64.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\System32\Drivers\IvtUrbBtFlt.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\system32\DRIVERS\BthLEEnum.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\DRIVERS\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\System32\Drivers\BtL2caScoIf.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorAV.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\system32\drivers\luafv.sys
\??\C:\WINDOWS\system32\drivers\mbam.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\drivers\condrv.sys
\??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\DRIVERS\tmusa.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\system32\DRIVERS\tmnciesc.sys
\SystemRoot\system32\DRIVERS\tmeevw.sys
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\drivers\BthA2DP.sys
\SystemRoot\system32\drivers\btampm.sys
\??\C:\WINDOWS\system32\drivers\6E9A633A.sys
\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffe00001b3d060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000002f\
Lower Device Object: 0xffffe00000f9e060
Lower Device Driver Name: \Driver\iaStorAV\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffe00001b3d060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffe00001b3c040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffe00001b3d060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffe00001b3db20, DeviceName: Unknown, DriverName: \Driver\hpdskflt\
DevicePointer: 0xffffe00000f9e060, DeviceName: \Device\0000002f\, DriverName: \Driver\iaStorAV\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Read File: File "C:\Windows\System32\drivers\1394ohci.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\1394ohci.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\acpi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\acpi.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\acpipagr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\acpipagr.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\acpipmi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\acpipmi.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\acpitime.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\acpitime.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\AGP440.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\AGP440.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\amdk8.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\amdk8.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\amdppm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\amdppm.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\atapi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\atapi.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\ataport.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ataport.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\BasicDisplay.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\BasicDisplay.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\battc.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\battc.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\BtaMPM.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\BtaMPM.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\BthA2DP.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\BthA2DP.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\bthenum.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\bthenum.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\bthhfenum.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\bthhfenum.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\BthhfHid.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\BthhfHid.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\BthLEEnum.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\BthLEEnum.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\bthmodem.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\bthmodem.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\bthpan.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\bthpan.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\bthport.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\bthport.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\BTHUSB.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\BTHUSB.SYS" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\cdrom.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\cdrom.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\circlass.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\circlass.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\errdev.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\errdev.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\fdc.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\fdc.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\flpydisk.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\flpydisk.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\fxppm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\fxppm.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\hdaudbus.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hdaudbus.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\hidbatt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hidbatt.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\hidbth.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hidbth.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\hidclass.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hidclass.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\hidi2c.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hidi2c.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\hidparse.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hidparse.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\hidusb.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hidusb.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\i8042prt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\i8042prt.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\monitor.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\monitor.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\mouclass.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mouclass.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\mouhid.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mouhid.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\mssmbios.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mssmbios.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\MTConfig.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\MTConfig.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\npsvctrig.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\npsvctrig.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\BasicRender.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\BasicRender.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\sdstor.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sdstor.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\vhdmp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\vhdmp.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\wacompen.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\wacompen.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\parport.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\parport.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\pci.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\pci.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\pciide.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\pciide.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\pciidex.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\pciidex.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\pcmcia.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\pcmcia.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\portcls.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\portcls.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\processr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\processr.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\serenum.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\serenum.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\serial.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\serial.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\sermouse.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sermouse.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\sfloppy.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sfloppy.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\spaceport.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\spaceport.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\stornvme.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\stornvme.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\swenum.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\swenum.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\terminpt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\terminpt.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\tpm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\tpm.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\TsUsbGD.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\TsUsbGD.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\uaspstor.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\uaspstor.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\UCX01000.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\UCX01000.SYS" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\uefi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\uefi.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\umbus.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\umbus.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\volmgr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\volmgr.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\volsnap.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\volsnap.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\vwifibus.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\vwifibus.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\winusb.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\winusb.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\wmiacpi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\wmiacpi.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\rdpbus.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\rdpbus.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\rfcomm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\rfcomm.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\sbp2port.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sbp2port.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\sdbus.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sdbus.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\CmBatt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\CmBatt.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\CompositeBus.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\CompositeBus.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\disk.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\disk.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\drmk.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\drmk.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\drmkaud.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\drmkaud.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\dumpsd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\dumpsd.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\msgpiowin32.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\msgpiowin32.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\msisadrv.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\msisadrv.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\msiscsi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\msiscsi.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\umpass.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\umpass.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbccgp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbccgp.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbcir.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbcir.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbd.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbehci.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbehci.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbhub.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbhub.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\USBHUB3.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\USBHUB3.SYS" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbohci.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbohci.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbport.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbport.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbprint.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbprint.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\USBSTOR.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\USBSTOR.SYS" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbuhci.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbuhci.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\usbvideo.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbvideo.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\USBXHCI.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\USBXHCI.SYS" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\vdrvroot.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\vdrvroot.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\intelpep.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\intelpep.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\intelppm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\intelppm.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\isapnp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\isapnp.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\kbdclass.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\kbdclass.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\kbdhid.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\kbdhid.sys" is compressed (flags = 1)
Read File: File "C:\Windows\System32\drivers\kdnic.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\kdnic.sys" is compressed (flags = 1)
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: CC9463E4

GPT Protective MBR Partition information:

Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

GPT Partition information:

GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 2692800906
GPT Header CurrentLba = 1 BackupLba 976773167
GPT Header FirstUsableLba 34 LastUsableLba 976773134
GPT Header Guid fe7dddf1-accc-49d7-bfa3-dbb9f49e6cf
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128

Backup GPT header Signature 4546492050415254
Backup GPT header Revision 65536 Size 92 CRC 2692800906
Backup GPT header CurrentLba = 976773167 BackupLba 1
Backup GPT header FirstUsableLba 34 LastUsableLba 976773134
Backup GPT header Guid fe7dddf1-accc-49d7-bfa3-dbb9f49e6cf
Backup GPT header Contains 128 partition entries starting at LBA 976773135
Backup GPT header Partition entry size = 128

Partition 0 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID 9e061d72-e3a0-479b-8520-9b92adc441c0
FirstLBA 2048 Last LBA 821247
Attributes 1
Partition Name Basic data partition

Partition 1 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
Partition ID e586a408-3c09-467e-8fe6-2def1351e855
FirstLBA 821248 Last LBA 1353727
Attributes 0
Partition Name EFI system partition

GPT Partition 1 is bootable
Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID a2bdaf9a-839a-4f75-9b4-ed2ed73e7f9
FirstLBA 1353728 Last LBA 1615871
Attributes 0
Partition Name Microsoft reserved partition

Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID 43e3f257-840-475c-a59-609b8cb4df8
FirstLBA 1615872 Last LBA 924700671
Attributes 0
Partition Name Basic data partition

Partition 4 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID a3a50f4-aaed-45ec-9dde-65d7ff10562f
FirstLBA 924700672 Last LBA 925417471
Attributes 1
Partition Name

Partition 5 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID acedf3ad-f70b-4465-93b5-1ee76484f83
FirstLBA 925417472 Last LBA 976758783
Attributes 1
Partition Name Basic data partition

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Done!
Scan finished
=======================================

Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-I.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished

Broni · Jan 30, 2014

Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

Never rename Combofix unless instructed.
Close any open browsers.
Very Important! Temporarily disable your anti-virus and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
Close any open browsers.
WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
If the connection is not there use restore point you created prior to running Combofix.
Double click on combofix.exe & follow the prompts.

NOTE1. If Combofix asks you to install Recovery Console, please allow it.
NOTE 2. If Combofix asks you to update the program, always do so.

When finished, it will produce a report for you.
Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.

Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try the following...

Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

Restart computer in safe mode

Double-click on the Rkill desktop icon to run the tool.
If using Vista or Windows 7 right-click on it and choose Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If not, delete the file, then download and use the one provided in Link 2.
Do not reboot until instructed.
If the tool does not run from any of the links provided, please let me know.

When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.

Dara_Nero · Jan 30, 2014

Combofix can't run on windows 8.1.

Broni · Jan 30, 2014

I'm sorry about it.

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please copy and paste it to your reply.

Dara_Nero · Jan 30, 2014

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-01-2014 01
Ran by hp 13 (administrator) on HP on 31-01-2014 13:43:22
Running from C:\Users\hp 13\Downloads
Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: https://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html
Download link for 64-Bit Version: https://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST:

==================== Processes (Whitelisted) =================

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Program Files (x86)\Nextel\ADN\RUS.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
() C:\Program Files (x86)\Garena Plus\ggdllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\chromeextension\NativeMessageHost\ToolbarNativeMsgHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-28] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1664000 2014-01-14] (IDT, Inc.)
HKLM\...\Run: [Trend Micro Client Framework] - C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [229824 2013-10-09] (Trend Micro Inc.)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [BtTray] - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [379904 2013-01-10] (IVT Corporation)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [BlueStacks Agent] - C:\Program Files (x86)\BlueStacks\HD-Agent.exe [811792 2014-01-20] (BlueStack Systems, Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe" Update [21720 2014-01-28] (Hewlett-Packard)
HKLM\...\RunOnce: [DCERegBootClean64] - C:\WINDOWS\RegBootClean64.exe [231960 2014-01-31] ()
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
MountPoints2: F - "F:\HTC_Sync_Manager_PC.exe"
MountPoints2: {d21e1bfc-7d98-11e3-bf2e-68942376b0a2} - "F:\HTC_Sync_Manager_PC.exe"

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM - {325FE238-DB55-4525-8D0A-92B59D70C25F} URL = http://www.amazon.com/s/ref=azs_osd...ode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 - {325FE238-DB55-4525-8D0A-92B59D70C25F} URL = http://www.amazon.com/s/ref=azs_osd...ode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-search.com/?q={se...mntrId=50A668942376B0A3&affID=123477&tsp=5000
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKCU - {325FE238-DB55-4525-8D0A-92B59D70C25F} URL = http://www.amazon.com/s/ref=azs_osd...ode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: TSToolbarBHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
BHO: TmIEPlugInBHO Class - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg.dll (Trend Micro Inc.)
BHO: Speed Analysis 3 - {A66261FC-B82E-4EC7-9F6D-C2F36B871DF0} - C:\Program Files (x86)\Speed Analysis 3\ScriptHost64.dll No File
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\TmBpIe64.dll (Trend Micro Inc.)
BHO-x32: TSToolbarBHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TmIEPlugInBHO Class - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg32.dll (Trend Micro Inc.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\TmBpIe64.dll (Trend Micro Inc.)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg.dll (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll (Skype Technologies)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\TmBpIe32.dll (Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg32.dll (Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 114.108.195.1 114.108.193.201

Chrome:
=======
CHR DefaultSearchKeyword: google.com.ph
CHR Extension: (Google Docs) - C:\Users\hp 13\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-12]
CHR Extension: (Google Drive) - C:\Users\hp 13\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-12]
CHR Extension: (YouTube) - C:\Users\hp 13\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-12]
CHR Extension: (TrendMicro BEP Extension) - C:\Users\hp 13\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee [2014-01-15]
CHR Extension: (Google Search) - C:\Users\hp 13\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-12]
CHR Extension: (Trend Micro Osprey Chrome Extension) - C:\Users\hp 13\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmgckcapmffomaifonnhgkfdgljnkpgi [2014-01-15]
CHR Extension: (TrendMicro Toolbar) - C:\Users\hp 13\AppData\Local\Google\Chrome\User Data\Default\Extensions\heoldelcflnigdllmlopiefhkkobendj [2014-01-15]
CHR Extension: (Google Wallet) - C:\Users\hp 13\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-12]
CHR Extension: (Gmail) - C:\Users\hp 13\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-12]
CHR HKLM\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\chrome_tmbep.crx [2014-01-15]
CHR HKLM-x32\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\chrome_tmbep.crx [2014-01-15]
CHR HKLM-x32\...\Chrome\Extension: [fmgckcapmffomaifonnhgkfdgljnkpgi] - C:\Program Files\Trend Micro\AMSP\module\20013\ChromeExt\chromeextension\TmOspreychromeExt.crx [2014-01-15]
CHR HKLM-x32\...\Chrome\Extension: [gjajpkikblccgefaibcafkfbanllpefi] - C:\Users\hp 13\AppData\Roaming\7go\7go.crx [2014-01-15]
CHR HKLM-x32\...\Chrome\Extension: [heoldelcflnigdllmlopiefhkkobendj] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\chromeextension\chromeextension.crx [2014-01-15]

==================== Services (Whitelisted) =================

R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1619704 2013-03-26] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2013-01-10] (IVT Corporation)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-01-20] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-01-20] (BlueStack Systems, Inc.)
S3 dblhost; C:\Program Files (x86)\Nextel\ADN\dblhost.exe [81968 2011-09-19] (Diginext B.V.)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-10] (Nero AG)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [655712 2012-03-06] ()
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1872568 2013-04-19] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 RUS; C:\Program Files (x86)\Nextel\ADN\RUS.exe [27696 2011-09-19] ()
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-01-14] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [x]

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows (R) Win 7 DDK provider)
S3 BlueletAudio; C:\Windows\system32\DRIVERS\blueletaudio.sys [33968 2012-12-19] (IVT Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [115472 2014-01-20] (BlueStack Systems)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
R4 BthA2DP;
S4 BthAvrcpTg;
S4 BthHFEnum;
S4 bthhfhid;
R4 BthHFSrv;
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
R0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-01-14] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [266896 2012-06-13] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1149232 2013-03-09] (Ralink Technology, Corp.)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-01-14] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-10] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-10] (Synaptics Incorporated)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-13] (Microsoft Corporation)
R1 tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [116264 2013-09-03] (Trend Micro Inc.)
R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [282624 2013-09-03] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [50976 2013-06-30] (Trend Micro Inc.)
R3 tmeevw; C:\Windows\system32\DRIVERS\tmeevw.sys [100640 2013-06-12] (Trend Micro Inc.)
S0 tmel; C:\Windows\System32\DRIVERS\tmel.sys [37904 2013-07-10] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [85424 2013-09-03] (Trend Micro Inc.)
R3 tmnciesc; C:\Windows\system32\DRIVERS\tmnciesc.sys [303392 2013-05-14] (Trend Micro Inc.)
R2 tmusa; C:\Windows\system32\DRIVERS\tmusa.sys [103712 2013-07-07] (Trend Micro Inc.)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-01-31 13:42 - 2014-01-31 13:42 - 00000000 ____D C:\Users\hp 13\Downloads\FRST-OlderVersion
2014-01-31 13:39 - 2014-01-31 13:39 - 00005280 _____ C:\WINDOWS\RegBootClean64.CFG
2014-01-31 13:19 - 2014-01-31 13:19 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\hp 13\Downloads\rkill.exe
2014-01-31 13:07 - 2014-01-31 13:14 - 05177551 _____ (Swearware) C:\Users\hp 13\Downloads\ComboFix.exe
2014-01-31 11:48 - 2014-01-31 11:48 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\6E9A633A.sys
2014-01-31 10:39 - 2014-01-31 12:50 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-31 10:39 - 2014-01-31 11:48 - 00119000 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-01-31 10:34 - 2014-01-31 12:50 - 00000000 ____D C:\Users\hp 13\Desktop\mbar
2014-01-31 10:34 - 2014-01-31 10:34 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-01-31 10:31 - 2014-01-31 10:32 - 12589848 _____ (Malwarebytes Corp.) C:\Users\hp 13\Downloads\mbar-1.07.0.1009.exe
2014-01-31 10:17 - 2014-01-31 10:17 - 00001876 _____ C:\Users\hp 13\Desktop\RKreport[0]_D_01312014_101724.txt
2014-01-31 10:13 - 2014-01-31 10:13 - 00001788 _____ C:\Users\hp 13\Desktop\RKreport[0]_S_01312014_101356.txt
2014-01-31 10:09 - 2014-01-31 10:10 - 04380160 _____ C:\Users\hp 13\Downloads\RogueKillerX64 (1).exe
2014-01-31 10:04 - 2014-01-31 10:17 - 00000000 ____D C:\Users\hp 13\Desktop\RK_Quarantine
2014-01-31 07:29 - 2014-01-31 07:30 - 00024861 _____ C:\Users\hp 13\Downloads\Addition.txt
2014-01-31 07:26 - 2014-01-31 13:43 - 00022673 _____ C:\Users\hp 13\Downloads\FRST.txt
2014-01-31 07:26 - 2014-01-31 13:42 - 00000000 ____D C:\FRST
2014-01-31 07:24 - 2014-01-31 13:42 - 02079744 _____ (Farbar) C:\Users\hp 13\Downloads\FRST64.exe
2014-01-31 01:50 - 2014-01-31 01:50 - 00000000 ____D C:\Users\hp 13\Documents\Plants vs. Zombies
2014-01-31 01:50 - 2014-01-31 01:50 - 00000000 ____D C:\Users\hp 13\Documents\Games
2014-01-31 01:39 - 2014-01-31 01:39 - 00000000 ____D C:\Users\hp 13\Documents\NDS
2014-01-31 00:19 - 2014-01-31 08:39 - 00000130 _____ C:\WINDOWS\SysWOW64\REMOTEDEVICE.INI
2014-01-30 23:13 - 2014-01-30 23:13 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\xim
2014-01-30 20:31 - 2014-01-30 20:32 - 00688992 _____ (Swearware) C:\Users\hp 13\Downloads\dds.scr
2014-01-30 20:04 - 2014-01-30 20:05 - 00688992 _____ (Swearware) C:\Users\hp 13\Desktop\dds.com
2014-01-30 19:56 - 2014-01-30 19:56 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\Malwarebytes
2014-01-30 19:55 - 2014-01-30 19:55 - 00001121 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-30 19:55 - 2014-01-30 19:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-30 19:55 - 2014-01-30 19:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-30 19:55 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-01-30 19:53 - 2014-01-30 19:55 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\hp 13\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-30 13:16 - 2014-01-30 13:16 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\LolClient
2014-01-30 13:08 - 2014-01-30 13:08 - 00001065 _____ C:\Users\Public\Desktop\League of Legends.lnk
2014-01-30 12:58 - 2014-01-30 13:08 - 00000000 ____D C:\Program Files (x86)\GarenaLoLPH
2014-01-29 23:41 - 2014-01-29 23:41 - 00000000 ____D C:\Users\hp 13\AppData\Local\Garena
2014-01-29 23:40 - 2014-01-29 23:40 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\Garena
2014-01-29 23:40 - 2014-01-29 23:40 - 00000000 ____D C:\ProgramData\Garena
2014-01-29 23:40 - 2014-01-29 23:40 - 00000000 ____D C:\GarenaDownload
2014-01-29 23:39 - 2014-01-31 08:57 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\GarenaPlus
2014-01-29 23:39 - 2014-01-31 07:24 - 00003496 _____ C:\WINDOWS\System32\Tasks\gg_uac_daemon_hp 13
2014-01-29 23:39 - 2014-01-29 23:39 - 00001075 _____ C:\Users\Public\Desktop\Garena Plus.lnk
2014-01-29 23:39 - 2014-01-29 23:39 - 00000000 ____D C:\Program Files (x86)\Garena Plus
2014-01-29 23:38 - 2014-01-31 08:57 - 00000000 ____D C:\ProgramData\GarenaMessenger
2014-01-29 23:27 - 2014-01-29 23:34 - 72040576 _____ C:\Users\hp 13\Downloads\GarenaPlus_Install.exe
2014-01-25 10:27 - 2014-01-25 10:27 - 00000000 ____D C:\Users\hp 13\AppData\Local\DOSBox
2014-01-25 10:26 - 2014-01-25 10:26 - 00001930 _____ C:\Users\Public\Desktop\DOSBox 0.74.lnk
2014-01-25 10:26 - 2014-01-25 10:26 - 00000000 ____D C:\Program Files (x86)\DOSBox-0.74
2014-01-25 10:22 - 2014-01-25 10:23 - 01448809 _____ (DOSBox Team) C:\Users\hp 13\Downloads\DOSBox0.74-win32-installer.exe
2014-01-25 10:17 - 2014-01-25 10:17 - 00000000 ____D C:\Users\hp 13\Downloads\WINDOWS 64bit Assembly Tool
2014-01-25 10:15 - 2014-01-25 10:15 - 00303833 _____ C:\Users\hp 13\Downloads\WINDOWS 64bit Assembly Tool.zip
2014-01-25 10:11 - 2014-01-29 18:35 - 00000000 ____D C:\TASM
2014-01-23 21:12 - 2014-01-23 21:12 - 00001836 _____ C:\Users\Public\Desktop\Apps.lnk
2014-01-23 21:12 - 2014-01-23 21:12 - 00001819 _____ C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-01-23 21:12 - 2014-01-23 21:12 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2014-01-23 20:56 - 2014-01-23 21:39 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2014-01-23 20:56 - 2014-01-23 21:12 - 00000000 ____D C:\ProgramData\BlueStacks
2014-01-23 19:22 - 2014-01-23 19:23 - 10414824 _____ (BlueStack Systems Inc.) C:\Users\hp 13\Downloads\BlueStacks-SplitInstaller_native.exe
2014-01-22 02:53 - 2014-01-22 02:53 - 00000000 ____D C:\Users\hp 13\Documents\NetBeansProjects
2014-01-22 02:48 - 2014-01-22 02:51 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\NetBeans
2014-01-22 02:48 - 2014-01-22 02:48 - 00000000 ____D C:\Users\hp 13\AppData\Local\NetBeans
2014-01-22 02:36 - 2014-01-30 20:28 - 00000000 ____D C:\Users\hp 13\AppData\Local\HTC MediaHub
2014-01-22 02:36 - 2014-01-22 02:40 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\HTC
2014-01-22 02:36 - 2014-01-22 02:36 - 00000000 ____D C:\Users\hp 13\Documents\HTC
2014-01-22 02:36 - 2014-01-22 02:36 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\Apple Computer
2014-01-22 02:36 - 2014-01-22 02:36 - 00000000 ____D C:\Users\hp 13\AppData\Local\Apple Computer
2014-01-22 02:35 - 2014-01-22 02:35 - 00002047 _____ C:\Users\Public\Desktop\HTC Sync Manager.lnk
2014-01-22 02:35 - 2014-01-22 02:35 - 00000000 ____D C:\Users\hp 13\.android
2014-01-22 02:34 - 2014-01-22 02:34 - 00000000 ____D C:\Program Files (x86)\Spirent Communications
2014-01-22 02:07 - 2014-01-22 02:09 - 00000000 ____D C:\Program Files (x86)\glassfish-4.0
2014-01-22 02:02 - 2014-01-22 02:02 - 00002077 _____ C:\Users\Public\Desktop\NetBeans IDE 7.4.lnk
2014-01-22 01:59 - 2014-01-22 02:09 - 00000000 ____D C:\Program Files (x86)\NetBeans 7.4
2014-01-22 01:58 - 2014-01-22 02:11 - 00000000 ____D C:\Users\hp 13\.nbi
2014-01-22 01:49 - 2014-01-22 01:49 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-01-22 01:49 - 2014-01-22 01:49 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-01-22 01:49 - 2014-01-22 01:49 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-01-22 01:49 - 2014-01-22 01:49 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-01-22 01:49 - 2014-01-22 01:49 - 00000000 ____D C:\ProgramData\Sun
2014-01-22 01:49 - 2014-01-22 01:49 - 00000000 ____D C:\ProgramData\Oracle
2014-01-22 01:47 - 2014-01-22 01:49 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-22 01:28 - 2014-01-22 01:42 - 129640864 _____ (Oracle Corporation) C:\Users\hp 13\Downloads\jdk-7u51-windows-i586.exe
2014-01-22 00:12 - 2014-01-22 00:33 - 213568720 _____ C:\Users\hp 13\Downloads\netbeans-7.4-windows.exe
2014-01-21 18:54 - 2014-01-22 02:35 - 00022286 _____ C:\WINDOWS\DPINST.LOG
2014-01-21 18:54 - 2014-01-22 02:35 - 00000000 ____D C:\Program Files (x86)\HTC
2014-01-21 18:54 - 2014-01-21 18:54 - 00000000 ____D C:\ProgramData\HTC
2014-01-21 18:54 - 2009-11-02 01:16 - 00033736 _____ (HTC, Corporation) C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys
2014-01-21 18:54 - 2009-06-09 04:41 - 01122664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01007.dll
2014-01-21 18:51 - 2014-01-22 02:05 - 00000000 ____D C:\Users\hp 13\Documents\Back up HTC
2014-01-17 01:15 - 2013-12-08 15:15 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-01-17 01:15 - 2013-11-27 06:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-01-17 01:15 - 2013-11-27 02:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-01-17 01:15 - 2013-11-27 01:34 - 00138240 _____ C:\WINDOWS\system32\OEMLicense.dll
2014-01-17 01:15 - 2013-11-27 00:54 - 00103936 _____ C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-01-17 01:15 - 2013-11-26 23:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-17 01:15 - 2013-11-26 23:45 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-01-17 01:15 - 2013-11-26 23:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-17 01:15 - 2013-11-26 23:38 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-01-17 01:15 - 2013-11-26 23:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-01-17 01:15 - 2013-11-26 23:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-01-15 10:12 - 2014-01-15 11:46 - 00000000 ____D C:\Users\towkie\AppData\Roaming\vlc
2014-01-15 10:01 - 2014-01-15 10:01 - 00001389 _____ C:\Users\towkie\Desktop\Trend Micro Titanium Internet Security.lnk
2014-01-15 10:01 - 2014-01-15 10:01 - 00000000 ____D C:\Users\towkie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
2014-01-15 00:45 - 2014-01-15 00:45 - 00000000 ___HD C:\TMRescueDisk
2014-01-15 00:41 - 2014-01-15 00:41 - 00001461 _____ C:\Users\hp 13\Desktop\Trend Micro Titanium Internet Security.lnk
2014-01-15 00:41 - 2014-01-15 00:41 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
2014-01-15 00:41 - 2013-09-03 21:24 - 00116264 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmactmon.sys
2014-01-15 00:41 - 2013-09-03 21:22 - 00085424 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmevtmgr.sys
2014-01-15 00:41 - 2013-09-03 21:17 - 00282624 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmcomm.sys
2014-01-15 00:41 - 2013-07-10 12:39 - 00037904 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmel.sys
2014-01-15 00:41 - 2013-06-30 23:08 - 00050976 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\TMEBC64.sys
2014-01-15 00:41 - 2013-06-12 16:35 - 00100640 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmeevw.sys
2014-01-15 00:41 - 2013-05-14 20:23 - 00303392 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmnciesc.sys
2014-01-15 00:40 - 2014-01-15 00:40 - 00003256 _____ C:\WINDOWS\System32\Tasks\Titanium BTC
2014-01-15 00:38 - 2014-01-15 00:38 - 00000059 _____ C:\WINDOWS\system32\SupportTool.exe.bat
2014-01-15 00:37 - 2014-01-15 00:38 - 00000000 ____D C:\Program Files\Trend Micro
2014-01-14 22:28 - 2014-01-14 22:28 - 00000000 ____D C:\Users\towkie\AppData\Local\Google
2014-01-14 22:22 - 2014-01-14 22:22 - 00000000 ____D C:\Users\towkie\Documents\Bluetooth
2014-01-14 22:21 - 2014-01-14 22:21 - 00001442 _____ C:\Users\towkie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-14 22:21 - 2014-01-14 22:21 - 00000020 ___SH C:\Users\towkie\ntuser.ini
2014-01-14 16:37 - 2014-01-30 20:29 - 00000000 __RDO C:\Users\hp 13\SkyDrive
2014-01-14 16:35 - 2014-01-14 22:22 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2014-01-14 16:34 - 2014-01-14 16:34 - 00001442 _____ C:\Users\hp 13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-14 16:33 - 2014-01-14 16:33 - 00000020 ___SH C:\Users\hp 13\ntuser.ini
2014-01-14 16:12 - 2014-01-31 07:36 - 01630710 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-14 16:12 - 2014-01-14 16:12 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2014-01-14 16:00 - 2014-01-14 16:00 - 00000000 ____D C:\Users\Default\Documents\hp.system.package.metadata
2014-01-14 16:00 - 2014-01-14 16:00 - 00000000 ____D C:\Users\Default User\Documents\hp.system.package.metadata
2014-01-14 15:57 - 2014-01-14 15:57 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2014-01-14 15:55 - 2014-01-22 02:35 - 00000000 ____D C:\Users\hp 13
2014-01-14 15:55 - 2014-01-14 22:21 - 00000000 ____D C:\Users\towkie
2014-01-14 15:55 - 2014-01-14 16:12 - 00028578 _____ C:\WINDOWS\diagwrn.xml
2014-01-14 15:55 - 2014-01-14 16:12 - 00028578 _____ C:\WINDOWS\diagerr.xml
2014-01-14 15:55 - 2014-01-14 15:56 - 00000000 ___RD C:\Users\towkie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-01-14 15:55 - 2014-01-14 15:56 - 00000000 ___RD C:\Users\towkie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-01-14 15:55 - 2014-01-14 15:56 - 00000000 ___RD C:\Users\hp 13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-01-14 15:55 - 2013-08-22 06:36 - 00000000 ___RD C:\Users\towkie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-01-14 15:55 - 2013-08-22 06:36 - 00000000 ___RD C:\Users\hp 13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-01-14 15:55 - 2013-08-22 06:36 - 00000000 ___RD C:\Users\hp 13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-01-14 15:55 - 2013-08-22 06:36 - 00000000 ____D C:\Users\towkie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-01-14 15:55 - 2013-08-22 06:36 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-01-14 15:51 - 2014-01-14 15:56 - 00012096 _____ C:\WINDOWS\iis.log
2014-01-14 15:51 - 2014-01-14 15:51 - 00930400 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-01-14 15:49 - 2014-01-14 15:49 - 00000264 _____ C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
2014-01-14 15:49 - 2014-01-14 15:49 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-01-14 15:49 - 2014-01-14 15:49 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_BtL2caScoIf_01009.Wdf
2014-01-14 15:49 - 2014-01-14 15:49 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2014-01-14 15:48 - 2014-01-14 15:58 - 00000000 ____D C:\Program Files (x86)\Intel
2014-01-14 15:48 - 2014-01-14 15:48 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2014-01-14 15:48 - 2014-01-14 15:48 - 00000000 ____D C:\Program Files\Synaptics
2014-01-14 15:48 - 2013-12-21 00:02 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2014-01-14 15:48 - 2013-12-21 00:02 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2014-01-14 15:10 - 2014-01-14 16:12 - 00006602 _____ C:\WINDOWS\comsetup.log
2014-01-14 14:46 - 2014-01-16 22:19 - 00000000 ___DC C:\WINDOWS\Panther
2014-01-14 14:46 - 2014-01-14 14:46 - 00000000 __SHD C:\Recovery
2014-01-14 14:45 - 2014-01-14 14:45 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-01-14 14:45 - 2014-01-14 14:45 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-01-14 14:44 - 2014-01-14 14:44 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-01-14 14:44 - 2014-01-14 14:44 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-01-14 14:44 - 2014-01-14 14:44 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-01-14 14:44 - 2014-01-14 14:44 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll

Dara_Nero · Jan 30, 2014

2014-01-14 14:44 - 2014-01-14 14:44 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-01-14 14:44 - 2014-01-14 14:44 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-01-14 14:43 - 2014-01-14 14:43 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-01-14 14:43 - 2014-01-14 14:43 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-01-14 14:43 - 2014-01-14 14:43 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-01-14 14:43 - 2014-01-14 14:43 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-01-14 14:43 - 2014-01-14 14:43 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-01-14 14:43 - 2014-01-14 14:43 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-01-14 14:43 - 2014-01-14 14:43 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-01-14 14:43 - 2014-01-14 14:43 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-01-14 14:43 - 2014-01-14 14:43 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-01-14 14:43 - 2014-01-14 14:43 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-01-14 14:43 - 2014-01-14 14:43 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-01-14 14:43 - 2014-01-14 14:43 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-01-14 14:43 - 2014-01-14 14:43 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-01-14 14:43 - 2014-01-14 14:43 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-01-14 14:43 - 2014-01-14 14:43 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-01-14 14:43 - 2014-01-14 14:43 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-01-14 14:43 - 2014-01-14 14:43 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-01-14 14:42 - 2014-01-14 14:42 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2014-01-14 14:39 - 2014-01-14 14:39 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2014-01-14 14:39 - 2014-01-14 14:39 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2014-01-14 14:39 - 2014-01-14 14:39 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00000000 ____D C:\Program Files\Reference Assemblies
2014-01-14 14:39 - 2014-01-14 14:39 - 00000000 ____D C:\Program Files\MSBuild
2014-01-14 14:39 - 2014-01-14 14:39 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2014-01-14 14:39 - 2014-01-14 14:39 - 00000000 ____D C:\Program Files (x86)\MSBuild
2014-01-14 14:39 - 2014-01-14 14:39 - 00000000 ____D C:\inetpub
2014-01-14 14:38 - 2014-01-14 14:38 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2014-01-14 14:38 - 2013-08-02 19:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-01-14 14:38 - 2013-08-02 19:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-01-14 14:38 - 2013-08-02 19:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-01-14 14:38 - 2013-08-02 19:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-01-14 14:38 - 2013-08-02 19:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-01-14 14:38 - 2013-08-02 19:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-01-14 09:54 - 2014-01-16 00:01 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-469892394-312036809-2011439782-1002
2014-01-14 09:42 - 2014-01-15 10:04 - 00003906 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{709D5681-6DD7-4B5C-BDAD-F9332C018D02}
2014-01-14 09:42 - 2014-01-14 22:21 - 00000000 ___RD C:\Users\towkie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-14 09:42 - 2014-01-14 22:21 - 00000000 ___RD C:\Users\towkie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-14 09:42 - 2014-01-14 09:42 - 00002255 _____ C:\Users\towkie\Desktop\Google Chrome.lnk
2014-01-14 09:42 - 2014-01-14 09:42 - 00000000 ____D C:\Users\towkie\Documents\Simply Super Software
2014-01-14 09:42 - 2014-01-14 09:42 - 00000000 ____D C:\Users\towkie\AppData\Roaming\Synaptics
2014-01-14 09:42 - 2014-01-14 09:42 - 00000000 ____D C:\Users\towkie\AppData\Roaming\Adobe
2014-01-14 09:42 - 2014-01-14 09:42 - 00000000 ____D C:\Users\towkie\AppData\Local\bluesoleil
2014-01-14 09:35 - 2014-01-14 22:23 - 00000000 ____D C:\Users\towkie\AppData\Local\Packages
2014-01-14 09:35 - 2014-01-14 09:35 - 00000000 ____D C:\Users\towkie\AppData\Local\VirtualStore
2014-01-14 09:35 - 2014-01-14 09:35 - 00000000 ____D C:\Users\towkie\AppData\Local\Power2Go8
2014-01-14 09:35 - 2014-01-14 09:35 - 00000000 ____D C:\Users\towkie\AppData\Local\Hewlett-Packard
2014-01-14 09:34 - 2012-08-16 16:10 - 00000000 ___HD C:\Users\towkie\Documents\hp.system.package.metadata
2014-01-14 09:25 - 2014-01-14 09:25 - 00000650 _____ C:\Users\hp 13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop.lnk
2014-01-14 08:31 - 2014-01-14 08:30 - 08013312 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNHP.dll
2014-01-14 08:31 - 2014-01-14 08:30 - 08003072 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNGUI.exe
2014-01-14 08:31 - 2014-01-14 08:30 - 06102016 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll
2014-01-14 08:31 - 2014-01-14 08:30 - 02216448 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNX.dll
2014-01-14 08:31 - 2014-01-14 08:30 - 02189312 _____ (IDT, Inc.) C:\WINDOWS\system32\stapo64.dll
2014-01-14 08:31 - 2014-01-14 08:30 - 01821184 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNC64.cpl
2014-01-14 08:31 - 2014-01-14 08:30 - 01664000 _____ (IDT, Inc.) C:\WINDOWS\sttray64.exe
2014-01-14 08:31 - 2014-01-14 08:30 - 00672256 ____N (IDT, Inc.) C:\WINDOWS\system32\stapi64.dll
2014-01-14 08:31 - 2014-01-14 08:30 - 00543744 _____ (IDT, Inc.) C:\WINDOWS\system32\Drivers\stwrt64.sys
2014-01-14 08:31 - 2014-01-14 08:30 - 00499200 _____ (IDT, Inc.) C:\WINDOWS\system32\stcplx64.dll
2014-01-14 08:31 - 2014-01-14 08:30 - 00464384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slapoi64.dll
2014-01-14 08:31 - 2014-01-14 08:30 - 00256000 _____ (IDT, Inc.) C:\WINDOWS\system32\st646433.dll
2014-01-14 08:31 - 2014-01-14 08:30 - 00253952 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNJ.exe
2014-01-14 08:31 - 2014-01-14 08:30 - 00224256 _____ (IDT, Inc.) C:\WINDOWS\system32\HPToneCtrls64.dll
2014-01-14 08:31 - 2014-01-14 08:30 - 00059256 _____ C:\WINDOWS\system32\Copley.xml
2014-01-13 23:27 - 2014-01-13 23:27 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\HewlettPackard
2014-01-13 23:08 - 2014-01-13 23:08 - 00690832 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys
2014-01-13 23:08 - 2014-01-13 23:08 - 00074344 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2014-01-13 22:55 - 2014-01-31 10:00 - 00000338 _____ C:\WINDOWS\Tasks\HPCeeScheduleForhp 13.job
2014-01-13 22:55 - 2014-01-25 10:00 - 00003152 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForhp 13
2014-01-13 10:56 - 2014-01-13 10:56 - 00000000 ____D C:\ProgramData\Licenses
2014-01-13 10:42 - 2014-01-13 10:42 - 00416528 _____ (Microsoft Corporation ) C:\Users\hp 13\Downloads\COMCT332.OCX
2014-01-13 10:16 - 2014-01-13 10:36 - 29925696 _____ (Simply Super Software ) C:\Users\hp 13\Downloads\trjsetup689.exe
2014-01-13 06:51 - 2014-01-13 22:43 - 480282204 _____ C:\WINDOWS\MEMORY.DMP
2014-01-13 02:25 - 2014-01-13 02:25 - 00000000 ____D C:\ProgramData\Google
2014-01-13 02:25 - 2014-01-13 02:25 - 00000000 ____D C:\Program Files\Google
2014-01-13 00:55 - 2014-01-13 01:32 - 91412976 _____ (AVAST Software) C:\Users\hp 13\Downloads\avast_free_antivirus_setup.exe
2014-01-13 00:48 - 2014-01-13 00:48 - 00000000 ____D C:\Users\hp 13\AppData\Local\bluesoleil
2014-01-13 00:41 - 2014-01-31 08:39 - 00003620 _____ C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2014-01-13 00:41 - 2014-01-31 07:23 - 00000043 _____ C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2014-01-13 00:40 - 2014-01-13 00:40 - 00000000 ____D C:\ProgramData\Ralink Bluetooth Stack
2014-01-13 00:33 - 2014-01-13 00:48 - 00001251 _____ C:\Users\hp 13\Desktop\Norton Installation Files.lnk
2014-01-13 00:33 - 2014-01-13 00:33 - 00000000 ____D C:\Users\Public\Downloads\Norton
2014-01-13 00:01 - 2014-01-13 00:01 - 00000000 __SHD C:\found.007
2014-01-12 13:09 - 2014-01-14 15:59 - 00000000 ____D C:\WINDOWS\system32\%LOCALAPPDATA%
2014-01-12 13:00 - 2014-01-12 13:00 - 00000000 __SHD C:\found.006
2014-01-12 12:38 - 2014-01-12 12:38 - 00000000 ____D C:\Users\hp 13\AppData\Local\{D9E761B1-4D6F-4ECE-972E-BEB84BEC099C}
2014-01-12 09:45 - 2014-01-14 15:30 - 01929707 _____ C:\WINDOWS\WindowsUpdate (1).log
2014-01-12 06:27 - 2014-01-12 06:27 - 00002772 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-01-12 06:26 - 2014-01-12 06:27 - 00000000 ____D C:\Program Files\CCleaner
2014-01-12 06:26 - 2014-01-12 06:26 - 04645232 _____ (Piriform Ltd) C:\Users\hp 13\Downloads\ccsetup409.exe
2014-01-12 06:26 - 2014-01-12 06:26 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-12 05:17 - 2014-01-12 05:18 - 00181064 _____ (Sysinternals) C:\WINDOWS\PSEXESVC.EXE
2014-01-12 05:16 - 2014-01-14 16:02 - 00000000 ____D C:\WINDOWS\SysWOW64\Tweaking.com - Reset Registry Permissions
2014-01-12 05:16 - 2014-01-12 05:16 - 01069757 _____ C:\Users\hp 13\Downloads\Tweaking.com-ResetRegistryPermissions.exe
2014-01-12 05:08 - 2014-01-12 05:15 - 00439648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswndisflt.sys
2014-01-12 04:44 - 2014-01-13 07:34 - 00000000 ____D C:\ProgramData\AVAST Software
2014-01-12 04:34 - 2014-01-31 13:44 - 00000902 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-12 04:34 - 2014-01-31 04:44 - 00000898 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-12 04:34 - 2014-01-12 04:39 - 00003874 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-12 04:34 - 2014-01-12 04:39 - 00003638 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-12 04:33 - 2014-01-12 04:33 - 00819176 _____ (Google Inc.) C:\Users\hp 13\Downloads\ChromeSetup (1).exe
2014-01-12 04:04 - 2014-01-12 04:04 - 00001830 _____ C:\Users\hp 13\Downloads\Add-Take-Ownership.reg
2014-01-12 02:48 - 2014-01-31 13:39 - 00231960 _____ C:\WINDOWS\RegBootClean64.exe
2014-01-12 02:12 - 2014-01-12 13:58 - 00000000 ____D C:\Users\hp 13\AppData\Local\Trend Micro
2014-01-12 02:11 - 2013-07-07 13:16 - 00103712 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmusa.sys
2014-01-12 02:07 - 2014-01-22 01:05 - 00000000 ____D C:\ProgramData\Trend Micro
2014-01-12 02:04 - 2014-01-12 02:04 - 00000036 _____ C:\Users\hp 13\AppData\Local\housecall.guid.cache
2014-01-12 01:50 - 2014-01-13 02:25 - 00000000 ____D C:\Program Files (x86)\Google
2014-01-12 01:50 - 2014-01-12 04:38 - 00000000 ____D C:\Users\hp 13\AppData\Local\Google
2014-01-12 01:50 - 2014-01-12 01:50 - 00819176 _____ (Google Inc.) C:\Users\hp 13\Downloads\ChromeSetup.exe

==================== One Month Modified Files and Folders =======

2014-01-31 13:44 - 2014-01-31 07:26 - 00022673 _____ C:\Users\hp 13\Downloads\FRST.txt
2014-01-31 13:44 - 2014-01-12 04:34 - 00000902 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-31 13:43 - 2014-01-31 07:26 - 00000000 ____D C:\FRST
2014-01-31 13:42 - 2014-01-31 13:42 - 00000000 ____D C:\Users\hp 13\Downloads\FRST-OlderVersion
2014-01-31 13:42 - 2014-01-31 07:24 - 02079744 _____ (Farbar) C:\Users\hp 13\Downloads\FRST64.exe
2014-01-31 13:39 - 2014-01-31 13:39 - 00005280 _____ C:\WINDOWS\RegBootClean64.CFG
2014-01-31 13:39 - 2014-01-12 02:48 - 00231960 _____ C:\WINDOWS\RegBootClean64.exe
2014-01-31 13:19 - 2014-01-31 13:19 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\hp 13\Downloads\rkill.exe
2014-01-31 13:14 - 2014-01-31 13:07 - 05177551 _____ (Swearware) C:\Users\hp 13\Downloads\ComboFix.exe
2014-01-31 13:02 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\system32\sru
2014-01-31 12:50 - 2014-01-31 10:39 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-31 12:50 - 2014-01-31 10:34 - 00000000 ____D C:\Users\hp 13\Desktop\mbar
2014-01-31 11:48 - 2014-01-31 11:48 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\6E9A633A.sys
2014-01-31 11:48 - 2014-01-31 10:39 - 00119000 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-01-31 11:21 - 2013-12-15 14:02 - 00000000 ____D C:\Users\hp 13\AppData\Local\CrashDumps
2014-01-31 10:34 - 2014-01-31 10:34 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-01-31 10:32 - 2014-01-31 10:31 - 12589848 _____ (Malwarebytes Corp.) C:\Users\hp 13\Downloads\mbar-1.07.0.1009.exe
2014-01-31 10:17 - 2014-01-31 10:17 - 00001876 _____ C:\Users\hp 13\Desktop\RKreport[0]_D_01312014_101724.txt
2014-01-31 10:17 - 2014-01-31 10:04 - 00000000 ____D C:\Users\hp 13\Desktop\RK_Quarantine
2014-01-31 10:16 - 2013-05-02 08:55 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-469892394-312036809-2011439782-1001
2014-01-31 10:13 - 2014-01-31 10:13 - 00001788 _____ C:\Users\hp 13\Desktop\RKreport[0]_S_01312014_101356.txt
2014-01-31 10:10 - 2014-01-31 10:09 - 04380160 _____ C:\Users\hp 13\Downloads\RogueKillerX64 (1).exe
2014-01-31 10:00 - 2014-01-13 22:55 - 00000338 _____ C:\WINDOWS\Tasks\HPCeeScheduleForhp 13.job
2014-01-31 08:57 - 2014-01-29 23:39 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\GarenaPlus
2014-01-31 08:57 - 2014-01-29 23:38 - 00000000 ____D C:\ProgramData\GarenaMessenger
2014-01-31 08:39 - 2014-01-31 00:19 - 00000130 _____ C:\WINDOWS\SysWOW64\REMOTEDEVICE.INI
2014-01-31 08:39 - 2014-01-13 00:41 - 00003620 _____ C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2014-01-31 07:36 - 2014-01-14 16:12 - 01630710 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-31 07:30 - 2014-01-31 07:29 - 00024861 _____ C:\Users\hp 13\Downloads\Addition.txt
2014-01-31 07:27 - 2013-05-02 08:48 - 00003902 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{19658213-4E7C-41EC-AA66-9DFB62420ABC}
2014-01-31 07:26 - 2013-03-22 10:00 - 00000983 _____ C:\WINDOWS\SysWOW64\bscs.ini
2014-01-31 07:24 - 2014-01-29 23:39 - 00003496 _____ C:\WINDOWS\System32\Tasks\gg_uac_daemon_hp 13
2014-01-31 07:23 - 2014-01-13 00:41 - 00000043 _____ C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2014-01-31 04:44 - 2014-01-12 04:34 - 00000898 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-31 01:50 - 2014-01-31 01:50 - 00000000 ____D C:\Users\hp 13\Documents\Plants vs. Zombies
2014-01-31 01:50 - 2014-01-31 01:50 - 00000000 ____D C:\Users\hp 13\Documents\Games
2014-01-31 01:39 - 2014-01-31 01:39 - 00000000 ____D C:\Users\hp 13\Documents\NDS
2014-01-31 01:31 - 2013-11-13 22:28 - 00956476 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-31 00:20 - 2013-08-22 05:46 - 00348180 _____ C:\WINDOWS\setupact.log
2014-01-30 23:13 - 2014-01-30 23:13 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\xim
2014-01-30 20:40 - 2013-09-06 04:38 - 00000000 _____ C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-01-30 20:40 - 2013-06-13 03:56 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2014-01-30 20:32 - 2014-01-30 20:31 - 00688992 _____ (Swearware) C:\Users\hp 13\Downloads\dds.scr
2014-01-30 20:30 - 2013-08-22 04:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2014-01-30 20:29 - 2014-01-14 16:37 - 00000000 __RDO C:\Users\hp 13\SkyDrive
2014-01-30 20:28 - 2014-01-22 02:36 - 00000000 ____D C:\Users\hp 13\AppData\Local\HTC MediaHub
2014-01-30 20:27 - 2013-11-13 22:20 - 00028670 _____ C:\WINDOWS\PFRO.log
2014-01-30 20:27 - 2013-08-22 05:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-30 20:27 - 2013-08-22 04:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2014-01-30 20:22 - 2013-06-11 10:36 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\Iminent
2014-01-30 20:22 - 2013-06-11 10:36 - 00000000 ____D C:\ProgramData\Iminent
2014-01-30 20:05 - 2014-01-30 20:04 - 00688992 _____ (Swearware) C:\Users\hp 13\Desktop\dds.com
2014-01-30 19:56 - 2014-01-30 19:56 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\Malwarebytes
2014-01-30 19:55 - 2014-01-30 19:55 - 00001121 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-30 19:55 - 2014-01-30 19:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-30 19:55 - 2014-01-30 19:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-30 19:55 - 2014-01-30 19:53 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\hp 13\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-30 13:16 - 2014-01-30 13:16 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\LolClient
2014-01-30 13:08 - 2014-01-30 13:08 - 00001065 _____ C:\Users\Public\Desktop\League of Legends.lnk
2014-01-30 13:08 - 2014-01-30 12:58 - 00000000 ____D C:\Program Files (x86)\GarenaLoLPH
2014-01-29 23:41 - 2014-01-29 23:41 - 00000000 ____D C:\Users\hp 13\AppData\Local\Garena
2014-01-29 23:40 - 2014-01-29 23:40 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\Garena
2014-01-29 23:40 - 2014-01-29 23:40 - 00000000 ____D C:\ProgramData\Garena
2014-01-29 23:40 - 2014-01-29 23:40 - 00000000 ____D C:\GarenaDownload
2014-01-29 23:39 - 2014-01-29 23:39 - 00001075 _____ C:\Users\Public\Desktop\Garena Plus.lnk
2014-01-29 23:39 - 2014-01-29 23:39 - 00000000 ____D C:\Program Files (x86)\Garena Plus
2014-01-29 23:34 - 2014-01-29 23:27 - 72040576 _____ C:\Users\hp 13\Downloads\GarenaPlus_Install.exe
2014-01-29 22:25 - 2013-05-08 06:04 - 00000000 ____D C:\Users\hp 13\Documents\Youcam
2014-01-29 21:18 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2014-01-29 18:35 - 2014-01-25 10:11 - 00000000 ____D C:\TASM
2014-01-25 10:27 - 2014-01-25 10:27 - 00000000 ____D C:\Users\hp 13\AppData\Local\DOSBox
2014-01-25 10:26 - 2014-01-25 10:26 - 00001930 _____ C:\Users\Public\Desktop\DOSBox 0.74.lnk
2014-01-25 10:26 - 2014-01-25 10:26 - 00000000 ____D C:\Program Files (x86)\DOSBox-0.74
2014-01-25 10:23 - 2014-01-25 10:22 - 01448809 _____ (DOSBox Team) C:\Users\hp 13\Downloads\DOSBox0.74-win32-installer.exe
2014-01-25 10:17 - 2014-01-25 10:17 - 00000000 ____D C:\Users\hp 13\Downloads\WINDOWS 64bit Assembly Tool
2014-01-25 10:15 - 2014-01-25 10:15 - 00303833 _____ C:\Users\hp 13\Downloads\WINDOWS 64bit Assembly Tool.zip
2014-01-25 10:00 - 2014-01-13 22:55 - 00003152 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForhp 13
2014-01-23 21:39 - 2014-01-23 20:56 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2014-01-23 21:12 - 2014-01-23 21:12 - 00001836 _____ C:\Users\Public\Desktop\Apps.lnk
2014-01-23 21:12 - 2014-01-23 21:12 - 00001819 _____ C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-01-23 21:12 - 2014-01-23 21:12 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2014-01-23 21:12 - 2014-01-23 20:56 - 00000000 ____D C:\ProgramData\BlueStacks
2014-01-23 21:12 - 2013-08-22 06:36 - 00000000 __RHD C:\Users\Public\Libraries
2014-01-23 19:23 - 2014-01-23 19:22 - 10414824 _____ (BlueStack Systems Inc.) C:\Users\hp 13\Downloads\BlueStacks-SplitInstaller_native.exe
2014-01-22 02:53 - 2014-01-22 02:53 - 00000000 ____D C:\Users\hp 13\Documents\NetBeansProjects
2014-01-22 02:51 - 2014-01-22 02:48 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\NetBeans
2014-01-22 02:51 - 2012-08-03 15:02 - 00000000 ____D C:\SWSetup
2014-01-22 02:48 - 2014-01-22 02:48 - 00000000 ____D C:\Users\hp 13\AppData\Local\NetBeans
2014-01-22 02:47 - 2013-06-11 10:35 - 00001478 _____ C:\WINDOWS\SysWOW64\InstallUtil.InstallLog
2014-01-22 02:45 - 2013-08-22 05:44 - 00344648 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2014-01-22 02:43 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\WinStore
2014-01-22 02:40 - 2014-01-22 02:36 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\HTC
2014-01-22 02:36 - 2014-01-22 02:36 - 00000000 ____D C:\Users\hp 13\Documents\HTC
2014-01-22 02:36 - 2014-01-22 02:36 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\Apple Computer
2014-01-22 02:36 - 2014-01-22 02:36 - 00000000 ____D C:\Users\hp 13\AppData\Local\Apple Computer
2014-01-22 02:35 - 2014-01-22 02:35 - 00002047 _____ C:\Users\Public\Desktop\HTC Sync Manager.lnk
2014-01-22 02:35 - 2014-01-22 02:35 - 00000000 ____D C:\Users\hp 13\.android
2014-01-22 02:35 - 2014-01-21 18:54 - 00022286 _____ C:\WINDOWS\DPINST.LOG
2014-01-22 02:35 - 2014-01-21 18:54 - 00000000 ____D C:\Program Files (x86)\HTC
2014-01-22 02:35 - 2014-01-14 15:55 - 00000000 ____D C:\Users\hp 13
2014-01-22 02:34 - 2014-01-22 02:34 - 00000000 ____D C:\Program Files (x86)\Spirent Communications
2014-01-22 02:31 - 2013-11-30 06:22 - 00000000 ____D C:\Users\hp 13\AppData\Local\Downloaded Installations
2014-01-22 02:11 - 2014-01-22 01:58 - 00000000 ____D C:\Users\hp 13\.nbi
2014-01-22 02:09 - 2014-01-22 02:07 - 00000000 ____D C:\Program Files (x86)\glassfish-4.0
2014-01-22 02:09 - 2014-01-22 01:59 - 00000000 ____D C:\Program Files (x86)\NetBeans 7.4
2014-01-22 02:05 - 2014-01-21 18:51 - 00000000 ____D C:\Users\hp 13\Documents\Back up HTC
2014-01-22 02:02 - 2014-01-22 02:02 - 00002077 _____ C:\Users\Public\Desktop\NetBeans IDE 7.4.lnk
2014-01-22 01:49 - 2014-01-22 01:49 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-01-22 01:49 - 2014-01-22 01:49 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-01-22 01:49 - 2014-01-22 01:49 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-01-22 01:49 - 2014-01-22 01:49 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-01-22 01:49 - 2014-01-22 01:49 - 00000000 ____D C:\ProgramData\Sun
2014-01-22 01:49 - 2014-01-22 01:49 - 00000000 ____D C:\ProgramData\Oracle
2014-01-22 01:49 - 2014-01-22 01:47 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-22 01:42 - 2014-01-22 01:28 - 129640864 _____ (Oracle Corporation) C:\Users\hp 13\Downloads\jdk-7u51-windows-i586.exe
2014-01-22 01:05 - 2014-01-12 02:07 - 00000000 ____D C:\ProgramData\Trend Micro
2014-01-22 00:33 - 2014-01-22 00:12 - 213568720 _____ C:\Users\hp 13\Downloads\netbeans-7.4-windows.exe
2014-01-21 18:54 - 2014-01-21 18:54 - 00000000 ____D C:\ProgramData\HTC
2014-01-21 18:32 - 2013-02-19 15:18 - 00000000 ____D C:\Program Files (x86)\Realtek
2014-01-21 17:30 - 2013-08-21 13:29 - 00000000 ____D C:\WINDOWS\system32\MRT
2014-01-21 17:28 - 2013-08-21 13:29 - 86054176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-18 12:22 - 2013-06-06 15:44 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\vlc
2014-01-16 22:41 - 2013-06-11 10:45 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\Skype
2014-01-16 22:19 - 2014-01-14 14:46 - 00000000 ___DC C:\WINDOWS\Panther
2014-01-16 13:18 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2014-01-16 00:01 - 2014-01-14 09:54 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-469892394-312036809-2011439782-1002
2014-01-15 11:46 - 2014-01-15 10:12 - 00000000 ____D C:\Users\towkie\AppData\Roaming\vlc
2014-01-15 10:04 - 2014-01-14 09:42 - 00003906 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{709D5681-6DD7-4B5C-BDAD-F9332C018D02}
2014-01-15 10:01 - 2014-01-15 10:01 - 00001389 _____ C:\Users\towkie\Desktop\Trend Micro Titanium Internet Security.lnk
2014-01-15 10:01 - 2014-01-15 10:01 - 00000000 ____D C:\Users\towkie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
2014-01-15 00:45 - 2014-01-15 00:45 - 00000000 ___HD C:\TMRescueDisk
2014-01-15 00:41 - 2014-01-15 00:41 - 00001461 _____ C:\Users\hp 13\Desktop\Trend Micro Titanium Internet Security.lnk
2014-01-15 00:41 - 2014-01-15 00:41 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
2014-01-15 00:41 - 2012-07-25 23:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2014-01-15 00:40 - 2014-01-15 00:40 - 00003256 _____ C:\WINDOWS\System32\Tasks\Titanium BTC
2014-01-15 00:38 - 2014-01-15 00:38 - 00000059 _____ C:\WINDOWS\system32\SupportTool.exe.bat
2014-01-15 00:38 - 2014-01-15 00:37 - 00000000 ____D C:\Program Files\Trend Micro
2014-01-14 22:28 - 2014-01-14 22:28 - 00000000 ____D C:\Users\towkie\AppData\Local\Google
2014-01-14 22:23 - 2014-01-14 09:35 - 00000000 ____D C:\Users\towkie\AppData\Local\Packages
2014-01-14 22:22 - 2014-01-14 22:22 - 00000000 ____D C:\Users\towkie\Documents\Bluetooth
2014-01-14 22:22 - 2014-01-14 16:35 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2014-01-14 22:21 - 2014-01-14 22:21 - 00001442 _____ C:\Users\towkie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-14 22:21 - 2014-01-14 22:21 - 00000020 ___SH C:\Users\towkie\ntuser.ini
2014-01-14 22:21 - 2014-01-14 15:55 - 00000000 ____D C:\Users\towkie
2014-01-14 22:21 - 2014-01-14 09:42 - 00000000 ___RD C:\Users\towkie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-14 22:21 - 2014-01-14 09:42 - 00000000 ___RD C:\Users\towkie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-14 18:06 - 2012-08-16 16:13 - 00000000 ____D C:\Program Files (x86)\CyberLink
2014-01-14 18:05 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\system32\restore
2014-01-14 17:16 - 2013-05-02 14:07 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\hpqlog
2014-01-14 16:37 - 2013-05-02 08:46 - 00000000 ____D C:\Users\hp 13\AppData\Local\Packages
2014-01-14 16:34 - 2014-01-14 16:34 - 00001442 _____ C:\Users\hp 13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-14 16:34 - 2013-05-02 08:48 - 00000000 ___RD C:\Users\hp 13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-14 16:34 - 2013-05-02 08:48 - 00000000 ___RD C:\Users\hp 13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-14 16:33 - 2014-01-14 16:33 - 00000020 ___SH C:\Users\hp 13\ntuser.ini
2014-01-14 16:14 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\rescache
2014-01-14 16:12 - 2014-01-14 16:12 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat

Dara_Nero · Jan 30, 2014

2014-01-14 16:12 - 2014-01-14 15:55 - 00028578 _____ C:\WINDOWS\diagwrn.xml
2014-01-14 16:12 - 2014-01-14 15:55 - 00028578 _____ C:\WINDOWS\diagerr.xml
2014-01-14 16:12 - 2014-01-14 15:10 - 00006602 _____ C:\WINDOWS\comsetup.log
2014-01-14 16:12 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\Registration
2014-01-14 16:07 - 2013-08-22 06:36 - 00000000 __RSD C:\WINDOWS\Media
2014-01-14 16:02 - 2014-01-12 05:16 - 00000000 ____D C:\WINDOWS\SysWOW64\Tweaking.com - Reset Registry Permissions
2014-01-14 16:02 - 2013-08-22 04:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2014-01-14 16:02 - 2012-08-16 16:20 - 00000000 ____D C:\WINDOWS\en
2014-01-14 16:00 - 2014-01-14 16:00 - 00000000 ____D C:\Users\Default\Documents\hp.system.package.metadata
2014-01-14 16:00 - 2014-01-14 16:00 - 00000000 ____D C:\Users\Default User\Documents\hp.system.package.metadata
2014-01-14 16:00 - 2013-08-22 06:37 - 00004893 _____ C:\WINDOWS\DtcInstall.log
2014-01-14 16:00 - 2012-07-25 20:37 - 00000000 ____D C:\Users\Default.migrated
2014-01-14 15:59 - 2014-01-12 13:09 - 00000000 ____D C:\WINDOWS\system32\%LOCALAPPDATA%
2014-01-14 15:59 - 2013-11-13 22:14 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2014-01-14 15:59 - 2013-11-13 22:14 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2014-01-14 15:59 - 2013-11-13 22:14 - 00000000 ____D C:\WINDOWS\system32\WCN
2014-01-14 15:59 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2014-01-14 15:59 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2014-01-14 15:59 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2014-01-14 15:59 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\system32\spool
2014-01-14 15:59 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\system32\MUI
2014-01-14 15:59 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\system32\IME
2014-01-14 15:59 - 2013-08-22 04:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2014-01-14 15:59 - 2013-08-22 04:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2014-01-14 15:59 - 2013-02-19 15:19 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2014-01-14 15:59 - 2012-08-16 16:17 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe
2014-01-14 15:58 - 2014-01-14 15:48 - 00000000 ____D C:\Program Files (x86)\Intel
2014-01-14 15:58 - 2013-08-22 06:43 - 00000000 ____D C:\WINDOWS\DigitalLocker
2014-01-14 15:58 - 2013-08-22 06:36 - 00000000 __SHD C:\Program Files\Windows Sidebar
2014-01-14 15:58 - 2013-08-22 06:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2014-01-14 15:58 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\Help
2014-01-14 15:58 - 2013-08-22 06:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2014-01-14 15:58 - 2012-08-03 13:29 - 00000000 ____D C:\ProgramData\PRICache
2014-01-14 15:57 - 2014-01-14 15:57 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2014-01-14 15:57 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\system32\Recovery
2014-01-14 15:56 - 2014-01-14 15:55 - 00000000 ___RD C:\Users\towkie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-01-14 15:56 - 2014-01-14 15:55 - 00000000 ___RD C:\Users\towkie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-01-14 15:56 - 2014-01-14 15:55 - 00000000 ___RD C:\Users\hp 13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-01-14 15:56 - 2014-01-14 15:51 - 00012096 _____ C:\WINDOWS\iis.log
2014-01-14 15:56 - 2013-09-09 02:05 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Performer
2014-01-14 15:56 - 2013-08-12 14:48 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LOAD Ace
2014-01-14 15:51 - 2014-01-14 15:51 - 00930400 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-01-14 15:49 - 2014-01-14 15:49 - 00000264 _____ C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
2014-01-14 15:49 - 2014-01-14 15:49 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-01-14 15:49 - 2014-01-14 15:49 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_BtL2caScoIf_01009.Wdf
2014-01-14 15:49 - 2014-01-14 15:49 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2014-01-14 15:49 - 2013-08-22 05:46 - 00000084 _____ C:\WINDOWS\setuperr.log
2014-01-14 15:48 - 2014-01-14 15:48 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2014-01-14 15:48 - 2014-01-14 15:48 - 00000000 ____D C:\Program Files\Synaptics
2014-01-14 15:47 - 2013-08-22 04:36 - 00000000 __RHD C:\Users\Default
2014-01-14 15:30 - 2014-01-12 09:45 - 01929707 _____ C:\WINDOWS\WindowsUpdate (1).log
2014-01-14 14:46 - 2014-01-14 14:46 - 00000000 __SHD C:\Recovery
2014-01-14 14:45 - 2014-01-14 14:45 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-01-14 14:45 - 2014-01-14 14:45 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-01-14 14:45 - 2013-08-22 06:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2014-01-14 14:44 - 2014-01-14 14:44 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-01-14 14:44 - 2014-01-14 14:44 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-01-14 14:44 - 2014-01-14 14:44 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-01-14 14:44 - 2014-01-14 14:44 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-01-14 14:44 - 2014-01-14 14:44 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-01-14 14:44 - 2014-01-14 14:44 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-01-14 14:44 - 2014-01-14 14:44 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-01-14 14:43 - 2014-01-14 14:43 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-01-14 14:43 - 2014-01-14 14:43 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-01-14 14:43 - 2014-01-14 14:43 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-01-14 14:43 - 2014-01-14 14:43 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-01-14 14:43 - 2014-01-14 14:43 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-01-14 14:43 - 2014-01-14 14:43 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-01-14 14:43 - 2014-01-14 14:43 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-01-14 14:43 - 2014-01-14 14:43 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-01-14 14:43 - 2014-01-14 14:43 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-01-14 14:43 - 2014-01-14 14:43 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-01-14 14:43 - 2014-01-14 14:43 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-01-14 14:43 - 2014-01-14 14:43 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-01-14 14:43 - 2014-01-14 14:43 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-01-14 14:43 - 2014-01-14 14:43 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-01-14 14:43 - 2014-01-14 14:43 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-01-14 14:43 - 2014-01-14 14:43 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-01-14 14:43 - 2014-01-14 14:43 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-01-14 14:43 - 2014-01-14 14:43 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-01-14 14:43 - 2013-08-22 06:36 - 00000000 ___RD C:\WINDOWS\ToastData
2014-01-14 14:43 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2014-01-14 14:43 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\FileManager
2014-01-14 14:43 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\Camera
2014-01-14 14:42 - 2014-01-14 14:42 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2014-01-14 14:39 - 2014-01-14 14:39 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2014-01-14 14:39 - 2014-01-14 14:39 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2014-01-14 14:39 - 2014-01-14 14:39 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2014-01-14 14:39 - 2014-01-14 14:39 - 00000000 ____D C:\Program Files\Reference Assemblies
2014-01-14 14:39 - 2014-01-14 14:39 - 00000000 ____D C:\Program Files\MSBuild
2014-01-14 14:39 - 2014-01-14 14:39 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2014-01-14 14:39 - 2014-01-14 14:39 - 00000000 ____D C:\Program Files (x86)\MSBuild
2014-01-14 14:39 - 2014-01-14 14:39 - 00000000 ____D C:\inetpub
2014-01-14 14:39 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2014-01-14 14:39 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2014-01-14 14:38 - 2014-01-14 14:38 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2014-01-14 14:37 - 2012-07-25 23:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2014-01-14 09:42 - 2014-01-14 09:42 - 00002255 _____ C:\Users\towkie\Desktop\Google Chrome.lnk
2014-01-14 09:42 - 2014-01-14 09:42 - 00000000 ____D C:\Users\towkie\Documents\Simply Super Software
2014-01-14 09:42 - 2014-01-14 09:42 - 00000000 ____D C:\Users\towkie\AppData\Roaming\Synaptics
2014-01-14 09:42 - 2014-01-14 09:42 - 00000000 ____D C:\Users\towkie\AppData\Roaming\Adobe
2014-01-14 09:42 - 2014-01-14 09:42 - 00000000 ____D C:\Users\towkie\AppData\Local\bluesoleil
2014-01-14 09:35 - 2014-01-14 09:35 - 00000000 ____D C:\Users\towkie\AppData\Local\VirtualStore
2014-01-14 09:35 - 2014-01-14 09:35 - 00000000 ____D C:\Users\towkie\AppData\Local\Power2Go8
2014-01-14 09:35 - 2014-01-14 09:35 - 00000000 ____D C:\Users\towkie\AppData\Local\Hewlett-Packard
2014-01-14 09:25 - 2014-01-14 09:25 - 00000650 _____ C:\Users\hp 13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop.lnk
2014-01-14 09:21 - 2013-02-19 15:26 - 00016330 _____ C:\WINDOWS\system32\results.xml
2014-01-14 08:31 - 2013-02-19 15:19 - 00000000 ____D C:\Program Files\IDT
2014-01-14 08:30 - 2014-01-14 08:31 - 08013312 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNHP.dll
2014-01-14 08:30 - 2014-01-14 08:31 - 08003072 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNGUI.exe
2014-01-14 08:30 - 2014-01-14 08:31 - 06102016 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll
2014-01-14 08:30 - 2014-01-14 08:31 - 02216448 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNX.dll
2014-01-14 08:30 - 2014-01-14 08:31 - 02189312 _____ (IDT, Inc.) C:\WINDOWS\system32\stapo64.dll
2014-01-14 08:30 - 2014-01-14 08:31 - 01821184 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNC64.cpl
2014-01-14 08:30 - 2014-01-14 08:31 - 01664000 _____ (IDT, Inc.) C:\WINDOWS\sttray64.exe
2014-01-14 08:30 - 2014-01-14 08:31 - 00672256 ____N (IDT, Inc.) C:\WINDOWS\system32\stapi64.dll
2014-01-14 08:30 - 2014-01-14 08:31 - 00543744 _____ (IDT, Inc.) C:\WINDOWS\system32\Drivers\stwrt64.sys
2014-01-14 08:30 - 2014-01-14 08:31 - 00499200 _____ (IDT, Inc.) C:\WINDOWS\system32\stcplx64.dll
2014-01-14 08:30 - 2014-01-14 08:31 - 00464384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slapoi64.dll
2014-01-14 08:30 - 2014-01-14 08:31 - 00256000 _____ (IDT, Inc.) C:\WINDOWS\system32\st646433.dll
2014-01-14 08:30 - 2014-01-14 08:31 - 00253952 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNJ.exe
2014-01-14 08:30 - 2014-01-14 08:31 - 00224256 _____ (IDT, Inc.) C:\WINDOWS\system32\HPToneCtrls64.dll
2014-01-14 08:30 - 2014-01-14 08:31 - 00059256 _____ C:\WINDOWS\system32\Copley.xml
2014-01-13 23:27 - 2014-01-13 23:27 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\HewlettPackard
2014-01-13 23:08 - 2014-01-13 23:08 - 00690832 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys
2014-01-13 23:08 - 2014-01-13 23:08 - 00074344 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2014-01-13 23:02 - 2012-08-16 16:25 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2014-01-13 22:43 - 2014-01-13 06:51 - 480282204 _____ C:\WINDOWS\MEMORY.DMP
2014-01-13 22:41 - 2012-08-16 16:27 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2014-01-13 10:56 - 2014-01-13 10:56 - 00000000 ____D C:\ProgramData\Licenses
2014-01-13 10:42 - 2014-01-13 10:42 - 00416528 _____ (Microsoft Corporation ) C:\Users\hp 13\Downloads\COMCT332.OCX
2014-01-13 10:36 - 2014-01-13 10:16 - 29925696 _____ (Simply Super Software ) C:\Users\hp 13\Downloads\trjsetup689.exe
2014-01-13 07:39 - 2013-11-29 19:38 - 00000000 ____D C:\Program Files (x86)\HUAWEI Modem Driver
2014-01-13 07:39 - 2013-06-11 05:12 - 00000000 ____D C:\ProgramData\DatacardService
2014-01-13 07:36 - 2013-06-11 10:19 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\HoolappForAndroid
2014-01-13 07:34 - 2014-01-12 04:44 - 00000000 ____D C:\ProgramData\AVAST Software
2014-01-13 02:25 - 2014-01-13 02:25 - 00000000 ____D C:\ProgramData\Google
2014-01-13 02:25 - 2014-01-13 02:25 - 00000000 ____D C:\Program Files\Google
2014-01-13 02:25 - 2014-01-12 01:50 - 00000000 ____D C:\Program Files (x86)\Google
2014-01-13 01:32 - 2014-01-13 00:55 - 91412976 _____ (AVAST Software) C:\Users\hp 13\Downloads\avast_free_antivirus_setup.exe
2014-01-13 00:50 - 2013-02-19 15:47 - 00000000 ____D C:\ProgramData\Norton
2014-01-13 00:48 - 2014-01-13 00:48 - 00000000 ____D C:\Users\hp 13\AppData\Local\bluesoleil
2014-01-13 00:48 - 2014-01-13 00:33 - 00001251 _____ C:\Users\hp 13\Desktop\Norton Installation Files.lnk
2014-01-13 00:45 - 2013-02-19 15:48 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2014-01-13 00:41 - 2013-02-19 15:22 - 00000032 _____ C:\WINDOWS\0
2014-01-13 00:40 - 2014-01-13 00:40 - 00000000 ____D C:\ProgramData\Ralink Bluetooth Stack
2014-01-13 00:33 - 2014-01-13 00:33 - 00000000 ____D C:\Users\Public\Downloads\Norton
2014-01-13 00:14 - 2012-08-16 16:14 - 00000000 ____D C:\ProgramData\CyberLink
2014-01-13 00:01 - 2014-01-13 00:01 - 00000000 __SHD C:\found.007
2014-01-12 13:58 - 2014-01-12 02:12 - 00000000 ____D C:\Users\hp 13\AppData\Local\Trend Micro
2014-01-12 13:00 - 2014-01-12 13:00 - 00000000 __SHD C:\found.006
2014-01-12 12:38 - 2014-01-12 12:38 - 00000000 ____D C:\Users\hp 13\AppData\Local\{D9E761B1-4D6F-4ECE-972E-BEB84BEC099C}
2014-01-12 06:27 - 2014-01-12 06:27 - 00002772 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-01-12 06:27 - 2014-01-12 06:26 - 00000000 ____D C:\Program Files\CCleaner
2014-01-12 06:26 - 2014-01-12 06:26 - 04645232 _____ (Piriform Ltd) C:\Users\hp 13\Downloads\ccsetup409.exe
2014-01-12 06:26 - 2014-01-12 06:26 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-12 05:18 - 2014-01-12 05:17 - 00181064 _____ (Sysinternals) C:\WINDOWS\PSEXESVC.EXE
2014-01-12 05:16 - 2014-01-12 05:16 - 01069757 _____ C:\Users\hp 13\Downloads\Tweaking.com-ResetRegistryPermissions.exe
2014-01-12 05:15 - 2014-01-12 05:08 - 00439648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswndisflt.sys
2014-01-12 04:39 - 2014-01-12 04:34 - 00003874 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-12 04:39 - 2014-01-12 04:34 - 00003638 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-12 04:38 - 2014-01-12 01:50 - 00000000 ____D C:\Users\hp 13\AppData\Local\Google
2014-01-12 04:33 - 2014-01-12 04:33 - 00819176 _____ (Google Inc.) C:\Users\hp 13\Downloads\ChromeSetup (1).exe
2014-01-12 04:18 - 2013-09-09 02:05 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\PerformerSoft
2014-01-12 04:04 - 2014-01-12 04:04 - 00001830 _____ C:\Users\hp 13\Downloads\Add-Take-Ownership.reg
2014-01-12 02:48 - 2013-11-21 23:58 - 00000000 ____D C:\ATI
2014-01-12 02:04 - 2014-01-12 02:04 - 00000036 _____ C:\Users\hp 13\AppData\Local\housecall.guid.cache
2014-01-12 01:50 - 2014-01-12 01:50 - 00819176 _____ (Google Inc.) C:\Users\hp 13\Downloads\ChromeSetup.exe
2014-01-06 13:31 - 2013-08-22 06:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-06 13:31 - 2013-08-22 06:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-06 10:30 - 2013-06-06 16:14 - 00000000 ____D C:\Users\hp 13\AppData\Roaming\dvdcss
2014-01-05 21:16 - 2013-06-11 10:45 - 00000000 ___RD C:\Program Files (x86)\Skype
2014-01-05 21:16 - 2013-06-11 10:45 - 00000000 ____D C:\ProgramData\Skype

Some content of TEMP:
====================
C:\Users\hp 13\AppData\Local\Temp\Extract.exe
C:\Users\hp 13\AppData\Local\Temp\ntdll_dump.dll
C:\Users\hp 13\AppData\Local\Temp\SP59593.exe
C:\Users\hp 13\AppData\Local\Temp\SP59835.exe
C:\Users\hp 13\AppData\Local\Temp\SP60051.exe
C:\Users\hp 13\AppData\Local\Temp\SP61280.exe
C:\Users\hp 13\AppData\Local\Temp\SP63752.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-01-26 21:02

==================== End Of Log ============================

Dara_Nero · Jan 30, 2014

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-01-2014 01
Ran by hp 13 at 2014-01-31 13:46:15
Running from C:\Users\hp 13\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Trend Micro Titanium Internet Security (Disabled - Up to date) {5D349EF8-873B-C657-917F-F1D93E101A7C}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Trend Micro Titanium Internet Security (Disabled - Up to date) {E6557F1C-A101-C9D9-ABCF-CAAB459750C1}

==================== Installed Programs ======================

4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
Acceso Directo Nextel (x32 Version: 4.12.0005 - Diginext B.V.)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.5.635 - Adobe Systems, Inc.)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
BlueStacks App Player (x32 Version: 0.8.5.3042 - BlueStack Systems, Inc.)
BlueStacks Notification Center (x32 Version: 0.8.5.3042 - BlueStack Systems, Inc.)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98 - WildTangent) Hidden
CCleaner (Version: 4.09 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink LabelPrint (x32 Version: 2.5.1.5407 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1.5407 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (x32 Version: 10.0.3.2608 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.3.2608 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (x32 Version: 2.0.1.3119 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.1.3119 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (x32 Version: 8.0.1.1926 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.1.1926 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925 - CyberLink Corp.) Hidden
CyberLink YouCam (x32 Version: 3.5.4.5527 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.4.5527 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star (Version: 1.0.8 - Hewlett-Packard)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE: The Cursed King (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
FlatOut 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Garena - League of Legends (x32 Version: - Garena Online Pte Ltd.)
Garena Plus (x32 Version: 2011 - Garena Online Pte Ltd.)
GlassFish Server Open Source Edition 4.0 (x32 Version: - )
Google Chrome (x32 Version: 32.0.1700.102 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP 3D DriveGuard (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Connected Backup (x32 Version: 8.7.0.0 - Autonomy)
HP Connected Music (Meridian - installer) (x32 Version: v1.0 - Meridian Audio Ltd)
HP CoolSense (x32 Version: 2.10.62 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (x32 Version: 1.1.0.0 - Hewlett-Packard)
HP Games (x32 Version: 1.0.3.0 - WildTangent)
HP MyRoom (x32 Version: 9.0.0.0 - Hewlett-Packard Company)
HP Postscript Converter (Version: 3.1.3554 - Hewlett-Packard) Hidden
HP Quick Launch (x32 Version: 3.0.6 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 7.00 - Hewlett-Packard) Hidden
HP Registration Service (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Software Framework (x32 Version: 4.6.10.1 - Hewlett-Packard Company)
HP Support Assistant (x32 Version: 7.0.32.44 - Hewlett-Packard Company)
HP Utility Center (x32 Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (x32 Version: 1.1.2.1 - Hewlett-Packard Company)
HPDetect (x32 Version: 1.0.0.0 - HP)
HTC Driver Installer (x32 Version: 4.10.0.001 - HTC Corporation)
HTC Sync Manager (x32 Version: 2.4.11.0 - HTC)
IDT Audio (x32 Version: 1.0.6433.0 - IDT)
Iminent (x32 Version: 6.23.53.0 - Iminent) Hidden <==== ATTENTION
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 10.18.10.3379 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
IPTInstaller (x32 Version: 4.0.8 - HTC)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 51 (x32 Version: 1.7.0.510 - Oracle)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Load Ace62 (ATLANTIC GRACE) (x32 Version: 6.02 - NHE)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (x32 Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office 365 Home Premium - en-us (Version: 15.0.4505.1006 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20125.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Mobile Partner (x32 Version: 23.003.07.02.486 - Huawei Technologies Co.,Ltd)
Mortimer Beckett and the Crimson Thief Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
NetBeans IDE 7.4 (x32 Version: 7.4 - NetBeans.org)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Ralink Bluetooth Stack64 (Version: 11.0.737.5 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (x32 Version: 5.0.2.0 - Ralink)
Realtek Ethernet Controller Driver (x32 Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (x32 Version: 6.1.8400.29025 - Realtek Semiconductor Corp.)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (Version: 16.2.10.12 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Trend Micro Titanium (Version: 7.0 - Trend Micro Inc.) Hidden
Trend Micro Titanium Internet Security (Version: 7.0 - Trend Micro Inc.)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 2.2.0.98 - WildTangent) Hidden
Video Performer (x32 Version: - PerformerSoft LLC)
VLC media player 2.0.0 (x32 Version: 2.0.0 - VideoLAN)
WildTangent Games (x32 Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.6 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Restore Points =========================

22-01-2014 03:28:57 HPSF Applying updates
22-01-2014 03:30:36 HPSF Applying updates
22-01-2014 10:47:06 Installed Java SE Development Kit 7 Update 51
22-01-2014 10:48:59 Installed Java 7 Update 51
22-01-2014 11:42:02 HPSF Applying updates
22-01-2014 11:48:36 HPSF Applying updates
29-01-2014 17:52:16 Windows Update
31-01-2014 19:19:44 Restore point before next step

==================== Hosts content: ==========================

2013-08-22 04:25 - 2013-08-22 04:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0CDA1288-4F6B-46C5-B3B1-EEB223D13F86} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)
Task: {37F29A08-7BDD-41F5-8949-AFC710D08F2A} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4D24119F-BE0B-4A88-8590-684C5D0483E8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-01-21] (Microsoft Corporation)
Task: {4FE2E243-157A-47B9-A0CA-69FB73274375} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-12] (Google Inc.)
Task: {4FFD69D3-314A-442E-B494-33088040870F} - System32\Tasks\HPCeeScheduleForhp 13 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {5ED98240-5459-4682-85A6-0CD67EB8D503} - System32\Tasks\Microsoft\Office\Office First Run Task => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-04-19] (Microsoft Corporation)
Task: {627AF881-BF61-4FB6-A6DA-838B4FCCAC9F} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe
Task: {6447D231-F74F-4DDF-8114-17B9F37DB944} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6BD21ADE-C365-4149-B294-7F0885B1D32E} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {80D89C67-B46D-454A-A6E7-690376ADF453} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8F69C7FF-9FBF-43F1-9E09-252C77AB8232} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-06-07] (Hewlett-Packard Development Company, L.P.)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A9F59889-E7F9-4A64-8B28-13A820736E25} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-07] (CyberLink)
Task: {C2CE23DB-A04A-4529-BA10-2E94598E6F2F} - System32\Tasks\{A5D0E649-1438-4D52-95C6-154BC3EA4899} => Iexplore.exe http://ui.skype.com/ui/0/6.5.0.158/en/abandoninstall?source=lightinstaller&page=tsInstall
Task: {C6BF8C75-3010-4750-84E4-24DCFB034FB7} - System32\Tasks\Titanium BTC => C:\Program Files\Trend Micro\Titanium\plugin\TMDC\TMDC.exe [2013-08-26] (Trend Micro Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E69DBE51-D6E7-4542-A397-90DE1D2FA30A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EEE10209-DFEF-40A7-BEBA-3DC75E6D6856} - System32\Tasks\{5DAE973F-D790-4373-81C0-13B0C82553A8} => Iexplore.exe http://ui.skype.com/ui/0/6.5.0.158/en/abandoninstall?source=lightinstaller&page=tsInstall
Task: {F31D16DC-9B3D-4D31-A7D8-AA22DE361636} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {FC83F4F2-12E1-44AE-B2AE-AC4C08631542} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-12] (Google Inc.)
Task: {FDE033A0-49E2-4CBF-A3D2-9D077B396203} - System32\Tasks\gg_uac_daemon_hp 13 => C:\Program Files (x86)\Garena Plus\ggdllhost.exe [2014-01-27] ()
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForhp 13.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) =============

2014-01-15 00:38 - 2013-01-15 11:19 - 00048128 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc110-mt-1_49.dll
2014-01-15 00:38 - 2013-04-01 14:25 - 00675840 _____ () C:\Program Files\Trend Micro\AMSP\sqlite3.dll
2014-01-15 00:38 - 2013-01-15 11:23 - 00058368 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc110-mt-1_49.dll
2014-01-15 00:38 - 2012-12-18 05:06 - 01300480 _____ () C:\Program Files\Trend Micro\AMSP\libprotobuf.dll
2014-01-15 00:38 - 2013-01-15 11:19 - 00018944 _____ () C:\Program Files\Trend Micro\AMSP\boost_system-vc110-mt-1_49.dll
2013-07-23 01:28 - 2013-07-23 01:28 - 00247352 ____N () C:\Program Files\Trend Micro\UniClient\plugins\LUADLL.dll
2013-05-21 12:23 - 2013-03-09 06:42 - 00373392 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2013-05-21 12:23 - 2013-03-16 10:53 - 00515752 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2013-05-21 12:23 - 2013-03-16 10:53 - 00608424 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2013-01-10 13:35 - 2013-01-10 13:35 - 00009728 _____ () C:\Windows\system32\BsHelpCSps.dll
2013-01-10 11:25 - 2013-01-10 11:25 - 00364544 _____ () C:\Windows\system32\BsExtendFunc.dll
2013-01-10 13:30 - 2013-01-10 13:30 - 00022528 _____ () C:\Windows\system32\BsTrace.dll
2013-01-10 13:35 - 2013-01-10 13:35 - 00055296 _____ () C:\Windows\system32\BlueSoleilCSps.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-01-15 00:46 - 2013-12-18 04:33 - 00057584 _____ () C:\Program Files\Trend Micro\Titanium\plugin\fcMsgDispatcher.dll
2013-01-10 13:30 - 2013-01-10 13:30 - 00022528 _____ () C:\WINDOWS\SYSTEM32\BsTrace.dll
2013-01-10 13:35 - 2013-01-10 13:35 - 00009728 _____ () C:\Windows\SYSTEM32\BsHelpCSps.dll
2013-01-10 13:35 - 2013-01-10 13:35 - 00055296 _____ () C:\Windows\SYSTEM32\BlueSoleilCSps.dll
2013-01-10 13:12 - 2013-01-10 13:12 - 00326656 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\setup.dll
2013-03-22 10:06 - 2013-03-22 10:06 - 00387936 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll
2011-07-05 10:53 - 2011-07-05 10:53 - 00012800 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\AMP\IVTAMPRL.dll
2013-11-14 21:30 - 2013-11-14 21:30 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2013-11-14 21:31 - 2013-11-14 21:31 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2013-11-14 21:31 - 2013-11-14 21:31 - 00044392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2013-11-14 21:31 - 2013-11-14 21:31 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2013-11-14 21:31 - 2013-11-14 21:31 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2013-11-14 21:33 - 2013-11-14 21:33 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2013-11-14 21:34 - 2013-11-14 21:34 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2014-01-27 21:37 - 2014-01-27 21:37 - 00553776 _____ () C:\Program Files (x86)\Garena Plus\ggspawn.dll
2013-01-31 17:04 - 2013-01-31 17:04 - 00080120 _____ () C:\WINDOWS\SYSTEM32\BsProfilefunc.dll
2013-01-10 11:25 - 2013-01-10 11:25 - 00364544 _____ () C:\WINDOWS\SYSTEM32\BsExtendFunc.dll
2013-02-19 15:36 - 2012-06-07 18:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 10:34 - 2012-06-08 10:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-02-19 15:18 - 2012-06-25 09:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-01-23 00:24 - 2014-01-23 00:24 - 00799024 _____ () C:\Program Files (x86)\Garena Plus\bbtalk\gagmhook.dll
2014-01-29 08:45 - 2014-01-22 20:56 - 00715544 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\libglesv2.dll
2014-01-29 08:45 - 2014-01-22 20:56 - 00100120 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\libegl.dll
2014-01-29 08:45 - 2014-01-22 20:56 - 04055320 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll
2014-01-29 08:45 - 2014-01-22 20:57 - 00399640 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll
2014-01-29 08:45 - 2014-01-22 20:55 - 01634584 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ffmpegsumo.dll
2013-07-23 01:28 - 2013-07-23 01:28 - 00049152 _____ () C:\Program Files\Trend Micro\Titanium\UIFramework\boost_thread-vc110-mt-1_49.dll
2013-07-23 01:28 - 2013-07-23 01:28 - 00039424 _____ () C:\Program Files\Trend Micro\Titanium\UIFramework\boost_date_time-vc110-mt-1_49.dll
2014-01-29 08:45 - 2014-01-22 20:56 - 13615896 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9
AlternateDataStreams: C:\Users\hp 13\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

==================== Faulty Device Manager Devices =============

Name: JABRA TALK Hands-Free Audio and Call Control HID Enumerator
Description: Bluetooth Hands-Free Audio and Call Control HID Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthHFEnum
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Could not start eventlog service, could not read events.

The requested service has already been started.

More help is available by typing NET HELPMSG 2182.

==================== Memory info ===========================

Percentage of memory in use: 40%
Total physical RAM: 6037.96 MB
Available physical RAM: 3614 MB
Total Pagefile: 12181.96 MB
Available Pagefile: 9057.92 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:440.16 GB) (Free:356.35 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:24.48 GB) (Free:2.89 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: CC9463E4)

Partition: GPT Partition Type
==================== End Of Log ============================

Broni · Jan 30, 2014

That looks good.

Please download AdwCleaner by Xplode onto your desktop.

Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Scan button.
When the scan has finished click on Clean button.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

Download OTL to your Desktop.
Alternate download: http://www.itxassociates.com/OT-Tools/OTL.exe

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Click the Scan All Users checkbox.
Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

Dara_Nero · Jan 31, 2014

# AdwCleaner v3.018 - Report created 31/01/2014 at 14:03:34
# Updated 28/01/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : hp 13 - HP
# Running from : C:\Users\hp 13\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Iminent
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
Folder Deleted : C:\Program Files (x86)\Video Performer
Folder Deleted : C:\Program Files (x86)\Common Files\Umbrella
Folder Deleted : C:\Users\hp 13\AppData\LocalLow\Delta
Folder Deleted : C:\Users\hp 13\AppData\Roaming\Babylon
Folder Deleted : C:\Users\hp 13\AppData\Roaming\baidu
Folder Deleted : C:\Users\hp 13\AppData\Roaming\Iminent
Folder Deleted : C:\Users\hp 13\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\hp 13\AppData\Roaming\SeeSimilar02
Folder Deleted : C:\Users\hp 13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Performer
Folder Deleted : C:\Users\hp 13\AppData\Local\Google\Chrome\User Data\Default\Extensions\heoldelcflnigdllmlopiefhkkobendj
Folder Deleted : C:\Users\towkie\AppData\Local\Google\Chrome\User Data\Default\Extensions\heoldelcflnigdllmlopiefhkkobendj
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\WINDOWS\System32\roboot64.exe
File Deleted : C:\Users\hp 13\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
File Deleted : C:\Users\towkie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [7go@7go.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [7go@7go.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gjajpkikblccgefaibcafkfbanllpefi
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\heoldelcflnigdllmlopiefhkkobendj
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{24F3378A-5B52-491F-AD90-88D583C42C77}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{58B849FB-ECBE-4F1B-BEE0-2DC418CF68F7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{ACE0D5AB-50C8-4052-BD02-977569E56291}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\performersoft llc
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1837A345-0C6D-42AE-ACD6-6C4F5FF490BA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16384

-\\ Google Chrome v32.0.1700.102

[ File : C:\Users\hp 13\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\towkie\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [18435 octets] - [31/01/2014 14:02:23]
AdwCleaner[S0].txt - [17939 octets] - [31/01/2014 14:03:34]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [18000 octets] ##########

Dara_Nero · Jan 31, 2014

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 8.1 x64
Ran by hp 13 on Fri 01/31/2014 at 14:10:25.40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\caphyon
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{325FE238-DB55-4525-8D0A-92B59D70C25F}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{325FE238-DB55-4525-8D0A-92B59D70C25F}

~~~ Files

~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{0231FC41-C3CA-4D55-B466-5B41813A58FC}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{0E525C17-8D05-4C2F-9380-5F19B9D4FE66}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{17A6E064-580A-4337-9154-81F3D65FAB92}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{22585167-2C1D-4A80-9533-81A49CEF9745}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{34EB4C71-5FD2-427B-B4E4-A3BA1D2E1615}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{3687B7C2-1C8D-429A-B817-0360CD24F0A4}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{3F7CA08F-E0DB-4EF7-B741-A089ACA7510B}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{47A67841-CA62-473E-AA57-EAA56468D001}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{48662562-DD02-4D32-9AA8-0FF8B9EA380B}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{4F139F8D-DEDE-4049-95B9-7EF50C61F31F}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{508E1CC6-387B-499D-9BAF-13634C33F12F}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{52167C8F-5D10-447A-8CDA-E6C98204CDD3}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{6070A5B2-406F-4E7D-A7D2-7E48C9646179}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{6CEF30DE-8DCF-4A01-80A9-42EADC0F22EB}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{7984F406-8AD5-469A-99CE-9B77E6F698CD}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{7B91CF1E-EBEF-46B4-A76C-7AC166216E87}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{83D5BEAE-718D-49E8-B496-D303F40E931B}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{846318BB-2FAD-4D0B-BF3C-908EED286479}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{87D85045-B35E-44BE-9802-569DACC474F3}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{8B147EE5-C315-43DB-9616-C47ACFCC9DB1}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{8B5DFA79-3B6F-4E26-8984-B7D1EF69D284}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{8C0D96F1-68F5-42B0-BE99-FDE238FBB3DD}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{8C18536C-0C04-4239-80DB-28775080226F}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{9967CA28-E502-4913-90D3-48899F485899}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{9E6F87E5-18D2-4DF2-997A-ABE4F9A66ACA}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{A008877E-4E5B-4A8A-9356-711A99CDE5D7}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{A13380C8-9A80-4784-AF2F-9AF6430BF0B7}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{A5BA4CF2-4E00-49A8-969B-8E4368FC4624}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{A915C63F-26DF-4D19-B693-99B93E9B2071}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{BA7441A6-651B-4AE4-8AAC-150DB83B7078}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{BC0B23FB-87F1-4EDF-829C-D229FEBB7E7D}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{BD25CA8C-0514-48B5-B3E9-3B8934E29C03}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{C19A51B5-DBDA-4B29-AFB8-6FB2FC48E1A0}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{C3220963-3ED4-4110-841B-C87C466EC66D}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{CF7290C9-5870-4A04-90DB-5EADE7C3D477}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{D38A3940-BB35-42AA-99C1-F54A8230216F}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{D9E761B1-4D6F-4ECE-972E-BEB84BEC099C}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{E0C98A4C-1B31-4277-B920-558D7F79AAB3}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{E0DEA3FA-05E7-4D07-9253-71F27D5D38A5}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{E58F091E-DD42-4A98-B29C-2B93B2110791}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{E606DC58-F04C-4FDF-9D06-0358B9F3F3A1}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{EEC87B7F-0E00-4B8E-8AD3-ED5B67E6B1EA}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{EF794278-5556-4717-9A64-21CBFAD0A273}
Successfully deleted: [Empty Folder] C:\Users\hp 13\appdata\local\{F005C95F-1831-4FA1-A01F-C9F010F0247C}

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 01/31/2014 at 14:14:23.17
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Dara_Nero · Jan 31, 2014

OTL logfile created on: 1/31/2014 2:17:55 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\hp 13\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.90 Gb Total Physical Memory | 3.90 Gb Available Physical Memory | 66.19% Memory free
11.90 Gb Paging File | 9.85 Gb Available in Paging File | 82.82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 440.16 Gb Total Space | 356.33 Gb Free Space | 80.96% Space Free | Partition Type: NTFS
Drive D: | 24.48 Gb Total Space | 2.89 Gb Free Space | 11.80% Space Free | Partition Type: NTFS

Computer Name: EZRA | User Name: hp 13 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/31 14:16:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\hp 13\Downloads\OTL.exe
PRC - [2014/01/31 14:09:38 | 001,037,068 | ---- | M] (Thisisu) -- C:\Users\hp 13\Downloads\JRT.exe
PRC - [2014/01/27 21:37:26 | 000,049,456 | ---- | M] () -- C:\Program Files (x86)\Garena Plus\ggdllhost.exe
PRC - [2014/01/22 20:57:02 | 000,866,584 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/01/20 19:22:04 | 000,811,792 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe
PRC - [2014/01/20 19:21:12 | 000,385,808 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
PRC - [2014/01/20 19:20:50 | 000,402,192 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Service.exe
PRC - [2014/01/20 19:20:44 | 000,367,376 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
PRC - [2014/01/20 19:20:34 | 000,261,392 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
PRC - [2014/01/20 19:20:32 | 000,379,152 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-Network.exe
PRC - [2013/11/14 21:32:12 | 000,821,600 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
PRC - [2013/11/10 20:56:34 | 000,087,368 | ---- | M] (Nero AG) -- C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
PRC - [2013/08/21 17:54:00 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe
PRC - [2013/06/07 13:56:48 | 001,343,904 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/26 11:50:24 | 001,619,704 | ---- | M] (IVT Corporation) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
PRC - [2013/01/10 13:23:30 | 000,379,904 | ---- | M] (IVT Corporation) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
PRC - [2012/12/07 18:27:50 | 000,167,424 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2012/09/07 17:33:08 | 000,581,024 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2012/09/07 17:33:08 | 000,035,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2012/07/27 17:21:26 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2012/07/17 16:10:32 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/07/17 16:10:30 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/07/17 16:10:16 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/06/07 18:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2012/03/06 18:16:08 | 000,655,712 | ---- | M] () -- C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
PRC - [2011/09/19 07:38:16 | 000,027,696 | ---- | M] () -- C:\Program Files (x86)\Nextel\ADN\RUS.exe

========== Modules (No Company Name) ==========

MOD - [2014/01/27 21:37:34 | 000,553,776 | ---- | M] () -- C:\Program Files (x86)\Garena Plus\ggspawn.dll
MOD - [2014/01/27 21:37:26 | 000,049,456 | ---- | M] () -- C:\Program Files (x86)\Garena Plus\ggdllhost.exe
MOD - [2014/01/23 21:13:09 | 001,358,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\HD-Agent\852a79649288a5c183850ebf589aaac3\HD-Agent.ni.exe
MOD - [2014/01/23 21:12:56 | 000,155,136 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\JSON\3126e4f2b1892bc2eeb52af6fb904f6b\JSON.ni.dll
MOD - [2014/01/22 20:57:00 | 000,399,640 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppgooglenaclpluginchrome.dll
MOD - [2014/01/22 20:56:59 | 013,615,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\PepperFlash\pepflashplayer.dll
MOD - [2014/01/22 20:56:56 | 004,055,320 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll
MOD - [2014/01/22 20:56:02 | 000,715,544 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\libglesv2.dll
MOD - [2014/01/22 20:56:01 | 000,100,120 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\libegl.dll
MOD - [2014/01/22 20:55:58 | 001,634,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ffmpegsumo.dll
MOD - [2014/01/21 18:02:43 | 011,917,312 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\503a04d0143a17e6131e51e625442545\System.Web.ni.dll
MOD - [2014/01/21 18:02:08 | 000,978,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\1b66c3a9184d6f58a4ea4c9fda959ae1\System.Configuration.ni.dll
MOD - [2014/01/14 17:22:33 | 005,463,552 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\9e55130078215e51257977a651b0696b\System.Xml.ni.dll
MOD - [2014/01/14 17:22:30 | 012,436,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\eac55000ab752ad6469e74bc2031a3ef\System.Windows.Forms.ni.dll
MOD - [2014/01/14 17:22:22 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\e846f72e7c00312a5d9c04e7f70fa4a8\System.Drawing.ni.dll
MOD - [2014/01/14 17:21:49 | 007,993,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\5a86b00da9227fe7c9a1f6ca95c1850c\System.ni.dll
MOD - [2014/01/14 17:21:44 | 011,499,520 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0cc1da9cd31b490f4ec04cb6c2aa0519\mscorlib.ni.dll
MOD - [2013/11/14 21:32:12 | 000,821,600 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
MOD - [2013/01/31 17:04:00 | 000,070,904 | ---- | M] () -- C:\Windows\SysWOW64\BsProfileFunc.dll
MOD - [2013/01/10 12:59:24 | 000,019,456 | ---- | M] () -- C:\Windows\SysWOW64\BsTrace.dll
MOD - [2013/01/10 11:25:58 | 000,353,280 | ---- | M] () -- C:\Windows\SysWOW64\BsExtendFunc.dll
MOD - [2013/01/10 11:25:56 | 000,011,264 | ---- | M] () -- C:\Windows\SysWOW64\SCChangeMonitor.dll
MOD - [2012/06/08 10:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2012/06/07 18:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll

========== Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV:64bit: - [2014/01/14 14:43:40 | 001,302,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/01/14 14:39:19 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV:64bit: - [2014/01/14 08:30:18 | 000,327,680 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2013/11/27 06:36:30 | 003,395,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/11/13 22:29:02 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2013/11/13 22:29:02 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/11/13 22:29:01 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/11/13 22:25:27 | 001,555,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/11/13 22:25:27 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/11/13 22:25:26 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2013/11/13 22:25:26 | 000,261,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/08/22 03:32:01 | 000,346,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2013/08/22 03:32:00 | 000,023,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/08/22 03:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 02:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 02:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 02:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 02:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 02:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 01:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 01:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 01:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 01:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 01:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 01:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 01:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 01:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 01:04:53 | 000,716,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013/08/22 01:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 00:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2013/08/22 00:58:42 | 000,280,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/08/22 00:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 00:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 00:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 00:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 00:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 00:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 00:40:14 | 000,398,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2013/08/22 00:39:33 | 000,198,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/08/22 00:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 00:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013/04/19 19:08:10 | 001,872,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe -- (OfficeSvc)
SRV:64bit: - [2012/09/24 13:40:56 | 000,031,040 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2012/04/20 13:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2014/01/20 19:21:12 | 000,385,808 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2014/01/20 19:20:50 | 000,402,192 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2014/01/14 14:39:21 | 000,475,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2014/01/14 14:39:19 | 000,066,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV - [2014/01/14 14:39:18 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2013/12/21 00:02:54 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/11/13 22:25:25 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/11/10 20:56:34 | 000,087,368 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe -- (HTCMonitorService)
SRV - [2013/09/05 04:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/08/22 03:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/21 18:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 17:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/26 11:50:24 | 001,619,704 | ---- | M] (IVT Corporation) [Auto | Running] -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe -- (BlueSoleilCS)
SRV - [2013/01/10 13:35:28 | 000,138,752 | ---- | M] (IVT Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe -- (BsHelpCS)
SRV - [2012/12/07 18:27:50 | 000,167,424 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012/09/07 17:33:08 | 000,035,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2012/08/10 15:53:44 | 000,085,504 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/07/17 16:10:32 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 16:10:30 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/17 16:10:16 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/03/06 18:16:08 | 000,655,712 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe -- (Mobile Partner. RunOuc)
SRV - [2011/09/19 07:38:16 | 000,027,696 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Nextel\ADN\RUS.exe -- (RUS)
SRV - [2011/09/19 07:37:42 | 000,081,968 | ---- | M] (Diginext B.V.) [On_Demand | Stopped] -- C:\Program Files (x86)\Nextel\ADN\dblhost.exe -- (dblhost)
SRV - [2010/10/12 08:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/01/14 14:43:40 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014/01/14 14:43:39 | 000,372,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/01/14 14:43:39 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/01/14 14:43:39 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/01/14 14:43:39 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/01/14 08:30:18 | 000,543,744 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2014/01/13 23:08:15 | 000,690,832 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2013/12/21 00:02:44 | 004,216,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013/12/14 14:34:54 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013/11/13 22:28:58 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/11/13 22:25:25 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/11/13 22:25:25 | 000,236,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/11/13 22:25:25 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/11/13 22:23:24 | 000,136,536 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/11/13 22:16:57 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/11/13 22:16:54 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/09/03 21:24:14 | 000,116,264 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:64bit: - [2013/09/03 21:22:08 | 000,085,424 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:64bit: - [2013/09/03 21:17:00 | 000,282,624 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:64bit: - [2013/08/22 04:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 04:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 03:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 03:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 03:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 03:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 03:43:48 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/08/22 03:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 03:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 03:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 03:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 03:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 03:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 03:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 03:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 03:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 03:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 03:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 03:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 03:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 03:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 03:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 03:43:33 | 000,189,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/08/22 03:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 03:43:32 | 000,078,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2013/08/22 03:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 03:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 03:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 03:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 03:41:08 | 000,054,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2013/08/22 03:39:44 | 000,377,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2013/08/22 03:39:15 | 000,924,512 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2013/08/22 03:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 03:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 03:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 03:34:22 | 000,265,056 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/08/22 03:34:22 | 000,124,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2013/08/22 03:31:28 | 000,034,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/08/22 02:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 02:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 02:39:28 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013/08/22 02:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 02:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 02:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 02:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 02:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Unknown (0) | Disabled | Unknown] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 02:38:30 | 000,131,584 | ---- | M] (Microsoft Corporation) [Unknown (0) | Disabled | Unknown] -- C:\Windows\SysNative\drivers\BthA2DP.sys -- (BthA2DP)
DRV:64bit: - [2013/08/22 02:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 02:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 02:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 02:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Unknown (0) | Disabled | Unknown] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 02:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 02:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 02:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Unknown (0) | Disabled | Unknown] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 02:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 02:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 02:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 02:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 02:36:37 | 000,224,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013/08/22 02:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 02:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 02:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 02:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 01:36:01 | 000,321,024 | ---- | M] (Microsoft Corporation) [Unknown (0) | Disabled | Unknown] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
DRV:64bit: - [2013/08/21 23:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 14:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 15:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 09:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 10:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/07/25 10:05:37 | 002,607,792 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2013/07/10 12:39:06 | 000,037,904 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\tmel.sys -- (tmel)
DRV:64bit: - [2013/07/07 13:16:30 | 000,103,712 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmusa.sys -- (tmusa)
DRV:64bit: - [2013/06/30 23:08:16 | 000,050,976 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TMEBC64.sys -- (TMEBC)
DRV:64bit: - [2013/06/12 16:35:10 | 000,100,640 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tmeevw.sys -- (tmeevw)
DRV:64bit: - [2013/05/14 20:23:30 | 000,303,392 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tmnciesc.sys -- (tmnciesc)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/03/25 11:03:44 | 000,049,584 | ---- | M] (Ralink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IvtUrbBtFlt.sys -- (btUrbFilterDrv)
DRV:64bit: - [2013/03/09 06:53:10 | 001,149,232 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtbth.sys -- (rtbth)
DRV:64bit: - [2012/12/19 21:57:44 | 000,033,968 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\blueletaudio.sys -- (BlueletAudio)
DRV:64bit: - [2012/09/24 13:40:56 | 000,043,840 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2012/09/24 13:40:56 | 000,031,040 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2012/08/31 09:40:24 | 000,020,800 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WirelessButtonDriver64.sys -- (WirelessButtonDriver)
DRV:64bit: - [2012/08/28 18:33:50 | 000,448,312 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012/08/10 02:32:30 | 000,043,832 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2012/08/10 02:32:30 | 000,041,272 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Smb_driver_AMDASF.sys -- (SmbDrv)
DRV:64bit: - [2012/07/31 10:22:00 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/07/19 17:47:40 | 000,056,904 | ---- | M] (Ralink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BtL2caScoIf.sys -- (BthL2caScoIfSrv)
DRV:64bit: - [2012/07/02 14:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/25 09:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012/06/19 06:40:52 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/06/15 11:22:02 | 000,023,136 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BtAudioBus.sys -- (BtAudioBusSrv)
DRV:64bit: - [2012/06/13 17:24:00 | 000,266,896 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:64bit: - [2009/11/02 01:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV - [2014/01/20 19:21:02 | 000,115,472 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)
DRV - [2012/12/19 21:57:44 | 000,033,968 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\blueletaudio.sys -- (BlueletAudio)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
IE:64bit: - HKLM\..\SearchScopes\{325FE238-DB55-4525-8D0A-92B59D70C25F}: "URL" = http://www.amazon.com/s/ref=azs_osd...ode=qs&index=aps&field-keywords={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}

Solved 2 Csrss.exe running at the same time win8 64-bit

Posts: 35 +0

Posts: 56,041 +516

Posts: 35 +0

Posts: 35 +0

Posts: 35 +0

Posts: 56,041 +516

Posts: 35 +0

Posts: 35 +0

Posts: 35 +0

Posts: 56,041 +516

Posts: 35 +0

Posts: 35 +0

Posts: 35 +0

Posts: 35 +0

Posts: 56,041 +516

Posts: 35 +0

Posts: 56,041 +516

Posts: 35 +0

Posts: 35 +0

Posts: 35 +0

Posts: 35 +0

Posts: 56,041 +516

Posts: 35 +0

Posts: 35 +0

Posts: 35 +0

Similar threads