Results 1 to 9 of 9

Thread: need to remove PriceChop extremely annoying adware

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Junior Member
    Join Date
    Jan 2014
    Posts
    5

    Default need to remove PriceChop extremely annoying adware

    Hi I created a backup of the registry, ran the Farbar and asWMBR programs and copying the logs as instructed in other posts. I hope I did everything necessary. If I'm missing anything let me know and I'll see what I can do.

    I have the following system:
    Windows 7 Pro
    Service Pack 1
    Processor: Intel Core 2 Duo CPU T9400 @ 2.53Ghz
    Insalled Ram 3.00 GB
    System Type 64 bit o/s

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-09-2014 01
    Ran by User (administrator) on USER-THINK on 07-09-2014 17:12:19
    Running from C:\Users\User\Desktop
    Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Normal

    The only official download link for FRST:
    Download link for 32-Bit version: http://www.bleepingcomputer.com/down...an-tool/dl/81/
    Download link for 64-Bit Version: http://www.bleepingcomputer.com/down...an-tool/dl/82/
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
    See tutorial for FRST: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Lenovo.) C:\Windows\System32\ibmpmsvc.exe
    (AMD) C:\Windows\System32\atiesrxx.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
    (Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
    (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
    (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Lenovo.) C:\Windows\System32\TpShocks.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
    (Avanquest Software ) C:\Program Files (x86)\Digital Line Detect\DLG.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    (Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Intel Corporation) C:\Windows\System32\igfxext.exe
    (Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Lenovo Group Limited) C:\Program Files (x86)\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\AMT\LMS.exe
    (Lenovo Group Limited) C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
    (Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
    (Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
    () C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Tweaking.com) C:\Program Files (x86)\Tweaking.com\Registry Backup\TweakingRegistryBackup.exe
    (Tweaking.com) C:\Program Files (x86)\Tweaking.com\Registry Backup\files\vss_start.exe
    (Microsoft Corporation) C:\Windows\System32\cmd.exe
    (Microsoft Corporation) C:\Program Files (x86)\Tweaking.com\Registry Backup\files\vss_7_8_2008_2012_64.exe
    (Microsoft Corporation) C:\Windows\System32\cmd.exe
    (Tweaking.com) C:\Program Files (x86)\Tweaking.com\Registry Backup\files\vss_pause.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2010-07-01] (Lenovo.)
    HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [60920 2013-05-29] (Lenovo Group Limited)
    HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [31592 2011-04-14] (Lenovo)
    HKLM\...\Run: [picon] => C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PIconStartup.exe [111640 2010-02-04] ()
    HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
    HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4309184 2011-02-09] (Lenovo, Inc.)
    HKLM-x32\...\Run: [Launch Backup Service Once] => C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrstrigger.exe [21304 2009-08-28] ()
    HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
    HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKU\S-1-5-21-452510973-2932132936-1091051211-1000\...\Run: [GoogleChromeAutoLaunch_BCEA24321E5E4F1401136BBEDFB545FE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-08-06] (Google Inc.)
    HKU\S-1-5-21-452510973-2932132936-1091051211-1000\...\MountPoints2: {9751de82-1e88-11e4-a7b1-806e6f6e6963} - Q:\LenovoQDrive.exe
    AppInit_DLLs: C:\PROGRA~2\PC_BOO~1\ASSIST~2.DLL => C:\Program Files (x86)\PC_Booster\Assistant_x64.dll [4210176 2014-08-31] ()
    Lsa: [Notification Packages] scecli ACGina
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
    ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
    ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files (x86)\Digital Line Detect\DLG.exe (Avanquest Software )
    BootExecute: autocheck autochk * sdnclean64.exebddel.exe
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/welcome/thinkpad
    HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
    SearchScopes: HKCU - {F4915C2B-D2FD-4BD9-B646-64E0AC67376D} URL =
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: YYOutuBeAdBLoCke -> {be390578-35c5-4d1d-8cc6-ae11ce79e914} -> C:\Program Files (x86)\YYOutuBeAdBLoCke\jpCXWsCdPuzCfy.x64.dll ()
    BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: YYOutuBeAdBLoCke -> {be390578-35c5-4d1d-8cc6-ae11ce79e914} -> C:\Program Files (x86)\YYOutuBeAdBLoCke\jpCXWsCdPuzCfy.dll ()
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

    FireFox:
    ========
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File

    Chrome:
    =======
    CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3330818&octid=EB_ORIGINAL_CTID&ISID=MC85B884F-6508-483D-AB4F-BFFF5E58F89A&SearchSource=55&CUI=&UM=6&UP=SP8127354B-CE0F-4EE6-B6FA-CEED2204806A&SSPV=
    CHR StartupUrls: Default -> "https://mail.google.com/mail/u/0/?pli=1#inbox", "hxxp://system.logitudeworld.com/", "hxxp://www.google.com/"
    CHR DefaultSuggestURL: Default -> http://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
    CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (QR Creator) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaephdgbinagkeepamlbkhkfbiaedabm [2014-08-23]
    CHR Extension: (Entanglement Web App) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2014-08-23]
    CHR Extension: (Prezi) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\acoonfmhnndodekhecidldfdjgooefpg [2014-08-23]
    CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-23]
    CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-23]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-23]
    CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-23]
    CHR Extension: (Presentme) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckpbiomcikhplplfddlbcikdhlnoibgf [2014-08-23]
    CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-23]
    CHR Extension: (pRicEchope) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dabgikpknedcgjppmnlhiahgjoinmlko [2014-08-31]
    CHR Extension: (Poppit!) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2014-08-23]
    CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-23]
    CHR Extension: (Docs PDF/PowerPoint Viewer (by Google)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2014-08-23]
    CHR Extension: (Google Calendar Checker (by Google)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookhcbgokankfmjafalglpofmolfopek [2014-08-23]
    CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-23]
    CHR Extension: (pRicEchope) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dabgikpknedcgjppmnlhiahgjoinmlko\3.9 [2014-08-31]
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    S2 248642b4; c:\Program Files (x86)\PC_Booster\AssistantSvc.dll [174928 2014-08-31] () [File not signed]
    S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320560 2014-03-20] (Lenovo.)
    R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo Group Limited)
    R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [174616 2010-02-04] (Intel Corporation)
    R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
    S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-06-18] ()
    R2 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1019904 2009-08-28] (Lenovo Group Limited) [File not signed]
    S3 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1475896 2010-07-29] (Lenovo Group Limited)
    R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [61440 2008-01-10] (Ulead Systems, Inc.) [File not signed]
    R2 UNS; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2058776 2010-02-04] (Intel Corporation)
    S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
    S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2013-11-15] (Synaptics Incorporated)
    R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3531136 2009-06-11] ()
    R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [41536 2009-09-24] (Lenovo (United States) Inc.)
    S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-25] () [File not signed]
    S3 btwaudio; system32\drivers\btwaudio.sys [X]
    S3 btwavdt; system32\DRIVERS\btwavdt.sys [X]
    S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
    S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
    R3 PCDSRVC{127174DC-C366ED8B-06020101}_0; \??\c:\program files\pc-doctor\pcdsrvc_x64.pkms [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-09-07 17:12 - 2014-09-07 17:14 - 00017178 _____ () C:\Users\User\Desktop\FRST.txt
    2014-09-07 17:11 - 2014-09-07 17:12 - 00000000 ____D () C:\FRST
    2014-09-07 17:10 - 2014-09-07 17:10 - 02105344 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
    2014-09-07 17:10 - 2014-09-07 17:10 - 02105344 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
    2014-09-07 17:08 - 2014-09-07 17:08 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-USER-THINK-Microsoft-Windows-7-Professional-(64-bit).dat
    2014-09-07 17:07 - 2014-09-07 17:07 - 00002246 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
    2014-09-07 17:07 - 2014-09-07 17:07 - 00000000 ____D () C:\RegBackup
    2014-09-07 17:07 - 2014-09-07 17:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
    2014-09-07 17:06 - 2014-09-07 17:06 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
    2014-09-07 17:05 - 2014-09-07 17:05 - 04057608 _____ () C:\Users\User\Downloads\tweaking.com_registry_backup_setup.exe
    2014-09-05 23:52 - 2014-09-05 23:52 - 00019530 _____ () C:\Windows\SysWOW64\bddel.dat
    2014-09-05 22:16 - 2014-09-05 22:16 - 00559280 _____ (Safer-Networking Ltd. ) C:\Users\User\Downloads\spybot2-license.exe
    2014-09-05 22:04 - 2009-06-10 17:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20140905-220424.backup
    2014-09-05 21:21 - 2014-09-05 23:41 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
    2014-09-05 21:21 - 2014-09-05 23:39 - 00001402 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
    2014-09-05 21:21 - 2014-09-05 23:39 - 00001390 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
    2014-09-05 21:21 - 2014-09-05 23:39 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
    2014-09-05 21:21 - 2014-09-05 23:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
    2014-09-05 21:21 - 2014-09-05 21:21 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
    2014-09-05 21:21 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
    2014-09-05 21:19 - 2014-09-05 21:19 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\User\Downloads\spybot-2-4.exe
    2014-09-03 08:57 - 2014-09-03 08:57 - 00155828 _____ () C:\Users\User\Downloads\A-ZYYZ37H.xlsx
    2014-09-01 22:40 - 2014-09-01 22:40 - 00000000 ____D () C:\Users\User\Downloads\BMW 1992
    2014-09-01 22:07 - 2014-09-01 22:07 - 00000000 ____D () C:\Windows\system32\appmgmt
    2014-09-01 22:07 - 2014-09-01 22:07 - 00000000 ____D () C:\ProgramData\374311380
    2014-08-31 16:07 - 2014-09-01 22:11 - 00000000 ____D () C:\ProgramData\Freemake
    2014-08-31 16:07 - 2014-09-01 22:10 - 00000000 ____D () C:\Program Files (x86)\Freemake
    2014-08-31 16:07 - 2014-08-31 16:09 - 00000000 ____D () C:\Users\User\Documents\Freemake
    2014-08-31 16:07 - 2014-08-31 16:08 - 00000000 ____D () C:\Users\User\AppData\Roaming\RHEng
    2014-08-31 16:07 - 2014-08-31 16:07 - 00000000 ____D () C:\Users\User\AppData\Roaming\OpenCandy
    2014-08-31 16:06 - 2014-08-31 16:06 - 01269448 _____ (Ellora Assets Corporation ) C:\Users\User\Downloads\FreemakeVideoDownloaderSetup.exe
    2014-08-31 16:03 - 2014-08-31 16:04 - 00827904 _____ (Of Sect) C:\Users\User\Downloads\Download.exe
    2014-08-31 14:13 - 2014-09-07 16:41 - 00000474 ____H () C:\Windows\Tasks\PC_Booster-S-493389286.job
    2014-08-31 14:13 - 2014-09-05 23:52 - 00000000 ____D () C:\Program Files (x86)\PC_Booster
    2014-08-31 14:13 - 2014-08-31 14:13 - 00002720 _____ () C:\Windows\System32\Tasks\PC_Booster-S-493389286
    2014-08-31 14:13 - 2014-08-31 14:13 - 00000000 ____D () C:\ProgramData\Trusted Publisher
    2014-08-31 14:12 - 2014-09-02 09:50 - 00000000 ____D () C:\ProgramData\prricEchop
    2014-08-31 14:12 - 2014-09-02 09:49 - 00000000 ____D () C:\ProgramData\a2288e6897b4d6e3
    2014-08-31 14:12 - 2014-09-02 09:49 - 00000000 ____D () C:\Program Files (x86)\prricEchop
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000394 __RSH () C:\ProgramData\ntuser.pol
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000000 ____D () C:\Users\User\AppData\Local\Torch
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000000 ____D () C:\Users\User\AppData\Local\Packages
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000000 ____D () C:\Users\User\AppData\Local\Comodo
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000000 ____D () C:\Users\User\AppData\Local\Chromatic Browser
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000000 ____D () C:\Users\Guest
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000000 ____D () C:\Users\Administrator
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000000 ____D () C:\ProgramData\YYOutuBeAdBLoCke
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000000 ____D () C:\Program Files (x86)\YYOutuBeAdBLoCke
    2014-08-31 14:11 - 2014-08-31 14:11 - 00838144 _____ (Paintbox Use) C:\Users\User\Downloads\Best Rock Ballads Ever.mp3.exe
    2014-08-31 13:52 - 2014-08-31 13:53 - 00000000 ____D () C:\Users\User\AppData\Roaming\Apple Computer
    2014-08-31 13:52 - 2014-08-31 13:52 - 00001794 _____ () C:\Users\Public\Desktop\iTunes.lnk
    2014-08-31 13:52 - 2014-08-31 13:52 - 00000000 ____D () C:\Users\User\AppData\Local\Apple Computer
    2014-08-31 13:52 - 2014-08-31 13:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2014-08-31 13:51 - 2014-08-31 13:51 - 00000000 ____D () C:\ProgramData\Apple Computer
    2014-08-31 13:51 - 2014-08-31 13:51 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2014-08-31 13:51 - 2014-08-31 13:51 - 00000000 ____D () C:\Program Files\iTunes
    2014-08-31 13:51 - 2014-08-31 13:51 - 00000000 ____D () C:\Program Files\iPod
    2014-08-31 13:51 - 2014-08-31 13:51 - 00000000 ____D () C:\Program Files (x86)\iTunes
    2014-08-31 13:51 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
    2014-08-31 13:50 - 2014-08-31 13:50 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
    2014-08-31 13:50 - 2014-08-31 13:50 - 00000000 ____D () C:\Users\User\AppData\Local\Apple
    2014-08-31 13:50 - 2014-08-31 13:50 - 00000000 ____D () C:\Program Files\Common Files\Apple
    2014-08-31 13:50 - 2014-08-31 13:50 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
    2014-08-31 13:49 - 2014-08-31 13:50 - 00000000 ____D () C:\ProgramData\Apple
    2014-08-31 13:49 - 2014-08-31 13:49 - 00000000 ____D () C:\Program Files\Bonjour
    2014-08-31 13:49 - 2014-08-31 13:49 - 00000000 ____D () C:\Program Files (x86)\Bonjour
    2014-08-31 13:29 - 2014-08-31 13:30 - 113492816 _____ (Apple Inc.) C:\Users\User\Downloads\iTunes64Setup.exe
    2014-08-28 22:39 - 2014-08-22 22:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2014-08-28 22:39 - 2014-08-22 21:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2014-08-28 22:39 - 2014-08-22 20:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2014-08-27 12:24 - 2014-08-27 14:07 - 00000000 ____D () C:\Users\User\AppData\Local\STATCAN
    2014-08-27 12:23 - 2014-08-27 14:12 - 00000000 ____D () C:\CAED
    2014-08-27 12:23 - 2014-08-27 12:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CAED
    2014-08-27 12:22 - 2014-08-27 12:22 - 00000000 ____D () C:\Program Files (x86)\Business Objects
    2014-08-27 12:19 - 2014-08-27 12:21 - 24235368 _____ (Statistics Canada) C:\Users\User\Downloads\CAED_2014_v14.00_SP1c.exe
    2014-08-27 12:17 - 2014-08-27 12:17 - 00003126 _____ () C:\Windows\System32\Tasks\{A77BA811-EF4D-44A8-B17F-CD1382BEF89F}
    2014-08-27 12:17 - 2014-08-27 12:17 - 00000000 ____D () C:\Program Files (x86)\MSECache
    2014-08-27 12:11 - 2014-08-27 12:14 - 242743296 _____ (Microsoft Corporation) C:\Users\User\Downloads\dotnetfx35.exe
    2014-08-27 12:11 - 2014-08-27 12:12 - 26481656 _____ (Microsoft Corporation) C:\Users\User\Downloads\AccessDatabaseEngine.exe
    2014-08-25 14:27 - 2014-05-14 12:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2014-08-25 14:27 - 2014-05-14 12:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2014-08-25 14:27 - 2014-05-14 12:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2014-08-25 14:27 - 2014-05-14 12:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2014-08-25 14:26 - 2014-05-14 12:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2014-08-25 14:26 - 2014-05-14 12:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2014-08-25 14:26 - 2014-05-14 12:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2014-08-25 14:26 - 2014-05-14 12:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
    2014-08-25 14:26 - 2014-05-14 12:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2014-08-25 14:26 - 2014-05-14 12:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2014-08-25 14:26 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2014-08-25 14:26 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
    2014-08-25 14:26 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2014-08-25 14:26 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
    2014-08-25 14:01 - 2014-08-25 14:01 - 00001609 _____ () C:\Users\User\Downloads\web.config.txt
    2014-08-25 14:00 - 2014-08-25 14:00 - 00004310 _____ () C:\Users\User\Downloads\README.txt
    2014-08-25 14:00 - 2014-08-25 14:00 - 00001013 _____ () C:\Users\User\Downloads\index.php
    2014-08-24 20:44 - 2014-08-24 20:44 - 00000000 ____D () C:\Users\User\AppData\Roaming\Canon
    2014-08-24 12:37 - 2014-08-24 12:37 - 00000000 ___HD () C:\ProgramData\CanonIJFAX
    2014-08-24 12:37 - 2014-08-24 12:37 - 00000000 ___HD () C:\ProgramData\CanonBJ
    2014-08-24 12:37 - 2012-09-20 05:00 - 00390656 _____ (CANON INC.) C:\Windows\system32\CNMLMBL.DLL
    2014-08-24 12:36 - 2012-09-21 09:34 - 00366080 _____ (CANON INC.) C:\Windows\system32\CNC_BLL.dll
    2014-08-24 12:36 - 2012-09-21 05:00 - 00303104 _____ (CANON INC.) C:\Windows\system32\CNCALBL.DLL
    2014-08-24 12:36 - 2012-05-25 09:21 - 00282624 _____ (CANON INC.) C:\Windows\system32\CNC_BLC.dll
    2014-08-24 12:36 - 2012-05-25 09:20 - 00106496 _____ (CANON INC.) C:\Windows\system32\CNC_BLI.dll
    2014-08-24 12:36 - 2012-05-15 15:58 - 00098048 _____ () C:\Windows\system32\CNC176BD.TBL
    2014-08-24 12:36 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll
    2014-08-23 20:36 - 2014-08-23 20:36 - 00000000 ____D () C:\Users\User\AppData\Roaming\PwrMgr
    2014-08-23 20:31 - 2014-08-24 21:20 - 00000000 ____D () C:\Users\User\AppData\Local\Lenovo
    2014-08-23 20:28 - 2014-08-23 20:28 - 461957988 _____ () C:\Windows\MEMORY.DMP
    2014-08-23 20:28 - 2014-08-23 20:28 - 00476792 _____ () C:\Windows\Minidump\082314-58391-01.dmp
    2014-08-23 20:28 - 2014-08-23 20:28 - 00000000 ____D () C:\Windows\Minidump
    2014-08-23 19:49 - 2009-10-05 18:56 - 01811968 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64TP17.dll
    2014-08-23 19:49 - 2009-10-05 17:58 - 00649216 ____N (Conexant Systems Inc.) C:\Windows\system32\Drivers\CHDRT64.sys
    2014-08-23 19:49 - 2009-08-16 20:19 - 00398848 _____ (Conexant Systems, Inc.) C:\Windows\system32\UCI64A42.dll
    2014-08-23 19:48 - 2014-08-23 19:48 - 00000000 ____D () C:\Program Files\Common Files\Lenovo
    2014-08-23 19:16 - 2014-08-23 19:16 - 00000000 ____D () C:\Program Files\ATI
    2014-08-23 19:16 - 2014-08-23 19:16 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
    2014-08-23 19:16 - 2012-05-05 01:58 - 08013312 ____N (ATI Technologies Inc.) C:\Windows\system32\Drivers\atikmdag.sys
    2014-08-23 19:16 - 2012-05-04 23:28 - 00653056 ____N () C:\Windows\system32\atiumd6a.cap
    2014-08-23 19:16 - 2012-05-04 23:23 - 00653056 ____N () C:\Windows\SysWOW64\atiumdva.cap
    2014-08-23 19:16 - 2012-05-04 23:22 - 06815744 ____N (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
    2014-08-23 19:16 - 2012-05-04 23:22 - 00051200 ____N (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
    2014-08-23 19:16 - 2012-05-04 23:22 - 00046080 ____N (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
    2014-08-23 19:16 - 2012-05-04 23:22 - 00044544 ____N (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
    2014-08-23 19:16 - 2012-05-04 23:22 - 00044032 ____N (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
    2014-08-23 19:16 - 2012-05-04 23:20 - 05442048 ____N (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
    2014-08-23 19:16 - 2012-05-04 23:18 - 21422592 ____N (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
    2014-08-23 19:16 - 2012-05-04 23:15 - 00143360 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
    2014-08-23 19:16 - 2012-05-04 23:15 - 00100640 _____ () C:\Windows\system32\atiapfxx.blb
    2014-08-23 19:16 - 2012-05-04 23:14 - 00547328 _____ (ATI Technologies Inc. ) C:\Windows\SysWOW64\aticfx32.dll
    2014-08-23 19:16 - 2012-05-04 23:13 - 00645120 _____ (ATI Technologies Inc. ) C:\Windows\system32\aticfx64.dll
    2014-08-23 19:16 - 2012-05-04 23:11 - 00478208 ____N (AMD) C:\Windows\system32\atieclxx.exe
    2014-08-23 19:16 - 2012-05-04 23:11 - 00450560 ____N (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIDEMGX.dll
    2014-08-23 19:16 - 2012-05-04 23:10 - 00203776 ____N (AMD) C:\Windows\system32\atiesrxx.exe
    2014-08-23 19:16 - 2012-05-04 23:10 - 00053760 ____N (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
    2014-08-23 19:16 - 2012-05-04 23:10 - 00053760 ____N (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
    2014-08-23 19:16 - 2012-05-04 23:10 - 00052736 ____N (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
    2014-08-23 19:16 - 2012-05-04 23:10 - 00052736 ____N (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
    2014-08-23 19:16 - 2012-05-04 23:09 - 00356352 ____N (ATI Technologies, Inc.) C:\Windows\SysWOW64\atipdlxx.dll
    2014-08-23 19:16 - 2012-05-04 23:09 - 00120320 ____N (AMD) C:\Windows\system32\atitmm64.dll
    2014-08-23 19:16 - 2012-05-04 23:08 - 00059392 ____N (ATI Technologies, Inc.) C:\Windows\system32\atiedu64.dll
    2014-08-23 19:16 - 2012-05-04 23:08 - 00043520 ____N (ATI Technologies, Inc.) C:\Windows\SysWOW64\ati2edxx.dll
    2014-08-23 19:16 - 2012-05-04 23:08 - 00016384 ____N (AMD) C:\Windows\system32\atimuixx.dll
    2014-08-23 19:16 - 2012-05-04 23:03 - 04020736 ____N (ATI Technologies Inc. ) C:\Windows\SysWOW64\atidxx32.dll
    2014-08-23 19:16 - 2012-05-04 22:58 - 16281600 ____N (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
    2014-08-23 19:16 - 2012-05-04 22:47 - 00053248 ____N (ATI Technologies Inc.) C:\Windows\system32\Drivers\ati2erec.dll
    2014-08-23 19:16 - 2012-05-04 22:29 - 00349184 ____N (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
    2014-08-23 19:16 - 2012-05-04 22:28 - 00287232 ____N (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
    2014-08-23 19:16 - 2012-05-04 22:28 - 00249856 ____N (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
    2014-08-23 19:16 - 2012-05-04 22:28 - 00031744 ____N (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
    2014-08-23 19:16 - 2012-05-04 22:28 - 00027136 ____N (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
    2014-08-23 19:16 - 2012-05-04 22:28 - 00014848 ____N (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
    2014-08-23 19:16 - 2012-05-04 22:28 - 00012800 ____N (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
    2014-08-23 19:16 - 2012-05-04 22:27 - 00030720 ____N (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
    2014-08-23 19:16 - 2011-10-13 10:21 - 00005436 ____N () C:\Windows\system32\iglhxs64.vp
    2014-08-23 19:16 - 2011-10-13 10:14 - 03157784 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
    2014-08-23 19:16 - 2011-10-13 10:14 - 00510232 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
    2014-08-23 19:16 - 2011-10-13 10:14 - 00417560 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
    2014-08-23 19:16 - 2011-10-13 10:14 - 00386840 ____N (Intel Corporation) C:\Windows\system32\hkcmd.exe
    2014-08-23 19:16 - 2011-10-13 10:14 - 00224024 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
    2014-08-23 19:16 - 2011-10-13 10:14 - 00162584 ____N (Intel Corporation) C:\Windows\system32\igfxtray.exe
    2014-08-23 19:16 - 2011-10-13 10:14 - 00152856 ____N () C:\Windows\system32\difx64.exe
    2014-08-23 19:16 - 2011-10-13 10:05 - 10629184 ____N (Intel Corporation) C:\Windows\system32\Drivers\igdpmd64.sys
    2014-08-23 19:16 - 2011-10-13 10:05 - 10629184 ____N (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
    2014-08-23 19:16 - 2011-10-13 10:05 - 06549504 ____N (Intel Corporation) C:\Windows\system32\igdumd64.dll
    2014-08-23 19:16 - 2011-10-13 10:04 - 00982240 ____N () C:\Windows\SysWOW64\igkrng500.bin
    2014-08-23 19:16 - 2011-10-13 10:04 - 00982240 ____N () C:\Windows\system32\igkrng500.bin
    2014-08-23 19:16 - 2011-10-13 10:04 - 00439308 ____N () C:\Windows\SysWOW64\igcompkrng500.bin
    2014-08-23 19:16 - 2011-10-13 10:04 - 00439308 ____N () C:\Windows\system32\igcompkrng500.bin
    2014-08-23 19:16 - 2011-10-13 10:04 - 00092356 ____N () C:\Windows\SysWOW64\igfcg500m.bin
    2014-08-23 19:16 - 2011-10-13 10:04 - 00092356 ____N () C:\Windows\system32\igfcg500m.bin
    2014-08-23 19:16 - 2011-10-13 10:01 - 04967424 ____N (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
    2014-08-23 19:16 - 2011-10-13 09:58 - 00571904 ____N (Intel Corporation) C:\Windows\SysWOW64\igdumdx32.dll
    2014-08-23 19:16 - 2011-10-13 09:57 - 04722176 ____N (Intel Corporation) C:\Windows\system32\igd10umd64.dll
    2014-08-23 19:16 - 2011-10-13 09:55 - 04411392 ____N (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
    2014-08-23 19:16 - 2011-10-13 09:50 - 15546880 ____N (Intel Corporation) C:\Windows\system32\ig4icd64.dll
    2014-08-23 19:16 - 2011-10-13 09:42 - 11405312 ____N (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
    2014-08-23 19:16 - 2011-10-13 09:38 - 00189552 _____ () C:\Windows\system32\Gfxres.th-TH.resources
    2014-08-23 19:16 - 2011-10-13 09:38 - 00178407 _____ () C:\Windows\system32\Gfxres.el-GR.resources
    2014-08-23 19:16 - 2011-10-13 09:38 - 00165395 _____ () C:\Windows\system32\Gfxres.ru-RU.resources
    2014-08-23 19:16 - 2011-10-13 09:38 - 00139909 _____ () C:\Windows\system32\Gfxres.ar-SA.resources
    2014-08-23 19:16 - 2011-10-13 09:38 - 00136401 _____ () C:\Windows\system32\Gfxres.ja-JP.resources
    2014-08-23 19:16 - 2011-10-13 09:38 - 00133746 _____ () C:\Windows\system32\Gfxres.he-IL.resources
    2014-08-23 19:16 - 2011-10-13 09:38 - 00125558 _____ () C:\Windows\system32\Gfxres.it-IT.resources
    2014-08-23 19:16 - 2011-10-13 09:38 - 00123230 _____ () C:\Windows\system32\Gfxres.ko-KR.resources
    2014-08-23 19:16 - 2011-10-13 09:38 - 00122927 _____ () C:\Windows\system32\Gfxres.es-ES.resources
    2014-08-23 19:16 - 2011-10-13 09:38 - 00122709 _____ () C:\Windows\system32\Gfxres.de-DE.resources
    2014-08-23 19:16 - 2011-10-13 09:38 - 00122368 ____N (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
    2014-08-23 19:16 - 2011-10-13 09:38 - 00121173 _____ () C:\Windows\system32\Gfxres.tr-TR.resources
    2014-08-23 19:16 - 2011-10-13 09:38 - 00120800 _____ () C:\Windows\system32\Gfxres.fr-FR.resources
    2014-08-23 19:16 - 2011-10-13 09:38 - 00120366 _____ () C:\Windows\system32\Gfxres.pt-BR.resources
    2014-08-23 19:16 - 2011-10-13 09:38 - 00119616 _____ () C:\Windows\system32\Gfxres.hu-HU.resources
    2014-08-23 19:16 - 2011-10-13 09:38 - 00119586 _____ () C:\Windows\system32\Gfxres.nl-NL.resources
    2014-08-23 19:16 - 2011-10-13 09:38 - 00119360 _____ () C:\Windows\system32\Gfxres.sv-SE.resources
    2014-08-23 19:16 - 2011-10-13 09:38 - 00119067 _____ () C:\Windows\system32\Gfxres.pt-PT.resources
    2014-08-23 19:16 - 2011-10-13 09:38 - 00118745 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources
    2014-08-23 19:16 - 2011-10-13 09:38 - 00118697 _____ () C:\Windows\system32\Gfxres.fi-FI.resources
    2014-08-23 19:16 - 2011-10-13 09:38 - 00118409 _____ () C:\Windows\system32\Gfxres.pl-PL.resources
    2014-08-23 19:16 - 2011-10-13 09:38 - 00118058 _____ () C:\Windows\system32\Gfxres.sk-SK.resources
    2014-08-23 19:16 - 2011-10-13 09:38 - 00114852 _____ () C:\Windows\system32\Gfxres.nb-NO.resources
    2014-08-23 19:16 - 2011-10-13 09:38 - 00114372 _____ () C:\Windows\system32\Gfxres.sl-SI.resources
    2014-08-23 19:16 - 2011-10-13 09:38 - 00114261 _____ () C:\Windows\system32\Gfxres.da-DK.resources
    2014-08-23 19:16 - 2011-10-13 09:38 - 00110214 _____ () C:\Windows\system32\Gfxres.en-US.resources
    2014-08-23 19:16 - 2011-10-13 09:38 - 00104044 _____ () C:\Windows\system32\Gfxres.zh-TW.resources
    2014-08-23 19:16 - 2011-10-13 09:38 - 00102883 _____ () C:\Windows\system32\Gfxres.zh-CN.resources
    2014-08-23 19:16 - 2011-10-13 09:38 - 00088576 ____N (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
    2014-08-23 19:16 - 2011-10-13 09:38 - 00088576 ____N (Intel Corporation) C:\Windows\system32\igfxrell.lrc
    2014-08-23 19:16 - 2011-10-13 09:38 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
    2014-08-23 19:16 - 2011-10-13 09:38 - 00088064 ____N (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
    2014-08-23 19:16 - 2011-10-13 09:38 - 00088064 ____N (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
    2014-08-23 19:16 - 2011-10-13 09:38 - 00088064 ____N (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
    2014-08-23 19:16 - 2011-10-13 09:38 - 00088064 ____N (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
    2014-08-23 19:16 - 2011-10-13 09:38 - 00088064 ____N (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
    2014-08-23 19:16 - 2011-10-13 09:38 - 00088064 ____N (Intel Corporation) C:\Windows\system32\igfxrita.lrc
    2014-08-23 19:16 - 2011-10-13 09:38 - 00088064 ____N (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
    2014-08-23 19:16 - 2011-10-13 09:38 - 00087552 ____N (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
    2014-08-23 19:16 - 2011-10-13 09:38 - 00087552 ____N (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
    2014-08-23 19:16 - 2011-10-13 09:38 - 00087552 ____N (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
    2014-08-23 19:16 - 2011-10-13 09:38 - 00087552 ____N (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
    2014-08-23 19:16 - 2011-10-13 09:38 - 00087552 ____N (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
    2014-08-23 19:16 - 2011-10-13 09:38 - 00087552 ____N (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
    2014-08-23 19:16 - 2011-10-13 09:38 - 00087552 ____N (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
    2014-08-23 19:16 - 2011-10-13 09:38 - 00087552 ____N (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
    2014-08-23 19:16 - 2011-10-13 09:38 - 00087040 ____N (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
    ==================== End Of Log ============================
    2014-08-23 19:16 - 2011-10-13 09:38 - 00087040 ____N (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
    2014-08-23 19:16 - 2011-10-13 09:38 - 00087040 ____N (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
    2014-08-23 19:16 - 2011-10-13 09:38 - 00086528 ____N (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
    2014-08-23 19:16 - 2011-10-13 09:38 - 00086528 ____N (Intel Corporation) C:\Windows\system32\igfxrara.lrc
    2014-08-23 19:16 - 2011-10-13 09:38 - 00084992 ____N (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
    2014-08-23 19:16 - 2011-10-13 09:38 - 00084992 ____N (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
    2014-08-23 19:16 - 2011-10-13 09:38 - 00083968 ____N (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
    2014-08-23 19:16 - 2011-10-13 09:38 - 00083968 ____N (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
    2014-08-23 19:16 - 2011-10-13 09:37 - 00380416 ____N (Intel Corporation) C:\Windows\system32\igfxTMM.dll
    2014-08-23 19:16 - 2011-10-13 09:37 - 00244224 ____N (Intel Corporation) C:\Windows\system32\igfxpph.dll
    2014-08-23 19:16 - 2011-10-13 09:36 - 00830464 ____N (Intel Corporation) C:\Windows\system32\igfxress.dll
    2014-08-23 19:16 - 2011-10-13 09:36 - 00142336 ____N (Intel Corporation) C:\Windows\system32\igfxdo.dll
    2014-08-23 19:16 - 2011-10-13 09:36 - 00119808 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
    2014-08-23 19:16 - 2011-10-13 09:36 - 00108544 ____N (Intel Corporation) C:\Windows\system32\hccutils.dll
    2014-08-23 19:16 - 2011-10-13 09:36 - 00087552 ____N (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
    2014-08-23 19:16 - 2011-10-13 09:36 - 00004096 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
    2014-08-23 19:16 - 2011-10-13 09:32 - 00023552 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
    2014-08-23 19:16 - 2011-10-13 09:31 - 00228864 ____N (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
    2014-08-23 19:16 - 2011-10-13 09:30 - 00208896 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
    2014-08-23 19:16 - 2011-10-13 09:30 - 00206336 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
    2014-08-23 19:16 - 2011-10-13 09:30 - 00188416 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
    2014-08-23 19:16 - 2011-10-13 09:30 - 00147456 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
    2014-08-23 19:16 - 2010-09-22 14:27 - 00223990 ____N () C:\Windows\system32\atiicdxx.dat
    2014-08-23 19:16 - 2010-09-17 14:17 - 00002888 ____N () C:\Windows\SysWOW64\atipblag.dat
    2014-08-23 19:16 - 2010-09-17 14:17 - 00002888 ____N () C:\Windows\system32\atipblag.dat
    2014-08-23 19:16 - 2010-08-12 11:12 - 00022190 ____N () C:\Windows\atiogl.xml
    2014-08-23 19:13 - 2014-08-23 19:13 - 00000000 ____D () C:\Users\User\AppData\Roaming\InstallShield
    2014-08-23 19:13 - 2014-08-23 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Integrated Camera
    2014-08-23 19:13 - 2009-07-21 12:08 - 00013021 _____ () C:\Windows\snp2uvc.src
    2014-08-23 19:13 - 2009-06-11 17:04 - 03531136 _____ () C:\Windows\system32\Drivers\snp2uvc.sys
    2014-08-23 19:13 - 2009-06-05 11:30 - 00232448 _____ ( ) C:\Windows\SysWOW64\rsnp2uvc.dll
    2014-08-23 19:13 - 2009-06-05 11:30 - 00230912 _____ ( ) C:\Windows\system32\rsnp2uvc.dll
    2014-08-23 19:13 - 2009-06-05 11:28 - 00301568 _____ (Sonix) C:\Windows\SysWOW64\vsnp2uvc.dll
    2014-08-23 19:13 - 2009-06-05 11:27 - 00371200 _____ (Sonix) C:\Windows\system32\vsnp2uvc.dll
    2014-08-23 19:13 - 2009-02-16 18:33 - 00306176 _____ ( ) C:\Windows\system32\csnp2uvc.dll
    2014-08-23 19:13 - 2008-12-29 17:14 - 00035456 _____ () C:\Windows\system32\Drivers\sncduvc.sys
    2014-08-23 19:13 - 2006-05-19 11:39 - 00015497 _____ () C:\Windows\snp2uvc.ini
    2014-08-23 19:10 - 2014-08-23 19:10 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
    2014-08-23 19:09 - 2014-08-23 19:11 - 00001436 _____ () C:\Windows\Synaptics.log
    2014-08-23 19:09 - 2013-11-15 15:39 - 00540400 ____N (Synaptics Incorporated) C:\Windows\SysWOW64\SynCOM.dll
    2014-08-23 19:09 - 2013-11-15 15:39 - 00461040 ____N (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys
    2014-08-23 19:09 - 2013-11-15 15:39 - 00229616 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
    2014-08-23 19:09 - 2013-11-15 15:39 - 00178416 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo14.dll
    2014-08-23 19:09 - 2013-11-15 15:39 - 00114416 ____N (Synaptics Incorporated) C:\Windows\SysWOW64\SynTPCOM.dll
    2014-08-23 19:09 - 2013-11-15 15:39 - 00045296 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
    2014-08-23 19:04 - 2010-04-08 23:11 - 00054824 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btusbflt.sys
    2014-08-23 19:03 - 2014-08-23 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) Management and Security
    2014-08-23 19:03 - 2010-02-04 12:14 - 01006104 _____ (Intel Corporation) C:\Windows\SysWOW64\mesoludlg.exe
    2014-08-23 19:02 - 2006-01-12 15:52 - 00001904 ____N () C:\Windows\system32\SetupBD.din
    2014-08-23 19:01 - 2014-08-23 19:03 - 00000000 ____D () C:\Windows\SysWOW64\Lang
    2014-08-23 19:01 - 2014-08-23 19:03 - 00000000 ____D () C:\Program Files (x86)\Intel
    2014-08-23 19:01 - 2014-08-23 19:01 - 00000000 ____D () C:\Windows\SysWOW64\x64
    2014-08-23 19:01 - 2010-04-07 16:04 - 00290008 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1y62x64.sys
    2014-08-23 19:01 - 2010-02-04 12:14 - 00989720 _____ (Intel Corporation) C:\Windows\SysWOW64\heciudlg.exe
    2014-08-23 19:01 - 2009-10-11 00:26 - 00078016 _____ (Intel Corporation) C:\Windows\system32\NicInstY.dll
    2014-08-23 19:01 - 2009-05-26 10:05 - 00036472 _____ (Intel Corporation) C:\Windows\system32\NicCo36.dll
    2014-08-23 19:01 - 2009-03-05 16:52 - 00003315 _____ () C:\Windows\system32\e1y62x64.din
    2014-08-23 18:54 - 2013-05-22 16:17 - 00015472 ____N (Lenovo Group Limited) C:\Windows\system32\Drivers\smiifx64.sys
    2014-08-23 18:53 - 2014-08-23 18:53 - 00000000 ____D () C:\Users\User\AppData\Local\Tvsukernel
    2014-08-23 18:46 - 2014-08-23 18:46 - 00000000 ____D () C:\Windows\System32\Tasks\Lenovo
    2014-08-23 18:45 - 2014-06-30 18:24 - 00008856 ____N (Microsoft Corporation) C:\Windows\system32\icardres.dll
    2014-08-23 18:45 - 2014-06-30 18:14 - 00008856 ____N (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
    2014-08-23 18:45 - 2014-03-09 17:48 - 01389208 ____N (Microsoft Corporation) C:\Windows\system32\icardagt.exe
    2014-08-23 18:45 - 2014-03-09 17:48 - 00171160 ____N (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
    2014-08-23 18:45 - 2014-03-09 17:47 - 00619672 ____N (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
    2014-08-23 18:45 - 2014-03-09 17:47 - 00099480 ____N (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
    2014-08-23 18:44 - 2014-06-06 02:16 - 00035480 ____N (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
    2014-08-23 18:44 - 2014-06-06 02:12 - 00035480 ____N (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
    2014-08-23 18:15 - 2014-08-23 18:15 - 13087456 _____ (Microsoft Corporation) C:\Users\User\Downloads\Silverlight_x64 (1).exe
    2014-08-23 18:14 - 2014-08-23 18:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2014-08-23 18:14 - 2014-08-23 18:14 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
    2014-08-23 18:14 - 2014-08-23 18:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
    2014-08-23 18:13 - 2014-08-23 18:14 - 13087456 _____ (Microsoft Corporation) C:\Users\User\Downloads\Silverlight_x64.exe
    2014-08-23 18:08 - 2014-08-23 18:08 - 00000000 ____D () C:\Users\User\AppData\Roaming\PCDr
    2014-08-23 18:06 - 2014-08-23 18:06 - 00002266 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2014-08-23 18:06 - 2014-08-23 18:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2014-08-23 18:04 - 2014-09-07 17:09 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-08-23 18:04 - 2014-09-07 16:41 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-08-23 18:04 - 2014-08-31 14:12 - 00000000 ____D () C:\Users\User\AppData\Local\Google
    2014-08-23 18:04 - 2014-08-31 14:12 - 00000000 ____D () C:\Program Files (x86)\Google
    2014-08-23 18:04 - 2014-08-23 18:04 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2014-08-23 18:04 - 2014-08-23 18:04 - 00003638 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2014-08-23 18:02 - 2014-08-23 18:04 - 00000000 ____D () C:\Users\User\AppData\Local\Deployment
    2014-08-23 18:02 - 2014-08-23 18:02 - 00000000 ____D () C:\Users\User\AppData\Local\Apps\2.0
    2014-08-23 18:01 - 2014-07-15 23:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2014-08-23 18:01 - 2014-07-15 22:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2014-08-23 18:01 - 2014-06-24 22:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2014-08-23 18:01 - 2014-06-24 21:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2014-08-23 18:01 - 2014-06-15 22:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
    2014-08-23 18:01 - 2014-06-03 06:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
    2014-08-23 18:01 - 2014-06-03 06:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
    2014-08-23 18:01 - 2014-06-03 06:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
    2014-08-23 18:01 - 2014-06-03 06:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
    2014-08-23 18:01 - 2014-06-03 05:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
    2014-08-23 18:01 - 2014-06-03 05:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
    2014-08-23 18:01 - 2014-06-03 05:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
    2014-08-23 18:01 - 2014-05-08 05:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
    2014-08-23 18:01 - 2014-05-08 05:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
    2014-08-23 18:01 - 2014-01-08 22:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2014-08-23 18:01 - 2014-01-03 18:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
    2014-08-23 18:01 - 2013-12-24 19:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
    2014-08-23 18:01 - 2013-12-24 18:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
    2014-08-23 18:01 - 2013-11-26 04:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
    2014-08-23 18:01 - 2013-11-23 14:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
    2014-08-23 18:01 - 2013-11-23 13:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
    2014-08-23 18:01 - 2013-11-22 18:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
    2014-08-23 18:01 - 2012-07-06 16:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
    2014-08-23 18:01 - 2011-04-27 23:54 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
    2014-08-23 18:01 - 2011-02-25 02:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
    2014-08-23 18:01 - 2011-02-25 01:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
    2014-08-23 18:00 - 2014-08-23 18:00 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieUserList
    2014-08-23 18:00 - 2014-08-23 18:00 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieSiteList
    2014-08-23 18:00 - 2014-07-31 19:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-08-23 18:00 - 2014-07-31 19:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2014-08-23 18:00 - 2014-07-25 10:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-08-23 18:00 - 2014-07-25 10:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-08-23 18:00 - 2014-07-25 10:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-08-23 18:00 - 2014-07-25 09:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-08-23 18:00 - 2014-07-25 09:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-08-23 18:00 - 2014-07-25 09:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-08-23 18:00 - 2014-07-25 09:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-08-23 18:00 - 2014-07-25 09:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-08-23 18:00 - 2014-07-25 09:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-08-23 18:00 - 2014-07-25 09:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-08-23 18:00 - 2014-07-25 09:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-08-23 18:00 - 2014-07-25 09:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2014-08-23 18:00 - 2014-07-25 09:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-08-23 18:00 - 2014-07-25 09:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-08-23 18:00 - 2014-07-25 09:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-08-23 18:00 - 2014-07-25 08:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-08-23 18:00 - 2014-07-25 08:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-08-23 18:00 - 2014-07-25 08:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-08-23 18:00 - 2014-07-25 08:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2014-08-23 18:00 - 2014-07-25 08:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-08-23 18:00 - 2014-07-25 08:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-08-23 18:00 - 2014-07-25 08:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2014-08-23 18:00 - 2014-07-25 08:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-08-23 18:00 - 2014-07-25 08:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-08-23 18:00 - 2014-07-25 08:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-08-23 18:00 - 2014-07-25 08:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-08-23 18:00 - 2014-07-25 08:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-08-23 18:00 - 2014-07-25 08:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-08-23 18:00 - 2014-07-25 08:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-08-23 18:00 - 2014-07-25 08:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-08-23 18:00 - 2014-07-25 08:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-08-23 18:00 - 2014-07-25 08:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-08-23 18:00 - 2014-07-25 08:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-08-23 18:00 - 2014-07-25 08:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-08-23 18:00 - 2014-07-25 07:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2014-08-23 18:00 - 2014-07-25 07:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-08-23 18:00 - 2014-07-25 07:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2014-08-23 18:00 - 2014-07-25 07:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-08-23 18:00 - 2014-07-25 07:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-08-23 18:00 - 2014-07-25 07:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-08-23 18:00 - 2014-07-25 07:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-08-23 18:00 - 2014-07-25 07:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2014-08-23 18:00 - 2014-07-25 07:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2014-08-23 18:00 - 2014-07-25 07:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-08-23 18:00 - 2014-07-25 07:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-08-23 18:00 - 2014-07-25 07:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-08-23 18:00 - 2014-07-25 07:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2014-08-23 18:00 - 2014-07-25 07:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-08-23 18:00 - 2014-07-25 06:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-08-23 18:00 - 2014-07-25 06:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-08-23 18:00 - 2014-07-25 06:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-08-23 18:00 - 2014-07-25 06:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2014-08-23 18:00 - 2014-07-25 06:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-08-23 18:00 - 2014-07-25 06:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-08-23 18:00 - 2011-03-11 02:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
    2014-08-23 18:00 - 2011-03-11 02:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
    2014-08-23 18:00 - 2011-03-11 02:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
    2014-08-23 18:00 - 2011-03-11 02:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
    2014-08-23 18:00 - 2011-03-11 02:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
    2014-08-23 18:00 - 2011-03-11 02:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
    2014-08-23 18:00 - 2011-03-11 02:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
    2014-08-23 18:00 - 2011-03-11 01:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
    2014-08-23 18:00 - 2011-03-11 01:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
    2014-08-23 18:00 - 2011-03-11 00:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
    2014-08-23 17:59 - 2014-08-06 22:06 - 00529920 ____N (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-08-23 17:59 - 2014-08-06 22:01 - 00424448 ____N (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-08-23 17:59 - 2014-07-13 22:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2014-08-23 17:59 - 2014-07-13 21:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
    2014-08-23 17:59 - 2014-02-03 22:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2014-08-23 17:59 - 2014-02-03 22:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2014-08-23 17:59 - 2012-02-11 02:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
    2014-08-23 17:59 - 2012-02-11 02:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
    2014-08-19 11:17 - 2014-08-19 11:17 - 00000000 ____D () C:\Users\User\Documents\Bluetooth Exchange Folder
    2014-08-19 11:17 - 2014-08-19 11:17 - 00000000 ____D () C:\Users\User\AppData\Local\Broadcom
    2014-08-08 09:03 - 2014-08-08 09:03 - 00000000 ____D () C:\Users\User\AppData\Roaming\Intel
    2014-08-08 08:57 - 2014-08-08 08:57 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
    2014-08-08 03:41 - 2014-08-08 03:41 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe
    2014-08-08 03:33 - 2014-08-23 18:44 - 00000000 ___SD () C:\Windows\system32\CompatTel

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-09-07 17:14 - 2014-09-07 17:12 - 00017178 _____ () C:\Users\User\Desktop\FRST.txt
    2014-09-07 17:12 - 2014-09-07 17:11 - 00000000 ____D () C:\FRST
    2014-09-07 17:10 - 2014-09-07 17:10 - 02105344 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
    2014-09-07 17:10 - 2014-09-07 17:10 - 02105344 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
    2014-09-07 17:09 - 2014-08-23 18:04 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-09-07 17:08 - 2014-09-07 17:08 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-USER-THINK-Microsoft-Windows-7-Professional-(64-bit).dat
    2014-09-07 17:07 - 2014-09-07 17:07 - 00002246 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
    2014-09-07 17:07 - 2014-09-07 17:07 - 00000000 ____D () C:\RegBackup
    2014-09-07 17:07 - 2014-09-07 17:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
    2014-09-07 17:06 - 2014-09-07 17:06 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
    2014-09-07 17:05 - 2014-09-07 17:05 - 04057608 _____ () C:\Users\User\Downloads\tweaking.com_registry_backup_setup.exe
    2014-09-07 16:57 - 2014-08-07 17:10 - 00003494 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
    2014-09-07 16:57 - 2014-08-07 17:10 - 00003448 _____ () C:\Windows\System32\Tasks\PCDEventLauncher
    2014-09-07 16:57 - 2014-08-07 17:10 - 00000466 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
    2014-09-07 16:50 - 2009-07-14 00:45 - 00031296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-09-07 16:50 - 2009-07-14 00:45 - 00031296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-09-07 16:47 - 2009-07-14 01:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-09-07 16:46 - 2014-08-07 19:31 - 01584159 _____ () C:\Windows\WindowsUpdate.log
    2014-09-07 16:41 - 2014-08-31 14:13 - 00000474 ____H () C:\Windows\Tasks\PC_Booster-S-493389286.job
    2014-09-07 16:41 - 2014-08-23 18:04 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-09-07 16:41 - 2010-11-20 23:47 - 00110258 _____ () C:\Windows\PFRO.log
    2014-09-07 16:41 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-09-07 16:41 - 2009-07-14 00:51 - 00054310 _____ () C:\Windows\setupact.log
    2014-09-05 23:52 - 2014-09-05 23:52 - 00019530 _____ () C:\Windows\SysWOW64\bddel.dat
    2014-09-05 23:52 - 2014-08-31 14:13 - 00000000 ____D () C:\Program Files (x86)\PC_Booster
    2014-09-05 23:41 - 2014-09-05 21:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
    2014-09-05 23:39 - 2014-09-05 21:21 - 00001402 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
    2014-09-05 23:39 - 2014-09-05 21:21 - 00001390 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
    2014-09-05 23:39 - 2014-09-05 21:21 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
    2014-09-05 23:39 - 2014-09-05 21:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
    2014-09-05 22:16 - 2014-09-05 22:16 - 00559280 _____ (Safer-Networking Ltd. ) C:\Users\User\Downloads\spybot2-license.exe
    2014-09-05 21:21 - 2014-09-05 21:21 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
    2014-09-05 21:19 - 2014-09-05 21:19 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\User\Downloads\spybot-2-4.exe
    2014-09-05 21:11 - 2014-08-07 19:25 - 00000000 ____D () C:\swshare
    2014-09-03 08:57 - 2014-09-03 08:57 - 00155828 _____ () C:\Users\User\Downloads\A-ZYYZ37H.xlsx
    2014-09-02 09:50 - 2014-08-31 14:12 - 00000000 ____D () C:\ProgramData\prricEchop
    2014-09-02 09:49 - 2014-08-31 14:12 - 00000000 ____D () C:\ProgramData\a2288e6897b4d6e3
    2014-09-02 09:49 - 2014-08-31 14:12 - 00000000 ____D () C:\Program Files (x86)\prricEchop
    2014-09-01 22:40 - 2014-09-01 22:40 - 00000000 ____D () C:\Users\User\Downloads\BMW 1992
    2014-09-01 22:11 - 2014-08-31 16:07 - 00000000 ____D () C:\ProgramData\Freemake
    2014-09-01 22:10 - 2014-08-31 16:07 - 00000000 ____D () C:\Program Files (x86)\Freemake
    2014-09-01 22:07 - 2014-09-01 22:07 - 00000000 ____D () C:\Windows\system32\appmgmt
    2014-09-01 22:07 - 2014-09-01 22:07 - 00000000 ____D () C:\ProgramData\374311380
    2014-08-31 16:09 - 2014-08-31 16:07 - 00000000 ____D () C:\Users\User\Documents\Freemake
    2014-08-31 16:08 - 2014-08-31 16:07 - 00000000 ____D () C:\Users\User\AppData\Roaming\RHEng
    2014-08-31 16:07 - 2014-08-31 16:07 - 00000000 ____D () C:\Users\User\AppData\Roaming\OpenCandy
    2014-08-31 16:06 - 2014-08-31 16:06 - 01269448 _____ (Ellora Assets Corporation ) C:\Users\User\Downloads\FreemakeVideoDownloaderSetup.exe
    2014-08-31 16:04 - 2014-08-31 16:03 - 00827904 _____ (Of Sect) C:\Users\User\Downloads\Download.exe
    2014-08-31 15:50 - 2009-07-14 01:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
    2014-08-31 14:13 - 2014-08-31 14:13 - 00002720 _____ () C:\Windows\System32\Tasks\PC_Booster-S-493389286
    2014-08-31 14:13 - 2014-08-31 14:13 - 00000000 ____D () C:\ProgramData\Trusted Publisher
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000394 __RSH () C:\ProgramData\ntuser.pol
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000000 ____D () C:\Users\User\AppData\Local\Torch
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000000 ____D () C:\Users\User\AppData\Local\Packages
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000000 ____D () C:\Users\User\AppData\Local\Comodo
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000000 ____D () C:\Users\User\AppData\Local\Chromatic Browser
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000000 ____D () C:\Users\Guest
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000000 ____D () C:\Users\Administrator
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000000 ____D () C:\ProgramData\YYOutuBeAdBLoCke
    2014-08-31 14:12 - 2014-08-31 14:12 - 00000000 ____D () C:\Program Files (x86)\YYOutuBeAdBLoCke
    2014-08-31 14:12 - 2014-08-23 18:04 - 00000000 ____D () C:\Users\User\AppData\Local\Google
    2014-08-31 14:12 - 2014-08-23 18:04 - 00000000 ____D () C:\Program Files (x86)\Google
    2014-08-31 14:12 - 2009-07-13 23:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
    2014-08-31 14:12 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
    2014-08-31 14:11 - 2014-08-31 14:11 - 00838144 _____ (Paintbox Use) C:\Users\User\Downloads\Best Rock Ballads Ever.mp3.exe
    2014-08-31 14:03 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Public\Libraries
    2014-08-31 13:53 - 2014-08-31 13:52 - 00000000 ____D () C:\Users\User\AppData\Roaming\Apple Computer
    2014-08-31 13:52 - 2014-08-31 13:52 - 00001794 _____ () C:\Users\Public\Desktop\iTunes.lnk
    2014-08-31 13:52 - 2014-08-31 13:52 - 00000000 ____D () C:\Users\User\AppData\Local\Apple Computer
    2014-08-31 13:52 - 2014-08-31 13:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2014-08-31 13:51 - 2014-08-31 13:51 - 00000000 ____D () C:\ProgramData\Apple Computer
    2014-08-31 13:51 - 2014-08-31 13:51 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2014-08-31 13:51 - 2014-08-31 13:51 - 00000000 ____D () C:\Program Files\iTunes
    2014-08-31 13:51 - 2014-08-31 13:51 - 00000000 ____D () C:\Program Files\iPod
    2014-08-31 13:51 - 2014-08-31 13:51 - 00000000 ____D () C:\Program Files (x86)\iTunes
    2014-08-31 13:50 - 2014-08-31 13:50 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
    2014-08-31 13:50 - 2014-08-31 13:50 - 00000000 ____D () C:\Users\User\AppData\Local\Apple
    2014-08-31 13:50 - 2014-08-31 13:50 - 00000000 ____D () C:\Program Files\Common Files\Apple
    2014-08-31 13:50 - 2014-08-31 13:50 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
    2014-08-31 13:50 - 2014-08-31 13:49 - 00000000 ____D () C:\ProgramData\Apple
    2014-08-31 13:49 - 2014-08-31 13:49 - 00000000 ____D () C:\Program Files\Bonjour
    2014-08-31 13:49 - 2014-08-31 13:49 - 00000000 ____D () C:\Program Files (x86)\Bonjour
    2014-08-31 13:30 - 2014-08-31 13:29 - 113492816 _____ (Apple Inc.) C:\Users\User\Downloads\iTunes64Setup.exe
    2014-08-29 10:01 - 2009-07-14 00:45 - 00294272 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-08-27 14:12 - 2014-08-27 12:23 - 00000000 ____D () C:\CAED
    2014-08-27 14:07 - 2014-08-27 12:24 - 00000000 ____D () C:\Users\User\AppData\Local\STATCAN
    2014-08-27 12:23 - 2014-08-27 12:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CAED
    2014-08-27 12:22 - 2014-08-27 12:22 - 00000000 ____D () C:\Program Files (x86)\Business Objects
    2014-08-27 12:21 - 2014-08-27 12:19 - 24235368 _____ (Statistics Canada) C:\Users\User\Downloads\CAED_2014_v14.00_SP1c.exe
    2014-08-27 12:18 - 2014-08-07 19:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
    2014-08-27 12:17 - 2014-08-27 12:17 - 00003126 _____ () C:\Windows\System32\Tasks\{A77BA811-EF4D-44A8-B17F-CD1382BEF89F}
    2014-08-27 12:17 - 2014-08-27 12:17 - 00000000 ____D () C:\Program Files (x86)\MSECache
    2014-08-27 12:14 - 2014-08-27 12:11 - 242743296 _____ (Microsoft Corporation) C:\Users\User\Downloads\dotnetfx35.exe
    2014-08-27 12:12 - 2014-08-27 12:11 - 26481656 _____ (Microsoft Corporation) C:\Users\User\Downloads\AccessDatabaseEngine.exe
    2014-08-26 14:59 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
    2014-08-26 14:24 - 2014-08-07 17:10 - 00000528 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
    2014-08-25 14:01 - 2014-08-25 14:01 - 00001609 _____ () C:\Users\User\Downloads\web.config.txt
    2014-08-25 14:00 - 2014-08-25 14:00 - 00004310 _____ () C:\Users\User\Downloads\README.txt
    2014-08-25 14:00 - 2014-08-25 14:00 - 00001013 _____ () C:\Users\User\Downloads\index.php
    2014-08-25 12:08 - 2014-08-07 17:10 - 00004234 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
    2014-08-24 21:20 - 2014-08-23 20:31 - 00000000 ____D () C:\Users\User\AppData\Local\Lenovo
    2014-08-24 20:55 - 2014-08-07 19:34 - 00000000 ____D () C:\ProgramData\PCDr
    2014-08-24 20:44 - 2014-08-24 20:44 - 00000000 ____D () C:\Users\User\AppData\Roaming\Canon
    2014-08-24 12:37 - 2014-08-24 12:37 - 00000000 ___HD () C:\ProgramData\CanonIJFAX
    2014-08-24 12:37 - 2014-08-24 12:37 - 00000000 ___HD () C:\ProgramData\CanonBJ
    2014-08-23 20:36 - 2014-08-23 20:36 - 00000000 ____D () C:\Users\User\AppData\Roaming\PwrMgr
    2014-08-23 20:28 - 2014-08-23 20:28 - 461957988 _____ () C:\Windows\MEMORY.DMP
    2014-08-23 20:28 - 2014-08-23 20:28 - 00476792 _____ () C:\Windows\Minidump\082314-58391-01.dmp
    2014-08-23 20:28 - 2014-08-23 20:28 - 00000000 ____D () C:\Windows\Minidump
    2014-08-23 20:16 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
    2014-08-23 19:48 - 2014-08-23 19:48 - 00000000 ____D () C:\Program Files\Common Files\Lenovo
    2014-08-23 19:48 - 2014-08-07 19:21 - 00000000 ___HD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
    2014-08-23 19:48 - 2014-08-07 18:58 - 00000000 ____D () C:\ProgramData\Lenovo
    2014-08-23 19:47 - 2014-08-07 19:22 - 00003020 ____N () C:\Windows\System32\Tasks\PMTask
    2014-08-23 19:26 - 2009-07-13 23:20 - 00000000 __RSD () C:\Windows\Media
    2014-08-23 19:19 - 2014-08-07 18:40 - 00000000 ____D () C:\Windows\system32\MRT
    2014-08-23 19:16 - 2014-08-23 19:16 - 00000000 ____D () C:\Program Files\ATI
    2014-08-23 19:16 - 2014-08-23 19:16 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
    2014-08-23 19:13 - 2014-08-23 19:13 - 00000000 ____D () C:\Users\User\AppData\Roaming\InstallShield
    2014-08-23 19:13 - 2014-08-23 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Integrated Camera
    2014-08-23 19:13 - 2014-08-07 19:20 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2014-08-23 19:12 - 2014-08-07 19:20 - 00000000 ____D () C:\Program Files\Lenovo
    2014-08-23 19:11 - 2014-08-23 19:09 - 00001436 _____ () C:\Windows\Synaptics.log
    2014-08-23 19:11 - 2014-08-07 20:38 - 00002982 ____N () C:\Windows\System32\Tasks\Synaptics TouchPad Enhancements
    2014-08-23 19:11 - 2014-08-07 19:17 - 00059174 ____N () C:\Windows\DPINST.LOG
    2014-08-23 19:11 - 2014-08-07 18:40 - 99218768 ____N (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2014-08-23 19:10 - 2014-08-23 19:10 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
    2014-08-23 19:09 - 2014-08-07 20:30 - 00774004 ____N () C:\Windows\SysWOW64\PerfStringBackup.INI
    2014-08-23 19:04 - 2009-07-13 23:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
    2014-08-23 19:03 - 2014-08-23 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) Management and Security
    2014-08-23 19:03 - 2014-08-23 19:01 - 00000000 ____D () C:\Windows\SysWOW64\Lang
    2014-08-23 19:03 - 2014-08-23 19:01 - 00000000 ____D () C:\Program Files (x86)\Intel
    2014-08-23 19:01 - 2014-08-23 19:01 - 00000000 ____D () C:\Windows\SysWOW64\x64
    2014-08-23 18:53 - 2014-08-23 18:53 - 00000000 ____D () C:\Users\User\AppData\Local\Tvsukernel
    2014-08-23 18:48 - 2014-08-07 19:36 - 00000000 ____D () C:\Windows\System32\Tasks\TVT
    2014-08-23 18:48 - 2014-08-07 19:20 - 00000000 ____D () C:\Program Files (x86)\Lenovo
    2014-08-23 18:46 - 2014-08-23 18:46 - 00000000 ____D () C:\Windows\System32\Tasks\Lenovo
    2014-08-23 18:46 - 2014-08-07 19:35 - 00000000 ____D () C:\Windows\Downloaded Installations
    2014-08-23 18:44 - 2014-08-08 03:33 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2014-08-23 18:15 - 2014-08-23 18:15 - 13087456 _____ (Microsoft Corporation) C:\Users\User\Downloads\Silverlight_x64 (1).exe
    2014-08-23 18:14 - 2014-08-23 18:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2014-08-23 18:14 - 2014-08-23 18:14 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
    2014-08-23 18:14 - 2014-08-23 18:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
    2014-08-23 18:14 - 2014-08-23 18:13 - 13087456 _____ (Microsoft Corporation) C:\Users\User\Downloads\Silverlight_x64.exe
    2014-08-23 18:08 - 2014-08-23 18:08 - 00000000 ____D () C:\Users\User\AppData\Roaming\PCDr
    2014-08-23 18:06 - 2014-08-23 18:06 - 00002266 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2014-08-23 18:06 - 2014-08-23 18:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2014-08-23 18:04 - 2014-08-23 18:04 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2014-08-23 18:04 - 2014-08-23 18:04 - 00003638 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2014-08-23 18:04 - 2014-08-23 18:02 - 00000000 ____D () C:\Users\User\AppData\Local\Deployment
    2014-08-23 18:02 - 2014-08-23 18:02 - 00000000 ____D () C:\Users\User\AppData\Local\Apps\2.0
    2014-08-23 18:00 - 2014-08-23 18:00 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieUserList
    2014-08-23 18:00 - 2014-08-23 18:00 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieSiteList
    2014-08-22 22:07 - 2014-08-28 22:39 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2014-08-22 21:45 - 2014-08-28 22:39 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2014-08-22 20:59 - 2014-08-28 22:39 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2014-08-19 11:17 - 2014-08-19 11:17 - 00000000 ____D () C:\Users\User\Documents\Bluetooth Exchange Folder
    2014-08-19 11:17 - 2014-08-19 11:17 - 00000000 ____D () C:\Users\User\AppData\Local\Broadcom
    2014-08-08 09:03 - 2014-08-08 09:03 - 00000000 ____D () C:\Users\User\AppData\Roaming\Intel
    2014-08-08 08:57 - 2014-08-08 08:57 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
    2014-08-08 08:57 - 2014-08-07 19:18 - 00287352 ____N () C:\Windows\msxml4-KB973688-enu.LOG
    2014-08-08 08:57 - 2014-08-07 18:46 - 00292130 ____N () C:\Windows\msxml4-KB954430-enu.LOG
    2014-08-08 03:41 - 2014-08-08 03:41 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe
    2014-08-08 03:41 - 2014-08-07 17:11 - 00070952 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
    2014-08-08 03:41 - 2014-08-07 17:11 - 00001424 ____N () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2014-08-08 03:33 - 2010-11-21 03:17 - 00000000 ____D () C:\Program Files\Windows Journal
    2014-08-08 03:33 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Defender
    2014-08-08 03:33 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
    2014-08-08 03:33 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
    2014-08-08 03:33 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
    2014-08-08 03:33 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
    2014-08-08 03:33 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\zh-HK
    2014-08-08 03:33 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\tr-TR
    2014-08-08 03:33 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
    2014-08-08 03:33 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\System

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-08-27 11:07

    ==================== End Of Log ============================

    aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
    Run date: 2014-09-07 17:16:33
    -----------------------------
    17:16:34.000 OS Version: Windows x64 6.1.7601 Service Pack 1
    17:16:34.000 Number of processors: 2 586 0x170A
    17:16:34.001 ComputerName: USER-THINK UserName: User
    17:16:36.435 Initialize success
    17:16:36.463 VM: initialized successfully
    17:16:36.512 VM: Intel CPU BiosDisabled
    17:16:40.441 VM: disk I/O iaStor.sys
    17:19:07.413 AVAST engine defs: 14090701
    17:19:14.832 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
    17:19:14.840 Disk 0 Vendor: HITACHI_ PCBZ Size: 152627MB BusType: 3
    17:19:14.995 Disk 0 MBR read successfully
    17:19:14.998 Disk 0 MBR scan
    17:19:15.340 Disk 0 unknown MBR code
    17:19:15.358 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 1991 MB offset 2048
    17:19:15.416 Disk 0 default boot code
    17:19:15.607 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 123931 MB offset 4080510
    17:19:15.648 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 26704 MB offset 257891445
    17:19:15.980 Disk 0 scanning C:\Windows\system32\drivers
    17:19:25.571 Service scanning
    17:19:54.548 Modules scanning
    17:19:54.564 Disk 0 trace - called modules:
    17:19:54.591 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
    17:19:54.599 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800457a350]
    17:19:54.603 3 CLASSPNP.SYS[fffff8800116643f] -> nt!IofCallDriver -> [0xfffffa80040358f0]
    17:19:54.607 5 ACPI.sys[fffff88000d517a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004038050]
    17:19:57.490 AVAST engine scan C:\Windows
    17:20:00.658 AVAST engine scan C:\Windows\system32
    17:22:54.627 AVAST engine scan C:\Windows\system32\drivers
    17:23:05.391 AVAST engine scan C:\Users\User
    17:25:12.017 AVAST engine scan C:\ProgramData
    17:25:52.743 File: C:\ProgramData\YYOutuBeAdBLoCke\cuJjy2WDK3C5xFR.exe **INFECTED** Win32:Adware-gen [Adw]
    17:25:52.750 Scan finished successfully
    17:26:25.846 Disk 0 MBR has been saved successfully to "C:\Users\User\Desktop\MBR.dat"
    17:26:25.859 The log file has been saved successfully to "C:\Users\User\Desktop\aswMBR.txt"
    Attached Files Attached Files
    Last edited by tashi; 2014-09-08 at 02:58. Reason: Copy pasted logs into topic as per forum FAQ ;-)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •