1. #1

    Group Policy Client Failed to Start (Was Unable To Run DDS)

    Hi, I have been having some problems with my laptop and it has recently slowed down tremendously. All this came about when Group Policy Client has failed to start on startup. I had a chat with one of your moderator (from http://www.sysnative.com/forums/wind...html#post77563) and he told me to start a new thread here as I can't run the DDS on Windows 8 and the Security Check by screen317 did not seem to work as it stopped at "Preparing Done". I believe the link Malware Removal Posting Instructions which was given to me is not going to work on a Windows 8.

    I hope I have provided all that is needed for now. Please advice me!

    Thanks a lot!!!


    • Ad Bot

      advertising
      Beep.

        
       

  2. #2

    Re: Unable To Run DDS

    Hello and Welcome on board Law ,

    my Name is Machiavelli and I will assist you with your problem.
    If you booted into safe mode on your computer then print my instructions!
    I'm in the 'Malware Staff Team' and will provide you with advice:

    To remove Malware on a computer can be very complicated. Malware (malicious software) is able to hide and so I may not be able to find it so easily. In order to remove Malware from you Computer, you need to follow my instructions carefully. Don't be worried if you don't know what to do. just ask me! Please stay in contact with me until the problem is fixed.

    Below are a few tips:
    • Removing Malware is usually very difficult.
      We need to search and analyse a lot of files. As this is done in our free time, please be patient especially if I don't answer every day!
    • Please follow these instructions
      If you don't follow the instructions your computer may crash. If you fix your PC by yourself, this can be very risky!
    • Please stay in contact with me until your problem is resolved
      As Malware may not be totally removed in one session or in one day, please stay in contact with me until the problem is resolved.
    • Please don't run any other tools without consulting with me as this can complicate finding and removing all Malware
      Don't run any tools while I'm fixing your PC. That is counter productive and again, will only complicate finding and removing all Malware!
    • Read my post completely
      If you don't do so, you may make mistakes that could result in your System crashing by your own actions!





    Please download FRST (by Farbar) from the link below and save it to your Desktop.

    If you are unsure whether you have 32-Bit or 64-Bit Windows, see here

    1. Disable all anti-virus and anti-malware software to prevent them inhibiting FRST in any way. If you are unsure how to do this, see THIS.
    2. Double-click FRST.exe/FRST64.exe (depending on which version you downloaded) to run it. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
    3. When the disclaimer appears, click Yes.
    4. Click Scan to start FRST.
    5. When FRST finishes scanning, two logs, FRST.txt and Addition.txt will open.
    6. Copy (Ctrl+C) and Paste (Ctrl+V) the contents of both of these logs into your next post please.
    Cheers,
    Machiavelli


  3. #3
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    8,610

    Re: Unable To Run DDS

    Hi, Law.

    Yes, I need to update the instructions for Windows 8.1 since DDS does not work with it. However, from what I have researched, the problem with the Group Policy Client is not a malware issue. As a result, I'm moving this topic to the Windows 8 Forum.

    Warning: Before making any changes to the registry, first back up the registry following the steps here: How to back up and restore the registry in Windows.

    Next, carefully follow the illustrated instructions provided by Kapil, a Microsoft MVP in Windows - Consumer and a Microsoft Content Creator, at Fix: The Group Policy Client Service Failed The Logon In Windows 8, which also works with Windows 8.1.

    Please let us know how you made out.


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

  4. #4

    Re: Group Policy Client Failed to Start (Was Unable To Run DDS)

    Hi I am slightly confused now as I do not know whose advice to follow.

    Anyway Corrine, I have tried the link - Fix: The Group Policy Client Service Failed The Logon In Windows 8 and I couldn't proceed after step 4. I received a message saying that "Data of type REG_MULTI_SZ cannot contain empty strings. Registry Editor will remove all empty strings found".

  5. #5

    Re: Unable To Run DDS

    And also to Machiavelli, I have done what you told me to do so and here are the two logs

    FRST.txt

    Code:
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-07-2014
    Ran by Lawry Lsw (administrator) on ROYAL on 20-07-2014 01:16:08
    Running from C:\Users\Lawrence\Desktop
    Platform: Windows 8.1 Single Language (X64) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Normal
    The only official download link for FRST:
    Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
    Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
    See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
    ==================== Processes (Whitelisted) =================
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Microsoft Corporation) C:\Windows\System32\dasHost.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (McAfee, Inc.) C:\Windows\System32\mfevtps.exe.d8c7.deleteme
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (McAfee, Inc.) C:\Program Files\mcafee\MSC\McAPExe.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\SystemCore\mfefire.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    () C:\Program Files (x86)\Garena Plus\ggdllhost.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
    (Realtek semiconductor) C:\Windows\RTFTrack.exe
    () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    () C:\Windows\SysWOW64\UMonit64.exe
    (Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
    (Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
    (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
    (Akamai Technologies, Inc.) C:\Users\Lawrence\AppData\Local\Akamai\netsession_win.exe
    (Akamai Technologies, Inc.) C:\Users\Lawrence\AppData\Local\Akamai\netsession_win.exe
    (CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    (Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
    () C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
    (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\regedit.exe
    
    ==================== Registry (Whitelisted) ==================
    HKLM\...\Run: [RtsFT] => RTFTrack.exe 
    HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2891592 2013-05-17] (ELAN Microelectronics Corp.)
    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13545032 2013-05-28] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor)
    HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" 
    HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [36352 2013-05-01] (Intel Corporation)
    HKLM\...\Run: [UMonit64] => C:\windows\SysWOW64\UMonit64.exe [40960 2013-04-09] ()
    HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-15] (Lenovo)
    HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17097200 2013-10-12] (Lenovo (Beijing) Limited)
    HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2013-10-12] (Lenovo(beijing) Limited)
    HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart 
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2201032 2014-04-02] (NVIDIA Corporation)
    HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-31] (CyberLink Corp.)
    HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
    HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp.)
    HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
    HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-22] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
    HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
    HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
    HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-07] (Aeria Games & Entertainment)
    Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
    HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-06-14] ( (Qualcomm®Atheros®))
    HKLM\...\Policies\Explorer: [NoControlPanel] 0
    HKLM\...\Policies\Explorer: [NoFolderOptions] 0
    HKU\S-1-5-21-450748458-2682401420-2043914554-1002\...\Run: [GarenaPlus] => C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe [9935152 2014-06-25] ()
    HKU\S-1-5-21-450748458-2682401420-2043914554-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Lawrence\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
    AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [168616 2013-12-20] (NVIDIA Corporation)
    AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [168616 2013-12-20] (NVIDIA Corporation)
    AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-12-20] (NVIDIA Corporation)
    ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
    ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
    ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
    ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    ShellIconOverlayIdentifiers: SugarSyncBackedUp -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
    ShellIconOverlayIdentifiers: SugarSyncPending -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
    ShellIconOverlayIdentifiers: SugarSyncRoot -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
    ShellIconOverlayIdentifiers: SugarSyncShared -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
    ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
    ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
    ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
    ==================== Internet (Whitelisted) ====================
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = Buy Computers Laptops & Tablets | For Those Who Do | Lenovo US
    HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Buy Computers Laptops & Tablets | For Those Who Do | Lenovo US
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    SearchScopes: HKLM - DefaultScope {F5FFD1E6-0FCD-4151-BFDF-6614F1963A57} URL = {searchTerms} - Bing
    SearchScopes: HKLM - {F5FFD1E6-0FCD-4151-BFDF-6614F1963A57} URL = {searchTerms} - Bing
    SearchScopes: HKLM-x32 - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.amaizingsearches.in...cc=MY&unqvl=51
    SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.amaizingsearches.in...cc=MY&unqvl=51
    SearchScopes: HKLM-x32 - {F5FFD1E6-0FCD-4151-BFDF-6614F1963A57} URL = {searchTerms} - Bing
    SearchScopes: HKCU - DefaultScope {FCEAC75E-3562-4E41-88A1-6E2A5FB49358} URL = {SearchTerms - Yahoo Search Results}
    SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.amaizingsearches.in...cc=MY&unqvl=51
    SearchScopes: HKCU - {F5FFD1E6-0FCD-4151-BFDF-6614F1963A57} URL = 
    SearchScopes: HKCU - {FCEAC75E-3562-4E41-88A1-6E2A5FB49358} URL = {SearchTerms - Yahoo Search Results}
    BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
    BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
    BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
    Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
    Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
    Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll (McAfee, Inc.)
    Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
    Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
    FireFox:
    ========
    FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
    FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
    FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
    FF Plugin-x32: @t.garena.com/garenatalk - C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
    FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-11-25]
    FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
    FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-11-25]
    Chrome: 
    =======
    CHR DefaultSearchKeyword: google.com.au
    CHR Extension: (Google Docs) - C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-02]
    CHR Extension: (Google Drive) - C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-02]
    CHR Extension: (YouTube) - C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-02]
    CHR Extension: (Google Search) - C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-02]
    CHR Extension: (Peter Bjorn and John) - C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmemmjoiahegfgfcenggecfhoedchfdl [2014-05-08]
    CHR Extension: (SiteAdvisor) - C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-11-27]
    CHR Extension: (AdBlock) - C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-11-02]
    CHR Extension: (Google Wallet) - C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-02]
    CHR Extension: (Gmail) - C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-02]
    ==================== Services (Whitelisted) =================
    S2 0085211405696127mcinstcleanup; C:\WINDOWS\TEMP\008521~1.EXE [836168 2014-03-13] (McAfee, Inc.)
    S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-06-12] (Perfect World Entertainment Inc)
    R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-06-14] (Windows (R) Win 7 DDK provider)
    R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
    R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-07-19] (Hi-Rez Studios) [File not signed]
    R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
    R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-05-01] (Intel Corporation)
    R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-14] (Intel(R) Corporation) [File not signed]
    S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-14] (Intel(R) Corporation)
    R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-16] (Intel Corporation)
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-16] (Intel Corporation)
    R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
    R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
    R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
    R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
    S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.)
    R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
    R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
    R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-06-18] (McAfee, Inc.)
    R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
    R2 mfevtp; C:\windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
    R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-04-02] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20541216 2014-04-02] (NVIDIA Corporation)
    R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2013-10-12] ()
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
    S2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-06-14] (Atheros) [File not signed]
    ==================== Drivers (Whitelisted) ====================
    S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-06-14] (Qualcomm Atheros)
    S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-05] (Microsoft Corporation)
    R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
    R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [22280 2013-05-16] (ELAN Microelectronic Corp.)
    S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
    R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
    R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
    U3 mfeavfk01; No ImagePath
    S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
    R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
    R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
    U3 mfehidk01; No ImagePath
    R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-06-18] (McAfee, Inc.)
    U3 mfencbdc01; No ImagePath
    U3 mfencbdc02; No ImagePath
    S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-06-18] (McAfee, Inc.)
    R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
    R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-22] (NVIDIA Corporation)
    R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8243272 2013-03-15] (Realtek Semiconductor Corp.)
    S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
    S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
    ==================== NetSvcs (Whitelisted) ===================
    
    ==================== One Month Created Files and Folders ========
    2014-07-20 01:16 - 2014-07-20 01:16 - 00025168 _____ () C:\Users\Lawrence\Desktop\FRST.txt
    2014-07-20 01:16 - 2014-07-20 01:16 - 00000000 ____D () C:\FRST
    2014-07-20 01:15 - 2014-07-20 01:15 - 02089984 _____ (Farbar) C:\Users\Lawrence\Desktop\FRST64.exe
    2014-07-19 20:02 - 2014-07-19 20:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
    2014-07-19 18:46 - 2014-07-19 18:46 - 00003023 _____ () C:\Users\Lawrence\Desktop\HiJackThis.lnk
    2014-07-19 18:46 - 2014-07-19 18:46 - 00000000 ____D () C:\Users\Lawrence\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
    2014-07-19 18:46 - 2014-07-19 18:46 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
    2014-07-19 18:14 - 2014-07-19 18:14 - 01402880 _____ () C:\Users\Lawrence\Desktop\HijackThis.msi
    2014-07-19 14:42 - 2014-07-19 14:42 - 00000003 _____ () C:\WINDOWS\system32\HRUPPROG.EXIT
    2014-07-19 14:42 - 2014-07-19 14:42 - 00000002 _____ () C:\WINDOWS\system32\HRUPPROG.TXT
    2014-07-17 19:14 - 2014-07-17 19:14 - 00000000 ____D () C:\ProgramData\Riot Games
    2014-07-17 18:44 - 2014-07-17 18:44 - 00688992 _____ (Swearware) C:\Users\Lawrence\Desktop\dds.com
    2014-07-17 17:51 - 2014-07-17 18:04 - 00000000 _____ () C:\WINDOWS\system32\1
    2014-07-16 23:54 - 2014-07-17 00:47 - 00004978 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for ROYAL-Lawry Lsw Royal
    2014-07-16 23:34 - 2014-07-16 23:32 - 04605016 _____ () C:\Users\Lawrence\Desktop\cbs.txt
    2014-07-16 23:14 - 2014-07-16 23:14 - 00002464 _____ () C:\Users\Lawrence\Desktop\SFCFix.txt
    2014-07-16 23:13 - 2014-07-16 23:13 - 01296920 _____ () C:\Users\Lawrence\Desktop\SFCFix.zip
    2014-07-16 01:49 - 2014-07-16 23:12 - 00566784 _____ (niemiro) C:\Users\Lawrence\Desktop\SFCFix.exe
    2014-07-16 01:42 - 2014-07-16 23:14 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\niemiro
    2014-07-16 01:42 - 2014-07-16 23:14 - 00000000 ____D () C:\SFCFix
    2014-07-13 01:18 - 2014-07-13 01:18 - 00001052 _____ () C:\Users\Public\Desktop\Path of Exile.lnk
    2014-07-13 01:13 - 2014-07-13 01:18 - 00000000 ____D () C:\Program Files (x86)\GarenaPoE
    2014-07-12 16:15 - 2014-07-12 16:15 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\Aeria Games
    2014-07-12 16:14 - 2014-07-12 16:14 - 00000000 ____D () C:\ProgramData\Aeria Games
    2014-07-12 16:12 - 2014-07-12 16:13 - 00000000 ___HD () C:\WINDOWS\msdownld.tmp
    2014-07-12 16:12 - 2014-07-12 16:13 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
    2014-07-12 16:12 - 2014-07-12 16:12 - 00001701 _____ () C:\Users\Lawrence\Desktop\Aura Kingdom.lnk
    2014-07-12 16:00 - 2014-07-12 16:00 - 00002055 _____ () C:\Users\Public\Desktop\Aeria Ignite.lnk
    2014-07-12 16:00 - 2014-07-12 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
    2014-07-12 16:00 - 2014-07-12 16:00 - 00000000 ____D () C:\Program Files (x86)\Aeria Games
    2014-07-12 15:03 - 2014-07-12 15:05 - 00000000 ____D () C:\Users\Lawrence\Documents\InfiniteCrisis
    2014-07-12 15:03 - 2014-07-12 15:03 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\InfiniteCrisis
    2014-07-12 14:01 - 2014-07-12 14:01 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\Turbine
    2014-07-12 13:59 - 2014-07-12 15:00 - 00000000 ____D () C:\Program Files (x86)\InfiniteCrisis
    2014-07-12 13:59 - 2014-07-12 13:59 - 00001107 _____ () C:\Users\Public\Desktop\InfiniteCrisis.lnk
    2014-07-12 13:59 - 2014-07-12 13:59 - 00000000 ____D () C:\ProgramData\Turbine
    2014-07-12 13:59 - 2014-07-12 13:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infinite Crisis
    2014-07-12 13:49 - 2014-07-12 13:53 - 140770440 _____ () C:\Users\Lawrence\Downloads\InfiniteCrisis-GLOBAL_Setup.exe
    2014-07-12 13:47 - 2014-07-12 13:47 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\Akamai
    2014-07-12 12:58 - 2014-07-12 16:00 - 00000000 ____D () C:\AeriaGames
    2014-07-12 12:57 - 2014-07-12 12:57 - 00581656 _____ (Aeria Games & Entertainment) C:\Users\Lawrence\Downloads\aurakingdom_us_downloader.exe
    2014-07-11 16:09 - 2014-07-11 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2014-07-11 16:09 - 2014-07-11 16:09 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2014-07-11 16:09 - 2014-07-11 16:09 - 00000000 ____D () C:\Program Files\iTunes
    2014-07-11 16:09 - 2014-07-11 16:09 - 00000000 ____D () C:\Program Files\iPod
    2014-07-11 16:09 - 2014-07-11 16:09 - 00000000 ____D () C:\Program Files (x86)\iTunes
    2014-07-11 16:03 - 2014-07-11 16:05 - 113509200 _____ (Apple Inc.) C:\Users\Lawrence\Downloads\iTunes64Setup.exe
    2014-07-11 16:02 - 2014-07-14 06:08 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2014-07-11 16:02 - 2014-07-11 16:02 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
    2014-07-10 09:53 - 2014-07-10 09:53 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
    2014-07-10 09:48 - 2014-07-10 09:48 - 939619854 _____ () C:\WINDOWS\MEMORY.DMP
    2014-07-10 05:01 - 2014-04-14 13:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
    2014-07-10 00:42 - 2014-06-17 08:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
    2014-07-10 00:42 - 2014-06-17 08:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
    2014-07-10 00:42 - 2014-06-07 00:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
    2014-07-10 00:42 - 2014-05-30 13:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
    2014-07-10 00:42 - 2014-05-29 22:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2014-07-10 00:42 - 2014-05-29 17:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
    2014-07-10 00:42 - 2014-05-29 16:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
    2014-07-10 00:42 - 2014-05-29 16:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
    2014-07-10 00:42 - 2014-05-29 15:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
    2014-07-10 00:42 - 2014-05-29 15:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2014-07-10 00:41 - 2014-06-19 11:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2014-07-10 00:41 - 2014-06-19 10:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2014-07-10 00:41 - 2014-06-19 09:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
    2014-07-10 00:41 - 2014-06-19 08:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
    2014-07-10 00:40 - 2014-07-01 08:45 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
    2014-07-10 00:40 - 2014-06-28 17:48 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2014-07-10 00:40 - 2014-06-28 17:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2014-07-10 00:40 - 2014-06-19 10:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2014-07-10 00:40 - 2014-06-19 10:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
    2014-07-10 00:40 - 2014-06-19 09:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2014-07-10 00:40 - 2014-06-19 09:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
    2014-07-10 00:40 - 2014-06-19 09:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
    2014-07-10 00:40 - 2014-06-19 09:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
    2014-07-10 00:40 - 2014-06-19 09:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2014-07-10 00:40 - 2014-06-19 09:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2014-07-10 00:40 - 2014-06-19 09:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2014-07-10 00:40 - 2014-06-19 09:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
    2014-07-10 00:40 - 2014-06-19 08:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
    2014-07-10 00:40 - 2014-06-19 08:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2014-07-10 00:40 - 2014-06-19 08:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
    2014-07-10 00:40 - 2014-06-19 08:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2014-07-10 00:40 - 2014-06-19 08:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2014-07-10 00:40 - 2014-06-19 08:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2014-07-10 00:40 - 2014-06-19 08:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
    2014-07-10 00:40 - 2014-06-19 08:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2014-07-10 00:40 - 2014-06-19 08:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2014-07-10 00:40 - 2014-06-19 08:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
    2014-07-10 00:40 - 2014-06-19 08:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2014-07-10 00:40 - 2014-06-19 08:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2014-07-10 00:40 - 2014-06-19 08:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
    2014-07-10 00:40 - 2014-06-06 23:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
    2014-07-10 00:40 - 2014-06-06 22:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
    2014-07-10 00:40 - 2014-05-31 20:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    2014-07-10 00:40 - 2014-05-31 20:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
    2014-07-10 00:40 - 2014-05-31 13:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2014-07-10 00:40 - 2014-05-31 13:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2014-07-10 00:40 - 2014-05-31 13:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2014-07-10 00:40 - 2014-05-31 13:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
    2014-07-10 00:40 - 2014-05-31 13:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
    2014-07-10 00:40 - 2014-05-31 13:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2014-07-10 00:40 - 2014-05-31 12:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
    2014-07-10 00:40 - 2014-05-31 12:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
    2014-07-10 00:40 - 2014-05-31 12:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2014-07-10 00:40 - 2014-05-31 12:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
    2014-07-10 00:40 - 2014-05-31 12:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
    2014-07-10 00:40 - 2014-05-31 12:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
    2014-07-10 00:40 - 2014-05-31 12:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
    2014-07-10 00:29 - 2014-07-10 00:29 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
    2014-07-08 23:16 - 2014-07-08 23:16 - 00001625 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
    2014-07-01 00:48 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
    2014-07-01 00:48 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
    2014-07-01 00:48 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
    2014-07-01 00:48 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
    2014-07-01 00:48 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
    2014-07-01 00:48 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
    2014-07-01 00:48 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
    2014-07-01 00:48 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
    2014-07-01 00:48 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
    2014-07-01 00:48 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
    2014-07-01 00:48 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
    2014-07-01 00:48 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
    2014-07-01 00:48 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
    2014-07-01 00:48 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
    2014-07-01 00:48 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
    2014-07-01 00:48 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
    2014-07-01 00:48 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
    2014-07-01 00:48 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
    2014-07-01 00:48 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
    2014-07-01 00:48 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
    2014-07-01 00:48 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
    2014-07-01 00:48 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
    2014-07-01 00:48 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
    2014-07-01 00:48 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
    2014-07-01 00:48 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
    2014-07-01 00:48 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
    2014-07-01 00:48 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
    2014-07-01 00:48 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
    2014-07-01 00:48 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
    2014-07-01 00:48 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
    2014-07-01 00:48 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
    2014-07-01 00:48 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
    2014-07-01 00:48 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
    2014-07-01 00:48 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
    2014-07-01 00:48 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
    2014-07-01 00:48 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
    2014-07-01 00:48 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
    2014-07-01 00:48 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
    2014-07-01 00:48 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
    2014-07-01 00:48 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
    2014-07-01 00:48 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
    2014-07-01 00:48 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
    2014-07-01 00:48 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
    2014-07-01 00:48 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
    2014-07-01 00:48 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
    2014-07-01 00:48 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
    2014-07-01 00:48 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
    2014-07-01 00:48 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
    2014-07-01 00:48 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
    2014-07-01 00:48 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
    2014-07-01 00:48 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
    2014-07-01 00:48 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
    2014-07-01 00:48 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
    2014-07-01 00:48 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
    2014-07-01 00:48 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
    2014-07-01 00:48 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
    2014-07-01 00:48 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
    2014-07-01 00:48 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
    2014-07-01 00:48 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
    2014-07-01 00:48 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
    2014-07-01 00:48 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
    2014-07-01 00:48 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
    2014-07-01 00:48 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
    2014-07-01 00:48 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
    2014-07-01 00:48 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
    2014-07-01 00:48 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
    2014-07-01 00:48 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
    2014-07-01 00:48 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
    2014-07-01 00:48 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
    2014-07-01 00:48 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
    2014-07-01 00:48 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
    2014-07-01 00:48 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
    2014-07-01 00:48 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
    2014-07-01 00:48 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
    2014-07-01 00:48 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
    2014-07-01 00:48 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
    2014-07-01 00:48 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
    2014-07-01 00:48 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
    2014-07-01 00:48 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
    2014-07-01 00:48 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
    2014-07-01 00:48 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
    2014-07-01 00:48 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
    2014-07-01 00:48 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
    2014-07-01 00:48 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
    2014-07-01 00:48 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
    2014-07-01 00:48 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
    2014-07-01 00:48 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
    2014-07-01 00:48 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
    2014-07-01 00:48 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
    2014-07-01 00:48 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
    2014-07-01 00:48 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
    2014-07-01 00:48 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
    2014-07-01 00:48 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
    2014-07-01 00:48 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
    2014-07-01 00:48 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
    2014-07-01 00:48 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
    2014-07-01 00:48 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
    2014-07-01 00:48 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
    2014-07-01 00:48 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
    2014-07-01 00:48 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
    2014-07-01 00:48 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
    2014-07-01 00:48 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
    2014-07-01 00:48 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
    2014-07-01 00:48 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
    2014-07-01 00:48 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
    2014-07-01 00:48 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
    2014-07-01 00:48 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
    2014-07-01 00:48 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
    2014-07-01 00:48 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
    2014-07-01 00:48 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
    2014-07-01 00:48 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
    2014-07-01 00:47 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
    2014-07-01 00:47 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
    2014-07-01 00:47 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
    2014-07-01 00:47 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
    2014-07-01 00:47 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
    2014-07-01 00:47 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
    2014-07-01 00:47 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
    2014-07-01 00:47 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
    2014-07-01 00:47 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
    2014-07-01 00:47 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
    2014-07-01 00:47 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
    2014-07-01 00:47 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
    2014-07-01 00:47 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
    2014-07-01 00:47 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
    2014-07-01 00:47 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
    2014-07-01 00:47 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
    2014-07-01 00:47 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
    2014-07-01 00:47 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
    2014-07-01 00:47 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
    2014-07-01 00:47 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
    2014-07-01 00:47 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
    2014-07-01 00:47 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
    2014-07-01 00:47 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
    2014-07-01 00:47 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
    2014-07-01 00:47 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
    2014-07-01 00:47 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
    2014-07-01 00:47 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
    2014-07-01 00:47 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
    2014-07-01 00:47 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
    2014-07-01 00:47 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
    2014-07-01 00:47 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
    2014-07-01 00:47 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
    2014-07-01 00:47 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
    2014-07-01 00:47 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
    2014-07-01 00:47 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
    2014-07-01 00:47 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
    2014-07-01 00:47 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
    2014-07-01 00:47 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
    2014-07-01 00:47 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
    2014-07-01 00:47 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
    2014-07-01 00:47 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
    2014-07-01 00:47 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
    2014-07-01 00:47 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
    2014-07-01 00:47 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
    2014-07-01 00:47 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
    2014-07-01 00:47 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
    2014-07-01 00:47 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
    2014-07-01 00:47 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
    2014-07-01 00:47 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
    2014-07-01 00:47 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
    2014-07-01 00:44 - 2014-07-02 12:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
    2014-07-01 00:44 - 2014-07-01 00:44 - 00000000 ____D () C:\Users\Lawrence\Downloads\Gameforge Live
    2014-07-01 00:42 - 2014-07-01 00:43 - 20097456 _____ (Gameforge ) C:\Users\Lawrence\Downloads\AION_GameforgeLiveSetup_EN.exe
    2014-06-30 02:01 - 2014-06-30 02:01 - 00000000 ____D () C:\Users\Lawrence\Documents\My Games
    2014-06-30 02:00 - 2014-07-12 14:00 - 00028116 _____ () C:\WINDOWS\DirectX.log
    2014-06-30 02:00 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
    2014-06-30 02:00 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
    2014-06-30 02:00 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
    2014-06-30 02:00 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
    2014-06-30 02:00 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
    2014-06-30 02:00 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
    2014-06-30 02:00 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
    2014-06-30 02:00 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
    2014-06-29 23:28 - 2014-06-29 23:28 - 00000000 ___HD () C:\ArcTemp
    2014-06-29 23:26 - 2014-06-29 23:28 - 00000000 ____D () C:\Users\Lawrence\AppData\Roaming\Arc
    2014-06-29 23:23 - 2014-06-29 23:28 - 00000000 ____D () C:\Program Files (x86)\Perfect World Entertainment
    2014-06-29 23:23 - 2014-06-29 23:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
    2014-06-29 23:22 - 2014-06-29 23:22 - 09686144 _____ (Perfect World Entertainment) C:\Users\Lawrence\Downloads\ArcInstall_v20140527a.exe
    2014-06-29 19:28 - 2014-06-29 19:28 - 00000000 ____D () C:\Users\Lawrence\AppData\Roaming\Awesomium
    2014-06-29 19:27 - 2014-06-29 19:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
    2014-06-29 19:27 - 2014-06-29 19:27 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
    2014-06-29 19:27 - 2014-06-29 19:27 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
    2014-06-29 19:24 - 2014-06-29 19:25 - 39967251 _____ (Hi-Rez Studios) C:\Users\Lawrence\Downloads\InstallHiRezGamesEnglish.exe
    2014-06-27 22:14 - 2014-06-28 12:41 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
    2014-06-27 22:14 - 2014-06-27 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
    2014-06-25 18:22 - 2014-06-25 18:22 - 32259000 _____ (Riot Games) C:\Users\Lawrence\Downloads\LeagueofLegends_OC1_Installer_06_11_13 (1).exe
    2014-06-25 17:19 - 2014-07-19 14:51 - 00003496 _____ () C:\WINDOWS\System32\Tasks\gg_uac_daemon_Lawry Lsw
    2014-06-25 01:34 - 2014-06-25 01:34 - 01455528 _____ () C:\Users\Lawrence\Downloads\SystemCheck_enUS.exe
    2014-06-25 01:16 - 2014-07-12 02:25 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\Battle.net
    2014-06-25 01:16 - 2014-06-25 01:16 - 00000000 ____D () C:\Users\Lawrence\AppData\Roaming\Battle.net
    2014-06-25 01:15 - 2014-07-12 02:24 - 00000000 ____D () C:\Program Files (x86)\Battle.net
    2014-06-25 01:15 - 2014-06-25 01:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
    2014-06-25 01:14 - 2014-06-25 01:14 - 02907552 _____ (Blizzard Entertainment) C:\Users\Lawrence\Downloads\Battle.net-Setup-enGB.exe
    2014-06-25 01:12 - 2014-06-25 01:12 - 00003194 _____ () C:\WINDOWS\System32\Tasks\{DABFB4C8-5212-4BE8-9512-BCC811A32D4D}
    2014-06-25 01:11 - 2014-06-25 01:11 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\Blizzard Entertainment
    2014-06-21 14:31 - 2014-06-21 14:31 - 00003172 _____ () C:\WINDOWS\System32\Tasks\{01DF6E9A-3A46-4383-AEC0-1067CB61D7E0}
    ==================== One Month Modified Files and Folders =======
    2014-07-20 01:16 - 2014-07-20 01:16 - 00025168 _____ () C:\Users\Lawrence\Desktop\FRST.txt
    2014-07-20 01:16 - 2014-07-20 01:16 - 00000000 ____D () C:\FRST
    2014-07-20 01:15 - 2014-07-20 01:15 - 02089984 _____ (Farbar) C:\Users\Lawrence\Desktop\FRST64.exe
    2014-07-20 01:00 - 2013-08-23 01:36 - 00000000 ____D () C:\WINDOWS\system32\sru
    2014-07-19 22:21 - 2013-11-01 17:38 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-450748458-2682401420-2043914554-1002
    2014-07-19 20:02 - 2014-07-19 20:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
    2014-07-19 18:46 - 2014-07-19 18:46 - 00003023 _____ () C:\Users\Lawrence\Desktop\HiJackThis.lnk
    2014-07-19 18:46 - 2014-07-19 18:46 - 00000000 ____D () C:\Users\Lawrence\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
    2014-07-19 18:46 - 2014-07-19 18:46 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
    2014-07-19 18:46 - 2013-11-01 17:24 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\VirtualStore
    2014-07-19 18:14 - 2014-07-19 18:14 - 01402880 _____ () C:\Users\Lawrence\Desktop\HijackThis.msi
    2014-07-19 15:57 - 2013-12-31 20:07 - 00014377 _____ () C:\Users\Lawrence\Desktop\Expenditure.xlsx
    2014-07-19 15:15 - 2014-06-15 22:55 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\PMB Files
    2014-07-19 14:51 - 2014-06-25 17:19 - 00003496 _____ () C:\WINDOWS\System32\Tasks\gg_uac_daemon_Lawry Lsw
    2014-07-19 14:43 - 2013-11-03 03:39 - 00000000 ____D () C:\Users\Lawrence\AppData\Roaming\GarenaPlus
    2014-07-19 14:43 - 2013-11-03 03:38 - 00000000 ____D () C:\ProgramData\GarenaMessenger
    2014-07-19 14:42 - 2014-07-19 14:42 - 00000003 _____ () C:\WINDOWS\system32\HRUPPROG.EXIT
    2014-07-19 14:42 - 2014-07-19 14:42 - 00000002 _____ () C:\WINDOWS\system32\HRUPPROG.TXT
    2014-07-19 01:08 - 2013-10-12 12:37 - 00000000 ____D () C:\Program Files\Common Files\mcafee
    2014-07-19 01:08 - 2012-07-26 18:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
    2014-07-19 01:07 - 2013-11-25 10:18 - 00000000 ____D () C:\Program Files (x86)\McAfee
    2014-07-18 18:06 - 2013-11-27 08:11 - 01304478 _____ () C:\WINDOWS\WindowsUpdate.log
    2014-07-17 19:14 - 2014-07-17 19:14 - 00000000 ____D () C:\ProgramData\Riot Games
    2014-07-17 18:44 - 2014-07-17 18:44 - 00688992 _____ (Swearware) C:\Users\Lawrence\Desktop\dds.com
    2014-07-17 18:04 - 2014-07-17 17:51 - 00000000 _____ () C:\WINDOWS\system32\1
    2014-07-17 16:57 - 2013-08-22 23:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
    2014-07-17 00:47 - 2014-07-16 23:54 - 00004978 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for ROYAL-Lawry Lsw Royal
    2014-07-17 00:47 - 2013-11-01 17:23 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\Packages
    2014-07-16 23:32 - 2014-07-16 23:34 - 04605016 _____ () C:\Users\Lawrence\Desktop\cbs.txt
    2014-07-16 23:14 - 2014-07-16 23:14 - 00002464 _____ () C:\Users\Lawrence\Desktop\SFCFix.txt
    2014-07-16 23:14 - 2014-07-16 01:42 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\niemiro
    2014-07-16 23:14 - 2014-07-16 01:42 - 00000000 ____D () C:\SFCFix
    2014-07-16 23:13 - 2014-07-16 23:13 - 01296920 _____ () C:\Users\Lawrence\Desktop\SFCFix.zip
    2014-07-16 23:12 - 2014-07-16 01:49 - 00566784 _____ (niemiro) C:\Users\Lawrence\Desktop\SFCFix.exe
    2014-07-16 16:05 - 2013-09-30 14:10 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
    2014-07-16 16:05 - 2013-08-23 00:46 - 00339975 _____ () C:\WINDOWS\setupact.log
    2014-07-16 02:28 - 2012-07-26 17:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
    2014-07-14 06:08 - 2014-07-11 16:02 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2014-07-14 05:48 - 2013-11-02 13:09 - 00000928 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2014-07-13 11:48 - 2013-11-02 13:09 - 00000924 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2014-07-13 01:18 - 2014-07-13 01:18 - 00001052 _____ () C:\Users\Public\Desktop\Path of Exile.lnk
    2014-07-13 01:18 - 2014-07-13 01:13 - 00000000 ____D () C:\Program Files (x86)\GarenaPoE
    2014-07-13 01:18 - 2013-11-03 03:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garena
    2014-07-12 16:17 - 2014-04-28 01:53 - 00000000 ____D () C:\Users\Lawrence\Desktop\Books!
    2014-07-12 16:15 - 2014-07-12 16:15 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\Aeria Games
    2014-07-12 16:14 - 2014-07-12 16:14 - 00000000 ____D () C:\ProgramData\Aeria Games
    2014-07-12 16:13 - 2014-07-12 16:12 - 00000000 ___HD () C:\WINDOWS\msdownld.tmp
    2014-07-12 16:13 - 2014-07-12 16:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
    2014-07-12 16:12 - 2014-07-12 16:12 - 00001701 _____ () C:\Users\Lawrence\Desktop\Aura Kingdom.lnk
    2014-07-12 16:00 - 2014-07-12 16:00 - 00002055 _____ () C:\Users\Public\Desktop\Aeria Ignite.lnk
    2014-07-12 16:00 - 2014-07-12 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
    2014-07-12 16:00 - 2014-07-12 16:00 - 00000000 ____D () C:\Program Files (x86)\Aeria Games
    2014-07-12 16:00 - 2014-07-12 12:58 - 00000000 ____D () C:\AeriaGames
    2014-07-12 16:00 - 2014-06-15 22:57 - 00000000 __SHD () C:\WINDOWS\SysWOW64\AI_RecycleBin
    2014-07-12 15:05 - 2014-07-12 15:03 - 00000000 ____D () C:\Users\Lawrence\Documents\InfiniteCrisis
    2014-07-12 15:03 - 2014-07-12 15:03 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\InfiniteCrisis
    2014-07-12 15:00 - 2014-07-12 13:59 - 00000000 ____D () C:\Program Files (x86)\InfiniteCrisis
    2014-07-12 14:01 - 2014-07-12 14:01 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\Turbine
    2014-07-12 14:00 - 2014-06-30 02:00 - 00028116 _____ () C:\WINDOWS\DirectX.log
    2014-07-12 13:59 - 2014-07-12 13:59 - 00001107 _____ () C:\Users\Public\Desktop\InfiniteCrisis.lnk
    2014-07-12 13:59 - 2014-07-12 13:59 - 00000000 ____D () C:\ProgramData\Turbine
    2014-07-12 13:59 - 2014-07-12 13:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infinite Crisis
    2014-07-12 13:53 - 2014-07-12 13:49 - 140770440 _____ () C:\Users\Lawrence\Downloads\InfiniteCrisis-GLOBAL_Setup.exe
    2014-07-12 13:47 - 2014-07-12 13:47 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\Akamai
    2014-07-12 12:57 - 2014-07-12 12:57 - 00581656 _____ (Aeria Games & Entertainment) C:\Users\Lawrence\Downloads\aurakingdom_us_downloader.exe
    2014-07-12 02:25 - 2014-06-25 01:16 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\Battle.net
    2014-07-12 02:24 - 2014-06-25 01:15 - 00000000 ____D () C:\Program Files (x86)\Battle.net
    2014-07-11 16:09 - 2014-07-11 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2014-07-11 16:09 - 2014-07-11 16:09 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2014-07-11 16:09 - 2014-07-11 16:09 - 00000000 ____D () C:\Program Files\iTunes
    2014-07-11 16:09 - 2014-07-11 16:09 - 00000000 ____D () C:\Program Files\iPod
    2014-07-11 16:09 - 2014-07-11 16:09 - 00000000 ____D () C:\Program Files (x86)\iTunes
    2014-07-11 16:06 - 2013-11-09 16:39 - 00000000 ____D () C:\ProgramData\Apple
    2014-07-11 16:05 - 2014-07-11 16:03 - 113509200 _____ (Apple Inc.) C:\Users\Lawrence\Downloads\iTunes64Setup.exe
    2014-07-11 16:02 - 2014-07-11 16:02 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
    2014-07-11 00:29 - 2013-11-04 09:34 - 00000000 __SHD () C:\Users\Lawrence\wc
    2014-07-10 17:27 - 2013-08-23 01:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
    2014-07-10 16:51 - 2013-11-02 20:32 - 00000000 ____D () C:\Program Files\Microsoft Office 15
    2014-07-10 16:33 - 2013-11-27 08:16 - 00000000 ____D () C:\Users\Lawrence
    2014-07-10 10:28 - 2013-08-23 01:36 - 00000000 ____D () C:\WINDOWS\rescache
    2014-07-10 09:56 - 2013-08-23 00:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
    2014-07-10 09:56 - 2013-08-23 00:44 - 00474072 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
    2014-07-10 09:54 - 2013-10-12 12:39 - 00006656 _____ () C:\WINDOWS\system32\VfService.trf
    2014-07-10 09:54 - 2013-08-23 01:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
    2014-07-10 09:54 - 2013-08-23 01:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
    2014-07-10 09:53 - 2014-07-10 09:53 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
    2014-07-10 09:52 - 2013-08-23 01:36 - 00000000 ___RD () C:\WINDOWS\ToastData
    2014-07-10 09:52 - 2013-08-23 01:36 - 00000000 ____D () C:\WINDOWS\WinStore
    2014-07-10 09:48 - 2014-07-10 09:48 - 939619854 _____ () C:\WINDOWS\MEMORY.DMP
    2014-07-10 05:07 - 2013-11-04 05:56 - 00000000 ____D () C:\WINDOWS\system32\MRT
    2014-07-10 05:06 - 2013-11-04 05:56 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2014-07-10 05:01 - 2013-08-23 00:46 - 00000440 _____ () C:\WINDOWS\setuperr.log
    2014-07-10 05:00 - 2013-09-30 13:58 - 00000000 ____D () C:\Program Files\Windows Journal
    2014-07-10 00:29 - 2014-07-10 00:29 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
    2014-07-09 17:14 - 2014-06-15 22:55 - 00000000 ____D () C:\ProgramData\PMB Files
    2014-07-09 15:44 - 2013-11-03 03:38 - 00000000 ____D () C:\Program Files (x86)\Garena Plus
    2014-07-08 23:16 - 2014-07-08 23:16 - 00001625 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
    2014-07-08 23:15 - 2013-11-01 18:08 - 00000000 ___RD () C:\Users\Lawrence\Desktop\Dekstop
    2014-07-08 22:57 - 2013-09-30 14:02 - 00017148 _____ () C:\WINDOWS\PFRO.log
    2014-07-04 02:23 - 2014-04-23 15:32 - 00000000 ____D () C:\Users\Lawrence\Desktop\4th Year
    2014-07-04 02:23 - 2014-01-31 14:22 - 00000000 ____D () C:\Users\Lawrence\Desktop\Documents Electivws
    2014-07-02 18:58 - 2014-01-12 13:44 - 00000000 ____D () C:\Users\Lawrence\Desktop\BZSKUGEL.p_elec_app_mnu_files
    2014-07-02 12:42 - 2013-08-23 01:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
    2014-07-02 12:39 - 2014-07-01 00:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
    2014-07-01 08:45 - 2014-07-10 00:40 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
    2014-07-01 00:44 - 2014-07-01 00:44 - 00000000 ____D () C:\Users\Lawrence\Downloads\Gameforge Live
    2014-07-01 00:43 - 2014-07-01 00:42 - 20097456 _____ (Gameforge ) C:\Users\Lawrence\Downloads\AION_GameforgeLiveSetup_EN.exe
    2014-06-30 02:01 - 2014-06-30 02:01 - 00000000 ____D () C:\Users\Lawrence\Documents\My Games
    2014-06-29 23:28 - 2014-06-29 23:28 - 00000000 ___HD () C:\ArcTemp
    2014-06-29 23:28 - 2014-06-29 23:26 - 00000000 ____D () C:\Users\Lawrence\AppData\Roaming\Arc
    2014-06-29 23:28 - 2014-06-29 23:23 - 00000000 ____D () C:\Program Files (x86)\Perfect World Entertainment
    2014-06-29 23:23 - 2014-06-29 23:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
    2014-06-29 23:23 - 2013-10-12 12:07 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2014-06-29 23:22 - 2014-06-29 23:22 - 09686144 _____ (Perfect World Entertainment) C:\Users\Lawrence\Downloads\ArcInstall_v20140527a.exe
    2014-06-29 19:28 - 2014-06-29 19:28 - 00000000 ____D () C:\Users\Lawrence\AppData\Roaming\Awesomium
    2014-06-29 19:27 - 2014-06-29 19:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
    2014-06-29 19:27 - 2014-06-29 19:27 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
    2014-06-29 19:27 - 2014-06-29 19:27 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
    2014-06-29 19:25 - 2014-06-29 19:24 - 39967251 _____ (Hi-Rez Studios) C:\Users\Lawrence\Downloads\InstallHiRezGamesEnglish.exe
    2014-06-28 17:48 - 2014-07-10 00:40 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2014-06-28 17:07 - 2014-07-10 00:40 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2014-06-28 12:41 - 2014-06-27 22:14 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
    2014-06-27 22:15 - 2014-06-27 22:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
    2014-06-27 06:55 - 2013-08-23 01:38 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2014-06-27 06:55 - 2013-08-23 01:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2014-06-25 18:22 - 2014-06-25 18:22 - 32259000 _____ (Riot Games) C:\Users\Lawrence\Downloads\LeagueofLegends_OC1_Installer_06_11_13 (1).exe
    2014-06-25 17:17 - 2013-08-22 23:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
    2014-06-25 01:34 - 2014-06-25 01:34 - 01455528 _____ () C:\Users\Lawrence\Downloads\SystemCheck_enUS.exe
    2014-06-25 01:16 - 2014-06-25 01:16 - 00000000 ____D () C:\Users\Lawrence\AppData\Roaming\Battle.net
    2014-06-25 01:15 - 2014-06-25 01:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
    2014-06-25 01:14 - 2014-06-25 01:14 - 02907552 _____ (Blizzard Entertainment) C:\Users\Lawrence\Downloads\Battle.net-Setup-enGB.exe
    2014-06-25 01:12 - 2014-06-25 01:12 - 00003194 _____ () C:\WINDOWS\System32\Tasks\{DABFB4C8-5212-4BE8-9512-BCC811A32D4D}
    2014-06-25 01:11 - 2014-06-25 01:11 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\Blizzard Entertainment
    2014-06-24 22:08 - 2013-11-05 15:11 - 00000000 ____D () C:\Program Files (x86)\Diablo III
    2014-06-21 14:31 - 2014-06-21 14:31 - 00003172 _____ () C:\WINDOWS\System32\Tasks\{01DF6E9A-3A46-4383-AEC0-1067CB61D7E0}
    2014-06-21 11:43 - 2013-11-02 13:09 - 00003900 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
    2014-06-21 11:43 - 2013-11-02 13:09 - 00003664 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2014-06-20 10:38 - 2013-11-04 18:51 - 00072128 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\cfwids.sys
    2014-06-20 10:31 - 2013-11-04 18:46 - 00348552 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mfewfpk.sys
    2014-06-20 10:30 - 2013-11-25 10:09 - 00189912 _____ (McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe
    2014-06-20 10:26 - 2013-09-24 22:22 - 00786296 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mfehidk.sys
    2014-06-20 10:23 - 2013-11-04 18:41 - 00523792 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mfefirek.sys
    2014-06-20 10:21 - 2013-11-04 18:40 - 00313544 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mfeavfk.sys
    2014-06-20 10:20 - 2013-09-24 22:19 - 00181704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mfeapfk.sys
    2014-06-20 10:09 - 2013-11-04 18:28 - 00070600 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mfeelamk.sys
    Some content of TEMP:
    ====================
    C:\Users\Lawrence\AppData\Local\Temp\dxwebsetup.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_131114to131127v3.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_131127to131217v2.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_131217to140110.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140110to140121v2.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140121to140212v2.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140212to140214.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140214to140220.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140220to140306.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140306to140307.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140307to140325.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140325to140401v2.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140401to140409.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140409to140410.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140410to140429.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140429to140430.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140430to140513.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140513to140529.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140529to140610v2.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140610to140624.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140624to140708v2.exe
    C:\Users\Lawrence\AppData\Local\Temp\OfficeSetup.exe
    C:\Users\Lawrence\AppData\Local\Temp\Setup.x86.en-US_HomeStudentRetail_CNFY9-CRP43-TF6PQ-76VYF-BY2XR_TX_SG_.exe
    C:\Users\Lawrence\AppData\Local\Temp\setup32.exe
    C:\Users\Lawrence\AppData\Local\Temp\swt-win32-3349.dll
    C:\Users\Lawrence\AppData\Local\Temp\Tsu301FFA7E.dll
    C:\Users\Lawrence\AppData\Local\Temp\Tsu30F4D4DA.dll
    C:\Users\Lawrence\AppData\Local\Temp\Tsu322EB8E2.dll
    C:\Users\Lawrence\AppData\Local\Temp\vcredist_x86.exe
    
    ==================== Bamital & volsnap Check =================
    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
    
    LastRegBack: 2014-07-19 22:21
    ==================== End Of Log ============================
    And the next one is the Addition.txt

    Code:
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-07-2014
    Ran by Lawry Lsw at 2014-07-20 01:17:28
    Running from C:\Users\Lawrence\Desktop
    Boot Mode: Normal
    ==========================================================
    
    ==================== Security Center ========================
    AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
    ==================== Installed Programs ======================
    Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
    Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
    Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
    Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
    AION Free-to-Play (HKLM-x32\...\{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1) (Version:  - Gameforge)
    Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
    Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
    Aura Kingdom (HKLM-x32\...\Aura Kingdom) (Version:  - )
    Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
    Duel of Champions (HKLM-x32\...\MMDoC-PDCLive) (Version:  - Ubisoft)
    Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.11 - Lenovo)
    Energy Management (x32 Version: 8.0.2.11 - Lenovo) Hidden
    Extended Asian Language font pack for Adobe Reader XI (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-A00000000004}) (Version: 11.0.0 - Adobe Systems Incorporated)
    EZDownloader (HKLM-x32\...\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1) (Version: 1.0 - EZDownloader)
    Garena - League of Legends (HKLM-x32\...\LoL) (Version:  - Garena Online Pte Ltd.)
    Garena - Path of Exile (HKLM-x32\...\PoE) (Version:  - Garena Online Pte Ltd.)
    Garena Plus (HKLM-x32\...\im) (Version: 2011 - Garena Online Pte Ltd.)
    Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.3 - Genesys Logic)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
    HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
    Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
    InfiniteCrisis_410193F41CAE (HKLM-x32\...\InfiniteCrisis_410193F41CAE) (Version:  - Turbine, Inc)
    Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
    Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36943 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
    Intel(R) Rapid Storage Technology (Version: 12.6.0.1033 - Intel Corporation) Hidden
    Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
    Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
    iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
    League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
    League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
    Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10223 - Realtek Semiconductor Corp.)
    Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
    Lenovo OneKey Recovery (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
    Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.19.2 - ELAN Microelectronic Corp.)
    Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5219.52 - CyberLink Corp.)
    Lenovo PowerDVD10 (x32 Version: 10.0.5219.52 - CyberLink Corp.) Hidden
    Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
    Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
    Lenovo YouCam (x32 Version: 4.1.3423 - CyberLink Corp.) Hidden
    McAfee Internet Security (HKLM-x32\...\MSC) (Version: 12.8.958 - McAfee, Inc.)
    Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4631.1002 - Microsoft Corporation)
    Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4631.1002 - Microsoft Corporation)
    Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
    NVIDIA Control Panel 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden
    NVIDIA GeForce Experience 2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0 - NVIDIA Corporation)
    NVIDIA Graphics Driver 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.21 - NVIDIA Corporation)
    NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
    NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
    NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
    NVIDIA Optimus Update 12.4.55 (Version: 12.4.55 - NVIDIA Corporation) Hidden
    NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
    NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
    NVIDIA ShadowPlay 12.4.55 (Version: 12.4.55 - NVIDIA Corporation) Hidden
    NVIDIA Update 12.4.55 (Version: 12.4.55 - NVIDIA Corporation) Hidden
    NVIDIA Update Core (Version: 12.4.55 - NVIDIA Corporation) Hidden
    NVIDIA Virtual Audio 1.2.22 (Version: 1.2.22 - NVIDIA Corporation) Hidden
    Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
    Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.0 - Lenovo)
    Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
    Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
    Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.229 - Qualcomm Atheros Communications)
    Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
    Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.12 - Qualcomm Atheros Communications Inc.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6923 - Realtek Semiconductor Corp.)
    Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
    SHIELD Streaming (Version: 1.8.323 - NVIDIA Corporation) Hidden
    Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2215.10 - Hi-Rez Studios)
    SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
    UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
    UserGuide (x32 Version: 1.0.0.15 - Lenovo) Hidden
    Windows Driver Package - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
    Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
    World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
    ==================== Restore Points  =========================
    11-07-2014 06:07:29 Installed iTunes
    19-07-2014 08:45:48 Installed HiJackThis
    ==================== Hosts content: ==========================
    2013-08-22 23:25 - 2013-08-22 23:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
    ==================== Scheduled Tasks (whitelisted) =============
    Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
    Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
    Task: {0EA2F156-CC98-4490-85E7-BB9D1E5C788A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-07-10] (Microsoft Corporation)
    Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
    Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
    Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
    Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
    Task: {3BC89618-D0F2-4AF4-AB50-861939D4AEDC} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-06-19] (Microsoft Corporation)
    Task: {3D50C1EF-6106-4E02-8BE3-7CB952488231} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-08] (Intel Corporation)
    Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
    Task: {4CA6088A-3A8E-4DCF-BEA8-DF9341B99DCE} - System32\Tasks\gg_uac_daemon_Lawry Lsw => C:\Program Files (x86)\Garena Plus\ggdllhost.exe [2013-10-24] ()
    Task: {51FD80C9-C391-4318-8E4C-2523AF1A213E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-02] (Google Inc.)
    Task: {59E0FEF2-C4C8-4F33-A35A-CE261DAE6464} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
    Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
    Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
    Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
    Task: {7492F5A3-417F-4C3C-839A-48D7BF3D15F5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-06-10] (Microsoft Corporation)
    Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
    Task: {84844A8D-0DE3-4F21-97C7-5EEBE9503577} - System32\Tasks\UMonitor Task => C:\windows\system32\UMonit64.exe
    Task: {86D91C87-A24E-4211-B7B3-FF692006E8C8} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
    Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
    Task: {89BD2E94-CA92-48E4-8366-6EF43C3F8FEE} - System32\Tasks\Microsoft Office 15 Sync Maintenance for ROYAL-Lawry Lsw Royal => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-06-03] (Microsoft Corporation)
    Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
    Task: {8D777A65-983F-4B89-B3F2-1237A53DABFA} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
    Task: {9A9091A5-C3AC-491F-8514-F5E8B2E59A40} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-08] (Intel Corporation)
    Task: {9AF9845F-C241-472D-B0A2-9EF34B2748D4} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
    Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
    Task: {AA4C4BC0-E040-4026-9436-DF0372A05E46} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-11] (Adobe Systems Incorporated)
    Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
    Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
    Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
    Task: {DC2C63EA-6315-4422-BDAB-11E6355A44DA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-02] (Google Inc.)
    Task: {DF3C0D6A-6D0C-41B3-811B-30E36308310A} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
    Task: {E39BDDE4-CAE4-46CD-AE30-D2E623AE469F} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
    Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    ==================== Loaded Modules (whitelisted) =============
    2013-10-12 12:39 - 2013-10-12 12:39 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
    2013-10-12 12:39 - 2013-10-12 12:39 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
    2014-03-16 07:55 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
    2013-09-05 04:36 - 2013-12-20 06:33 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
    2013-10-12 12:01 - 2013-12-20 04:53 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2014-07-10 16:49 - 2014-05-21 02:19 - 08892072 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
    2013-10-24 12:16 - 2013-10-24 12:16 - 00049456 _____ () C:\Program Files (x86)\Garena Plus\ggdllhost.exe
    2013-06-14 05:44 - 2013-06-14 05:44 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
    2013-06-14 05:40 - 2013-06-14 05:40 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
    2013-06-14 05:47 - 2013-06-14 05:47 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
    2013-10-12 12:25 - 2013-04-09 16:39 - 00040960 _____ () C:\Windows\SysWOW64\UMonit64.exe
    2013-10-24 12:16 - 2014-06-25 19:04 - 09935152 _____ () C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe
    2013-10-12 12:10 - 2013-05-16 12:08 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
    2014-07-03 13:20 - 2014-07-03 13:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2014-07-03 13:19 - 2014-07-03 13:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2013-10-24 12:17 - 2013-10-24 12:17 - 00553776 _____ () C:\Program Files (x86)\Garena Plus\ggspawn.dll
    2013-10-24 12:16 - 2013-10-24 12:16 - 00104752 _____ () C:\Program Files (x86)\Garena Plus\CommonLib.dll
    2013-10-24 12:16 - 2013-10-24 12:16 - 00033584 _____ () C:\Program Files (x86)\Garena Plus\DibModule.dll
    2013-10-24 13:30 - 2014-07-07 19:07 - 00027952 _____ () C:\Program Files (x86)\Garena Plus\VersionModule.dll
    2013-10-24 12:16 - 2013-10-24 12:16 - 00051504 _____ () C:\Program Files (x86)\Garena Plus\FileLoader.dll
    2013-10-24 12:17 - 2013-10-24 12:17 - 00087344 _____ () C:\Program Files (x86)\Garena Plus\PluginKernel.dll
    2013-10-24 12:16 - 2013-10-24 12:16 - 00487216 _____ () C:\Program Files (x86)\Garena Plus\CxImage.dll
    2013-10-24 12:17 - 2013-10-24 12:17 - 00025392 _____ () C:\Program Files (x86)\Garena Plus\PluginModule.dll
    2013-10-24 12:17 - 2013-10-24 12:17 - 00170800 _____ () C:\Program Files (x86)\Garena Plus\lib\fs\YYFileSystem.dll
    2013-10-24 12:17 - 2013-10-24 12:17 - 00374064 _____ () C:\Program Files (x86)\Garena Plus\lib\Http.dll
    2013-10-24 12:17 - 2013-10-24 12:17 - 00184624 _____ () C:\Program Files (x86)\Garena Plus\lib\MP3Module.dll
    2012-02-22 18:52 - 2012-02-22 18:52 - 00162304 _____ () C:\Program Files (x86)\Garena Plus\lame_enc.DLL
    2013-10-24 12:17 - 2013-10-24 12:17 - 00219952 _____ () C:\Program Files (x86)\Garena Plus\lib\TaskManagerLib.dll
    2013-10-24 12:17 - 2013-10-24 12:17 - 00106288 _____ () C:\Program Files (x86)\Garena Plus\lib\UILayout.dll
    2013-10-24 12:17 - 2014-02-21 18:41 - 00958256 _____ () C:\Program Files (x86)\Garena Plus\lib\XLL.dll
    2013-10-24 12:17 - 2013-10-24 12:17 - 00055088 _____ () C:\Program Files (x86)\Garena Plus\lib\XmlUIModule.dll
    2012-02-22 18:52 - 2012-02-22 18:52 - 00573100 _____ () C:\Program Files (x86)\Garena Plus\sqlite3.dll
    2013-10-24 12:17 - 2013-10-24 12:17 - 00224560 _____ () C:\Program Files (x86)\Garena Plus\Plugins\StatsPlugin.dll
    2013-10-24 12:17 - 2014-05-27 17:23 - 00919856 _____ () C:\Program Files (x86)\Garena Plus\Plugins\ggplugin.dll
    2013-10-24 12:17 - 2014-06-11 23:45 - 00192816 _____ () C:\Program Files (x86)\Garena Plus\ImageModule.dll
    2013-10-24 12:17 - 2013-10-24 12:17 - 00155440 _____ () C:\Program Files (x86)\Garena Plus\libmpg123.dll
    2013-10-24 12:16 - 2013-10-24 12:16 - 02941232 _____ () C:\Program Files (x86)\Garena Plus\ggdownloader.dll
    2013-10-24 12:17 - 2013-10-24 12:17 - 00065840 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\AudioMixerLib.dll
    2013-10-24 12:17 - 2013-10-24 12:17 - 00016688 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\ClientTcp.dll
    2013-10-24 12:17 - 2013-10-24 12:17 - 01545520 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\FileSender.dll
    2013-02-01 15:42 - 2013-02-01 15:42 - 00153088 _____ () C:\Program Files (x86)\Garena Plus\libzmq.dll
    2013-10-24 12:17 - 2013-10-24 12:17 - 00956208 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\GaFileTransfer.dll
    2013-10-24 12:17 - 2013-10-24 12:17 - 00245040 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\MediaEngine.dll
    2013-10-24 12:17 - 2013-10-24 12:17 - 00026416 _____ () C:\Program Files (x86)\Garena Plus\ServerMemAlloc.dll
    2013-10-24 12:17 - 2013-10-24 12:17 - 00516912 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\RSALib.dll
    2013-10-24 12:17 - 2013-10-24 12:17 - 00068400 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\UdtLib.dll
    2013-10-24 12:17 - 2013-10-24 12:17 - 00147248 _____ () C:\Program Files (x86)\Garena Plus\xIM.dll
    2013-10-24 12:17 - 2013-10-24 12:17 - 00590128 _____ () C:\Program Files (x86)\Garena Plus\xim\plugin_msn.dll
    2013-10-24 12:17 - 2013-10-24 12:17 - 00460592 _____ () C:\Program Files (x86)\Garena Plus\xim\plugin_xmpp.dll
    2013-10-24 12:18 - 2014-03-17 14:57 - 00194864 _____ () C:\Program Files (x86)\Garena Plus\xim\plugin_yahoo.dll
    2013-10-24 12:17 - 2014-05-29 18:32 - 00101168 _____ () C:\Program Files (x86)\Garena Plus\Plugins\PlatformPlugin.dll
    2013-10-24 12:17 - 2013-10-24 12:17 - 00236848 _____ () C:\Program Files (x86)\Garena Plus\Plugins\PluginNews.dll
    2013-10-24 12:17 - 2013-10-24 12:17 - 00397104 _____ () C:\Program Files (x86)\Garena Plus\Plugins\GarenaTalkPlugin.dll
    2013-10-24 12:17 - 2013-10-24 12:17 - 00287024 _____ () C:\Program Files (x86)\Garena Plus\Plugins\DailyTaskPlugin.dll
    2013-10-24 12:17 - 2013-10-24 12:17 - 00133936 _____ () C:\Program Files (x86)\Garena Plus\Plugins\ClanBoxPlugin.dll
    2013-10-24 12:17 - 2013-10-24 12:17 - 00215856 _____ () C:\Program Files (x86)\Garena Plus\Plugins\GameSalePlugin.dll
    2014-06-15 20:41 - 2014-06-05 23:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
    2014-06-15 20:41 - 2014-06-05 23:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
    2013-12-04 03:21 - 2013-12-20 06:33 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
    2014-06-15 20:41 - 2014-06-05 23:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
    2014-06-15 20:41 - 2014-06-05 23:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
    2014-06-15 20:41 - 2014-06-05 23:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
    2014-06-15 20:41 - 2014-06-05 23:58 - 14612296 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
    ==================== Alternate Data Streams (whitelisted) =========
    AlternateDataStreams: C:\Users\Lawrence\SkyDrive:ms-properties
    ==================== Safe Mode (whitelisted) ===================
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
    ==================== EXE Association (whitelisted) =============
    
    ==================== MSCONFIG/TASK MANAGER disabled items =========
    HKLM\...\StartupApproved\Run32: => "YouCam Tray"
    HKLM\...\StartupApproved\Run32: => "iTunesHelper"
    ==================== Faulty Device Manager Devices =============
    Name: Intel(R) Display Audio
    Description: Intel(R) Display Audio
    Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel(R) Corporation
    Service: IntcDAud
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
    
    ==================== Event log errors: =========================
    Application errors:
    ==================
    Error: (07/20/2014 01:15:03 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program mcuicnt.exe version 5.9.2.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
    Process ID: 118c
    Start Time: 01cfa33834be575c
    Termination Time: 4
    Application Path: C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
    Report Id: 70d1c27f-0f57-11e4-bea8-28d2442d96e3
    Faulting package full name: 
    Faulting package-relative application ID:
    Error: (07/19/2014 01:08:08 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program chrome.exe version 35.0.1916.153 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
    Process ID: 48d0
    Start Time: 01cfa25bcb421ddc
    Termination Time: 4294967295
    Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    Report Id: 513ed959-0e8d-11e4-bea8-28d2442d96e3
    Faulting package full name: 
    Faulting package-relative application ID:
    Error: (07/17/2014 04:57:21 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: McSvHost.exe, version: 2.6.195.0, time stamp: 0x4face9fb
    Faulting module name: saupkeep.dll_unloaded, version: 3.7.0.193, time stamp: 0x53ac3765
    Exception code: 0xc0000005
    Fault offset: 0x000000000005d9b5
    Faulting process id: 0x129c
    Faulting application start time: 0xMcSvHost.exe0
    Faulting application path: McSvHost.exe1
    Faulting module path: McSvHost.exe2
    Report Id: McSvHost.exe3
    Faulting package full name: McSvHost.exe4
    Faulting package-relative application ID: McSvHost.exe5
    Error: (07/17/2014 00:52:08 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
    Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
    Error: (07/16/2014 06:55:18 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
    Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
    Error: (07/16/2014 01:22:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 14563
    Error: (07/16/2014 01:22:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 14563
    Error: (07/16/2014 01:22:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second
    Error: (07/16/2014 01:04:11 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program Taskmgr.exe version 6.3.9600.17031 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
    Process ID: 4164
    Start Time: 01cfa00e88ac0aa0
    Termination Time: 5
    Application Path: C:\WINDOWS\System32\Taskmgr.exe
    Report Id: 353571ba-0c31-11e4-bea8-28d2442d96e3
    Faulting package full name: 
    Faulting package-relative application ID:
    Error: (07/15/2014 07:23:08 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: McSvHost.exe, version: 3.8.703.0, time stamp: 0x51f7deae
    Faulting module name: ntdll.dll, version: 6.3.9600.17031, time stamp: 0x530895af
    Exception code: 0xc0000005
    Fault offset: 0x0000000000065e8e
    Faulting process id: 0x5a20
    Faulting application start time: 0xMcSvHost.exe0
    Faulting application path: McSvHost.exe1
    Faulting module path: McSvHost.exe2
    Report Id: McSvHost.exe3
    Faulting package full name: McSvHost.exe4
    Faulting package-relative application ID: McSvHost.exe5
    
    System errors:
    =============
    Error: (07/20/2014 01:17:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Application Experience service failed to start due to the following error: 
    %%1053
    Error: (07/20/2014 01:17:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Multimedia Class Scheduler service failed to start due to the following error: 
    %%1053
    Error: (07/20/2014 01:17:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Multimedia Class Scheduler service failed to start due to the following error: 
    %%1053
    Error: (07/20/2014 01:17:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Multimedia Class Scheduler service failed to start due to the following error: 
    %%1053
    Error: (07/20/2014 01:17:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Multimedia Class Scheduler service failed to start due to the following error: 
    %%1053
    Error: (07/20/2014 01:17:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Multimedia Class Scheduler service failed to start due to the following error: 
    %%1053
    Error: (07/20/2014 01:17:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Multimedia Class Scheduler service failed to start due to the following error: 
    %%1053
    Error: (07/20/2014 01:17:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Multimedia Class Scheduler service failed to start due to the following error: 
    %%1053
    Error: (07/20/2014 01:17:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Multimedia Class Scheduler service failed to start due to the following error: 
    %%1053
    Error: (07/20/2014 01:17:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Multimedia Class Scheduler service failed to start due to the following error: 
    %%1053
    
    Microsoft Office Sessions:
    =========================
    Error: (07/20/2014 01:15:03 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: mcuicnt.exe5.9.2.0118c01cfa33834be575c4C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe70d1c27f-0f57-11e4-bea8-28d2442d96e3
    Error: (07/19/2014 01:08:08 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: chrome.exe35.0.1916.15348d001cfa25bcb421ddc4294967295C:\Program Files (x86)\Google\Chrome\Application\chrome.exe513ed959-0e8d-11e4-bea8-28d2442d96e3
    Error: (07/17/2014 04:57:21 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: McSvHost.exe2.6.195.04face9fbsaupkeep.dll_unloaded3.7.0.19353ac3765c0000005000000000005d9b5129c01cfa00a36a499dcC:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exesaupkeep.dll98d24d05-0d7f-11e4-bea8-28d2442d96e3
    Error: (07/17/2014 00:52:08 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
    Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
    Error: (07/16/2014 06:55:18 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
    Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
    Error: (07/16/2014 01:22:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 14563
    Error: (07/16/2014 01:22:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 14563
    Error: (07/16/2014 01:22:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second
    Error: (07/16/2014 01:04:11 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: Taskmgr.exe6.3.9600.17031416401cfa00e88ac0aa05C:\WINDOWS\System32\Taskmgr.exe353571ba-0c31-11e4-bea8-28d2442d96e3
    Error: (07/15/2014 07:23:08 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: McSvHost.exe3.8.703.051f7deaentdll.dll6.3.9600.17031530895afc00000050000000000065e8e5a2001cfa00a24aa50ddC:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exeC:\WINDOWS\SYSTEM32\ntdll.dlla1f446c3-0c01-11e4-bea8-28d2442d96e3
    
    CodeIntegrity Errors:
    ===================================
      Date: 2014-06-30 00:48:00.247
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
      Date: 2014-06-30 00:47:29.906
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
      Date: 2013-12-06 04:10:33.144
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
      Date: 2013-11-30 04:26:01.149
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
      Date: 2013-11-30 04:19:56.250
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
      Date: 2013-11-22 16:03:46.867
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
      Date: 2013-11-22 15:51:12.492
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
      Date: 2013-11-17 23:37:06.861
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
    
    ==================== Memory info =========================== 
    Percentage of memory in use: 41%
    Total physical RAM: 7912.27 MB
    Available physical RAM: 4652.97 MB
    Total Pagefile: 15848.27 MB
    Available Pagefile: 12387.08 MB
    Total Virtual: 131072 MB
    Available Virtual: 131071.81 MB
    ==================== Drives ================================
    Drive c: (Windows8_OS) (Fixed) (Total:890.17 GB) (Free:747.19 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.14 GB) NTFS
    ==================== MBR & Partition Table ==================
    ========================================================
    Disk: 0 (Size: 932 GB) (Disk ID: 7623E5AD)
    Partition: GPT Partition Type.
    ==================== End Of Log ============================


    I hope I have done it correctly and it will be helpful to you to search the source of malware.

  6. #6

    Re: Group Policy Client Failed to Start (Was Unable To Run DDS)

    Hi guys, newest update, I have tried reinstalling McAfee Antivirus and also disabled my AdBlock, Google Chrome seems to be running smoother now but it still has the occasional moments where it takes ages to startup. And after restarting my laptop with the new McAfee Antivirus, I happened to notice the Group Policy Client to be running. I guess in some ways, Corrine's advice worked?

    Nevertheless, you guys are the expert, please let me know if my logs reveal no faults or malware.

    Once again thanks a lot guys!

  7. #7

    Re: Group Policy Client Failed to Start (Was Unable To Run DDS)

    Hi,
    looks quite good. But, we will check for Adware.

    Step 1: Adwarecleaner

    Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

    Download Mirror #1


    1. Right-click on AdwCleaner.exe and select Run as administrator. (If you have Windows XP the just run it)
    2. Click Scan and let the scan run.
    3. When it finishes, click Clean, following the on screen prompts
    4. After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.


    Note: The log can also be found in here: C:\AdwCleaner\

    Step 2: Malwarebytes

    Please download Malwarebytes Anti-Malware to your desktop Install the progamme and select update
    Once it has updated select Settings > Detection and Protection
    Tick Scan for rootkits



    Go back to the Dashboard and select Scan Now



    If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.





    On completion of the scan (or after the reboot) select View Detailed Log
    Select Export > Select text file and save to the desktop
    Attach/Post that log

    Step 3: Junkware Removal Tool

    *Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.


    Step 4: FRST Scan

    1. Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
    2. Click Scan to start FRST.
    3. When FRST finishes scanning, a log, FRST.txt, will open.
    4. Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.
    Cheers,
    Machiavelli


  8. #8

    Re: Group Policy Client Failed to Start (Was Unable To Run DDS)

    Still with me?
    Cheers,
    Machiavelli


  9. #9

    Re: Group Policy Client Failed to Start (Was Unable To Run DDS)

    Hi sorry to keep you waiting. I had some commitment issues going on at the moment. Anyway, I am still with you.

  10. #10

    Re: Group Policy Client Failed to Start (Was Unable To Run DDS)

    1. The first log from the AdwCleaner is

    Code:
    # AdwCleaner v3.302 - Report created 06/08/2014 at 00:54:10
    # Updated 30/07/2014 by Xplode
    # Operating System : Windows 8.1 Single Language  (64 bits)
    # Username : Lawry Lsw - ROYAL
    # Running from : C:\Users\Lawrence\Desktop\AdwCleaner.exe
    # Option : Clean
    ***** [ Services ] *****
    
    ***** [ Files / Folders ] *****
    Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader
    Folder Deleted : C:\Program Files (x86)\EZDownloader
    Folder Deleted : C:\Program Files (x86)\Free Ride Games
    Folder Deleted : C:\Program Files (x86)\PremierOpinion
    File Deleted : C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
    File Deleted : C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
    File Deleted : C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.livelyrics00.live-lyrics.com_0.localstorage
    File Deleted : C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.livelyrics00.live-lyrics.com_0.localstorage-journal
    ***** [ Scheduled Tasks ] *****
    
    ***** [ Shortcuts ] *****
    
    ***** [ Registry ] *****
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Safer-surf]
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{44D07CAA-4FC4-5A84-9951-A485AD808D0E}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DEDAF650-12B8-48F5-A843-BBA100716106}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{44D07CAA-4FC4-5A84-9951-A485AD808D0E}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
    Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
    Key Deleted : HKLM\Software\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
    Key Deleted : HKLM\Software\Conduit
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
    ***** [ Browsers ] *****
    -\\ Internet Explorer v11.0.9600.17126
    Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
    -\\ Google Chrome v36.0.1985.125
    [ File : C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\preferences ]
    
    [ File : C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\preferences ]
    
    [ File : C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\preferences ]
    
    [ File : C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\preferences ]
    
    [ File : C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\preferences ]
    
    [ File : C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\preferences ]
    
    [ File : C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\preferences ]
    
    [ File : C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\preferences ]
    
    [ File : C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\preferences ]
    
    [ File : C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\preferences ]
    
    [ File : C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\preferences ]
    
    [ File : C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\preferences ]
    
    [ File : C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\preferences ]
    
    [ File : C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\preferences ]
    
    *************************
    AdwCleaner[R0].txt - [11728 octets] - [06/08/2014 00:50:33]
    AdwCleaner[R1].txt - [11789 octets] - [06/08/2014 00:52:39]
    AdwCleaner[S0].txt - [4078 octets] - [06/08/2014 00:54:10]
    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4138 octets] ##########
    2. Second log is the Malwarebyte log:

    Code:
    Malwarebytes Anti-Malware
    www.malwarebytes.org
    Scan Date: 06-Aug-14
    Scan Time: 1:03:37 AM
    Logfile: Scan.log (Malwarebytes).txt
    Administrator: Yes
    Version: 2.00.2.1012
    Malware Database: v2014.08.05.05
    Rootkit Database: v2014.08.04.01
    License: Trial
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled
    OS: Windows 8.1
    CPU: x64
    File System: NTFS
    User: Lawry Lsw
    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 300076
    Time Elapsed: 14 min, 8 sec
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled
    Processes: 0
    (No malicious items detected)
    Modules: 0
    (No malicious items detected)
    Registry Keys: 0
    (No malicious items detected)
    Registry Values: 1
    PUP.Optional.FindWide, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|Tabs, Internet Search, Quarantined, [dbbd6161265559ddac40eb3a80846e92]
    Registry Data: 0
    (No malicious items detected)
    Folders: 0
    (No malicious items detected)
    Files: 8
    PUP.Optional.AppsInstaller, C:\$Recycle.Bin\S-1-5-21-450748458-2682401420-2043914554-1002\$RWISYI4.exe, Quarantined, [e7b11da5d9a254e2af237135a65e19e7], 
    PUP.Optional.4Shared, C:\$Recycle.Bin\S-1-5-21-450748458-2682401420-2043914554-1002\$R9P8QYJ.exe, Quarantined, [5b3d9e24b5c641f59972881e9869629e], 
    PUP.Optional.Downloader, C:\Users\Lawrence\AppData\Local\Temp\UNT43F1.tmp.exe, Quarantined, [0e8a863c671489ad35abbae542bf5ea2], 
    PUP.Optional.EZDownloader.A, C:\Users\Lawrence\AppData\Local\Temp\{AB43AE24-D4B3-494F-ABA4-9C9170A08CD2}\Addons\EzDownloader_setup.exe, Quarantined, [0d8bccf6e49736008521ce517888b44c], 
    PUP.Optional.MultiPlug.A, C:\Users\Lawrence\AppData\Local\Temp\{AB43AE24-D4B3-494F-ABA4-9C9170A08CD2}\Addons\search_installer.exe, Quarantined, [7e1a16acaecd0b2be1d2f0bae21fbc44], 
    PUP.Optional.Somoto, C:\Users\Lawrence\AppData\Local\Temp\is-HRIJC.tmp\bi.exe, Quarantined, [5b3d556ddba040f684a7a5ff26dbe917], 
    PUP.Optional.BetterDeals.A, C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.betterdeals00.betterdeals.co_0.localstorage, Quarantined, [c7d10eb44437ce6880e100e1897945bb], 
    PUP.Optional.BetterDeals.A, C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.betterdeals00.betterdeals.co_0.localstorage-journal, Quarantined, [08903e84ef8c1323560b15cc738f11ef], 
    Physical Sectors: 0
    (No malicious items detected)
    
    (end)
    3. Third log is from the JRT:

    Code:
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.1.4 (04.06.2014:1)
    OS: Windows 8.1 Single Language x64
    Ran by Lawry Lsw on 06-Aug-14 at  1:10:11.04
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
    
    ~~~ Services
     
    ~~~ Registry Values
     
    ~~~ Registry Keys
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\DolphinDeals_RASAPI32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\DolphinDeals_RASMANCS
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateDolphinDeals_RASAPI32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateDolphinDeals_RASMANCS
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\DolphinDeals_RASAPI32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\DolphinDeals_RASMANCS
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\updateDolphinDeals_RASAPI32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\updateDolphinDeals_RASMANCS
     
    ~~~ Files
     
    ~~~ Folders
    Successfully deleted: [Folder] "C:\WINDOWS\syswow64\ai_recyclebin"
     
    ~~~ Event Viewer Logs were cleared
     
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 06-Aug-14 at  1:16:33.26
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    4. The last log is the FRST log:

    Code:
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-08-2014
    Ran by Lawry Lsw (administrator) on ROYAL on 06-08-2014 01:22:38
    Running from C:\Users\Lawrence\Desktop
    Platform: Windows 8.1 Single Language (X64) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Normal
    The only official download link for FRST:
    Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
    Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
    See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
    ==================== Processes (Whitelisted) =================
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
    (Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
    (Microsoft Corporation) C:\Windows\System32\dasHost.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
    (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
    (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
    (McAfee, Inc.) C:\Program Files\mcafee\MSC\McAPExe.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\SystemCore\mfefire.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17200_none_fa7026dd9b04586e\TiWorker.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    () C:\Program Files (x86)\Garena Plus\ggdllhost.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
    (Realtek semiconductor) C:\Windows\RTFTrack.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
    () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
    () C:\Windows\SysWOW64\UMonit64.exe
    (Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
    (Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
    (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
    () C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe
    (Akamai Technologies, Inc.) C:\Users\Lawrence\AppData\Local\Akamai\netsession_win.exe
    (Akamai Technologies, Inc.) C:\Users\Lawrence\AppData\Local\Akamai\netsession_win.exe
    (CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
    
    ==================== Registry (Whitelisted) ==================
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
    HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6346312 2013-03-15] (Realtek semiconductor)
    HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2891592 2013-05-17] (ELAN Microelectronics Corp.)
    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13545032 2013-05-28] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor)
    HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
    HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-05-01] (Intel Corporation)
    HKLM\...\Run: [UMonit64] => C:\windows\SysWOW64\UMonit64.exe [40960 2013-04-09] ()
    HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-15] (Lenovo)
    HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17097200 2013-10-12] (Lenovo (Beijing) Limited)
    HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2013-10-12] (Lenovo(beijing) Limited)
    HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
    HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-31] (CyberLink Corp.)
    HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
    HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp.)
    HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
    HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-22] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
    HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
    HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-07] (Aeria Games & Entertainment)
    HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
    Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
    HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-06-14] ( (Qualcomm®Atheros®))
    HKLM\...\Policies\Explorer: [NoControlPanel] 0
    HKLM\...\Policies\Explorer: [NoFolderOptions] 0
    HKU\S-1-5-21-450748458-2682401420-2043914554-1002\...\Run: [GarenaPlus] => C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe [9940272 2014-07-24] ()
    HKU\S-1-5-21-450748458-2682401420-2043914554-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Lawrence\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
    AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [166568 2014-07-03] (NVIDIA Corporation)
    AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [166568 2014-07-03] (NVIDIA Corporation)
    AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [146480 2014-07-03] (NVIDIA Corporation)
    ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
    ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
    ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
    ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    ShellIconOverlayIdentifiers: SugarSyncBackedUp -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
    ShellIconOverlayIdentifiers: SugarSyncPending -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
    ShellIconOverlayIdentifiers: SugarSyncRoot -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
    ShellIconOverlayIdentifiers: SugarSyncShared -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
    ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
    ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
    ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    ==================== Internet (Whitelisted) ====================
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = Buy Computers Laptops & Tablets | For Those Who Do | Lenovo US
    HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Buy Computers Laptops & Tablets | For Those Who Do | Lenovo US
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    SearchScopes: HKLM - {F5FFD1E6-0FCD-4151-BFDF-6614F1963A57} URL = {searchTerms} - Bing
    SearchScopes: HKLM-x32 - {F5FFD1E6-0FCD-4151-BFDF-6614F1963A57} URL = {searchTerms} - Bing
    SearchScopes: HKCU - DefaultScope {309451D7-0DA0-4ECE-88EF-91992B0EA7DE} URL = {searchTerms - Search Results}
    SearchScopes: HKCU - {309451D7-0DA0-4ECE-88EF-91992B0EA7DE} URL = {searchTerms - Search Results}
    SearchScopes: HKCU - {7C0CC4AC-40DF-4CFC-BBED-5DE5FBC4BF27} URL = {searchTerms} - Yahoo Search Results
    SearchScopes: HKCU - {F5FFD1E6-0FCD-4151-BFDF-6614F1963A57} URL = 
    SearchScopes: HKCU - {FCEAC75E-3562-4E41-88A1-6E2A5FB49358} URL = {SearchTerms - Yahoo Search Results}
    BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
    BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
    BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
    Toolbar: HKLM - FindWide Toolbar - {1F7C99AC-F766-4BA8-96DB-380BD5DE6A65} - C:\Program Files (x86)\TNT2\Profiles\10953\passport64.dll No File
    Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    Toolbar: HKCU - FindWide Toolbar - {1F7C99AC-F766-4BA8-96DB-380BD5DE6A65} - C:\Program Files (x86)\TNT2\Profiles\10953\passport64.dll No File
    DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
    Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
    Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll (McAfee, Inc.)
    Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
    Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
    FireFox:
    ========
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
    FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
    FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF Plugin HKCU: www.exent.com/GameTreatWidget - C:\Program Files (x86)\Free Ride Games\npGameTreatWidget.dll No File
    FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
    FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-07-20]
    FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
    FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-07-20]
    Chrome: 
    =======
    CHR HomePage: 
    CHR Extension: (Google Docs) - C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-02]
    CHR Extension: (Google Drive) - C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-02]
    CHR Extension: (YouTube) - C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-02]
    CHR Extension: (Google Search) - C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-02]
    CHR Extension: (Peter Bjorn and John) - C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmemmjoiahegfgfcenggecfhoedchfdl [2014-05-08]
    CHR Extension: (SiteAdvisor) - C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-11-27]
    CHR Extension: (AdBlock) - C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-11-02]
    CHR Extension: (Google Wallet) - C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-02]
    CHR Extension: (Gmail) - C:\Users\Lawrence\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-02]
    ==================== Services (Whitelisted) =================
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
    S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-06-12] (Perfect World Entertainment Inc)
    R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-06-14] (Windows (R) Win 7 DDK provider)
    R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356912 2014-07-19] (Microsoft Corporation)
    R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-07-19] (Hi-Rez Studios) [File not signed]
    R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
    R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-05-01] (Intel Corporation)
    R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-14] (Intel(R) Corporation) [File not signed]
    S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-14] (Intel(R) Corporation)
    R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-16] (Intel Corporation)
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-16] (Intel Corporation)
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
    R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
    R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
    R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
    R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
    S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.)
    R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
    R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
    R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-06-18] (McAfee, Inc.)
    R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
    R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
    R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
    R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2013-10-12] ()
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
    R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-06-14] (Atheros) [File not signed]
    ==================== Drivers (Whitelisted) ====================
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
    S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-06-14] (Qualcomm Atheros)
    S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-05] (Microsoft Corporation)
    R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
    R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [22280 2013-05-16] (ELAN Microelectronic Corp.)
    S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
    R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-06] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
    R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
    R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
    S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
    R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
    R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
    R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-06-18] (McAfee, Inc.)
    S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-06-18] (McAfee, Inc.)
    R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
    R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-04-01] (NVIDIA Corporation)
    R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8243272 2013-03-15] (Realtek Semiconductor Corp.)
    S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
    S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
    ==================== NetSvcs (Whitelisted) ===================
    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
    
    ==================== One Month Created Files and Folders ========
    (If an entry is included in the fixlist, the file\folder will be moved.)
    2014-08-06 01:22 - 2014-08-06 01:22 - 00000000 ____D () C:\Users\Lawrence\Desktop\FRST-OlderVersion
    2014-08-06 01:16 - 2014-08-06 01:16 - 00001624 _____ () C:\Users\Lawrence\Desktop\JRT.txt
    2014-08-06 01:11 - 2014-08-06 01:11 - 00004222 _____ () C:\Users\Lawrence\Desktop\AdwCleaner[S0].txt
    2014-08-06 01:10 - 2014-08-06 01:10 - 00000000 ____D () C:\WINDOWS\ERUNT
    2014-08-06 01:08 - 2014-08-06 01:08 - 01016261 _____ (Thisisu) C:\Users\Lawrence\Desktop\JRT.exe
    2014-08-06 01:02 - 2014-08-06 01:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
    2014-08-06 01:01 - 2014-08-06 01:21 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2014-08-06 01:00 - 2014-08-06 01:00 - 00001125 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-08-06 01:00 - 2014-08-06 01:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-08-06 01:00 - 2014-08-06 01:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-08-06 01:00 - 2014-08-06 01:00 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-08-06 01:00 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
    2014-08-06 01:00 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
    2014-08-06 01:00 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
    2014-08-06 00:51 - 2014-08-06 00:52 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lawrence\Desktop\mbam-setup-2.0.2.1012.exe
    2014-08-06 00:51 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
    2014-08-06 00:50 - 2014-08-06 00:55 - 00000000 ____D () C:\AdwCleaner
    2014-08-06 00:49 - 2014-08-06 00:50 - 01361309 _____ () C:\Users\Lawrence\Desktop\AdwCleaner.exe
    2014-08-05 22:35 - 2014-08-05 22:35 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\Blizzard
    2014-08-05 22:19 - 2014-08-05 22:19 - 00000000 ____D () C:\Users\Lawrence\Documents\Downloaded Videos Movie
    2014-08-05 22:10 - 2014-08-05 22:21 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\Maxiget
    2014-08-05 22:10 - 2014-08-05 22:14 - 00000258 __RSH () C:\ProgramData\ntuser.pol
    2014-08-05 22:10 - 2014-08-05 22:10 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\MaxiGet Download Manager
    2014-08-05 22:02 - 2014-08-05 23:45 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
    2014-08-05 22:02 - 2014-08-05 22:02 - 00001218 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HearthstoneHearthstone.lnk
    2014-08-05 22:02 - 2014-08-05 22:02 - 00001172 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
    2014-08-05 22:02 - 2014-08-05 22:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
    2014-08-05 19:23 - 2014-08-05 19:23 - 00000000 ____D () C:\ProgramData\HipSoft
    2014-08-05 19:19 - 2014-08-05 19:19 - 00000064 _____ () C:\WINDOWS\GPlrLanc.dat
    2014-08-05 19:17 - 2014-08-05 22:15 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\StormAlerts
    2014-07-31 01:08 - 2014-07-31 01:08 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
    2014-07-31 01:08 - 2014-07-31 01:08 - 00000000 ____D () C:\WINDOWS\system32\NV
    2014-07-30 17:11 - 2014-07-30 17:11 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
    2014-07-30 17:08 - 2014-07-03 06:48 - 31512520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
    2014-07-30 17:08 - 2014-07-03 06:48 - 24196896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
    2014-07-30 17:08 - 2014-07-03 06:48 - 22994208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
    2014-07-30 17:08 - 2014-07-03 06:48 - 18626304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
    2014-07-30 17:08 - 2014-07-03 06:48 - 17555104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
    2014-07-30 17:08 - 2014-07-03 06:48 - 16122344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
    2014-07-30 17:08 - 2014-07-03 06:48 - 15294296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
    2014-07-30 17:08 - 2014-07-03 06:48 - 13922752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
    2014-07-30 17:08 - 2014-07-03 06:48 - 13835208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
    2014-07-30 17:08 - 2014-07-03 06:48 - 12866008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
    2014-07-30 17:08 - 2014-07-03 06:48 - 11283344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
    2014-07-30 17:08 - 2014-07-03 06:48 - 11222048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
    2014-07-30 17:08 - 2014-07-03 06:48 - 04247000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
    2014-07-30 17:08 - 2014-07-03 06:48 - 03989960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
    2014-07-30 17:08 - 2014-07-03 06:48 - 01890080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434052.dll
    2014-07-30 17:08 - 2014-07-03 06:48 - 01539928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434052.dll
    2014-07-30 17:08 - 2014-07-03 06:48 - 00944928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
    2014-07-30 17:08 - 2014-07-03 06:48 - 00907096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
    2014-07-30 17:08 - 2014-07-03 06:48 - 00903624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
    2014-07-30 17:08 - 2014-07-03 06:48 - 00869152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
    2014-07-30 17:08 - 2014-07-03 06:48 - 00502232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
    2014-07-30 17:08 - 2014-07-03 06:48 - 00418760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
    2014-07-30 17:08 - 2014-07-03 06:48 - 00391640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
    2014-07-30 17:08 - 2014-07-03 06:48 - 00354016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
    2014-07-30 17:08 - 2014-07-03 06:48 - 00348120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
    2014-07-30 17:08 - 2014-07-03 06:48 - 00305600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
    2014-07-30 17:08 - 2014-07-03 06:48 - 00032544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
    2014-07-30 16:15 - 2014-07-30 17:09 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
    2014-07-30 16:15 - 2014-07-25 23:50 - 01715224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
    2014-07-30 16:15 - 2014-07-25 23:50 - 01291280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
    2014-07-30 16:15 - 2014-04-01 02:42 - 00040392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
    2014-07-30 16:15 - 2014-04-01 02:42 - 00034760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
    2014-07-20 11:42 - 2014-08-06 01:02 - 00001871 _____ () C:\Users\Public\Desktop\McAfee Internet Security.lnk
    2014-07-20 11:41 - 2014-07-20 11:41 - 00000000 ____D () C:\Program Files (x86)\McAfee.com
    2014-07-20 11:41 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
    2014-07-20 11:40 - 2014-08-06 00:58 - 00000000 ____D () C:\Program Files (x86)\McAfee
    2014-07-20 11:40 - 2014-07-20 11:40 - 00000000 ____D () C:\Program Files\McAfee.com
    2014-07-20 11:35 - 2014-06-20 10:30 - 00189912 _____ (McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe
    2014-07-20 11:07 - 2014-07-20 11:08 - 00000000 ____D () C:\ccbcdf3a6d8c10b8004fd3c5c5
    2014-07-20 01:17 - 2014-07-20 01:18 - 00037817 _____ () C:\Users\Lawrence\Desktop\Addition.txt
    2014-07-20 01:16 - 2014-08-06 01:22 - 00026138 _____ () C:\Users\Lawrence\Desktop\FRST.txt
    2014-07-20 01:16 - 2014-08-06 01:22 - 00000000 ____D () C:\FRST
    2014-07-20 01:15 - 2014-08-06 01:22 - 02094080 _____ (Farbar) C:\Users\Lawrence\Desktop\FRST64.exe
    2014-07-19 18:46 - 2014-07-19 18:46 - 00003023 _____ () C:\Users\Lawrence\Desktop\HiJackThis.lnk
    2014-07-19 18:46 - 2014-07-19 18:46 - 00000000 ____D () C:\Users\Lawrence\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
    2014-07-19 18:46 - 2014-07-19 18:46 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
    2014-07-19 18:14 - 2014-07-19 18:14 - 01402880 _____ () C:\Users\Lawrence\Desktop\HijackThis.msi
    2014-07-19 14:42 - 2014-07-19 14:42 - 00000003 _____ () C:\WINDOWS\system32\HRUPPROG.EXIT
    2014-07-19 14:42 - 2014-07-19 14:42 - 00000002 _____ () C:\WINDOWS\system32\HRUPPROG.TXT
    2014-07-17 19:14 - 2014-07-17 19:14 - 00000000 ____D () C:\ProgramData\Riot Games
    2014-07-17 18:44 - 2014-07-17 18:44 - 00688992 _____ (Swearware) C:\Users\Lawrence\Desktop\dds.com
    2014-07-17 17:51 - 2014-07-17 18:04 - 00000000 _____ () C:\WINDOWS\system32\1
    2014-07-16 23:54 - 2014-08-06 01:21 - 00004978 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for ROYAL-Lawry Lsw Royal
    2014-07-16 23:34 - 2014-07-16 23:32 - 04605016 _____ () C:\Users\Lawrence\Desktop\cbs.txt
    2014-07-16 23:14 - 2014-07-16 23:14 - 00002464 _____ () C:\Users\Lawrence\Desktop\SFCFix.txt
    2014-07-16 23:13 - 2014-07-16 23:13 - 01296920 _____ () C:\Users\Lawrence\Desktop\SFCFix.zip
    2014-07-16 01:49 - 2014-07-16 23:12 - 00566784 _____ (niemiro) C:\Users\Lawrence\Desktop\SFCFix.exe
    2014-07-16 01:42 - 2014-07-16 23:14 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\niemiro
    2014-07-16 01:42 - 2014-07-16 23:14 - 00000000 ____D () C:\SFCFix
    2014-07-13 01:18 - 2014-07-13 01:18 - 00001052 _____ () C:\Users\Public\Desktop\Path of Exile.lnk
    2014-07-13 01:13 - 2014-07-13 01:18 - 00000000 ____D () C:\Program Files (x86)\GarenaPoE
    2014-07-12 16:15 - 2014-07-12 16:15 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\Aeria Games
    2014-07-12 16:14 - 2014-07-12 16:14 - 00000000 ____D () C:\ProgramData\Aeria Games
    2014-07-12 16:12 - 2014-07-12 16:13 - 00000000 ___HD () C:\WINDOWS\msdownld.tmp
    2014-07-12 16:12 - 2014-07-12 16:13 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
    2014-07-12 16:12 - 2014-07-12 16:12 - 00001701 _____ () C:\Users\Lawrence\Desktop\Aura Kingdom.lnk
    2014-07-12 16:00 - 2014-07-12 16:00 - 00002055 _____ () C:\Users\Public\Desktop\Aeria Ignite.lnk
    2014-07-12 16:00 - 2014-07-12 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
    2014-07-12 16:00 - 2014-07-12 16:00 - 00000000 ____D () C:\Program Files (x86)\Aeria Games
    2014-07-12 15:03 - 2014-07-12 15:05 - 00000000 ____D () C:\Users\Lawrence\Documents\InfiniteCrisis
    2014-07-12 15:03 - 2014-07-12 15:03 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\InfiniteCrisis
    2014-07-12 14:01 - 2014-07-12 14:01 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\Turbine
    2014-07-12 13:59 - 2014-07-12 15:00 - 00000000 ____D () C:\Program Files (x86)\InfiniteCrisis
    2014-07-12 13:59 - 2014-07-12 13:59 - 00001107 _____ () C:\Users\Public\Desktop\InfiniteCrisis.lnk
    2014-07-12 13:59 - 2014-07-12 13:59 - 00000000 ____D () C:\ProgramData\Turbine
    2014-07-12 13:59 - 2014-07-12 13:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infinite Crisis
    2014-07-12 13:49 - 2014-07-12 13:53 - 140770440 _____ () C:\Users\Lawrence\Downloads\InfiniteCrisis-GLOBAL_Setup.exe
    2014-07-12 13:47 - 2014-07-12 13:47 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\Akamai
    2014-07-12 12:58 - 2014-07-12 16:00 - 00000000 ____D () C:\AeriaGames
    2014-07-12 12:57 - 2014-07-12 12:57 - 00581656 _____ (Aeria Games & Entertainment) C:\Users\Lawrence\Downloads\aurakingdom_us_downloader.exe
    2014-07-11 16:09 - 2014-07-11 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2014-07-11 16:09 - 2014-07-11 16:09 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2014-07-11 16:09 - 2014-07-11 16:09 - 00000000 ____D () C:\Program Files\iTunes
    2014-07-11 16:09 - 2014-07-11 16:09 - 00000000 ____D () C:\Program Files\iPod
    2014-07-11 16:09 - 2014-07-11 16:09 - 00000000 ____D () C:\Program Files (x86)\iTunes
    2014-07-11 16:03 - 2014-07-11 16:05 - 113509200 _____ (Apple Inc.) C:\Users\Lawrence\Downloads\iTunes64Setup.exe
    2014-07-11 16:02 - 2014-08-06 01:08 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2014-07-11 16:02 - 2014-07-11 16:02 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
    2014-07-10 09:53 - 2014-07-10 09:53 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
    2014-07-10 09:48 - 2014-07-10 09:48 - 939619854 _____ () C:\WINDOWS\MEMORY.DMP
    2014-07-10 05:01 - 2014-04-14 13:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
    2014-07-10 00:42 - 2014-06-17 08:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
    2014-07-10 00:42 - 2014-06-17 08:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
    2014-07-10 00:42 - 2014-06-07 00:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
    2014-07-10 00:42 - 2014-05-30 13:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
    2014-07-10 00:42 - 2014-05-29 22:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2014-07-10 00:42 - 2014-05-29 17:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
    2014-07-10 00:42 - 2014-05-29 16:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
    2014-07-10 00:42 - 2014-05-29 16:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
    2014-07-10 00:42 - 2014-05-29 15:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
    2014-07-10 00:42 - 2014-05-29 15:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2014-07-10 00:41 - 2014-06-19 11:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2014-07-10 00:41 - 2014-06-19 10:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2014-07-10 00:41 - 2014-06-19 09:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
    2014-07-10 00:41 - 2014-06-19 08:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
    2014-07-10 00:40 - 2014-07-01 08:45 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
    2014-07-10 00:40 - 2014-06-28 17:48 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2014-07-10 00:40 - 2014-06-28 17:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2014-07-10 00:40 - 2014-06-19 10:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2014-07-10 00:40 - 2014-06-19 10:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
    2014-07-10 00:40 - 2014-06-19 09:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2014-07-10 00:40 - 2014-06-19 09:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
    2014-07-10 00:40 - 2014-06-19 09:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
    2014-07-10 00:40 - 2014-06-19 09:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
    2014-07-10 00:40 - 2014-06-19 09:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2014-07-10 00:40 - 2014-06-19 09:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2014-07-10 00:40 - 2014-06-19 09:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2014-07-10 00:40 - 2014-06-19 09:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
    2014-07-10 00:40 - 2014-06-19 08:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
    2014-07-10 00:40 - 2014-06-19 08:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2014-07-10 00:40 - 2014-06-19 08:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
    2014-07-10 00:40 - 2014-06-19 08:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2014-07-10 00:40 - 2014-06-19 08:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2014-07-10 00:40 - 2014-06-19 08:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2014-07-10 00:40 - 2014-06-19 08:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
    2014-07-10 00:40 - 2014-06-19 08:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2014-07-10 00:40 - 2014-06-19 08:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2014-07-10 00:40 - 2014-06-19 08:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
    2014-07-10 00:40 - 2014-06-19 08:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2014-07-10 00:40 - 2014-06-19 08:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2014-07-10 00:40 - 2014-06-19 08:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
    2014-07-10 00:40 - 2014-06-06 23:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
    2014-07-10 00:40 - 2014-06-06 22:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
    2014-07-10 00:40 - 2014-05-31 20:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    2014-07-10 00:40 - 2014-05-31 20:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
    2014-07-10 00:40 - 2014-05-31 13:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2014-07-10 00:40 - 2014-05-31 13:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2014-07-10 00:40 - 2014-05-31 13:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2014-07-10 00:40 - 2014-05-31 13:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
    2014-07-10 00:40 - 2014-05-31 13:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
    2014-07-10 00:40 - 2014-05-31 13:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2014-07-10 00:40 - 2014-05-31 12:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
    2014-07-10 00:40 - 2014-05-31 12:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
    2014-07-10 00:40 - 2014-05-31 12:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2014-07-10 00:40 - 2014-05-31 12:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
    2014-07-10 00:40 - 2014-05-31 12:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
    2014-07-10 00:40 - 2014-05-31 12:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
    2014-07-10 00:40 - 2014-05-31 12:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
    2014-07-10 00:29 - 2014-07-10 00:29 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
    2014-07-08 23:16 - 2014-07-08 23:16 - 00001625 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
    ==================== One Month Modified Files and Folders =======
    (If an entry is included in the fixlist, the file\folder will be moved.)
    2014-08-06 01:23 - 2014-07-20 01:16 - 00026138 _____ () C:\Users\Lawrence\Desktop\FRST.txt
    2014-08-06 01:22 - 2014-08-06 01:22 - 00000000 ____D () C:\Users\Lawrence\Desktop\FRST-OlderVersion
    2014-08-06 01:22 - 2014-07-20 01:16 - 00000000 ____D () C:\FRST
    2014-08-06 01:22 - 2014-07-20 01:15 - 02094080 _____ (Farbar) C:\Users\Lawrence\Desktop\FRST64.exe
    2014-08-06 01:21 - 2014-08-06 01:01 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2014-08-06 01:21 - 2014-07-16 23:54 - 00004978 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for ROYAL-Lawry Lsw Royal
    2014-08-06 01:21 - 2013-11-02 13:09 - 00000924 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2014-08-06 01:20 - 2014-06-25 17:19 - 00003496 _____ () C:\WINDOWS\System32\Tasks\gg_uac_daemon_Lawry Lsw
    2014-08-06 01:20 - 2013-08-23 00:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
    2014-08-06 01:19 - 2013-10-12 12:39 - 00006656 _____ () C:\WINDOWS\system32\VfService.trf
    2014-08-06 01:19 - 2013-09-30 14:02 - 00037136 _____ () C:\WINDOWS\PFRO.log
    2014-08-06 01:19 - 2013-08-23 01:36 - 00000000 ____D () C:\WINDOWS\Registration
    2014-08-06 01:19 - 2013-08-22 23:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
    2014-08-06 01:17 - 2013-11-01 17:38 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-450748458-2682401420-2043914554-1002
    2014-08-06 01:16 - 2014-08-06 01:16 - 00001624 _____ () C:\Users\Lawrence\Desktop\JRT.txt
    2014-08-06 01:11 - 2014-08-06 01:11 - 00004222 _____ () C:\Users\Lawrence\Desktop\AdwCleaner[S0].txt
    2014-08-06 01:10 - 2014-08-06 01:10 - 00000000 ____D () C:\WINDOWS\ERUNT
    2014-08-06 01:08 - 2014-08-06 01:08 - 01016261 _____ (Thisisu) C:\Users\Lawrence\Desktop\JRT.exe
    2014-08-06 01:08 - 2014-07-11 16:02 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2014-08-06 01:02 - 2014-08-06 01:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
    2014-08-06 01:02 - 2014-07-20 11:42 - 00001871 _____ () C:\Users\Public\Desktop\McAfee Internet Security.lnk
    2014-08-06 01:02 - 2013-11-03 03:39 - 00000000 ____D () C:\Users\Lawrence\AppData\Roaming\GarenaPlus
    2014-08-06 01:02 - 2013-11-03 03:38 - 00000000 ____D () C:\ProgramData\GarenaMessenger
    2014-08-06 01:00 - 2014-08-06 01:00 - 00001125 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-08-06 01:00 - 2014-08-06 01:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-08-06 01:00 - 2014-08-06 01:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-08-06 01:00 - 2014-08-06 01:00 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-08-06 01:00 - 2013-08-23 01:36 - 00000000 ____D () C:\WINDOWS\system32\sru
    2014-08-06 00:58 - 2014-07-20 11:40 - 00000000 ____D () C:\Program Files (x86)\McAfee
    2014-08-06 00:57 - 2013-08-22 23:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
    2014-08-06 00:56 - 2013-10-12 12:07 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2014-08-06 00:55 - 2014-08-06 00:50 - 00000000 ____D () C:\AdwCleaner
    2014-08-06 00:52 - 2014-08-06 00:51 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lawrence\Desktop\mbam-setup-2.0.2.1012.exe
    2014-08-06 00:50 - 2014-08-06 00:49 - 01361309 _____ () C:\Users\Lawrence\Desktop\AdwCleaner.exe
    2014-08-06 00:48 - 2013-11-02 13:09 - 00000928 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2014-08-05 23:45 - 2014-08-05 22:02 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
    2014-08-05 23:45 - 2014-06-25 01:16 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\Battle.net
    2014-08-05 22:35 - 2014-08-05 22:35 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\Blizzard
    2014-08-05 22:21 - 2014-08-05 22:10 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\Maxiget
    2014-08-05 22:19 - 2014-08-05 22:19 - 00000000 ____D () C:\Users\Lawrence\Documents\Downloaded Videos Movie
    2014-08-05 22:15 - 2014-08-05 19:17 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\StormAlerts
    2014-08-05 22:14 - 2014-08-05 22:10 - 00000258 __RSH () C:\ProgramData\ntuser.pol
    2014-08-05 22:10 - 2014-08-05 22:10 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\MaxiGet Download Manager
    2014-08-05 22:10 - 2013-08-23 01:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
    2014-08-05 22:10 - 2013-08-23 01:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
    2014-08-05 22:07 - 2013-12-31 20:07 - 00016553 _____ () C:\Users\Lawrence\Desktop\Expenditure.xlsx
    2014-08-05 22:02 - 2014-08-05 22:02 - 00001218 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HearthstoneHearthstone.lnk
    2014-08-05 22:02 - 2014-08-05 22:02 - 00001172 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
    2014-08-05 22:02 - 2014-08-05 22:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
    2014-08-05 22:00 - 2013-11-04 09:34 - 00000000 __SHD () C:\Users\Lawrence\wc
    2014-08-05 21:32 - 2013-11-27 08:11 - 01508813 _____ () C:\WINDOWS\WindowsUpdate.log
    2014-08-05 21:14 - 2013-08-23 01:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
    2014-08-05 19:23 - 2014-08-05 19:23 - 00000000 ____D () C:\ProgramData\HipSoft
    2014-08-05 19:19 - 2014-08-05 19:19 - 00000064 _____ () C:\WINDOWS\GPlrLanc.dat
    2014-08-05 19:15 - 2013-08-23 01:36 - 00000000 ____D () C:\WINDOWS\Resources
    2014-08-05 13:06 - 2013-11-02 20:32 - 00000000 ____D () C:\Program Files\Microsoft Office 15
    2014-08-04 00:34 - 2013-11-01 17:23 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\Packages
    2014-08-02 11:21 - 2014-06-15 22:55 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\PMB Files
    2014-08-02 11:21 - 2014-06-15 22:55 - 00000000 ____D () C:\ProgramData\PMB Files
    2014-08-02 11:20 - 2013-11-03 03:38 - 00000000 ____D () C:\Program Files (x86)\Garena Plus
    2014-07-31 18:10 - 2014-06-25 01:15 - 00000000 ____D () C:\Program Files (x86)\Battle.net
    2014-07-31 01:08 - 2014-07-31 01:08 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
    2014-07-31 01:08 - 2014-07-31 01:08 - 00000000 ____D () C:\WINDOWS\system32\NV
    2014-07-30 17:11 - 2014-07-30 17:11 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
    2014-07-30 17:11 - 2013-11-27 08:11 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
    2014-07-30 17:10 - 2013-10-12 12:01 - 00000000 ____D () C:\ProgramData\NVIDIA
    2014-07-30 17:09 - 2014-07-30 16:15 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
    2014-07-30 17:09 - 2013-11-27 08:11 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
    2014-07-30 16:16 - 2013-12-04 02:48 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\NVIDIA Corporation
    2014-07-30 16:15 - 2013-08-23 00:46 - 00340131 _____ () C:\WINDOWS\setupact.log
    2014-07-25 23:50 - 2014-07-30 16:15 - 01715224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
    2014-07-25 23:50 - 2014-07-30 16:15 - 01291280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
    2014-07-25 23:50 - 2013-12-02 00:48 - 01283136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
    2014-07-25 23:50 - 2013-12-02 00:48 - 01126480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
    2014-07-23 19:55 - 2013-10-12 12:37 - 00000000 ____D () C:\Program Files\Common Files\mcafee
    2014-07-23 19:55 - 2012-07-26 18:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
    2014-07-22 23:56 - 2013-11-27 08:16 - 00000000 ____D () C:\Users\Lawrence
    2014-07-20 14:41 - 2013-10-12 12:37 - 00000000 ____D () C:\ProgramData\McAfee
    2014-07-20 11:41 - 2014-07-20 11:41 - 00000000 ____D () C:\Program Files (x86)\McAfee.com
    2014-07-20 11:41 - 2013-10-12 12:37 - 00000000 ____D () C:\Program Files\mcafee
    2014-07-20 11:40 - 2014-07-20 11:40 - 00000000 ____D () C:\Program Files\McAfee.com
    2014-07-20 11:33 - 2013-08-23 00:44 - 00474072 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
    2014-07-20 11:08 - 2014-07-20 11:07 - 00000000 ____D () C:\ccbcdf3a6d8c10b8004fd3c5c5
    2014-07-20 11:05 - 2012-07-26 15:37 - 00000000 ____D () C:\Users\Default.migrated
    2014-07-20 11:04 - 2013-11-25 10:01 - 00000000 ____D () C:\Program Files\stinger
    2014-07-20 01:18 - 2014-07-20 01:17 - 00037817 _____ () C:\Users\Lawrence\Desktop\Addition.txt
    2014-07-19 18:46 - 2014-07-19 18:46 - 00003023 _____ () C:\Users\Lawrence\Desktop\HiJackThis.lnk
    2014-07-19 18:46 - 2014-07-19 18:46 - 00000000 ____D () C:\Users\Lawrence\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
    2014-07-19 18:46 - 2014-07-19 18:46 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
    2014-07-19 18:46 - 2013-11-01 17:24 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\VirtualStore
    2014-07-19 18:14 - 2014-07-19 18:14 - 01402880 _____ () C:\Users\Lawrence\Desktop\HijackThis.msi
    2014-07-19 14:42 - 2014-07-19 14:42 - 00000003 _____ () C:\WINDOWS\system32\HRUPPROG.EXIT
    2014-07-19 14:42 - 2014-07-19 14:42 - 00000002 _____ () C:\WINDOWS\system32\HRUPPROG.TXT
    2014-07-17 19:14 - 2014-07-17 19:14 - 00000000 ____D () C:\ProgramData\Riot Games
    2014-07-17 18:44 - 2014-07-17 18:44 - 00688992 _____ (Swearware) C:\Users\Lawrence\Desktop\dds.com
    2014-07-17 18:04 - 2014-07-17 17:51 - 00000000 _____ () C:\WINDOWS\system32\1
    2014-07-16 23:32 - 2014-07-16 23:34 - 04605016 _____ () C:\Users\Lawrence\Desktop\cbs.txt
    2014-07-16 23:14 - 2014-07-16 23:14 - 00002464 _____ () C:\Users\Lawrence\Desktop\SFCFix.txt
    2014-07-16 23:14 - 2014-07-16 01:42 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\niemiro
    2014-07-16 23:14 - 2014-07-16 01:42 - 00000000 ____D () C:\SFCFix
    2014-07-16 23:13 - 2014-07-16 23:13 - 01296920 _____ () C:\Users\Lawrence\Desktop\SFCFix.zip
    2014-07-16 23:12 - 2014-07-16 01:49 - 00566784 _____ (niemiro) C:\Users\Lawrence\Desktop\SFCFix.exe
    2014-07-16 16:05 - 2013-09-30 14:10 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
    2014-07-16 02:28 - 2012-07-26 17:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
    2014-07-13 01:18 - 2014-07-13 01:18 - 00001052 _____ () C:\Users\Public\Desktop\Path of Exile.lnk
    2014-07-13 01:18 - 2014-07-13 01:13 - 00000000 ____D () C:\Program Files (x86)\GarenaPoE
    2014-07-13 01:18 - 2013-11-03 03:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garena
    2014-07-12 16:17 - 2014-04-28 01:53 - 00000000 ____D () C:\Users\Lawrence\Desktop\Books!
    2014-07-12 16:15 - 2014-07-12 16:15 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\Aeria Games
    2014-07-12 16:14 - 2014-07-12 16:14 - 00000000 ____D () C:\ProgramData\Aeria Games
    2014-07-12 16:13 - 2014-07-12 16:12 - 00000000 ___HD () C:\WINDOWS\msdownld.tmp
    2014-07-12 16:13 - 2014-07-12 16:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
    2014-07-12 16:12 - 2014-07-12 16:12 - 00001701 _____ () C:\Users\Lawrence\Desktop\Aura Kingdom.lnk
    2014-07-12 16:00 - 2014-07-12 16:00 - 00002055 _____ () C:\Users\Public\Desktop\Aeria Ignite.lnk
    2014-07-12 16:00 - 2014-07-12 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
    2014-07-12 16:00 - 2014-07-12 16:00 - 00000000 ____D () C:\Program Files (x86)\Aeria Games
    2014-07-12 16:00 - 2014-07-12 12:58 - 00000000 ____D () C:\AeriaGames
    2014-07-12 15:05 - 2014-07-12 15:03 - 00000000 ____D () C:\Users\Lawrence\Documents\InfiniteCrisis
    2014-07-12 15:03 - 2014-07-12 15:03 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\InfiniteCrisis
    2014-07-12 15:00 - 2014-07-12 13:59 - 00000000 ____D () C:\Program Files (x86)\InfiniteCrisis
    2014-07-12 14:01 - 2014-07-12 14:01 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\Turbine
    2014-07-12 14:00 - 2014-06-30 02:00 - 00028116 _____ () C:\WINDOWS\DirectX.log
    2014-07-12 13:59 - 2014-07-12 13:59 - 00001107 _____ () C:\Users\Public\Desktop\InfiniteCrisis.lnk
    2014-07-12 13:59 - 2014-07-12 13:59 - 00000000 ____D () C:\ProgramData\Turbine
    2014-07-12 13:59 - 2014-07-12 13:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infinite Crisis
    2014-07-12 13:53 - 2014-07-12 13:49 - 140770440 _____ () C:\Users\Lawrence\Downloads\InfiniteCrisis-GLOBAL_Setup.exe
    2014-07-12 13:47 - 2014-07-12 13:47 - 00000000 ____D () C:\Users\Lawrence\AppData\Local\Akamai
    2014-07-12 12:57 - 2014-07-12 12:57 - 00581656 _____ (Aeria Games & Entertainment) C:\Users\Lawrence\Downloads\aurakingdom_us_downloader.exe
    2014-07-11 16:09 - 2014-07-11 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2014-07-11 16:09 - 2014-07-11 16:09 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2014-07-11 16:09 - 2014-07-11 16:09 - 00000000 ____D () C:\Program Files\iTunes
    2014-07-11 16:09 - 2014-07-11 16:09 - 00000000 ____D () C:\Program Files\iPod
    2014-07-11 16:09 - 2014-07-11 16:09 - 00000000 ____D () C:\Program Files (x86)\iTunes
    2014-07-11 16:06 - 2013-11-09 16:39 - 00000000 ____D () C:\ProgramData\Apple
    2014-07-11 16:05 - 2014-07-11 16:03 - 113509200 _____ (Apple Inc.) C:\Users\Lawrence\Downloads\iTunes64Setup.exe
    2014-07-11 16:02 - 2014-07-11 16:02 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
    2014-07-10 10:28 - 2013-08-23 01:36 - 00000000 ____D () C:\WINDOWS\rescache
    2014-07-10 09:54 - 2013-08-23 01:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
    2014-07-10 09:54 - 2013-08-23 01:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
    2014-07-10 09:53 - 2014-07-10 09:53 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
    2014-07-10 09:52 - 2013-08-23 01:36 - 00000000 ___RD () C:\WINDOWS\ToastData
    2014-07-10 09:52 - 2013-08-23 01:36 - 00000000 ____D () C:\WINDOWS\WinStore
    2014-07-10 09:48 - 2014-07-10 09:48 - 939619854 _____ () C:\WINDOWS\MEMORY.DMP
    2014-07-10 05:07 - 2013-11-04 05:56 - 00000000 ____D () C:\WINDOWS\system32\MRT
    2014-07-10 05:06 - 2013-11-04 05:56 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2014-07-10 05:01 - 2013-08-23 00:46 - 00000440 _____ () C:\WINDOWS\setuperr.log
    2014-07-10 05:00 - 2013-09-30 13:58 - 00000000 ____D () C:\Program Files\Windows Journal
    2014-07-10 00:29 - 2014-07-10 00:29 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
    2014-07-08 23:16 - 2014-07-08 23:16 - 00001625 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
    2014-07-08 23:15 - 2013-11-01 18:08 - 00000000 ___RD () C:\Users\Lawrence\Desktop\Dekstop
    Some content of TEMP:
    ====================
    C:\Users\Lawrence\AppData\Local\Temp\dxwebsetup.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_131114to131127v3.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_131127to131217v2.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_131217to140110.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140110to140121v2.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140121to140212v2.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140212to140214.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140214to140220.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140220to140306.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140306to140307.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140307to140325.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140325to140401v2.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140401to140409.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140409to140410.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140410to140429.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140429to140430.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140430to140513.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140513to140529.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140529to140610v2.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140610to140624.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140624to140708v2.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140708to140722.exe
    C:\Users\Lawrence\AppData\Local\Temp\lol_patch_140722to140805.exe
    C:\Users\Lawrence\AppData\Local\Temp\OfficeSetup.exe
    C:\Users\Lawrence\AppData\Local\Temp\Quarantine.exe
    C:\Users\Lawrence\AppData\Local\Temp\Setup.x86.en-US_HomeStudentRetail_CNFY9-CRP43-TF6PQ-76VYF-BY2XR_TX_SG_.exe
    C:\Users\Lawrence\AppData\Local\Temp\setup32.exe
    C:\Users\Lawrence\AppData\Local\Temp\swt-win32-3349.dll
    C:\Users\Lawrence\AppData\Local\Temp\Tsu301FFA7E.dll
    C:\Users\Lawrence\AppData\Local\Temp\Tsu30F4D4DA.dll
    C:\Users\Lawrence\AppData\Local\Temp\Tsu322EB8E2.dll
    C:\Users\Lawrence\AppData\Local\Temp\UNT3DBF.tmp.exe
    C:\Users\Lawrence\AppData\Local\Temp\UNT3DEF.tmp.exe
    C:\Users\Lawrence\AppData\Local\Temp\UNT3DFE.tmp.exe
    C:\Users\Lawrence\AppData\Local\Temp\UNT3DFF.tmp.exe
    C:\Users\Lawrence\AppData\Local\Temp\UNT3E2E.tmp.exe
    C:\Users\Lawrence\AppData\Local\Temp\UNT3E2F.tmp.exe
    C:\Users\Lawrence\AppData\Local\Temp\UNT3E5E.tmp.exe
    C:\Users\Lawrence\AppData\Local\Temp\UNT3E6E.tmp.exe
    C:\Users\Lawrence\AppData\Local\Temp\UNT3E8E.tmp.exe
    C:\Users\Lawrence\AppData\Local\Temp\UNT3EAE.tmp.exe
    C:\Users\Lawrence\AppData\Local\Temp\UNT3EDD.tmp.exe
    C:\Users\Lawrence\AppData\Local\Temp\UNT3F0D.tmp.exe
    C:\Users\Lawrence\AppData\Local\Temp\UNT3F3D.tmp.exe
    C:\Users\Lawrence\AppData\Local\Temp\UNT3F6A.tmp.exe
    C:\Users\Lawrence\AppData\Local\Temp\UNT4065.tmp.exe
    C:\Users\Lawrence\AppData\Local\Temp\UNT43B0.tmp.exe
    C:\Users\Lawrence\AppData\Local\Temp\UNT43E0.tmp.exe
    C:\Users\Lawrence\AppData\Local\Temp\UNT43F3.tmp.exe
    C:\Users\Lawrence\AppData\Local\Temp\UNT4423.tmp.exe
    C:\Users\Lawrence\AppData\Local\Temp\UNT4452.tmp.exe
    C:\Users\Lawrence\AppData\Local\Temp\UNT4482.tmp.exe
    C:\Users\Lawrence\AppData\Local\Temp\UNT44B2.tmp.exe
    C:\Users\Lawrence\AppData\Local\Temp\UNT44E2.tmp.exe
    C:\Users\Lawrence\AppData\Local\Temp\UNT4502.tmp.exe
    C:\Users\Lawrence\AppData\Local\Temp\vcredist_x86.exe
    
    ==================== Bamital & volsnap Check =================
    (There is no automatic fix for files that do not pass verification.)
    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
    
    LastRegBack: 2014-07-29 19:34
    ==================== End Of Log ============================

  11. #11

    Re: Group Policy Client Failed to Start (Was Unable To Run DDS)

    I think those are the things you needed. If there is anything else, please do let me know.

    And once again, thank you for being very patient with me. I really appreciate your help as I know nothing about computers.

  12. #12

    Re: Group Policy Client Failed to Start (Was Unable To Run DDS)

    Hi,

    Step 1: FRST Fix
    • Please download the attached fixlist.txt file and save it to the same location as FRST

      Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
      NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
    • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
    • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply

    Step 2: FRST Scan
    • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
    • Click Scan to start FRST.
    • When FRST finishes scanning, a log, FRST.txt, will open.
    • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

    Step 3: ESET

    Please run a free online scan with the ESET Online Scanner:

    IMPORTANT: You MUST use Internet Explorer for this step!

    • Visit the ESET Online Scanner Web Page
    • Select the blue Run ESET Online Scanner button:
    • Tick the box next to YES, I accept the Terms of Use and click Start
    • When asked, allow the ActiveX control to install.
    • Select Enable detection of potentially unwanted applications and select Advanced Settings:
    • Make sure to check the options Remove found threats and Enable Anti-Stealth technology are checked:
    • Click Start. (This scan can take several hours, so please be patient):
    • Once the scan is completed, select List of found threats:
    • Select Export to text file... and save the file as ESETlog.txt on your Desktop:
    • Click the Back button.
    • Click the Finish button:
    • Use Notepad to open the saved log file (on your Desktop- ESET.txt)[/b]
    • Copy and paste that log as a reply to this topic.

    Step 4: Question

    How is your PC running?
    Attached Files Attached Files
    Cheers,
    Machiavelli


Similar Threads

  1. Updated Group Policy Search service
    By A Guy in forum Windows 8 | Windows RT
    Replies: 0
    Last Post: 09-02-2012, 10:29 PM
  2. Group policy update comes to Windows 8
    By JMH in forum Microsoft News
    Replies: 0
    Last Post: 05-16-2012, 07:01 PM

Log in

Log in