Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I think I have a new version of cryptolocker with a trwist


  • Please log in to reply
40 replies to this topic

#1 coldair

coldair

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Naples Fl
  • Local time:10:09 PM

Posted 19 November 2013 - 10:16 AM

Mod Edit; Moved to more appropriate forum ~~ boopme

On 11/8/2013 I came into the office to find a BSOD with a powerstate failure.  I rebooted to the desk top and found the avast pro firewall disabled and my Intel rapid storage technology enterprise program not working.  I thought it was just a routine failure of the weekly MS update caused the problem so I tried tried to enable the firewall and re install the raid software but it was not working.  I could read my array so I decided to do a backup to my Netgear NAS before trying more drastic measures.  I uninstalled and then re installed Avast internet pro and the raid drivers from ASUS.  Still not good so I copied my data drives to the raid after running a virus scan on the NAS and the raid.   I then put a new SSD in and loaded Win7 64 in it with new Avast and new Maleware Bytes but I was stil not able to read the array.  Then I got a phone call from a man saying he was from MS and would help me with my problem.  Well I thought he was just a scammer so I blew him off, three days later he called again.  I still never let him get too far with his speech as they are usually the same crooks that scam the elderly.
I wiped the raid array, copied the backups to new drive in the machine and the tried to put it back on the raid array from the other drive using restore from image.  After restoring I found my data but certain files were locked to I tried resetting permissions and still no go.  This past Sunday afternoon I came in to fine the raid had wiped clean the data except for a few files with a warning about a powerstate failure that did not allow me to put the data on the drive.  Then the guy called again, so I'm thinking he must have access to my machine.  I told him my wife was not home and I did not have a password on her computer (I may have lied) he said he would call back later today.  Any help would be appreciated.

Edited by boopme, 19 November 2013 - 09:17 PM.


BC AdBot (Login to Remove)

 


#2 coldair

coldair
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Naples Fl
  • Local time:10:09 PM

Posted 19 November 2013 - 11:33 AM

here is a couple of screen shots of my avast log reported 

http://img.photobucket.com/albums/v95/coldair/avastlog1_zps6c11412d.jpg

 

and here is a list of users that I found on my old (infected) win7 64 partition

 http://img.photobucket.com/albums/v95/coldair/userlist_zps0d1408a9.jpg

 

any help would be appreciated 



#3 coldair

coldair
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Naples Fl
  • Local time:10:09 PM

Posted 20 November 2013 - 08:45 AM

I installed a new copy of windows 7 on my old C drive and ran avast with a deep scan for root kits enabled and this is what it found 

http://img.photobucket.com/albums/v95/coldair/11-19-2013rootkitscan_zps6cf51396.jpg



#4 coldair

coldair
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Naples Fl
  • Local time:10:09 PM

Posted 22 November 2013 - 10:16 AM

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16428
Run by fix it at 10:05:53 on 2013-11-22
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.16332.14400 [GMT -5:00]
.
AV: avast! Internet Security *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Internet Security *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Internet Security *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorIcon.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorIcon.exe
mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\THXAudioCP\THXAudio.exe" /r
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
TCP: NameServer = 172.16.0.1
TCP: Interfaces\{7FC0F643-2FBF-473E-A955-F0375277ABB2} : DHCPNameServer = 172.16.0.1
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [THXCfg64] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\THXCfg64.dll,RunDLLEntry THXCfg64
x64-Run: [RunDLLEntry] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\AmbRunE.dll,RunDLLEntry
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 asahci64;asahci64;C:\Windows\System32\drivers\asahci64.sys [2012-1-6 49760]
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-11-19 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-11-19 205320]
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-11-18 565528]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-11-18 23832]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2013-11-19 28184]
R1 aswNdisFlt;Avast! Firewall Driver;C:\Windows\System32\drivers\aswNdisFlt.sys [2013-11-19 447888]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-11-19 1032416]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-11-19 409832]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-11-19 38984]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-11-19 84328]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-19 50344]
R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2013-11-19 116776]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe [2013-11-18 7168]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2013-11-18 178344]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-11-3 130536]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-11-3 395752]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2013-11-18 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2013-11-18 79360]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-11-18 111616]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-11-18 19456]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-4-12 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2013-11-18 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-18 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-11-18 30208]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2011-4-12 117248]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-11-18 1255736]
.
=============== Created Last 30 ================
.
2013-11-22 14:34:52 -------- d-----w- C:\Windows\pss
2013-11-22 14:30:59 10285968 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BDECD55B-5B08-4D7B-BDFE-2110CD4499B8}\mpengine.dll
2013-11-21 12:54:57 -------- d-----w- C:\Users\fix it\AppData\Local\Adobe
2013-11-19 14:55:32 -------- d-----w- C:\Users\fix it\AppData\Roaming\AVAST Software
2013-11-19 14:47:08 84328 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-11-19 14:47:08 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-11-19 14:47:08 205320 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-11-19 14:47:08 1032416 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-11-19 14:47:07 92544 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-11-19 14:47:07 28184 ----a-w- C:\Windows\System32\drivers\aswKbd.sys
2013-11-19 14:47:04 43152 ----a-w- C:\Windows\avastSS.scr
2013-11-19 14:47:02 447888 ----a-w- C:\Windows\System32\drivers\aswNdisFlt.sys
2013-11-19 14:46:53 -------- d-----w- C:\Program Files\AVAST Software
2013-11-19 14:46:35 -------- d-----w- C:\ProgramData\AVAST Software
2013-11-19 01:34:05 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2013-11-19 01:33:42 922912 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-11-19 01:33:42 6669600 ----a-w- C:\Windows\System32\nvcpl.dll
2013-11-19 01:33:42 63776 ----a-w- C:\Windows\System32\nvshext.dll
2013-11-19 01:33:42 3489568 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-11-19 01:33:42 2559776 ----a-w- C:\Windows\System32\nvsvcr.dll
2013-11-19 01:33:42 219424 ----a-w- C:\Windows\System32\nvmctray.dll
2013-11-19 01:33:10 61216 ----a-w- C:\Windows\System32\OpenCL.dll
2013-11-19 01:33:10 53024 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2013-11-19 01:32:48 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2013-11-19 01:32:45 -------- d-----w- C:\Program Files\NVIDIA Corporation
2013-11-19 00:08:17 -------- d-----w- C:\Program Files (x86)\Common Files\Intel Corporation
2013-11-18 23:23:28 3072 ----a-w- C:\Windows\System32\drivers\en-US\tsusbflt.sys.mui
2013-11-18 23:22:52 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2013-11-18 23:22:52 366592 ----a-w- C:\Windows\System32\qdvd.dll
2013-11-18 22:34:43 99840 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\HPZPPLHN.DLL
2013-11-18 21:47:27 -------- d-----w- C:\Users\fix it\AppData\Local\Microsoft Games
2013-11-18 21:04:33 -------- d-----w- C:\Windows\Panther
2013-11-18 20:57:48 -------- d-----w- C:\Windows.old
2013-11-18 20:56:27 565528 ----a-w- C:\Windows\System32\drivers\iaStorA.sys
2013-11-18 20:56:27 23832 ----a-w- C:\Windows\System32\drivers\iaStorF.sys
2013-11-18 20:37:10 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2013-11-18 20:13:37 10285968 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-11-18 20:09:55 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2013-11-18 20:09:55 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2013-11-18 20:09:55 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2013-11-18 20:09:55 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2013-11-18 20:09:54 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2013-11-18 20:09:54 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2013-11-18 20:09:54 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2013-11-18 20:08:11 -------- d-----w- C:\Windows\System32\MRT
2013-11-18 20:05:32 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2013-11-18 20:05:31 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2013-11-18 20:05:31 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2013-11-18 20:05:31 5120 ----a-w- C:\Windows\System32\wmi.dll
2013-11-18 20:05:31 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2013-11-18 20:00:52 70144 ----a-w- C:\Windows\System32\appinfo.dll
2013-11-18 19:59:57 800768 ----a-w- C:\Windows\System32\usp10.dll
2013-11-18 19:58:59 1572864 ----a-w- C:\Windows\System32\quartz.dll
2013-11-18 19:53:48 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-11-18 19:52:52 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2013-11-18 19:51:55 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe
2013-11-18 19:49:48 77312 ----a-w- C:\Windows\System32\packager.dll
2013-11-18 19:49:48 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2013-11-18 19:28:14 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2013-11-18 19:28:14 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2013-11-18 19:28:14 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2013-11-18 19:22:40 -------- d-----w- C:\Program Files (x86)\ASUS
2013-11-18 19:22:30 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2013-11-18 19:22:27 99840 ----a-w- C:\Windows\System32\wudriver.dll
2013-11-18 19:22:26 36864 ----a-w- C:\Windows\System32\wuapp.exe
2013-11-18 19:22:26 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2013-11-18 19:22:10 178344 ----a-w- C:\Windows\System32\IPROSetMonitor.exe
2013-11-18 19:21:58 355016 ----a-r- C:\Windows\System32\PROUnstl.exe
2013-11-18 19:21:14 68264 ----a-w- C:\Windows\System32\e1cmsg.dll
2013-11-18 19:21:14 36472 ----a-w- C:\Windows\System32\NicCo36.dll
2013-11-18 19:21:14 342704 ----a-w- C:\Windows\System32\drivers\e1c62x64.sys
2013-11-18 19:21:13 98496 ----a-w- C:\Windows\System32\NicInstC.dll
2013-11-18 19:20:38 -------- d-----w- C:\Program Files (x86)\ASM104xUSB3
2013-11-18 19:20:13 -------- d-----w- C:\Program Files (x86)\ASM106xSATA
2013-11-18 19:18:59 -------- d-----w- C:\Program Files (x86)\Common Files\Creative Labs Shared
2013-11-18 19:18:51 -------- d-----w- C:\Program Files\Creative
2013-11-18 19:18:32 -------- d-----w- C:\Program Files (x86)\Common Files\Macrovision Shared
2013-11-18 19:18:31 -------- d-----w- C:\Program Files (x86)\Creative
2013-11-18 19:18:27 729088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2013-11-18 19:18:27 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2013-11-18 19:18:27 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2013-11-18 19:18:27 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2013-11-18 19:18:27 192512 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2013-11-18 19:18:26 311428 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2013-11-18 19:18:26 188548 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2013-11-18 19:18:18 -------- d-----w- C:\Users\fix it\AppData\Roaming\Intel Corporation
2013-11-18 19:17:10 -------- d-----w- C:\Windows\SysWow64\RTCOM
2013-11-18 19:17:10 -------- d-----w- C:\Program Files\Realtek
2013-11-18 19:17:02 836544 ----a-w- C:\Windows\System32\tadefxapo264.dll
2013-11-18 19:17:02 65944 ----a-w- C:\Windows\System32\tepeqapo64.dll
2013-11-18 19:17:02 148416 ----a-w- C:\Windows\System32\tadefxapo.dll
2013-11-18 19:17:02 1361336 ----a-w- C:\Windows\System32\tosade.dll
2013-11-18 19:09:35 -------- d-----w- C:\Windows\AsusInstAll
2013-11-18 19:08:45 53248 ----a-r- C:\Windows\SysWow64\CSVer.dll
2013-11-18 19:08:21 296320 ----a-w- C:\Windows\System32\drivers\volsnap.sys
2013-11-18 19:07:20 -------- d-sh--w- C:\Windows\Installer
2013-11-18 19:07:18 -------- d-----w- C:\Users\fix it\AppData\Local\Google
2013-11-14 12:17:15 17455600 ----a-w- C:\SetupRST.exe
2013-11-13 16:24:01 -------- d-----w- C:\asus downloads
2013-11-13 16:23:42 -------- d-----w- C:\windows downloads
.
==================== Find3M  ====================
.
2013-11-18 20:26:03 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-11-18 19:19:34 466520 ----a-w- C:\Windows\System32\wrap_oal.dll
2013-11-18 19:19:34 445016 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2013-11-18 19:19:34 123480 ----a-w- C:\Windows\System32\OpenAL32.dll
2013-11-18 19:19:34 109144 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2013-11-11 10:50:16 267936 ------w- C:\Windows\System32\MpSigStub.exe
2013-10-23 08:02:36 589600 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll
2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll
2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll
2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll
2013-10-03 02:00:44 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2013-09-28 01:09:10 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll
2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll
2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll
2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll
2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe
2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll
2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll
2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll
2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll
2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll
2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys
2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll
.
============= FINISH: 10:06:04.90 ===============
 
 

Attached Files



#5 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,604 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:09 PM

Posted 24 November 2013 - 10:20 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/514702 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#6 coldair

coldair
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Naples Fl
  • Local time:10:09 PM

Posted 02 December 2013 - 07:20 PM

I am still unable to remove this virus and or maleware. it seems to replicate itself and it will not allow me to restore from a good backup.
conduit is still here even though it was deleted long ago 

I have a file called "END" that  spybot search and destroy labels as maleware 

virus3_zps70aee97c.png

virus2_zps599c5f83.png

 

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.45.2
Run by Caleb at 19:21:52 on 2013-12-02
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.16332.11717 [GMT -5:00]
.
AV: avast! Internet Security *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Internet Security *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Internet Security *Enabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.19\aaHMSvc.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.10\AsusFanControlService.exe
C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorIcon.exe
C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineAgent.exe
C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\splwow64.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
C:\Program Files (x86)\Glary Utilities 4\Integrator.exe
C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [NETGEARGenie] "C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe" -mini -redirect
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorIcon.exe
mRun: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 172.16.0.1
TCP: Interfaces\{53A45AE1-298A-4EF9-9080-395E110E6A28} : DHCPNameServer = 172.16.0.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 AiChargerPlus;ASUS Charger Plus Driver;C:\Windows\System32\drivers\AiChargerPlus.sys [2013-11-14 14464]
R0 asahci64;asahci64;C:\Windows\System32\drivers\asahci64.sys [2012-1-6 49760]
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-11-15 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-11-15 205320]
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-11-14 565528]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-11-14 23832]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2013-11-15 28184]
R1 aswNdisFlt;Avast! Firewall Driver;C:\Windows\System32\drivers\aswNdisFlt.sys [2013-11-15 447888]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-11-15 1032416]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-11-15 409832]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [2011-10-28 918448]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.19\aaHMSvc.exe [2012-1-20 948656]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2013-11-14 586880]
R2 AsusFanControlService;AsusFanControlService;C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.10\AsusFanControlService.exe [2013-11-14 1430144]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-11-15 38984]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-11-15 84328]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-15 50344]
R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2013-11-15 116776]
R2 GenieTimelineService;Genie Timeline Service;C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe [2013-9-2 672272]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe [2013-11-14 7168]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2013-7-30 204552]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-11-18 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-11-18 701512]
R2 NETGEARGenieDaemon;NETGEARGenieDaemon;C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [2013-4-7 232192]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-11-3 130536]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-11-3 395752]
R3 ICCWDT;Intel® Watchdog Timer Driver (Intel® WDT);C:\Windows\System32\drivers\ICCWDT.sys [2010-8-17 26136]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-11-18 25928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-11-14 111616]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-11-14 19456]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-4-12 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2013-11-14 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-14 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-11-14 30208]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2011-4-12 117248]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-11-15 1255736]
.
=============== Created Last 30 ================
.
2013-12-02 21:49:56 10285968 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2A069440-14F6-42B7-A9C8-B21E3481DF58}\mpengine.dll
2013-11-22 14:10:09 -------- d-----w- C:\Program Files (x86)\Glary Utilities 4
2013-11-21 22:22:52 -------- d-----w- C:\Windows\pss
2013-11-21 17:34:10 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-21 17:33:45 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2013-11-21 16:58:13 -------- d-----w- C:\Users\Caleb\AppData\Local\Adobe
2013-11-18 13:43:05 -------- d-----w- C:\Users\Caleb\AppData\Roaming\Malwarebytes
2013-11-18 13:43:02 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-11-18 13:43:02 -------- d-----w- C:\ProgramData\Malwarebytes
2013-11-18 13:43:02 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-18 13:42:46 -------- d-----w- C:\Users\Caleb\AppData\Local\Programs
2013-11-18 13:34:24 -------- dc----w- C:\Users\Caleb\AppData\Local\MigWiz
2013-11-18 00:41:11 -------- d-----w- C:\ProgramData\Genie9
2013-11-18 00:40:12 -------- d-----w- C:\Users\Caleb\AppData\Roaming\Genie9
2013-11-18 00:40:10 -------- d-----w- C:\Program Files\NETGEAR
2013-11-16 21:58:53 -------- d-----w- C:\ProgramData\GlarySoft
2013-11-16 21:57:29 -------- d-----w- C:\Users\Caleb\AppData\Roaming\GlarySoft
2013-11-16 19:10:11 -------- d-----w- C:\Users\Caleb\AppData\Local\NETGEARGenie
2013-11-16 19:09:59 96784 ----a-w- C:\Windows\SysWow64\packet.dll
2013-11-16 19:09:59 369168 ----a-w- C:\Windows\System32\wpcap.dll
2013-11-16 19:09:59 35344 ----a-w- C:\Windows\System32\drivers\npf.sys
2013-11-16 19:09:59 281104 ----a-w- C:\Windows\SysWow64\wpcap.dll
2013-11-16 19:09:59 106000 ----a-w- C:\Windows\System32\packet.dll
2013-11-16 19:09:56 -------- d-----w- C:\Program Files (x86)\NETGEAR Genie
2013-11-16 17:56:07 -------- d-----w- C:\Program Files (x86)\NETGEAR ReadyNAS
2013-11-16 08:17:50 163504 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2013-11-15 23:23:38 -------- d-----w- C:\ProgramData\AVAST Software
2013-11-15 22:47:16 -------- d-----w- C:\ProgramData\regid.1991-06.com.microsoft
2013-11-15 22:47:12 -------- d-----w- C:\Windows\PCHEALTH
2013-11-15 22:47:12 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server
2013-11-15 22:46:31 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2013-11-15 22:46:30 -------- d-----w- C:\Users\Caleb\AppData\Local\Microsoft Help
2013-11-15 20:56:20 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-11-15 20:56:20 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-11-15 20:56:20 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-11-15 20:56:20 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-11-15 20:56:20 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-11-15 20:56:20 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-11-15 20:56:20 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-11-15 20:50:29 10285968 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-11-15 12:29:05 -------- d-----w- C:\Windows\SysWow64\Wat
2013-11-15 12:29:05 -------- d-----w- C:\Windows\System32\Wat
2013-11-14 20:12:15 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2013-11-14 20:12:05 922912 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-11-14 20:12:05 6669600 ----a-w- C:\Windows\System32\nvcpl.dll
2013-11-14 20:12:05 63776 ----a-w- C:\Windows\System32\nvshext.dll
2013-11-14 20:12:05 3489568 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-11-14 20:12:05 2559776 ----a-w- C:\Windows\System32\nvsvcr.dll
2013-11-14 20:12:05 219424 ----a-w- C:\Windows\System32\nvmctray.dll
2013-11-14 20:11:51 61216 ----a-w- C:\Windows\System32\OpenCL.dll
2013-11-14 20:11:51 53024 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2013-11-14 20:11:41 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2013-11-14 20:11:39 -------- d-----w- C:\Program Files\NVIDIA Corporation
2013-11-14 20:07:50 -------- d-----w- C:\ProgramData\ASUS OC Profiles
2013-11-14 20:05:44 -------- d-----w- C:\Program Files\ASUS
2013-11-14 20:05:23 1721576 ----a-w- C:\Windows\System32\wdfcoinstaller01009.dll
2013-11-14 20:03:49 14464 ----a-w- C:\Windows\System32\drivers\AiChargerPlus.sys
2013-11-14 20:03:39 184320 ----a-w- C:\Windows\SysWow64\drivers\UpdateHelper.dll
2013-11-14 20:03:29 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2013-11-14 20:03:29 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2013-11-14 20:03:29 225280 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2013-11-14 20:03:29 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2013-11-14 20:02:11 -------- d-----w- C:\ProgramData\ASUS
2013-11-14 20:02:00 28672 ----a-r- C:\Windows\SysWow64\AsIO.dll
2013-11-14 20:02:00 13440 ----a-r- C:\Windows\SysWow64\drivers\AsIO.sys
2013-11-14 20:02:00 -------- d-----w- C:\Program Files (x86)\ASUS
2013-11-14 20:01:53 11832 ------w- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
2013-11-14 20:01:24 21992 ----a-w- C:\Windows\System32\drivers\cpuz135_x64.sys
2013-11-14 20:01:24 -------- d-----w- C:\Program Files\CPUID
2013-11-14 19:59:15 8192 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll
2013-11-14 19:58:58 56600 ----a-w- C:\Windows\System32\drivers\HECIx64.sys
2013-11-14 19:44:47 -------- d-----w- C:\Program Files (x86)\ASM104xUSB3
2013-11-14 19:37:56 2528832 ----a-w- C:\Windows\System32\FMAPO64.dll
2013-11-14 19:36:40 -------- d--h--w- C:\Program Files (x86)\Temp
2013-11-14 19:36:39 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
2013-11-14 19:36:39 65024 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe
2013-11-14 19:36:39 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2013-11-14 19:36:39 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2013-11-14 19:36:39 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
2013-11-14 19:36:39 204800 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll
2013-11-14 19:36:39 1698408 ------r- C:\Windows\RtlExUpd.dll
2013-11-14 19:36:38 757760 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
2013-11-14 19:36:38 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
2013-11-14 19:36:38 200836 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll
2013-11-14 19:32:17 -------- d-----w- C:\Users\Caleb\AppData\Local\Microsoft Games
2013-11-14 19:27:23 -------- d-----w- C:\Program Files (x86)\ASM106xSATA
2013-11-14 19:11:56 -------- d-----w- C:\Program Files (x86)\Common Files\Intel Corporation
2013-11-14 19:11:13 -------- d-----w- C:\Users\Caleb\AppData\Roaming\Intel Corporation
2013-11-14 18:56:36 -------- d-----w- C:\Users\Caleb\AppData\Local\Diagnostics
2013-11-14 18:43:57 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-14 18:43:57 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-11-14 18:31:31 -------- d-----w- C:\ProgramData\Oracle
2013-11-14 18:30:26 -------- d-----w- C:\Windows\Panther
2013-11-14 18:27:09 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-11-14 18:25:03 565528 ----a-w- C:\Windows\System32\drivers\iaStorA.sys
2013-11-14 18:25:03 23832 ----a-w- C:\Windows\System32\drivers\iaStorF.sys
2013-11-14 18:09:59 96768 ----a-w- C:\Windows\System32\fsutil.exe
2013-11-14 17:52:31 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2013-11-14 17:45:56 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2013-11-14 17:45:56 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2013-11-14 17:45:56 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2013-11-14 17:45:56 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2013-11-14 17:45:56 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2013-11-14 17:45:56 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2013-11-14 17:45:56 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2013-11-14 17:44:34 -------- d-----w- C:\Windows\System32\MRT
2013-11-14 17:43:39 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2013-11-14 17:43:39 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2013-11-14 17:43:39 5120 ----a-w- C:\Windows\System32\wmi.dll
2013-11-14 17:43:39 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2013-11-14 17:43:39 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2013-11-14 17:41:59 94208 ----a-w- C:\Program Files (x86)\Common Files\System\Ole DB\msdaosp.dll
2013-11-14 17:40:54 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2013-11-14 17:37:33 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-11-14 17:37:33 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-11-14 17:34:12 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2013-11-14 17:34:12 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2013-11-14 17:34:12 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2013-11-14 17:31:32 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2013-11-14 17:31:30 99840 ----a-w- C:\Windows\System32\wudriver.dll
2013-11-14 17:31:28 36864 ----a-w- C:\Windows\System32\wuapp.exe
2013-11-14 17:31:28 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2013-11-14 17:13:10 -------- d-----w- C:\Users\Caleb\AppData\Local\Google
2013-11-14 17:13:06 -------- d-----w- C:\Users\Caleb\AppData\Local\Deployment
2013-11-14 17:13:06 -------- d-----w- C:\Users\Caleb\AppData\Local\Apps
2013-11-14 17:04:11 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
2013-11-14 17:03:13 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab
2013-11-14 16:59:14 -------- d-----w- C:\Asus
2013-11-14 16:52:32 -------- d-----w- C:\Intel
2013-11-14 16:40:38 16896 ----a-w- C:\Windows\AsTaskSched.dll
2013-11-14 16:40:38 -------- d-----w- C:\Windows\Intel_Chipset_XPVistaWin7_8_VER9301026
2013-11-14 16:40:11 296320 ----a-w- C:\Windows\System32\drivers\volsnap.sys
2013-11-14 16:29:49 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2013-11-14 16:29:49 327168 ----a-w- C:\Windows\System32\mswsock.dll
2013-11-14 16:29:49 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-11-14 16:29:49 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2013-11-14 16:29:49 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-11-14 16:29:43 68608 ----a-w- C:\Windows\System32\taskhost.exe
2013-11-14 16:26:19 99840 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\HPZPPLHN.DLL
2013-11-14 16:06:15 553784 ----a-w- C:\Windows\System32\PROUnstl.exe
2013-11-14 16:05:05 -------- d-sh--w- C:\Windows\Installer
2013-11-14 16:03:19 36472 ----a-w- C:\Windows\System32\NicCo36.dll
2013-11-14 15:42:58 -------- d-sh--w- C:\Recovery
.
==================== Find3M  ====================
.
2013-11-15 23:29:29 92544 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-11-15 23:29:29 84328 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-11-15 23:29:29 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-11-15 23:29:29 43152 ----a-w- C:\Windows\avastSS.scr
2013-11-15 23:29:29 205320 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-11-15 23:29:29 1032416 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-11-15 23:29:28 447888 ----a-w- C:\Windows\System32\drivers\aswNdisFlt.sys
2013-11-15 23:29:28 28184 ----a-w- C:\Windows\System32\drivers\aswKbd.sys
2013-11-14 16:28:55 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-11-11 10:50:16 267936 ------w- C:\Windows\System32\MpSigStub.exe
2013-10-23 08:02:36 589600 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll
2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll
2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll
2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll
2013-10-03 02:00:44 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2013-10-02 02:22:20 56832 ----a-w- C:\Windows\System32\drivers\TsUsbFlt.sys
2013-10-02 02:11:13 13824 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2013-10-02 02:08:53 12800 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2013-10-02 01:48:59 56832 ----a-w- C:\Windows\System32\MsRdpWebAccess.dll
2013-10-02 01:48:08 18944 ----a-w- C:\Windows\System32\wksprtPS.dll
2013-10-02 01:29:05 62976 ----a-w- C:\Windows\System32\tsgqec.dll
2013-10-02 01:10:56 44544 ----a-w- C:\Windows\System32\TsUsbGDCoInstaller.dll
2013-10-02 00:15:45 1057280 ----a-w- C:\Windows\System32\rdvidcrl.dll
2013-10-02 00:14:58 50176 ----a-w- C:\Windows\SysWow64\MsRdpWebAccess.dll
2013-10-02 00:14:20 17920 ----a-w- C:\Windows\SysWow64\wksprtPS.dll
2013-10-02 00:08:30 83968 ----a-w- C:\Windows\System32\TSWbPrxy.exe
2013-10-02 00:01:16 420864 ----a-w- C:\Windows\System32\wksprt.exe
2013-10-01 23:58:48 53248 ----a-w- C:\Windows\SysWow64\tsgqec.dll
2013-10-01 23:31:09 1147392 ----a-w- C:\Windows\System32\mstsc.exe
2013-10-01 23:08:10 855552 ----a-w- C:\Windows\SysWow64\rdvidcrl.dll
2013-10-01 22:34:12 1068544 ----a-w- C:\Windows\SysWow64\mstsc.exe
2013-10-01 20:57:46 6578176 ----a-w- C:\Windows\System32\mstscax.dll
2013-10-01 20:55:10 5698048 ----a-w- C:\Windows\SysWow64\mstscax.dll
2013-09-28 01:09:10 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2013-09-25 02:23:41 1030144 ----a-w- C:\Windows\System32\TSWorkspace.dll
2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll
2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll
2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll
2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll
2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2013-09-25 01:57:53 792576 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe
.
============= FINISH: 19:22:01.90 ===============

 
Attached File  attach.zip   1.82KB   0 downloads

 


Edited by coldair, 02 December 2013 - 07:28 PM.


#7 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,317 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:10:09 PM

Posted 04 December 2013 - 04:04 PM

:welcome:

Lets run a few scans in your computer.

thisisujrt.gif Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Download : ADWCleaner to your desktop.

NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs and click on the AdwCleaner icon.

scan-results.jpg

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder. as AdwCleaner[S0].txt

Malwarebytes:

  • Launch and updateMalwarebytes' Anti-Malware.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

 


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#8 coldair

coldair
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Naples Fl
  • Local time:10:09 PM

Posted 04 December 2013 - 04:26 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Ultimate x64
Ran by Caleb on Wed 12/04/2013 at 16:17:34.45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 12/04/2013 at 16:22:00.03
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#9 coldair

coldair
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Naples Fl
  • Local time:10:09 PM

Posted 04 December 2013 - 05:04 PM

# AdwCleaner v3.014 - Report created 04/12/2013 at 16:30:29
# Updated 01/12/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Caleb - CALEB-PC
# Running from : C:\Users\Caleb\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16428
 
 
-\\ Google Chrome v31.0.1650.57
 
[ File : C:\Users\Caleb\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [853 octets] - [04/12/2013 16:27:35]
AdwCleaner[S0].txt - [775 octets] - [04/12/2013 16:30:29]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [834 octets] ##########
Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.12.03.08
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Caleb :: CALEB-PC [administrator]
 
Protection: Enabled
 
12/4/2013 4:40:57 PM
mbam-log-2013-12-04 (16-40-57).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 255882
Time elapsed: 1 minute(s), 16 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-12-2013
Ran by Caleb (administrator) on CALEB-PC on 04-12-2013 16:44:03
Running from C:\Users\Caleb\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.19\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.10\AsusFanControlService.exe
(Genie9) C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorIcon.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimeLineAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 4\Integrator.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6463592 2012-02-10] (Realtek Semiconductor)
HKCU\...\Run: [NETGEARGenie] - C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [1044224 2013-04-07] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorIcon.exe [286720 2011-12-02] (Intel Corporation)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] - C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [465536 2010-11-08] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-15] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
BootExecute: autocheck autochk *  
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x507FAC5756E1CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 172.16.0.1
 
Chrome: 
=======
CHR RestoreOnStartup: "https://online.netservicebooks.com/Automate/Menus/BlueMenu.html", "hxxp://www.google.com/", "hxxp://www.google.com"
CHR Extension: (Google Docs) - C:\Users\Caleb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Caleb\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Caleb\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Caleb\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (avast! Online Security) - C:\Users\Caleb\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_0
CHR Extension: (DAM3D Winter Walk) - C:\Users\Caleb\AppData\Local\Google\Chrome\User Data\Default\Extensions\imeedblaheajolghkglmhmaoknhgfmmm\1.0_0
CHR Extension: (Spell Checker for Chrome) - C:\Users\Caleb\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfpdnkkdgghlpdgldicfgnnnkhdfhocg\0.9.3.8_0
CHR Extension: (Poppit) - C:\Users\Caleb\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0
CHR Extension: (Google Wallet) - C:\Users\Caleb\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Caleb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
 
==================== Services (Whitelisted) =================
 
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [918448 2011-10-28] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.19\aaHMSvc.exe [948656 2012-01-20] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.10\AsusFanControlService.exe [1430144 2011-10-05] (ASUSTeK Computer Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-15] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [116776 2013-11-15] (AVAST Software)
R2 GenieTimelineService; C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe [672272 2013-09-02] (Genie9)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [109352 2013-12-03] (SurfRight B.V.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2013-04-07] (NETGEAR)
 
==================== Drivers (Whitelisted) ====================
 
R0 AiChargerPlus; C:\Windows\System32\DRIVERS\AiChargerPlus.sys [14464 2010-11-08] (ASUSTek Computer Inc.)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-19] (MCCI Corporation)
R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-11-15] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2013-11-15] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-11-15] (AVAST Software)
R1 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [447888 2013-11-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-11-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-11-15] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-11-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-11-15] ()
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [23832 2013-11-11] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2013-11-16] (CACE Technologies, Inc.)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-12-04 16:44 - 2013-12-04 16:44 - 00012379 _____ C:\Users\Caleb\Desktop\FRST.txt
2013-12-04 16:27 - 2013-12-04 16:30 - 00000000 ____D C:\AdwCleaner
2013-12-04 16:22 - 2013-12-04 16:22 - 00000629 _____ C:\Users\Caleb\Desktop\JRT.txt
2013-12-04 16:17 - 2013-12-04 16:17 - 00000000 ____D C:\Windows\ERUNT
2013-12-04 16:15 - 2013-12-04 16:15 - 00000000 ____D C:\FRST
2013-12-04 16:14 - 2013-12-04 16:15 - 01959766 _____ (Farbar) C:\Users\Caleb\Desktop\FRST64.exe
2013-12-04 16:14 - 2013-12-04 16:14 - 01110034 _____ C:\Users\Caleb\Desktop\AdwCleaner.exe
2013-12-04 16:13 - 2013-12-04 16:13 - 01034531 _____ (Thisisu) C:\Users\Caleb\Desktop\JRT.exe
2013-12-03 16:52 - 2013-12-03 18:56 - 00000000 ____D C:\Users\Caleb\AppData\OICE_15_974FA576_32C1D314_3004
2013-12-03 16:06 - 2013-12-03 16:06 - 02347384 _____ (ESET) C:\Users\Caleb\Downloads\esetsmartinstaller_enu (1).exe
2013-12-03 12:40 - 2013-12-03 12:40 - 00000000 ____D C:\Program Files (x86)\ESET
2013-12-03 12:39 - 2013-12-03 12:39 - 02347384 _____ (ESET) C:\Users\Caleb\Downloads\esetsmartinstaller_enu.exe
2013-12-03 12:38 - 2013-12-03 12:38 - 00000000 ____D C:\Users\Caleb\Desktop\bad stuff
2013-12-03 10:27 - 2013-12-03 10:28 - 22531568 _____ C:\Users\Caleb\Downloads\o921235_s1387652_j2205820_ZDJ.zip
2013-12-03 08:31 - 2013-12-03 08:31 - 00008180 _____ C:\Users\Caleb\Documents\HitmanPro_20131203_0831.log
2013-12-03 08:31 - 2013-12-03 08:31 - 00007294 _____ C:\Users\Caleb\Documents\registry.txt
2013-12-03 08:28 - 2013-12-03 08:28 - 04429440 _____ (Piriform Ltd) C:\Users\Caleb\Downloads\ccsetup404.exe
2013-12-03 08:28 - 2013-12-03 08:28 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-12-03 08:28 - 2013-12-03 08:28 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-03 08:28 - 2013-12-03 08:28 - 00000000 ____D C:\Program Files\CCleaner
2013-12-03 08:22 - 2013-12-03 08:22 - 00001897 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2013-12-03 08:21 - 2013-12-03 08:22 - 00000000 ____D C:\Program Files\HitmanPro
2013-12-03 08:20 - 2013-12-03 08:32 - 00000000 ____D C:\ProgramData\HitmanPro
2013-12-03 08:20 - 2013-12-03 08:20 - 10264904 _____ (SurfRight B.V.) C:\Users\Caleb\Downloads\HitmanPro_x64.exe
2013-12-03 08:14 - 2013-12-03 08:14 - 00386464 _____ (Bleeping Computer, LLC) C:\Users\Caleb\Downloads\show-hidden.exe
2013-12-03 07:55 - 2013-12-03 07:55 - 1544158210 _____ C:\Windows\MEMORY.DMP
2013-12-03 07:55 - 2013-12-03 07:55 - 01244160 _____ C:\Windows\Minidump\120313-19078-01.dmp
2013-12-03 07:55 - 2013-12-03 07:55 - 00000000 ____D C:\Windows\Minidump
2013-12-02 19:21 - 2013-12-02 19:21 - 00688992 ____R (Swearware) C:\Users\Caleb\Downloads\dds (1).com
2013-12-02 16:45 - 2013-12-02 16:45 - 00000436 _____ C:\Windows\PFRO.log
2013-11-22 09:17 - 2013-11-22 09:17 - 00688992 ____R (Swearware) C:\Users\Caleb\Downloads\dds.com
2013-11-22 09:15 - 2013-11-22 09:16 - 89808802 _____ C:\Users\Caleb\Documents\registry backup11-21-2013.reg
2013-11-22 09:10 - 2013-12-04 16:33 - 00000330 _____ C:\Windows\Tasks\GlaryInitialize 4.job
2013-11-22 09:10 - 2013-12-04 16:33 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 4
2013-11-22 09:10 - 2013-11-22 09:10 - 00002626 _____ C:\Windows\System32\Tasks\GlaryInitialize 4
2013-11-22 09:10 - 2013-11-22 09:10 - 00001084 _____ C:\Users\Public\Desktop\Glary Utilities 4.lnk
2013-11-22 09:02 - 2013-11-22 09:02 - 12241168 _____ C:\Users\Caleb\Downloads\Glary_Utilities_v4.0.0.53 (1).exe
2013-11-22 07:34 - 2013-11-22 07:34 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2013-11-21 17:22 - 2013-11-22 07:21 - 00000000 ____D C:\Windows\pss
2013-11-21 12:34 - 2013-12-02 18:38 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-21 12:33 - 2013-12-02 18:33 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-11-21 12:33 - 2013-11-21 12:33 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Caleb\Downloads\mbar-1.07.0.1007.exe
2013-11-21 11:58 - 2013-11-21 11:59 - 00000000 ____D C:\Users\Caleb\AppData\Local\Adobe
2013-11-21 11:58 - 2013-11-21 11:59 - 00000000 ____D C:\ProgramData\Adobe
2013-11-21 11:58 - 2013-11-21 11:58 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-11-21 11:58 - 2013-11-21 11:58 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-11-21 11:45 - 2013-11-21 11:45 - 12241168 _____ C:\Users\Caleb\Downloads\Glary_Utilities_v4.0.0.53.exe
2013-11-21 11:28 - 2013-11-21 11:28 - 00111536 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-21 11:28 - 2013-11-21 11:28 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Intel Corporation
2013-11-21 11:28 - 2013-11-21 11:28 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\AVAST Software
2013-11-21 11:27 - 2013-11-21 11:27 - 00001413 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-21 11:27 - 2013-11-21 11:27 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2013-11-21 11:27 - 2013-11-21 11:27 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-21 11:27 - 2013-11-21 11:27 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-21 11:27 - 2013-11-21 11:27 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2013-11-21 11:27 - 2013-11-21 11:27 - 00000000 ____D C:\Users\Administrator
2013-11-21 11:27 - 2013-11-17 21:41 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Genie9
2013-11-21 11:27 - 2013-11-16 03:00 - 00000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help
2013-11-21 11:27 - 2009-07-13 23:54 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-11-21 11:27 - 2009-07-13 23:49 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-11-18 08:43 - 2013-11-18 08:43 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-18 08:43 - 2013-11-18 08:43 - 00000000 ____D C:\Users\Caleb\AppData\Roaming\Malwarebytes
2013-11-18 08:43 - 2013-11-18 08:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-18 08:43 - 2013-11-18 08:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-18 08:43 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-18 08:41 - 2013-11-18 08:41 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Caleb\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-18 08:34 - 2013-11-18 08:34 - 00000000 ___DC C:\Users\Caleb\AppData\Local\MigWiz
2013-11-17 21:41 - 2013-11-17 21:41 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-17 21:41 - 2013-11-17 21:41 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-17 21:41 - 2013-11-17 21:41 - 00000000 ____D C:\Users\Default\AppData\Roaming\Genie9
2013-11-17 21:41 - 2013-11-17 21:41 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Genie9
2013-11-17 19:41 - 2013-11-17 19:41 - 00000000 ____D C:\ProgramData\Genie9
2013-11-17 19:40 - 2013-11-17 19:40 - 00000000 ____D C:\Users\Caleb\AppData\Roaming\Genie9
2013-11-17 19:40 - 2013-11-17 19:40 - 00000000 ____D C:\Program Files\NETGEAR
2013-11-17 19:37 - 2013-11-17 19:39 - 20747096 _____ (NETGEAR) C:\Users\Caleb\Downloads\ReadySHAREVault-install (1).exe
2013-11-16 17:28 - 2013-12-04 16:32 - 00000784 _____ C:\Windows\setupact.log
2013-11-16 17:28 - 2013-11-16 17:28 - 00000000 _____ C:\Windows\setuperr.log
2013-11-16 16:58 - 2013-11-22 09:10 - 00000000 ____D C:\ProgramData\GlarySoft
2013-11-16 16:57 - 2013-11-22 09:10 - 00000000 ____D C:\Users\Caleb\AppData\Roaming\GlarySoft
2013-11-16 16:46 - 2013-11-16 16:46 - 06685656 _____ (Glarysoft Ltd                                               ) C:\Users\Caleb\Downloads\gupsetup.exe
2013-11-16 14:10 - 2013-11-16 14:10 - 20747096 _____ (NETGEAR) C:\Users\Caleb\Downloads\ReadySHAREVault-install.exe
2013-11-16 14:10 - 2013-11-16 14:10 - 00002060 _____ C:\Users\Public\Desktop\NETGEAR Genie.lnk
2013-11-16 14:10 - 2013-11-16 14:10 - 00000000 ____D C:\Users\Caleb\AppData\Local\NETGEARGenie
2013-11-16 14:09 - 2013-11-16 14:09 - 16974720 _____ (NETGEAR Inc.) C:\Users\Caleb\Downloads\NETGEARGenie-install.exe
2013-11-16 14:09 - 2013-11-16 14:09 - 00369168 _____ (CACE Technologies, Inc.) C:\Windows\system32\wpcap.dll
2013-11-16 14:09 - 2013-11-16 14:09 - 00281104 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\wpcap.dll
2013-11-16 14:09 - 2013-11-16 14:09 - 00106000 _____ (CACE Technologies, Inc.) C:\Windows\system32\packet.dll
2013-11-16 14:09 - 2013-11-16 14:09 - 00096784 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\packet.dll
2013-11-16 14:09 - 2013-11-16 14:09 - 00035344 _____ (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys
2013-11-16 14:09 - 2013-11-16 14:09 - 00000000 ____D C:\Program Files (x86)\NETGEAR Genie
2013-11-16 12:56 - 2013-11-16 12:56 - 00001957 _____ C:\Users\Public\Desktop\RAIDar.lnk
2013-11-16 12:56 - 2013-11-16 12:56 - 00000000 ____D C:\Program Files (x86)\NETGEAR ReadyNAS
2013-11-16 12:55 - 2013-11-16 12:55 - 02743808 _____ (Netgear Inc.) C:\Users\Caleb\Downloads\RAIDar_Win_4_3_8.exe
2013-11-16 07:46 - 2013-11-16 07:46 - 00000000 ____H C:\Users\Caleb\Documents\Default.rdp
2013-11-16 03:05 - 2013-11-16 03:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 03:00 - 2013-11-16 03:00 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-11-16 03:00 - 2013-11-16 03:00 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-11-15 18:59 - 2013-11-15 18:59 - 00000000 ____D C:\Users\Caleb\Documents\Outlook Files
2013-11-15 18:31 - 2013-11-21 12:02 - 378782720 _____ C:\Users\Caleb\MIKES OUTLOOK 2012X.pst
2013-11-15 18:29 - 2013-11-21 17:25 - 00002226 _____ C:\Users\Public\Desktop\avast! Internet Security.lnk
2013-11-15 18:29 - 2013-11-15 18:29 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-11-15 18:29 - 2013-11-15 18:29 - 00447888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2013-11-15 18:29 - 2013-11-15 18:29 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-11-15 18:29 - 2013-11-15 18:29 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-11-15 18:29 - 2013-11-15 18:29 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-11-15 18:29 - 2013-11-15 18:29 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-11-15 18:29 - 2013-11-15 18:29 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-11-15 18:29 - 2013-11-15 18:29 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-11-15 18:29 - 2013-11-15 18:29 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-11-15 18:29 - 2013-11-15 18:29 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-11-15 18:29 - 2013-11-15 18:29 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-11-15 18:29 - 2013-11-15 18:29 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2013-11-15 18:29 - 2013-11-15 18:29 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-11-15 18:29 - 2013-11-15 18:29 - 00002032 _____ C:\Users\Public\Desktop\avast! SafeZone.lnk
2013-11-15 18:29 - 2013-11-15 18:29 - 00000000 ____D C:\Users\Caleb\AppData\Roaming\AVAST Software
2013-11-15 18:29 - 2013-11-15 18:29 - 00000000 ____D C:\Program Files\AVAST Software
2013-11-15 18:27 - 2013-11-15 18:27 - 00002459 _____ C:\Users\Caleb\Downloads\license (1).avastlic
2013-11-15 18:23 - 2013-11-15 18:23 - 123749912 _____ (AVAST Software) C:\Users\Caleb\Downloads\avast_internet_security_setup (1).exe
2013-11-15 18:23 - 2013-11-15 18:23 - 00000000 ____D C:\ProgramData\AVAST Software
2013-11-15 17:47 - 2013-11-15 17:47 - 00000000 ____D C:\Windows\PCHEALTH
2013-11-15 17:47 - 2013-11-15 17:47 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-11-15 17:46 - 2013-11-16 03:06 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-15 17:46 - 2013-11-15 17:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-11-15 17:46 - 2013-11-15 17:46 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-11-15 17:46 - 2013-11-15 17:46 - 00000000 ____D C:\Users\Caleb\AppData\Local\Microsoft Help
2013-11-15 17:46 - 2013-11-15 17:46 - 00000000 ____D C:\Program Files\Microsoft Office
2013-11-15 17:46 - 2013-11-15 17:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-11-15 17:44 - 2013-11-15 17:44 - 00000000 __RHD C:\MSOCache
2013-11-15 17:26 - 2013-11-15 17:27 - 123749912 _____ (AVAST Software) C:\Users\Caleb\Downloads\avast_internet_security_setup.exe
2013-11-15 17:23 - 2013-11-15 17:23 - 00002495 _____ C:\Users\Caleb\Downloads\License.avastlic
2013-11-15 16:46 - 2013-11-15 17:11 - 3853993984 _____ C:\Users\Caleb\Downloads\en_windows_8_1_enterprise_x64_dvd_2971902.iso
2013-11-15 16:39 - 2013-11-15 16:50 - 1505925120 _____ C:\Users\Caleb\Downloads\en_office_professional_plus_2013_x86_x64_dvd_1135709.iso
2013-11-15 15:56 - 2013-09-04 07:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-11-15 15:56 - 2013-09-04 07:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-11-15 15:56 - 2013-09-04 07:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-11-15 15:56 - 2013-09-04 07:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-11-15 15:56 - 2013-09-04 07:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-11-15 15:56 - 2013-09-04 07:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-11-15 15:56 - 2013-09-04 07:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-11-14 15:12 - 2013-12-04 16:32 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-14 15:12 - 2013-11-14 15:12 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-11-14 15:12 - 2013-11-14 15:12 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-11-14 15:12 - 2013-10-23 03:20 - 06669600 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-11-14 15:12 - 2013-10-23 03:20 - 03489568 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-11-14 15:12 - 2013-10-23 03:20 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-11-14 15:12 - 2013-10-23 03:20 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-11-14 15:12 - 2013-10-23 03:20 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-11-14 15:12 - 2013-10-23 03:20 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-11-14 15:12 - 2009-07-13 23:54 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-11-14 15:12 - 2009-07-13 23:49 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-11-14 15:11 - 2013-11-14 15:12 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-11-14 15:11 - 2013-11-14 15:12 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-11-14 15:11 - 2013-10-27 09:12 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-11-14 15:11 - 2013-10-27 09:12 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-11-14 15:05 - 2013-11-14 15:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ICCWDT_01009.Wdf
2013-11-14 15:05 - 2013-11-14 15:05 - 00000000 ____D C:\Program Files\ASUS
2013-11-14 15:05 - 2009-07-14 01:21 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01009.dll
2013-11-14 15:03 - 2013-11-14 15:05 - 00000000 ____D C:\Windows\System32\Tasks\ASUS
2013-11-14 15:03 - 2010-11-08 14:57 - 00014464 _____ (ASUSTek Computer Inc.) C:\Windows\system32\Drivers\AiChargerPlus.sys
2013-11-14 15:03 - 2008-12-02 20:05 - 00184320 _____ (ASUSTeK) C:\Windows\SysWOW64\Drivers\UpdateHelper.dll
2013-11-14 15:02 - 2013-11-14 15:04 - 00000000 ____D C:\Program Files (x86)\ASUS
2013-11-14 15:02 - 2013-11-14 15:02 - 00000000 ____D C:\ProgramData\ASUS
2013-11-14 15:02 - 2010-08-24 02:16 - 00013440 ____R C:\Windows\SysWOW64\Drivers\AsIO.sys
2013-11-14 15:02 - 2010-06-29 02:41 - 00028672 ____R (ASUSTek Computer Inc.) C:\Windows\SysWOW64\AsIO.dll
2013-11-14 15:01 - 2013-11-14 15:01 - 00000901 _____ C:\Users\Public\Desktop\CPUID ROG CPU-Z.lnk
2013-11-14 15:01 - 2013-11-14 15:01 - 00000000 ____D C:\Program Files\CPUID
2013-11-14 15:01 - 2011-09-21 10:25 - 00021992 _____ (CPUID) C:\Windows\system32\Drivers\cpuz135_x64.sys
2013-11-14 15:01 - 2008-01-04 00:34 - 00011832 ____N C:\Windows\SysWOW64\Drivers\AsInsHelp64.sys
2013-11-14 14:59 - 2011-08-22 14:58 - 00008192 _____ C:\Windows\system32\Drivers\IntelMEFWVer.dll
2013-11-14 14:58 - 2013-11-14 14:58 - 00000000 ____D C:\Users\Caleb\AppData\Roaming\InstallShield
2013-11-14 14:58 - 2011-08-15 10:30 - 00056600 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2013-11-14 14:44 - 2013-11-14 14:44 - 00000000 ____D C:\Program Files (x86)\ASM104xUSB3
2013-11-14 14:38 - 2013-11-14 14:38 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-11-14 14:38 - 2013-11-14 14:38 - 00000000 ____D C:\Program Files\Realtek
2013-11-14 14:38 - 2012-02-14 06:03 - 04744808 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2013-11-14 14:38 - 2012-02-13 22:14 - 03846248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2013-11-14 14:38 - 2012-02-13 01:22 - 00100968 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2013-11-14 14:38 - 2012-02-13 01:13 - 02719744 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2013-11-14 14:38 - 2012-02-12 22:01 - 00238448 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2013-11-14 14:38 - 2012-02-09 21:44 - 02652264 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2013-11-14 14:38 - 2012-01-29 22:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2013-11-14 14:38 - 2012-01-10 01:48 - 00958296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-11-14 14:38 - 2012-01-09 21:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2013-11-14 14:38 - 2011-12-23 00:30 - 00823912 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2013-11-14 14:38 - 2011-12-20 02:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2013-11-14 14:38 - 2011-12-19 16:43 - 00220776 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2013-11-14 14:38 - 2011-12-18 04:58 - 05996376 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2013-11-14 14:38 - 2011-12-18 04:58 - 02603864 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2013-11-14 14:38 - 2011-12-18 04:58 - 02131288 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2013-11-14 14:38 - 2011-12-18 04:58 - 01247576 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2013-11-14 14:38 - 2011-12-13 03:58 - 01560168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2013-11-14 14:38 - 2011-11-22 03:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2013-11-14 14:38 - 2011-09-02 01:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2013-11-14 14:38 - 2011-09-02 01:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2013-11-14 14:38 - 2011-09-02 01:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2013-11-14 14:38 - 2011-08-23 04:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2013-11-14 14:38 - 2011-08-11 03:55 - 00001332 ____R C:\Windows\system32\Drivers\DTSU2P.DAT
2013-11-14 14:38 - 2011-07-22 06:35 - 01247848 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2013-11-14 14:38 - 2011-05-02 01:27 - 03308376 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2013-11-14 14:38 - 2011-05-02 01:27 - 00426328 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2013-11-14 14:38 - 2011-05-02 01:27 - 00136024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2013-11-14 14:38 - 2011-05-02 01:27 - 00118104 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2013-11-14 14:38 - 2011-05-02 01:27 - 00074072 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2013-11-14 14:38 - 2011-03-16 23:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2013-11-14 14:38 - 2011-03-07 04:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2013-11-14 14:38 - 2010-11-07 18:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2013-11-14 14:38 - 2010-11-07 18:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2013-11-14 14:38 - 2010-11-07 18:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2013-11-14 14:38 - 2010-11-07 18:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2013-11-14 14:38 - 2010-11-07 18:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2013-11-14 14:38 - 2010-11-07 18:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2013-11-14 14:38 - 2010-11-03 05:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2013-11-14 14:38 - 2010-10-03 00:46 - 00341336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2013-11-14 14:38 - 2010-09-26 20:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2013-11-14 14:38 - 2010-07-22 03:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2013-11-14 14:38 - 2010-05-06 04:34 - 00334680 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-11-14 14:38 - 2009-11-23 20:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2013-11-14 14:38 - 2009-11-23 20:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2013-11-14 14:38 - 2009-11-23 20:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2013-11-14 14:38 - 2009-11-23 20:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2013-11-14 14:37 - 2013-11-14 15:05 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-14 14:37 - 2013-11-14 14:37 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-11-14 14:37 - 2012-02-08 07:08 - 02528832 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2013-11-14 14:37 - 2012-01-23 09:30 - 00537456 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2013-11-14 14:37 - 2012-01-23 09:30 - 00524656 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2013-11-14 14:37 - 2012-01-23 09:30 - 00449392 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2013-11-14 14:37 - 2011-05-30 20:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2013-11-14 14:37 - 2011-05-30 20:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2013-11-14 14:37 - 2011-05-30 20:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2013-11-14 14:37 - 2011-05-30 20:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2013-11-14 14:37 - 2011-05-30 20:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2013-11-14 14:37 - 2011-05-30 20:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2013-11-14 14:37 - 2011-05-30 20:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2013-11-14 14:37 - 2011-05-30 20:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2013-11-14 14:37 - 2011-05-30 20:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2013-11-14 14:37 - 2011-05-30 20:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2013-11-14 14:37 - 2011-05-30 20:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2013-11-14 14:37 - 2011-05-30 20:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2013-11-14 14:37 - 2010-07-22 03:37 - 00200800 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2013-11-14 14:37 - 2009-11-17 05:12 - 00108960 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2013-11-14 14:36 - 2011-12-12 22:01 - 01698408 ____R (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2013-11-14 14:32 - 2013-11-14 14:33 - 00000000 ____D C:\Users\Caleb\AppData\Local\Microsoft Games
2013-11-14 14:27 - 2013-11-14 14:27 - 00000000 ____D C:\Program Files (x86)\ASM106xSATA
2013-11-14 14:11 - 2013-11-21 11:29 - 00744882 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-11-14 14:11 - 2013-11-14 14:11 - 00000000 ____D C:\Users\Caleb\AppData\Roaming\Intel Corporation
2013-11-14 14:06 - 2013-11-14 14:58 - 00041810 _____ C:\Windows\Ascd_tmp.ini
2013-11-14 13:44 - 2013-11-14 13:44 - 00000000 ____D C:\Users\Caleb\AppData\Roaming\Macromedia
2013-11-14 13:43 - 2013-12-04 16:03 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-14 13:43 - 2013-11-14 13:43 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-14 13:43 - 2013-11-14 13:43 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-14 13:43 - 2013-11-14 13:43 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-14 13:43 - 2013-11-14 13:43 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-11-14 13:43 - 2013-11-14 13:43 - 00000000 ____D C:\Windows\system32\Macromed
2013-11-14 13:42 - 2013-12-04 16:35 - 01860434 _____ C:\Windows\WindowsUpdate.log
2013-11-14 13:38 - 2013-11-14 13:38 - 00000000 ____D C:\Users\Caleb\AppData\Roaming\SystemRequirementsLab
2013-11-14 13:34 - 2013-11-14 13:34 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2013-11-14 13:31 - 2013-11-14 13:31 - 00000000 ____D C:\ProgramData\Oracle
2013-11-14 13:30 - 2013-11-16 17:00 - 00000000 ____D C:\Windows\Panther
2013-11-14 13:30 - 2013-11-14 13:30 - 00915368 _____ (Oracle Corporation) C:\Users\Caleb\Downloads\chromeinstall-7u45 (1).exe
2013-11-14 13:27 - 2013-11-14 13:27 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-11-14 13:27 - 2013-11-14 13:27 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-11-14 13:27 - 2013-11-14 13:27 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-11-14 13:27 - 2013-11-14 13:27 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-11-14 13:27 - 2013-11-14 13:27 - 00000000 ____D C:\ProgramData\Sun
2013-11-14 13:27 - 2013-11-14 13:27 - 00000000 ____D C:\Program Files (x86)\Java
2013-11-14 13:26 - 2013-11-14 13:26 - 00915368 _____ (Oracle Corporation) C:\Users\Caleb\Downloads\chromeinstall-7u45.exe
2013-11-14 13:26 - 2013-11-14 13:26 - 00000000 ____D C:\ProgramData\McAfee
2013-11-14 13:25 - 2013-11-11 09:31 - 00565528 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2013-11-14 13:25 - 2013-11-11 09:31 - 00023832 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorF.sys
2013-11-14 13:10 - 2013-10-01 21:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-11-14 13:10 - 2013-10-01 21:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-11-14 13:10 - 2013-10-01 21:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-11-14 13:10 - 2013-10-01 20:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-11-14 13:10 - 2013-10-01 20:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-11-14 13:10 - 2013-10-01 20:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-11-14 13:10 - 2013-10-01 20:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-11-14 13:10 - 2013-10-01 19:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2013-11-14 13:10 - 2013-10-01 19:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-11-14 13:10 - 2013-10-01 19:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-11-14 13:10 - 2013-10-01 19:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-11-14 13:10 - 2013-10-01 19:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-11-14 13:10 - 2013-10-01 18:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-11-14 13:10 - 2013-10-01 18:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-11-14 13:10 - 2013-10-01 18:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2013-11-14 13:10 - 2013-10-01 17:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-11-14 13:10 - 2013-10-01 15:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-11-14 13:10 - 2013-10-01 15:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-11-14 13:10 - 2013-09-24 21:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2013-11-14 13:10 - 2013-09-24 20:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2013-11-14 13:10 - 2012-08-23 09:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-11-14 13:10 - 2012-08-23 09:12 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\terminpt.sys
2013-11-14 13:10 - 2012-08-23 09:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-11-14 13:10 - 2012-08-23 09:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2013-11-14 13:10 - 2012-08-23 08:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-11-14 13:10 - 2012-08-23 06:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2013-11-14 13:10 - 2012-08-23 05:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2013-11-14 13:10 - 2012-08-23 04:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-11-14 13:10 - 2012-05-04 06:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2013-11-14 13:10 - 2012-05-04 04:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2013-11-14 13:09 - 2012-07-06 15:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2013-11-14 13:09 - 2012-02-11 01:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2013-11-14 13:09 - 2012-02-11 01:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2013-11-14 13:09 - 2011-04-27 22:54 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2013-11-14 13:09 - 2011-03-11 01:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2013-11-14 13:09 - 2011-03-11 01:41 - 00189824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2013-11-14 13:09 - 2011-03-11 01:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2013-11-14 13:09 - 2011-03-11 01:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2013-11-14 13:09 - 2011-03-11 01:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2013-11-14 13:09 - 2011-03-11 01:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2013-11-14 13:09 - 2011-03-11 01:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2013-11-14 13:09 - 2011-03-11 01:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2013-11-14 13:09 - 2011-03-11 00:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2013-11-14 13:09 - 2011-03-11 00:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2013-11-14 13:09 - 2011-03-10 23:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2013-11-14 13:09 - 2011-02-25 01:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-11-14 13:09 - 2011-02-25 00:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-11-14 12:45 - 2012-07-25 22:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2013-11-14 12:45 - 2012-07-25 22:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2013-11-14 12:45 - 2012-07-25 22:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2013-11-14 12:45 - 2012-07-25 22:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2013-11-14 12:45 - 2012-07-25 22:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2013-11-14 12:45 - 2012-07-25 21:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2013-11-14 12:45 - 2012-07-25 21:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2013-11-14 12:45 - 2012-06-02 09:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2013-11-14 12:44 - 2013-11-14 12:45 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 12:44 - 2013-11-07 16:00 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-14 12:43 - 2012-03-01 01:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2013-11-14 12:43 - 2012-03-01 01:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-11-14 12:43 - 2012-03-01 01:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2013-11-14 12:43 - 2012-03-01 00:33 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-11-14 12:43 - 2012-03-01 00:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2013-11-14 12:42 - 2013-10-05 15:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 12:42 - 2013-10-05 14:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-14 12:42 - 2013-10-03 21:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 12:42 - 2013-10-03 21:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-14 12:42 - 2013-10-03 21:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-14 12:42 - 2013-10-03 20:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-14 12:42 - 2013-10-03 20:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-14 12:42 - 2013-10-03 20:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-14 12:42 - 2013-07-18 20:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-11-14 12:42 - 2013-07-18 20:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-11-14 12:42 - 2013-07-09 00:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-11-14 12:42 - 2013-07-09 00:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-11-14 12:42 - 2013-07-09 00:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-11-14 12:42 - 2013-07-08 23:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-11-14 12:42 - 2013-07-08 23:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-11-14 12:42 - 2013-07-08 23:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-11-14 12:42 - 2013-02-27 01:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-11-14 12:42 - 2013-02-27 00:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2013-11-14 12:42 - 2012-12-07 08:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2013-11-14 12:42 - 2012-12-07 08:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2013-11-14 12:42 - 2012-12-07 07:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2013-11-14 12:42 - 2012-12-07 07:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2013-11-14 12:42 - 2012-12-07 06:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2013-11-14 12:42 - 2012-12-07 06:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2013-11-14 12:42 - 2012-12-07 06:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2013-11-14 12:42 - 2012-12-07 06:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2013-11-14 12:42 - 2012-12-07 06:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2013-11-14 12:42 - 2012-12-07 06:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2013-11-14 12:42 - 2012-12-07 06:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2013-11-14 12:42 - 2012-12-07 06:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2013-11-14 12:42 - 2012-12-07 06:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2013-11-14 12:42 - 2012-12-07 06:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2013-11-14 12:42 - 2012-12-07 06:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2013-11-14 12:42 - 2012-12-07 06:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2013-11-14 12:42 - 2012-12-07 06:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2013-11-14 12:42 - 2012-12-07 06:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2013-11-14 12:42 - 2012-12-07 05:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2013-11-14 12:42 - 2012-12-07 05:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2013-11-14 12:42 - 2012-12-07 05:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2013-11-14 12:42 - 2012-12-07 05:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2013-11-14 12:42 - 2012-12-07 05:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2013-11-14 12:42 - 2012-12-07 05:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2013-11-14 12:42 - 2012-12-07 05:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2013-11-14 12:42 - 2012-12-07 05:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2013-11-14 12:42 - 2012-12-07 05:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2013-11-14 12:42 - 2012-12-07 05:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2013-11-14 12:42 - 2012-12-07 05:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2013-11-14 12:42 - 2012-12-07 05:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2013-11-14 12:42 - 2012-12-07 05:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2013-11-14 12:42 - 2012-12-07 05:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2013-11-14 12:42 - 2012-10-09 13:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2013-11-14 12:42 - 2012-10-09 13:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2013-11-14 12:42 - 2012-10-09 12:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2013-11-14 12:42 - 2012-10-09 12:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2013-11-14 12:42 - 2012-01-04 05:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2013-11-14 12:42 - 2012-01-04 03:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2013-11-14 12:42 - 2011-11-17 01:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2013-11-14 12:42 - 2011-11-17 00:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2013-11-14 12:42 - 2011-05-04 00:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2013-11-14 12:42 - 2011-05-04 00:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2013-11-14 12:42 - 2011-05-04 00:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2013-11-14 12:42 - 2011-05-04 00:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2013-11-14 12:42 - 2011-05-04 00:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2013-11-14 12:42 - 2011-05-04 00:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2013-11-14 12:42 - 2011-05-04 00:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2013-11-14 12:42 - 2011-05-04 00:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2013-11-14 12:42 - 2011-05-04 00:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2013-11-14 12:42 - 2011-05-03 23:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2013-11-14 12:42 - 2011-05-03 23:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2013-11-14 12:42 - 2011-05-03 23:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2013-11-14 12:42 - 2011-05-03 23:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2013-11-14 12:42 - 2011-05-03 23:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2013-11-14 12:42 - 2011-05-03 23:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2013-11-14 12:42 - 2011-05-03 23:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2013-11-14 12:42 - 2011-05-03 23:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2013-11-14 12:42 - 2011-05-03 23:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2013-11-14 12:42 - 2011-04-09 01:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2013-11-14 12:42 - 2011-04-09 00:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2013-11-14 12:42 - 2010-12-23 05:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2013-11-14 12:42 - 2010-12-23 05:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2013-11-14 12:42 - 2010-12-23 05:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2013-11-14 12:42 - 2010-12-23 00:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2013-11-14 12:42 - 2010-12-23 00:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2013-11-14 12:42 - 2010-12-23 00:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2013-11-14 12:41 - 2013-09-27 20:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-14 12:41 - 2013-09-24 21:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-14 12:41 - 2013-09-24 21:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-14 12:41 - 2013-09-24 21:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-14 12:41 - 2013-09-24 21:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-14 12:41 - 2013-09-24 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-14 12:41 - 2013-09-24 21:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-14 12:41 - 2013-09-24 21:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-14 12:41 - 2013-09-24 21:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-14 12:41 - 2013-09-24 20:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-14 12:41 - 2013-09-24 20:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-14 12:41 - 2013-09-24 20:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-14 12:41 - 2013-09-24 20:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-14 12:41 - 2013-09-24 20:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-14 12:41 - 2013-08-27 20:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-11-14 12:41 - 2013-08-04 21:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-11-14 12:41 - 2013-08-01 21:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-11-14 12:41 - 2013-08-01 21:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-11-14 12:41 - 2013-08-01 21:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-11-14 12:41 - 2013-08-01 21:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-11-14 12:41 - 2013-08-01 21:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-11-14 12:41 - 2013-08-01 21:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 21:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 21:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 21:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 20:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-11-14 12:41 - 2013-08-01 20:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-11-14 12:41 - 2013-08-01 20:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-11-14 12:41 - 2013-08-01 20:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 20:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-11-14 12:41 - 2013-08-01 19:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-11-14 12:41 - 2013-08-01 19:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 19:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 19:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-11-14 12:41 - 2013-08-01 19:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-11-14 12:41 - 2013-07-25 21:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-11-14 12:41 - 2013-07-25 21:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-11-14 12:41 - 2013-07-25 20:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-11-14 12:41 - 2013-07-25 20:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-11-14 12:41 - 2013-07-25 04:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-11-14 12:41 - 2013-07-25 03:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-11-14 12:41 - 2013-07-12 05:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-11-14 12:41 - 2013-07-09 00:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-11-14 12:41 - 2013-07-08 23:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-11-14 12:41 - 2013-07-04 07:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-11-14 12:41 - 2013-07-04 07:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-11-14 12:41 - 2013-07-04 07:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-11-14 12:41 - 2013-07-04 07:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-14 12:41 - 2013-07-04 06:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-11-14 12:41 - 2013-07-04 06:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-11-14 12:41 - 2013-07-04 06:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-11-14 12:41 - 2013-07-04 05:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-11-14 12:41 - 2013-07-02 23:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-11-14 12:41 - 2013-07-02 23:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-11-14 12:41 - 2013-06-25 17:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-11-14 12:41 - 2013-06-14 23:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-11-14 12:41 - 2013-06-06 00:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-11-14 12:41 - 2013-06-06 00:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-11-14 12:41 - 2013-06-06 00:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-11-14 12:41 - 2013-06-06 00:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-11-14 12:41 - 2013-06-05 23:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-11-14 12:41 - 2013-06-05 23:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-11-14 12:41 - 2013-06-05 23:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-11-14 12:41 - 2013-06-05 22:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-11-14 12:41 - 2013-06-05 22:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-11-14 12:41 - 2013-06-05 22:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-11-14 12:41 - 2013-06-04 01:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-11-14 12:41 - 2013-06-03 23:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-11-14 12:41 - 2013-05-10 00:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-11-14 12:41 - 2013-05-09 22:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-11-14 12:41 - 2013-04-12 09:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2013-11-14 12:41 - 2013-03-19 00:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-11-14 12:41 - 2013-03-19 00:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2013-11-14 12:41 - 2013-02-11 23:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2013-11-14 12:41 - 2012-11-29 18:17 - 00420064 _____ C:\Windows\SysWOW64\locale.nls
2013-11-14 12:41 - 2012-11-29 18:15 - 00420064 _____ C:\Windows\system32\locale.nls
2013-11-14 12:41 - 2012-11-28 17:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-11-14 12:41 - 2012-11-28 17:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2013-11-14 12:41 - 2012-11-28 17:56 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2013-11-14 12:41 - 2012-11-22 00:44 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2013-11-14 12:41 - 2012-11-21 23:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2013-11-14 12:41 - 2012-11-02 00:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2013-11-14 12:41 - 2012-11-02 00:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2013-11-14 12:41 - 2012-11-01 00:43 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2013-11-14 12:41 - 2012-11-01 00:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2013-11-14 12:41 - 2012-10-31 23:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-11-14 12:41 - 2012-10-31 23:47 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-11-14 12:41 - 2012-10-03 12:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2013-11-14 12:41 - 2012-10-03 12:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2013-11-14 12:41 - 2012-10-03 12:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2013-11-14 12:41 - 2012-10-03 12:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2013-11-14 12:41 - 2012-10-03 12:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2013-11-14 12:41 - 2012-10-03 12:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2013-11-14 12:41 - 2012-10-03 11:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2013-11-14 12:41 - 2012-10-03 11:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2013-11-14 12:41 - 2012-10-03 11:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2013-11-14 12:41 - 2012-10-03 11:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2013-11-14 12:41 - 2012-08-22 13:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2013-11-14 12:41 - 2012-08-21 16:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2013-11-14 12:41 - 2012-08-10 19:56 - 00715776 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2013-11-14 12:41 - 2012-08-10 18:56 - 00542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-11-14 12:41 - 2012-07-04 15:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2013-11-14 12:41 - 2012-05-01 00:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2013-11-14 12:41 - 2012-04-27 22:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2013-11-14 12:41 - 2012-04-26 00:41 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2013-11-14 12:41 - 2012-04-26 00:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2013-11-14 12:41 - 2012-04-26 00:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2013-11-14 12:41 - 2012-04-07 07:31 - 03216384 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2013-11-14 12:41 - 2012-04-07 06:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2013-11-14 12:41 - 2012-01-13 02:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2013-11-14 12:41 - 2011-12-30 01:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2013-11-14 12:41 - 2011-12-30 00:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2013-11-14 12:41 - 2011-10-26 00:25 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2013-11-14 12:41 - 2011-10-25 23:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2013-11-14 12:41 - 2011-08-17 00:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2013-11-14 12:41 - 2011-08-17 00:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2013-11-14 12:41 - 2011-08-16 23:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2013-11-14 12:41 - 2011-08-16 23:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2013-11-14 12:41 - 2011-07-08 21:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2013-11-14 12:41 - 2011-06-16 00:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2013-11-14 12:41 - 2011-06-15 23:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2013-11-14 12:41 - 2011-06-15 05:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2013-11-14 12:41 - 2011-06-15 05:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2013-11-14 12:41 - 2011-06-15 05:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2013-11-14 12:41 - 2011-06-15 05:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2013-11-14 12:41 - 2011-06-15 03:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2013-11-14 12:41 - 2011-06-15 03:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2013-11-14 12:41 - 2011-06-15 03:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2013-11-14 12:41 - 2011-06-15 03:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2013-11-14 12:41 - 2011-06-15 03:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2013-11-14 12:41 - 2011-04-28 22:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2013-11-14 12:41 - 2011-04-28 22:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2013-11-14 12:41 - 2011-04-28 22:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2013-11-14 12:41 - 2011-04-26 21:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2013-11-14 12:41 - 2011-04-26 21:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2013-11-14 12:41 - 2011-04-22 17:15 - 00027520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2013-11-14 12:41 - 2011-03-11 01:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2013-11-14 12:41 - 2011-03-11 01:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2013-11-14 12:41 - 2011-03-11 00:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2013-11-14 12:41 - 2011-03-11 00:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2013-11-14 12:41 - 2011-03-03 01:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2013-11-14 12:41 - 2011-03-03 01:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2013-11-14 12:41 - 2011-03-03 01:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2013-11-14 12:41 - 2011-03-03 00:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2013-11-14 12:41 - 2011-03-03 00:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2013-11-14 12:41 - 2011-02-05 12:10 - 00642944 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2013-11-14 12:41 - 2011-02-05 12:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2013-11-14 12:41 - 2011-02-05 12:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2013-11-14 12:41 - 2011-02-05 12:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2013-11-14 12:41 - 2011-02-05 12:06 - 00605552 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2013-11-14 12:41 - 2011-02-05 12:06 - 00566208 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2013-11-14 12:41 - 2011-02-05 12:06 - 00518672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2013-11-14 12:41 - 2010-06-25 22:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2013-11-14 12:41 - 2010-06-25 22:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2013-11-14 12:40 - 2013-10-02 21:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 12:40 - 2013-10-02 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-14 12:40 - 2013-07-20 05:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-11-14 12:40 - 2013-07-20 05:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-11-14 12:40 - 2013-04-26 00:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-11-14 12:40 - 2013-04-25 23:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-11-14 12:40 - 2012-09-25 17:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2013-11-14 12:40 - 2012-09-25 17:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2013-11-14 12:40 - 2012-07-04 17:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2013-11-14 12:40 - 2012-07-04 17:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2013-11-14 12:40 - 2012-07-04 17:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2013-11-14 12:40 - 2012-07-04 16:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2013-11-14 12:40 - 2012-07-04 16:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2013-11-14 12:40 - 2012-03-17 02:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2013-11-14 12:40 - 2011-05-24 06:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2013-11-14 12:40 - 2011-05-24 05:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2013-11-14 12:40 - 2011-05-24 05:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2013-11-14 12:40 - 2011-05-24 05:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2013-11-14 12:40 - 2011-05-24 05:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2013-11-14 12:40 - 2011-02-18 05:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2013-11-14 12:40 - 2011-02-18 00:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2013-11-14 12:37 - 2013-04-17 02:02 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-11-14 12:37 - 2013-04-17 01:24 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-11-14 12:35 - 2013-10-11 21:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 12:35 - 2013-10-11 21:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 12:35 - 2013-10-11 21:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 12:35 - 2013-10-11 21:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-14 12:35 - 2013-10-11 21:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-14 12:35 - 2013-08-27 20:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-11-14 12:35 - 2013-08-01 07:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-11-14 12:35 - 2013-05-13 00:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-11-14 12:35 - 2013-05-12 22:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-11-14 12:35 - 2013-05-12 22:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-11-14 12:35 - 2013-05-12 22:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-11-14 12:35 - 2013-04-10 01:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-11-14 12:35 - 2013-04-09 18:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-11-14 12:35 - 2013-04-02 17:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-11-14 12:35 - 2013-01-24 01:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2013-11-14 12:35 - 2012-06-06 01:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2013-11-14 12:35 - 2012-06-06 00:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2013-11-14 12:35 - 2012-05-14 00:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-11-14 12:35 - 2012-05-05 03:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2013-11-14 12:35 - 2012-05-05 02:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2013-11-14 12:35 - 2011-12-16 03:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2013-11-14 12:35 - 2011-12-16 02:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2013-11-14 12:35 - 2011-11-19 09:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2013-11-14 12:35 - 2011-11-19 09:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2013-11-14 12:35 - 2011-10-15 01:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2013-11-14 12:35 - 2011-10-15 00:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2013-11-14 12:35 - 2011-08-27 00:37 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2013-11-14 12:35 - 2011-08-27 00:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2013-11-14 12:35 - 2011-08-26 23:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-11-14 12:35 - 2011-08-26 23:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2013-11-14 12:35 - 2011-05-03 00:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2013-11-14 12:35 - 2011-05-02 23:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2013-11-14 12:35 - 2011-02-22 23:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2013-11-14 12:35 - 2011-02-12 06:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2013-11-14 12:35 - 2011-02-03 06:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-11-14 12:34 - 2012-02-17 01:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2013-11-14 12:34 - 2012-02-17 00:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2013-11-14 12:34 - 2012-02-16 23:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2013-11-14 12:31 - 2012-06-02 17:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-11-14 12:31 - 2012-06-02 17:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-11-14 12:31 - 2012-06-02 17:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-11-14 12:31 - 2012-06-02 17:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-11-14 12:31 - 2012-06-02 17:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-11-14 12:31 - 2012-06-02 17:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-11-14 12:31 - 2012-06-02 17:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-11-14 12:31 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-11-14 12:31 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-11-14 12:13 - 2013-12-04 16:32 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-14 12:13 - 2013-12-04 16:28 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-14 12:13 - 2013-12-04 08:23 - 00003892 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-11-14 12:13 - 2013-12-04 08:23 - 00003640 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-11-14 12:13 - 2013-11-15 18:23 - 00111536 _____ C:\Users\Caleb\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-14 12:13 - 2013-11-14 17:25 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-11-14 12:13 - 2013-11-14 12:13 - 00000000 ____D C:\Users\Caleb\AppData\Local\Google
2013-11-14 12:13 - 2013-11-14 12:13 - 00000000 ____D C:\Users\Caleb\AppData\Local\Deployment
2013-11-14 12:13 - 2013-11-14 12:13 - 00000000 ____D C:\Users\Caleb\AppData\Local\Apps\2.0
2013-11-14 12:13 - 2013-11-14 12:13 - 00000000 ____D C:\Program Files (x86)\Google
2013-11-14 12:11 - 2013-11-14 12:11 - 00003882 _____ C:\Windows\system32\WmiConf.txt
2013-11-14 12:11 - 2013-11-14 12:11 - 00000187 _____ C:\Windows\system32\WINS.txt
2013-11-14 12:11 - 2013-11-14 12:11 - 00000128 _____ C:\Windows\system32\StaticIP.txt
2013-11-14 12:11 - 2013-11-14 12:11 - 00000000 ____D C:\Program Files\Intel
2013-11-14 12:10 - 2013-11-14 12:10 - 34066024 _____ C:\Users\Caleb\Downloads\PROWinx64.exe
2013-11-14 12:04 - 2013-11-14 15:05 - 00000000 ____D C:\Program Files (x86)\Intel
2013-11-14 12:04 - 2013-08-05 11:50 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2013-11-14 12:03 - 2013-11-14 12:03 - 06167800 _____ (Intel Corporation) C:\Users\Caleb\Downloads\infinst_autol.exe
2013-11-14 12:03 - 2013-11-14 12:03 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2013-11-14 12:01 - 2013-11-14 12:01 - 00000000 ____D C:\Users\Caleb\Downloads\Intel_Chipset_XPVistaWin7_8_VER9301026
2013-11-14 11:59 - 2013-11-14 11:59 - 00000000 ____D C:\Asus
2013-11-14 11:57 - 2013-11-14 12:01 - 261128554 _____ C:\Users\Caleb\Downloads\Intel_Chipset_XPVistaWin7_8_VER9301026.zip
2013-11-14 11:52 - 2013-11-14 11:52 - 00000000 ____D C:\Intel
2013-11-14 11:43 - 2013-11-21 11:59 - 00000000 ____D C:\Users\Caleb\AppData\Roaming\Adobe
2013-11-14 11:40 - 2013-11-14 14:26 - 00001769 _____ C:\Windows\Language_trs.ini
2013-11-14 11:40 - 2013-11-14 11:40 - 00016896 _____ (ASUS) C:\Windows\AsTaskSched.dll
2013-11-14 11:40 - 2013-11-14 11:36 - 00000000 ____D C:\Windows\Intel_Chipset_XPVistaWin7_8_VER9301026
2013-11-14 11:40 - 2011-02-25 01:25 - 00296320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2013-11-14 11:32 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-14 11:30 - 2013-11-14 11:30 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-14 11:30 - 2013-11-14 11:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-14 11:30 - 2013-11-14 11:30 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-14 11:30 - 2013-11-14 11:30 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-14 11:30 - 2013-11-14 11:30 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-14 11:30 - 2013-11-14 11:30 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-14 11:30 - 2013-11-14 11:30 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-14 11:30 - 2013-11-14 11:30 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-14 11:30 - 2013-11-14 11:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-14 11:30 - 2013-11-14 11:30 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-14 11:30 - 2013-11-14 11:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-11-14 11:29 - 2013-11-14 11:29 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-11-14 11:29 - 2013-11-14 11:29 - 00376688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2013-11-14 11:29 - 2013-11-14 11:29 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-11-14 11:29 - 2013-11-14 11:29 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2013-11-14 11:29 - 2013-11-14 11:29 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-11-14 11:29 - 2013-11-14 11:29 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2013-11-14 11:28 - 2013-11-14 11:28 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-11-14 11:06 - 2013-08-09 04:04 - 00553784 _____ (Intel Corporation) C:\Windows\system32\PROUnstl.exe
2013-11-14 11:06 - 2006-01-12 17:52 - 00001904 ____N C:\Windows\system32\SetupBD.din
2013-11-14 11:03 - 2012-01-07 05:02 - 00003114 _____ C:\Windows\system32\e1c62x64.din
2013-11-14 11:03 - 2009-05-27 01:05 - 00036472 _____ (Intel Corporation) C:\Windows\system32\NicCo36.dll
2013-11-14 10:45 - 2013-11-14 10:45 - 00001908 _____ C:\Windows\diagwrn.xml
2013-11-14 10:45 - 2013-11-14 10:45 - 00001908 _____ C:\Windows\diagerr.xml
2013-11-14 10:43 - 2013-11-21 12:02 - 00000000 ____D C:\Users\Caleb
2013-11-14 10:43 - 2013-11-14 13:01 - 00000000 ___RD C:\Users\Caleb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-14 10:43 - 2013-11-14 13:01 - 00000000 ___RD C:\Users\Caleb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-14 10:43 - 2013-11-14 11:43 - 00001417 _____ C:\Users\Caleb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-14 10:43 - 2013-11-14 10:43 - 00000020 ___SH C:\Users\Caleb\ntuser.ini
2013-11-14 10:43 - 2013-11-14 10:43 - 00000000 ____D C:\Users\Caleb\AppData\Local\VirtualStore
2013-11-14 10:43 - 2009-07-13 23:54 - 00000000 ___RD C:\Users\Caleb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-11-14 10:43 - 2009-07-13 23:49 - 00000000 ___RD C:\Users\Caleb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-11-14 10:42 - 2013-11-14 10:42 - 00000000 __SHD C:\Recovery
 
==================== One Month Modified Files and Folders =======
 
2013-12-04 16:44 - 2013-12-04 16:44 - 00012379 _____ C:\Users\Caleb\Desktop\FRST.txt
2013-12-04 16:39 - 2009-07-13 23:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-04 16:39 - 2009-07-13 23:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-04 16:36 - 2009-07-14 00:13 - 00732136 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-04 16:35 - 2013-11-14 13:42 - 01860434 _____ C:\Windows\WindowsUpdate.log
2013-12-04 16:33 - 2013-11-22 09:10 - 00000330 _____ C:\Windows\Tasks\GlaryInitialize 4.job
2013-12-04 16:33 - 2013-11-22 09:10 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 4
2013-12-04 16:32 - 2013-11-16 17:28 - 00000784 _____ C:\Windows\setupact.log
2013-12-04 16:32 - 2013-11-14 15:12 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-04 16:32 - 2013-11-14 12:13 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-04 16:32 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-04 16:30 - 2013-12-04 16:27 - 00000000 ____D C:\AdwCleaner
2013-12-04 16:28 - 2013-11-14 12:13 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-04 16:22 - 2013-12-04 16:22 - 00000629 _____ C:\Users\Caleb\Desktop\JRT.txt
2013-12-04 16:17 - 2013-12-04 16:17 - 00000000 ____D C:\Windows\ERUNT
2013-12-04 16:15 - 2013-12-04 16:15 - 00000000 ____D C:\FRST
2013-12-04 16:15 - 2013-12-04 16:14 - 01959766 _____ (Farbar) C:\Users\Caleb\Desktop\FRST64.exe
2013-12-04 16:14 - 2013-12-04 16:14 - 01110034 _____ C:\Users\Caleb\Desktop\AdwCleaner.exe
2013-12-04 16:13 - 2013-12-04 16:13 - 01034531 _____ (Thisisu) C:\Users\Caleb\Desktop\JRT.exe
2013-12-04 16:03 - 2013-11-14 13:43 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-04 08:23 - 2013-11-14 12:13 - 00003892 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-04 08:23 - 2013-11-14 12:13 - 00003640 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-03 18:56 - 2013-12-03 16:52 - 00000000 ____D C:\Users\Caleb\AppData\OICE_15_974FA576_32C1D314_3004
2013-12-03 16:06 - 2013-12-03 16:06 - 02347384 _____ (ESET) C:\Users\Caleb\Downloads\esetsmartinstaller_enu (1).exe
2013-12-03 12:40 - 2013-12-03 12:40 - 00000000 ____D C:\Program Files (x86)\ESET
2013-12-03 12:39 - 2013-12-03 12:39 - 02347384 _____ (ESET) C:\Users\Caleb\Downloads\esetsmartinstaller_enu.exe
2013-12-03 12:38 - 2013-12-03 12:38 - 00000000 ____D C:\Users\Caleb\Desktop\bad stuff
2013-12-03 10:28 - 2013-12-03 10:27 - 22531568 _____ C:\Users\Caleb\Downloads\o921235_s1387652_j2205820_ZDJ.zip
2013-12-03 08:32 - 2013-12-03 08:20 - 00000000 ____D C:\ProgramData\HitmanPro
2013-12-03 08:31 - 2013-12-03 08:31 - 00008180 _____ C:\Users\Caleb\Documents\HitmanPro_20131203_0831.log
2013-12-03 08:31 - 2013-12-03 08:31 - 00007294 _____ C:\Users\Caleb\Documents\registry.txt
2013-12-03 08:28 - 2013-12-03 08:28 - 04429440 _____ (Piriform Ltd) C:\Users\Caleb\Downloads\ccsetup404.exe
2013-12-03 08:28 - 2013-12-03 08:28 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-12-03 08:28 - 2013-12-03 08:28 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-03 08:28 - 2013-12-03 08:28 - 00000000 ____D C:\Program Files\CCleaner
2013-12-03 08:22 - 2013-12-03 08:22 - 00001897 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2013-12-03 08:22 - 2013-12-03 08:21 - 00000000 ____D C:\Program Files\HitmanPro
2013-12-03 08:20 - 2013-12-03 08:20 - 10264904 _____ (SurfRight B.V.) C:\Users\Caleb\Downloads\HitmanPro_x64.exe
2013-12-03 08:14 - 2013-12-03 08:14 - 00386464 _____ (Bleeping Computer, LLC) C:\Users\Caleb\Downloads\show-hidden.exe
2013-12-03 07:55 - 2013-12-03 07:55 - 1544158210 _____ C:\Windows\MEMORY.DMP
2013-12-03 07:55 - 2013-12-03 07:55 - 01244160 _____ C:\Windows\Minidump\120313-19078-01.dmp
2013-12-03 07:55 - 2013-12-03 07:55 - 00000000 ____D C:\Windows\Minidump
2013-12-02 19:21 - 2013-12-02 19:21 - 00688992 ____R (Swearware) C:\Users\Caleb\Downloads\dds (1).com
2013-12-02 18:38 - 2013-11-21 12:34 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-02 18:33 - 2013-11-21 12:33 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-02 16:45 - 2013-12-02 16:45 - 00000436 _____ C:\Windows\PFRO.log
2013-11-22 09:17 - 2013-11-22 09:17 - 00688992 ____R (Swearware) C:\Users\Caleb\Downloads\dds.com
2013-11-22 09:16 - 2013-11-22 09:15 - 89808802 _____ C:\Users\Caleb\Documents\registry backup11-21-2013.reg
2013-11-22 09:10 - 2013-11-22 09:10 - 00002626 _____ C:\Windows\System32\Tasks\GlaryInitialize 4
2013-11-22 09:10 - 2013-11-22 09:10 - 00001084 _____ C:\Users\Public\Desktop\Glary Utilities 4.lnk
2013-11-22 09:10 - 2013-11-16 16:58 - 00000000 ____D C:\ProgramData\GlarySoft
2013-11-22 09:10 - 2013-11-16 16:57 - 00000000 ____D C:\Users\Caleb\AppData\Roaming\GlarySoft
2013-11-22 09:02 - 2013-11-22 09:02 - 12241168 _____ C:\Users\Caleb\Downloads\Glary_Utilities_v4.0.0.53 (1).exe
2013-11-22 07:34 - 2013-11-22 07:34 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2013-11-22 07:21 - 2013-11-21 17:22 - 00000000 ____D C:\Windows\pss
2013-11-21 17:25 - 2013-11-15 18:29 - 00002226 _____ C:\Users\Public\Desktop\avast! Internet Security.lnk
2013-11-21 15:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\LiveKernelReports
2013-11-21 12:33 - 2013-11-21 12:33 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Caleb\Downloads\mbar-1.07.0.1007.exe
2013-11-21 12:02 - 2013-11-15 18:31 - 378782720 _____ C:\Users\Caleb\MIKES OUTLOOK 2012X.pst
2013-11-21 12:02 - 2013-11-14 10:43 - 00000000 ____D C:\Users\Caleb
2013-11-21 11:59 - 2013-11-21 11:58 - 00000000 ____D C:\Users\Caleb\AppData\Local\Adobe
2013-11-21 11:59 - 2013-11-21 11:58 - 00000000 ____D C:\ProgramData\Adobe
2013-11-21 11:59 - 2013-11-14 11:43 - 00000000 ____D C:\Users\Caleb\AppData\Roaming\Adobe
2013-11-21 11:58 - 2013-11-21 11:58 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-11-21 11:58 - 2013-11-21 11:58 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-11-21 11:45 - 2013-11-21 11:45 - 12241168 _____ C:\Users\Caleb\Downloads\Glary_Utilities_v4.0.0.53.exe
2013-11-21 11:29 - 2013-11-14 14:11 - 00744882 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-11-21 11:28 - 2013-11-21 11:28 - 00111536 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-21 11:28 - 2013-11-21 11:28 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Intel Corporation
2013-11-21 11:28 - 2013-11-21 11:28 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\AVAST Software
2013-11-21 11:27 - 2013-11-21 11:27 - 00001413 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-21 11:27 - 2013-11-21 11:27 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2013-11-21 11:27 - 2013-11-21 11:27 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-21 11:27 - 2013-11-21 11:27 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-21 11:27 - 2013-11-21 11:27 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2013-11-21 11:27 - 2013-11-21 11:27 - 00000000 ____D C:\Users\Administrator
2013-11-18 08:43 - 2013-11-18 08:43 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-18 08:43 - 2013-11-18 08:43 - 00000000 ____D C:\Users\Caleb\AppData\Roaming\Malwarebytes
2013-11-18 08:43 - 2013-11-18 08:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-18 08:43 - 2013-11-18 08:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-18 08:41 - 2013-11-18 08:41 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Caleb\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-18 08:34 - 2013-11-18 08:34 - 00000000 ___DC C:\Users\Caleb\AppData\Local\MigWiz
2013-11-17 21:41 - 2013-11-21 11:27 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Genie9
2013-11-17 21:41 - 2013-11-17 21:41 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-17 21:41 - 2013-11-17 21:41 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-17 21:41 - 2013-11-17 21:41 - 00000000 ____D C:\Users\Default\AppData\Roaming\Genie9
2013-11-17 21:41 - 2013-11-17 21:41 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Genie9
2013-11-17 19:41 - 2013-11-17 19:41 - 00000000 ____D C:\ProgramData\Genie9
2013-11-17 19:40 - 2013-11-17 19:40 - 00000000 ____D C:\Users\Caleb\AppData\Roaming\Genie9
2013-11-17 19:40 - 2013-11-17 19:40 - 00000000 ____D C:\Program Files\NETGEAR
2013-11-17 19:40 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-11-17 19:39 - 2013-11-17 19:37 - 20747096 _____ (NETGEAR) C:\Users\Caleb\Downloads\ReadySHAREVault-install (1).exe
2013-11-17 19:31 - 2009-07-14 00:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-11-16 17:28 - 2013-11-16 17:28 - 00000000 _____ C:\Windows\setuperr.log
2013-11-16 17:00 - 2013-11-14 13:30 - 00000000 ____D C:\Windows\Panther
2013-11-16 16:46 - 2013-11-16 16:46 - 06685656 _____ (Glarysoft Ltd                                               ) C:\Users\Caleb\Downloads\gupsetup.exe
2013-11-16 14:10 - 2013-11-16 14:10 - 20747096 _____ (NETGEAR) C:\Users\Caleb\Downloads\ReadySHAREVault-install.exe
2013-11-16 14:10 - 2013-11-16 14:10 - 00002060 _____ C:\Users\Public\Desktop\NETGEAR Genie.lnk
2013-11-16 14:10 - 2013-11-16 14:10 - 00000000 ____D C:\Users\Caleb\AppData\Local\NETGEARGenie
2013-11-16 14:09 - 2013-11-16 14:09 - 16974720 _____ (NETGEAR Inc.) C:\Users\Caleb\Downloads\NETGEARGenie-install.exe
2013-11-16 14:09 - 2013-11-16 14:09 - 00369168 _____ (CACE Technologies, Inc.) C:\Windows\system32\wpcap.dll
2013-11-16 14:09 - 2013-11-16 14:09 - 00281104 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\wpcap.dll
2013-11-16 14:09 - 2013-11-16 14:09 - 00106000 _____ (CACE Technologies, Inc.) C:\Windows\system32\packet.dll
2013-11-16 14:09 - 2013-11-16 14:09 - 00096784 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\packet.dll
2013-11-16 14:09 - 2013-11-16 14:09 - 00035344 _____ (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys
2013-11-16 14:09 - 2013-11-16 14:09 - 00000000 ____D C:\Program Files (x86)\NETGEAR Genie
2013-11-16 12:56 - 2013-11-16 12:56 - 00001957 _____ C:\Users\Public\Desktop\RAIDar.lnk
2013-11-16 12:56 - 2013-11-16 12:56 - 00000000 ____D C:\Program Files (x86)\NETGEAR ReadyNAS
2013-11-16 12:55 - 2013-11-16 12:55 - 02743808 _____ (Netgear Inc.) C:\Users\Caleb\Downloads\RAIDar_Win_4_3_8.exe
2013-11-16 07:46 - 2013-11-16 07:46 - 00000000 ____H C:\Users\Caleb\Documents\Default.rdp
2013-11-16 03:23 - 2009-07-13 23:45 - 00442192 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-16 03:06 - 2013-11-15 17:46 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-16 03:05 - 2013-11-16 03:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 03:03 - 2009-07-13 21:34 - 00000478 _____ C:\Windows\win.ini
2013-11-16 03:00 - 2013-11-21 11:27 - 00000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help
2013-11-16 03:00 - 2013-11-16 03:00 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-11-16 03:00 - 2013-11-16 03:00 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-11-15 18:59 - 2013-11-15 18:59 - 00000000 ____D C:\Users\Caleb\Documents\Outlook Files
2013-11-15 18:29 - 2013-11-15 18:29 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-11-15 18:29 - 2013-11-15 18:29 - 00447888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2013-11-15 18:29 - 2013-11-15 18:29 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-11-15 18:29 - 2013-11-15 18:29 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-11-15 18:29 - 2013-11-15 18:29 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-11-15 18:29 - 2013-11-15 18:29 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-11-15 18:29 - 2013-11-15 18:29 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-11-15 18:29 - 2013-11-15 18:29 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-11-15 18:29 - 2013-11-15 18:29 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-11-15 18:29 - 2013-11-15 18:29 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-11-15 18:29 - 2013-11-15 18:29 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-11-15 18:29 - 2013-11-15 18:29 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2013-11-15 18:29 - 2013-11-15 18:29 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-11-15 18:29 - 2013-11-15 18:29 - 00002032 _____ C:\Users\Public\Desktop\avast! SafeZone.lnk
2013-11-15 18:29 - 2013-11-15 18:29 - 00000000 ____D C:\Users\Caleb\AppData\Roaming\AVAST Software
2013-11-15 18:29 - 2013-11-15 18:29 - 00000000 ____D C:\Program Files\AVAST Software
2013-11-15 18:27 - 2013-11-15 18:27 - 00002459 _____ C:\Users\Caleb\Downloads\license (1).avastlic
2013-11-15 18:23 - 2013-11-15 18:23 - 123749912 _____ (AVAST Software) C:\Users\Caleb\Downloads\avast_internet_security_setup (1).exe
2013-11-15 18:23 - 2013-11-15 18:23 - 00000000 ____D C:\ProgramData\AVAST Software
2013-11-15 18:23 - 2013-11-14 12:13 - 00111536 _____ C:\Users\Caleb\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-15 17:47 - 2013-11-15 17:47 - 00000000 ____D C:\Windows\PCHEALTH
2013-11-15 17:47 - 2013-11-15 17:47 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-11-15 17:47 - 2013-11-15 17:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-11-15 17:47 - 2011-04-12 03:28 - 00000000 ____D C:\Windows\ShellNew
2013-11-15 17:46 - 2013-11-15 17:46 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-11-15 17:46 - 2013-11-15 17:46 - 00000000 ____D C:\Users\Caleb\AppData\Local\Microsoft Help
2013-11-15 17:46 - 2013-11-15 17:46 - 00000000 ____D C:\Program Files\Microsoft Office
2013-11-15 17:46 - 2013-11-15 17:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-11-15 17:44 - 2013-11-15 17:44 - 00000000 __RHD C:\MSOCache
2013-11-15 17:27 - 2013-11-15 17:26 - 123749912 _____ (AVAST Software) C:\Users\Caleb\Downloads\avast_internet_security_setup.exe
2013-11-15 17:23 - 2013-11-15 17:23 - 00002495 _____ C:\Users\Caleb\Downloads\License.avastlic
2013-11-15 17:11 - 2013-11-15 16:46 - 3853993984 _____ C:\Users\Caleb\Downloads\en_windows_8_1_enterprise_x64_dvd_2971902.iso
2013-11-15 16:50 - 2013-11-15 16:39 - 1505925120 _____ C:\Users\Caleb\Downloads\en_office_professional_plus_2013_x86_x64_dvd_1135709.iso
2013-11-15 07:23 - 2009-07-13 22:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2013-11-14 20:04 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2013-11-14 17:25 - 2013-11-14 12:13 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-11-14 15:12 - 2013-11-14 15:12 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-11-14 15:12 - 2013-11-14 15:12 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-11-14 15:12 - 2013-11-14 15:11 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-11-14 15:12 - 2013-11-14 15:11 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-11-14 15:12 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Help
2013-11-14 15:05 - 2013-11-14 15:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ICCWDT_01009.Wdf
2013-11-14 15:05 - 2013-11-14 15:05 - 00000000 ____D C:\Program Files\ASUS
2013-11-14 15:05 - 2013-11-14 15:03 - 00000000 ____D C:\Windows\System32\Tasks\ASUS
2013-11-14 15:05 - 2013-11-14 14:37 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-14 15:05 - 2013-11-14 12:04 - 00000000 ____D C:\Program Files (x86)\Intel
2013-11-14 15:04 - 2013-11-14 15:02 - 00000000 ____D C:\Program Files (x86)\ASUS
2013-11-14 15:02 - 2013-11-14 15:02 - 00000000 ____D C:\ProgramData\ASUS
2013-11-14 15:01 - 2013-11-14 15:01 - 00000901 _____ C:\Users\Public\Desktop\CPUID ROG CPU-Z.lnk
2013-11-14 15:01 - 2013-11-14 15:01 - 00000000 ____D C:\Program Files\CPUID
2013-11-14 14:58 - 2013-11-14 14:58 - 00000000 ____D C:\Users\Caleb\AppData\Roaming\InstallShield
2013-11-14 14:58 - 2013-11-14 14:06 - 00041810 _____ C:\Windows\Ascd_tmp.ini
2013-11-14 14:44 - 2013-11-14 14:44 - 00000000 ____D C:\Program Files (x86)\ASM104xUSB3
2013-11-14 14:38 - 2013-11-14 14:38 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-11-14 14:38 - 2013-11-14 14:38 - 00000000 ____D C:\Program Files\Realtek
2013-11-14 14:37 - 2013-11-14 14:37 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-11-14 14:33 - 2013-11-14 14:32 - 00000000 ____D C:\Users\Caleb\AppData\Local\Microsoft Games
2013-11-14 14:27 - 2013-11-14 14:27 - 00000000 ____D C:\Program Files (x86)\ASM106xSATA
2013-11-14 14:26 - 2013-11-14 11:40 - 00001769 _____ C:\Windows\Language_trs.ini
2013-11-14 14:11 - 2013-11-14 14:11 - 00000000 ____D C:\Users\Caleb\AppData\Roaming\Intel Corporation
2013-11-14 13:56 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2013-11-14 13:44 - 2013-11-14 13:44 - 00000000 ____D C:\Users\Caleb\AppData\Roaming\Macromedia
2013-11-14 13:43 - 2013-11-14 13:43 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-14 13:43 - 2013-11-14 13:43 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-14 13:43 - 2013-11-14 13:43 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-14 13:43 - 2013-11-14 13:43 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-11-14 13:43 - 2013-11-14 13:43 - 00000000 ____D C:\Windows\system32\Macromed
2013-11-14 13:38 - 2013-11-14 13:38 - 00000000 ____D C:\Users\Caleb\AppData\Roaming\SystemRequirementsLab
2013-11-14 13:36 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\sysprep
2013-11-14 13:34 - 2013-11-14 13:34 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2013-11-14 13:34 - 2011-04-12 03:28 - 00000000 ____D C:\Windows\CSC
2013-11-14 13:31 - 2013-11-14 13:31 - 00000000 ____D C:\ProgramData\Oracle
2013-11-14 13:30 - 2013-11-14 13:30 - 00915368 _____ (Oracle Corporation) C:\Users\Caleb\Downloads\chromeinstall-7u45 (1).exe
2013-11-14 13:30 - 2009-07-14 00:38 - 00025600 ___SH C:\Windows\system32\config\BCD-Template.LOG
2013-11-14 13:30 - 2009-07-14 00:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2013-11-14 13:27 - 2013-11-14 13:27 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-11-14 13:27 - 2013-11-14 13:27 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-11-14 13:27 - 2013-11-14 13:27 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-11-14 13:27 - 2013-11-14 13:27 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-11-14 13:27 - 2013-11-14 13:27 - 00000000 ____D C:\ProgramData\Sun
2013-11-14 13:27 - 2013-11-14 13:27 - 00000000 ____D C:\Program Files (x86)\Java
2013-11-14 13:26 - 2013-11-14 13:26 - 00915368 _____ (Oracle Corporation) C:\Users\Caleb\Downloads\chromeinstall-7u45.exe
2013-11-14 13:26 - 2013-11-14 13:26 - 00000000 ____D C:\ProgramData\McAfee
2013-11-14 13:10 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-14 13:01 - 2013-11-14 10:43 - 00000000 ___RD C:\Users\Caleb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-14 13:01 - 2013-11-14 10:43 - 00000000 ___RD C:\Users\Caleb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-14 13:00 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\System
2013-11-14 12:59 - 2011-04-12 03:28 - 00000000 ____D C:\Program Files\Windows Journal
2013-11-14 12:59 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-11-14 12:59 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-11-14 12:45 - 2013-11-14 12:44 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 12:13 - 2013-11-14 12:13 - 00000000 ____D C:\Users\Caleb\AppData\Local\Google
2013-11-14 12:13 - 2013-11-14 12:13 - 00000000 ____D C:\Users\Caleb\AppData\Local\Deployment
2013-11-14 12:13 - 2013-11-14 12:13 - 00000000 ____D C:\Users\Caleb\AppData\Local\Apps\2.0
2013-11-14 12:13 - 2013-11-14 12:13 - 00000000 ____D C:\Program Files (x86)\Google
2013-11-14 12:11 - 2013-11-14 12:11 - 00003882 _____ C:\Windows\system32\WmiConf.txt
2013-11-14 12:11 - 2013-11-14 12:11 - 00000187 _____ C:\Windows\system32\WINS.txt
2013-11-14 12:11 - 2013-11-14 12:11 - 00000128 _____ C:\Windows\system32\StaticIP.txt
2013-11-14 12:11 - 2013-11-14 12:11 - 00000000 ____D C:\Program Files\Intel
2013-11-14 12:10 - 2013-11-14 12:10 - 34066024 _____ C:\Users\Caleb\Downloads\PROWinx64.exe
2013-11-14 12:03 - 2013-11-14 12:03 - 06167800 _____ (Intel Corporation) C:\Users\Caleb\Downloads\infinst_autol.exe
2013-11-14 12:03 - 2013-11-14 12:03 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2013-11-14 12:01 - 2013-11-14 12:01 - 00000000 ____D C:\Users\Caleb\Downloads\Intel_Chipset_XPVistaWin7_8_VER9301026
2013-11-14 12:01 - 2013-11-14 11:57 - 261128554 _____ C:\Users\Caleb\Downloads\Intel_Chipset_XPVistaWin7_8_VER9301026.zip
2013-11-14 11:59 - 2013-11-14 11:59 - 00000000 ____D C:\Asus
2013-11-14 11:52 - 2013-11-14 11:52 - 00000000 ____D C:\Intel
2013-11-14 11:43 - 2013-11-14 10:43 - 00001417 _____ C:\Users\Caleb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-14 11:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-11-14 11:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-11-14 11:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\zh-HK
2013-11-14 11:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\tr-TR
2013-11-14 11:40 - 2013-11-14 11:40 - 00016896 _____ (ASUS) C:\Windows\AsTaskSched.dll
2013-11-14 11:36 - 2013-11-14 11:40 - 00000000 ____D C:\Windows\Intel_Chipset_XPVistaWin7_8_VER9301026
2013-11-14 11:34 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Registration
2013-11-14 11:30 - 2013-11-14 11:30 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-14 11:30 - 2013-11-14 11:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-14 11:30 - 2013-11-14 11:30 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-14 11:30 - 2013-11-14 11:30 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-14 11:30 - 2013-11-14 11:30 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-14 11:30 - 2013-11-14 11:30 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-14 11:30 - 2013-11-14 11:30 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-14 11:30 - 2013-11-14 11:30 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-14 11:30 - 2013-11-14 11:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-14 11:30 - 2013-11-14 11:30 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-14 11:30 - 2013-11-14 11:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-11-14 11:30 - 2013-11-14 11:30 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-14 11:30 - 2013-11-14 11:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-11-14 11:29 - 2013-11-14 11:29 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-11-14 11:29 - 2013-11-14 11:29 - 00376688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2013-11-14 11:29 - 2013-11-14 11:29 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-11-14 11:29 - 2013-11-14 11:29 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2013-11-14 11:29 - 2013-11-14 11:29 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-11-14 11:29 - 2013-11-14 11:29 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2013-11-14 11:28 - 2013-11-14 11:28 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-11-14 11:28 - 2013-11-14 11:28 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-11-14 11:26 - 2009-07-13 22:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-11-14 11:26 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\spool
2013-11-14 11:05 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\system32\restore
2013-11-14 10:45 - 2013-11-14 10:45 - 00001908 _____ C:\Windows\diagwrn.xml
2013-11-14 10:45 - 2013-11-14 10:45 - 00001908 _____ C:\Windows\diagerr.xml
2013-11-14 10:43 - 2013-11-14 10:43 - 00000020 ___SH C:\Users\Caleb\ntuser.ini
2013-11-14 10:43 - 2013-11-14 10:43 - 00000000 ____D C:\Users\Caleb\AppData\Local\VirtualStore
2013-11-14 10:42 - 2013-11-14 10:42 - 00000000 __SHD C:\Recovery
2013-11-14 10:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\Recovery
2013-11-11 09:31 - 2013-11-14 13:25 - 00565528 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2013-11-11 09:31 - 2013-11-14 13:25 - 00023832 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorF.sys
2013-11-11 05:50 - 2010-11-20 22:27 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-07 16:00 - 2013-11-14 12:44 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
 
Some content of TEMP:
====================
C:\Users\Caleb\AppData\Local\Temp\ModelCheckUtility.exe
C:\Users\Caleb\AppData\Local\Temp\NASUPnP.dll
C:\Users\Caleb\AppData\Local\Temp\ose00000.exe
C:\Users\Caleb\AppData\Local\Temp\Quarantine.exe
C:\Users\Caleb\AppData\Local\Temp\_is5D9A.exe
C:\Users\Caleb\AppData\Local\Temp\_is8E1B.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-12-02 20:25
 
==================== End Of Log ============================


#10 coldair

coldair
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Naples Fl
  • Local time:10:09 PM

Posted 04 December 2013 - 05:11 PM

Attached File  Addition.txt   28.21KB   1 downloads



#11 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,317 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:10:09 PM

Posted 04 December 2013 - 05:24 PM

All seems clear. Can you be brief me on the issue?


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#12 coldair

coldair
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Naples Fl
  • Local time:10:09 PM

Posted 04 December 2013 - 05:51 PM

it started with a BSOD with a power staste failure warning, after rebooting the intel raid software would not start and the avast firewall was down and would not restart. I tried to reinstall the raid software but I was unable to. so I installed a new copy of windows 7 64 along with avast, but I could not access the programs on the drive but I was able to access all the pictures, about 250 gigs of them. no problem I figured I would copy the data to another drive and wipe the array and then copy it back. so while I did that I checked on the backup in the NAS and the NAS would not let me access the pictures or the back up copies



#13 coldair

coldair
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Naples Fl
  • Local time:10:09 PM

Posted 04 December 2013 - 05:54 PM

sorry I type slow and it has locked up and wiped it out twice now 

well avast found this 

avastlog1_zps6c11412d.jpg

 

then this 
11-19-2013rootkitscan_zps6cf51396.jpg

 

then this 
virus2_zps599c5f83.png



#14 coldair

coldair
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Naples Fl
  • Local time:10:09 PM

Posted 04 December 2013 - 06:02 PM

this morning I came in the avast was running a boot scan and it said it found a hideme-F trojan and that I had a bunch of corrupted backup files. I also saw a lot of files with ~ in front of them and my notes on Icloud have things like Mike mike mike mike all over them and some notes were deleted



#15 coldair

coldair
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Naples Fl
  • Local time:10:09 PM

Posted 04 December 2013 - 06:12 PM

eset online scanner found this 
 

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=6e7e220d3e5a3a4fa0320e47137e7507
# engine=16120
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-12-03 11:10:08
# local_time=2013-12-03 06:10:08 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=772 16777213 66 82 1467634 1471240 0 0
# compatibility_mode=5893 16776573 100 94 0 137655658 0 0
# scanned=728237
# found=12
# cleaned=12
# scan_time=19710
sh=C2618738D1F91D0FCAE01CB3AC8F90A882448609 ft=1 fh=9c7aebefdb247f2d vn="a variant of MSIL/Adware.StrongVault.A application (cleaned by deleting - quarantined)" ac=C fn="E:\AI_RecycleBin\{9FB66A3D-43F6-407D-8D10-C7482208926A}\3\Strongvault\StrongVaultApp.exe"
sh=BA07A0DE0E6A5FB1D5D710E104BD82CF0AC86B97 ft=1 fh=8e447262f758a58d vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="M:\Mikes\Downloads\CrystalDiskInfo4_1_4-en.exe"
sh=9EED75E150AAF3FF4440346946B1B5882D3AAED7 ft=1 fh=36a8d98481590cc6 vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="M:\Mikes\Downloads\tools and software\DriverSweeper_3.2.0.exe"
sh=0B5C0037092B97877B289B3534868A2CC2BD83FC ft=0 fh=0000000000000000 vn="Win32/OpenCandy application (deleted - quarantined)" ac=C fn="M:\Mikes\RAMPAGE-PC\Backup Set 2013-11-10 194135\Backup Files 2013-11-10 194135\Backup files 84.zip"
sh=8115C272716D2268DA596D0F26FCF8B434BAC3E8 ft=0 fh=0000000000000000 vn="multiple threats (deleted - quarantined)" ac=C fn="Z:\Backup Set 2013-10-09 134452\Backup Files 2013-10-09 134452\Backup files 78.zip"
sh=FD2EBF253B07B601B03F48A9B5AA0E400C647AE0 ft=0 fh=0000000000000000 vn="multiple threats (deleted - quarantined)" ac=C fn="Z:\Backup Set 2013-10-09 134452\Backup Files 2013-10-09 134452\Backup files 84.zip"
sh=980A4EBEB3F40F62A7F380CFC16A3F2311CCAB4B ft=0 fh=0000000000000000 vn="Win32/OpenCandy application (deleted - quarantined)" ac=C fn="Z:\Backup Set 2013-10-09 134452\Backup Files 2013-10-09 134452\Backup files 86.zip"
sh=BA07A0DE0E6A5FB1D5D710E104BD82CF0AC86B97 ft=1 fh=8e447262f758a58d vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="Z:\Downloads\CrystalDiskInfo4_1_4-en.exe"
sh=9EED75E150AAF3FF4440346946B1B5882D3AAED7 ft=1 fh=36a8d98481590cc6 vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="Z:\Downloads\tools and software\DriverSweeper_3.2.0.exe"
sh=0B5C0037092B97877B289B3534868A2CC2BD83FC ft=0 fh=0000000000000000 vn="Win32/OpenCandy application (deleted - quarantined)" ac=C fn="Z:\RAMPAGE-PC\Backup Set 2013-11-10 194135\Backup Files 2013-11-10 194135\Backup files 84.zip"
sh=9EED75E150AAF3FF4440346946B1B5882D3AAED7 ft=1 fh=36a8d98481590cc6 vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="Z:\what is this stuff\C\F\tools\tools and software\DriverSweeper_3.2.0.exe"
sh=9EED75E150AAF3FF4440346946B1B5882D3AAED7 ft=1 fh=36a8d98481590cc6 vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="Z:\what is this stuff\F\tools\tools and software\DriverSweeper_3.2.0.exe"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users