Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unreachable dll's !! Cant remove them! (dds logs)


  • This topic is locked This topic is locked
2 replies to this topic

#1 hjones315

hjones315

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Detroit,MI
  • Local time:09:10 PM

Posted 02 April 2014 - 10:30 AM

I also just noticed that the Action Security Center keeps telling me I have no antivirus or firewall active when I do....i hope i do.... :-(

 

DDS

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16521
Run by Verner at 10:37:23 on 2014-04-02
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.1788.562 [GMT -5:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\system32\mfevtps.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
mWinlogon: Userinit = userinit.exe
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{27A7D5CD-4C65-48D1-8E12-722F5038518A} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{27A7D5CD-4C65-48D1-8E12-722F5038518A}\2375942554234393 : DHCPNameServer = 192.168.1.254
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-1-15 73856]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-1-15 28800]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-1-15 55280]
R1 MOBKFilter;MOBKFilter;C:\Windows\System32\drivers\MOBK.sys [2014-3-19 66040]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-10-10 144152]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-3-19 328928]
R2 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2014-1-27 311600]
R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2014-3-19 1025712]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2014-3-19 219752]
R2 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2013-12-5 783864]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2014-3-19 185792]
R2 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2014-1-27 344688]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-3-20 3921880]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-3-20 171416]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2014-1-27 70592]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2011-1-15 172704]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-1-15 76912]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2014-1-27 520696]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2014-1-21 422712]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-3-20 1042272]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2014-3-19 197704]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-3-28 111616]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-4-1 119512]
S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2014-1-21 96592]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-3-27 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-1-15 232480]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-6-10 187392]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-3-27 56832]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-3-21 1255736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
S4 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-1-15 98208]
S4 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-1-15 202752]
S4 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
S4 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-3-19 328928]
S4 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-3-19 328928]
S4 McAPExe;McAfee AP Service;C:\Program Files\McAfee\MSC\McAPExe.exe [2014-3-19 178528]
S4 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-3-19 328928]
S4 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-3-19 328928]
S4 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-3-19 328928]
S4 MOBKbackup;McAfee Online Backup;C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [2010-4-13 231224]
S4 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]
S4 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-1-15 689472]
.
=============== Created Last 30 ================
.
2014-04-02 12:11:22 -------- d-----w- C:\SUPERDelete
2014-04-02 03:08:58 -------- d-----w- C:\ProgramData\Samsung
2014-04-02 02:20:05 -------- d-----w- C:\Users\Verner\AppData\Roaming\Samsung
2014-04-02 02:19:59 144664 ----a-w- C:\Windows\SysWow64\secman.dll
2014-04-02 01:59:14 -------- d-----w- C:\Users\Verner\AppData\Roaming\SUPERAntiSpyware.com
2014-04-02 01:57:46 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2014-04-02 01:57:46 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2014-04-02 00:32:51 119512 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-04-02 00:31:39 -------- d-----w- C:\ProgramData\Malwarebytes
2014-04-01 08:27:42 10521840 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{295981EE-41EC-4454-9594-64CAB42900A5}\mpengine.dll
2014-04-01 02:36:48 -------- d-----w- C:\Program Files (x86)\Samsung
2014-04-01 02:34:23 -------- d-----w- C:\Users\Verner\AppData\Local\Downloaded Installations
2014-04-01 01:36:14 -------- d-----w- C:\Program Files (x86)\ESET
2014-03-31 23:36:14 -------- d-----w- C:\Windows\ERUNT
2014-03-31 23:14:52 -------- d-----w- C:\AdwCleaner
2014-03-31 08:03:09 -------- d-----r- C:\Program Files (x86)\Skype
2014-03-31 05:05:10 10521840 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2014-03-30 23:55:33 -------- d-----w- C:\FRST
2014-03-30 00:35:46 -------- d-----w- C:\ProgramData\SecTaskMan
2014-03-30 00:35:14 -------- d-----w- C:\Program Files (x86)\Security Task Manager
2014-03-29 00:22:56 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-03-29 00:22:55 548864 ----a-w- C:\Windows\System32\vbscript.dll
2014-03-28 23:05:48 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2014-03-28 23:00:13 6574592 ----a-w- C:\Windows\System32\mstscax.dll
2014-03-28 23:00:13 5694464 ----a-w- C:\Windows\SysWow64\mstscax.dll
2014-03-28 15:05:20 -------- d-----w- C:\Users\Verner\AppData\Local\Diagnostics
2014-03-28 13:47:15 -------- d-----w- C:\Windows\pss
2014-03-28 02:10:42 -------- d-----w- C:\Users\Verner\AppData\Roaming\LavasoftStatistics
2014-03-28 01:23:58 -------- d-----w- C:\Windows\Migration
2014-03-28 01:13:10 -------- d-----w- C:\Users\Verner\AppData\Roaming\SecureSearch
2014-03-28 01:05:37 -------- d-----w- C:\Program Files\Common Files\Lavasoft
2014-03-28 00:57:08 256904 ----a-w- C:\Windows\SysWow64\drivers\tmcomm.sys
2014-03-28 00:52:13 15360 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2014-03-28 00:51:33 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
2014-03-28 00:50:41 192000 ----a-w- C:\Windows\SysWow64\rdpendp_winip.dll
2014-03-28 00:50:36 243200 ----a-w- C:\Windows\System32\rdpudd.dll
2014-03-28 00:50:34 228864 ----a-w- C:\Windows\System32\rdpendp_winip.dll
2014-03-28 00:50:28 3174912 ----a-w- C:\Windows\System32\rdpcorets.dll
2014-03-28 00:38:36 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-03-28 00:38:34 366592 ----a-w- C:\Windows\System32\qdvd.dll
2014-03-28 00:37:33 1030144 ----a-w- C:\Windows\System32\TSWorkspace.dll
2014-03-28 00:37:31 792576 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
2014-03-27 23:58:46 -------- d-----w- C:\ProgramData\WEBREG
2014-03-27 23:55:49 -------- d-----w- C:\Users\Verner\AppData\Local\HP
2014-03-27 23:48:21 -------- d-----w- C:\Program Files (x86)\Yahoo!
2014-03-27 23:39:22 -------- d-----w- C:\Windows\SysWow64\spool
2014-03-27 23:36:51 -------- d-----w- C:\Program Files (x86)\Common Files\Hewlett-Packard
2014-03-27 23:36:11 -------- d-----w- C:\Program Files (x86)\Common Files\HP
2014-03-27 23:30:57 -------- d-----w- C:\Program Files (x86)\HP
2014-03-27 23:26:59 -------- d-----w- C:\Program Files\HP
2014-03-27 23:25:27 642360 ----a-w- C:\Windows\System32\hpzids40.dll
2014-03-27 22:38:27 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2014-03-27 22:38:27 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2014-03-27 22:38:25 2871808 ----a-w- C:\Windows\explorer.exe
2014-03-27 22:38:24 2616320 ----a-w- C:\Windows\SysWow64\explorer.exe
2014-03-27 22:38:21 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-03-27 22:38:21 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-03-27 22:38:20 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2014-03-27 22:38:20 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2014-03-27 22:36:05 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-03-27 22:36:04 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-03-27 22:35:12 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2014-03-27 22:35:11 67072 ----a-w- C:\Windows\splwow64.exe
2014-03-27 20:54:06 -------- d-----w- C:\Users\Verner\AppData\Local\ElevatedDiagnostics
2014-03-26 00:55:20 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2014-03-26 00:55:20 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-03-26 00:55:19 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2014-03-26 00:55:18 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2014-03-24 21:28:12 1192448 ----a-w- C:\Windows\System32\certutil.exe
2014-03-24 21:28:11 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2014-03-24 21:28:05 52224 ----a-w- C:\Windows\System32\certenc.dll
2014-03-24 21:28:05 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2014-03-24 21:26:31 335360 ----a-w- C:\Windows\System32\msieftp.dll
2014-03-24 21:26:30 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
2014-03-24 21:26:28 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2014-03-24 21:26:28 228864 ----a-w- C:\Windows\System32\wwansvc.dll
2014-03-24 21:26:17 633856 ----a-w- C:\Windows\System32\comctl32.dll
2014-03-24 21:26:15 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll
2014-03-24 21:25:04 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2014-03-24 21:25:02 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2014-03-24 21:25:02 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2014-03-24 21:25:02 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2014-03-24 21:24:11 224256 ----a-w- C:\Windows\System32\wintrust.dll
2014-03-24 21:24:11 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2014-03-24 21:22:31 111448 ----a-w- C:\Windows\System32\consent.exe
2014-03-24 21:22:29 70144 ----a-w- C:\Windows\System32\appinfo.dll
2014-03-24 21:20:25 1474048 ----a-w- C:\Windows\System32\crypt32.dll
2014-03-24 21:20:24 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll
2014-03-24 21:20:23 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2014-03-24 21:20:22 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2014-03-24 21:20:21 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2014-03-24 21:20:19 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2014-03-24 21:20:00 484864 ----a-w- C:\Windows\System32\wer.dll
2014-03-24 21:20:00 381440 ----a-w- C:\Windows\SysWow64\wer.dll
2014-03-24 21:19:58 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2014-03-24 21:19:58 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2014-03-24 21:19:00 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-03-24 21:19:00 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-03-24 21:18:01 1882112 ----a-w- C:\Windows\System32\msxml3.dll
2014-03-24 21:18:00 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2014-03-24 21:18:00 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2014-03-24 21:18:00 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-03-24 21:16:16 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2014-03-24 21:16:14 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys
2014-03-24 21:16:14 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys
2014-03-24 21:16:12 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-03-24 21:16:10 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
2014-03-24 21:16:00 1011712 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll
2014-03-24 21:15:58 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll
2014-03-24 21:15:57 392704 ----a-w- C:\Program Files (x86)\Windows Defender\MpClient.dll
2014-03-24 21:15:56 314880 ----a-w- C:\Program Files\Windows Defender\MpCommu.dll
2014-03-24 21:15:54 54784 ----a-w- C:\Program Files (x86)\Windows Defender\MpOAV.dll
2014-03-24 21:15:53 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
2014-03-24 21:15:52 4608 ----a-w- C:\Program Files (x86)\Windows Defender\MsMpLics.dll
2014-03-24 21:15:16 1930752 ----a-w- C:\Windows\System32\authui.dll
2014-03-24 21:15:14 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2014-03-24 21:15:13 197120 ----a-w- C:\Windows\System32\credui.dll
2014-03-24 21:15:13 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
2014-03-24 21:15:12 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2014-03-24 21:15:11 168960 ----a-w- C:\Windows\SysWow64\credui.dll
2014-03-24 21:14:22 41472 ----a-w- C:\Windows\System32\lpk.dll
2014-03-24 21:14:22 368128 ----a-w- C:\Windows\System32\atmfd.dll
2014-03-24 21:14:22 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2014-03-24 21:14:22 14336 ----a-w- C:\Windows\System32\dciman32.dll
2014-03-24 21:14:21 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2014-03-24 21:14:21 25600 ----a-w- C:\Windows\SysWow64\lpk.dll
2014-03-24 21:14:21 10240 ----a-w- C:\Windows\SysWow64\dciman32.dll
2014-03-24 21:14:21 100864 ----a-w- C:\Windows\System32\fontsub.dll
2014-03-24 21:14:19 46080 ----a-w- C:\Windows\System32\atmlib.dll
2014-03-24 21:14:18 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2014-03-24 21:12:53 658432 ----a-w- C:\Windows\System32\RMActivate_isv.exe
2014-03-24 21:11:59 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2014-03-24 21:11:59 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2014-03-24 21:11:58 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2014-03-24 21:11:57 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2014-03-24 21:11:57 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2014-03-24 21:11:57 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2014-03-24 21:11:56 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2014-03-24 21:11:44 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2014-03-24 21:11:44 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
2014-03-24 21:09:24 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll
2014-03-24 21:09:23 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2014-03-24 21:08:21 185344 ----a-w- C:\Windows\System32\drivers\usbvideo.sys
2014-03-24 21:08:21 100864 ----a-w- C:\Windows\System32\drivers\usbcir.sys
2014-03-24 21:07:20 216576 ----a-w- C:\Windows\System32\ncsi.dll
2014-03-24 21:07:19 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2014-03-24 21:07:18 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2014-03-24 21:07:18 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2014-03-24 21:07:17 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2014-03-24 21:07:14 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2014-03-24 21:07:12 52224 ----a-w- C:\Windows\SysWow64\nlaapi.dll
2014-03-24 21:07:07 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2014-03-24 21:07:06 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2014-03-24 21:07:05 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2014-03-24 21:07:05 18944 ----a-w- C:\Windows\System32\netevent.dll
2014-03-24 21:05:49 76800 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2014-03-24 21:05:49 42496 ----a-w- C:\Windows\System32\drivers\usbscan.sys
2014-03-24 21:05:48 32896 ----a-w- C:\Windows\System32\drivers\hidparse.sys
2014-03-24 21:05:39 259584 ----a-w- C:\Windows\System32\WebClnt.dll
2014-03-24 21:05:38 81920 ----a-w- C:\Windows\SysWow64\davclnt.dll
2014-03-24 21:05:38 205824 ----a-w- C:\Windows\SysWow64\WebClnt.dll
2014-03-24 21:05:38 102400 ----a-w- C:\Windows\System32\davclnt.dll
2014-03-24 21:05:37 140800 ----a-w- C:\Windows\System32\drivers\mrxdav.sys
2014-03-24 21:05:02 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2014-03-24 21:02:15 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
2014-03-24 21:02:09 327168 ----a-w- C:\Windows\System32\mswsock.dll
2014-03-24 21:02:07 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2014-03-24 20:55:42 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-03-24 20:55:41 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
2014-03-24 20:52:07 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-03-24 20:52:07 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-03-24 20:52:03 751104 ----a-w- C:\Windows\System32\win32spl.dll
2014-03-24 20:52:02 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
2014-03-24 20:51:56 68608 ----a-w- C:\Windows\System32\taskhost.exe
2014-03-24 20:51:55 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-03-24 20:51:55 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-03-24 20:51:09 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2014-03-24 20:51:08 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2014-03-24 20:50:36 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2014-03-24 20:50:36 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2014-03-24 20:50:36 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2014-03-24 20:50:35 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-03-24 20:50:35 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2014-03-24 20:46:10 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2014-03-24 20:46:10 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2014-03-24 20:46:10 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2014-03-24 20:46:09 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2014-03-24 20:46:09 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2014-03-24 20:45:39 461312 ----a-w- C:\Windows\System32\scavengeui.dll
2014-03-21 16:25:06 -------- d-----w- C:\Windows\System32\SPReview
2014-03-21 16:23:28 -------- d-----w- C:\Windows\System32\EventProviders
2014-03-21 16:10:17 -------- d-sh--w- C:\Windows\System32\%APPDATA%
2014-03-21 15:50:20 48976 ----a-w- C:\Windows\System32\netfxperf.dll
2014-03-21 15:50:20 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2014-03-21 15:48:59 263168 ----a-w- C:\Windows\System32\spwizui.dll
2014-03-21 15:47:59 1525248 ----a-w- C:\Program Files\Windows Media Player\wmpnetwk.exe
2014-03-21 15:46:57 481280 ----a-w- C:\Windows\System32\wmpps.dll
2014-03-21 15:45:59 263168 ----a-w- C:\Windows\System32\vpnike.dll
2014-03-21 15:44:59 228352 ----a-w- C:\Windows\SysWow64\stobject.dll
2014-03-21 15:43:59 611840 ----a-w- C:\Windows\System32\wpd_ci.dll
2014-03-21 15:42:59 233984 ----a-w- C:\Windows\System32\defaultlocationcpl.dll
2014-03-21 15:41:59 537600 ----a-w- C:\Windows\SysWow64\ActionCenterCPL.dll
2014-03-21 15:40:59 516096 ----a-w- C:\Program Files (x86)\Windows Mail\wab.exe
2014-03-21 15:39:59 94208 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadcf.dll
2014-03-21 15:38:59 7680 ----a-w- C:\Windows\SysWow64\kbdlk41a.dll
2014-03-21 15:37:52 6144 ----a-w- C:\Windows\System32\drivers\en-US\IPMIDrv.sys.mui
2014-03-21 15:37:52 4608 ----a-w- C:\Windows\System32\drivers\en-US\kbdclass.sys.mui
2014-03-21 15:37:26 189952 ----a-w- C:\Windows\SysWow64\wdscore.dll
2014-03-21 15:37:25 399872 ----a-w- C:\Windows\System32\dpx.dll
2014-03-21 15:36:36 189952 ----a-w- C:\Windows\SysWow64\sqmapi.dll
2014-03-21 15:34:01 606208 ----a-w- C:\Windows\SysWow64\wbem\fastprox.dll
2014-03-21 15:34:01 363008 ----a-w- C:\Windows\SysWow64\wbemcomn.dll
2014-03-21 15:34:01 189952 ----a-w- C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll
2014-03-21 15:22:45 244736 ----a-w- C:\Program Files\Windows Portable Devices\sqmapi.dll
2014-03-21 15:22:44 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
2014-03-21 15:22:16 244736 ----a-w- C:\Windows\System32\sqmapi.dll
2014-03-21 14:34:55 2565632 ----a-w- C:\Windows\System32\esent.dll
2014-03-21 14:34:52 1699328 ----a-w- C:\Windows\SysWow64\esent.dll
2014-03-21 14:34:49 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2014-03-21 14:34:47 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2014-03-21 14:34:46 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2014-03-21 14:34:43 189824 ----a-w- C:\Windows\System32\drivers\storport.sys
2014-03-21 14:34:42 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2014-03-21 14:34:41 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2014-03-21 14:34:37 96768 ----a-w- C:\Windows\System32\fsutil.exe
2014-03-21 14:34:36 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2014-03-21 13:34:33 -------- d-----w- C:\Windows\SysWow64\Wat
2014-03-21 13:34:33 -------- d-----w- C:\Windows\System32\Wat
2014-03-21 12:21:50 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2014-03-21 12:21:50 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2014-03-21 12:21:50 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2014-03-21 11:42:22 -------- d-----w- C:\Windows\System32\MRT
2014-03-21 11:39:09 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2014-03-21 11:39:09 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2014-03-21 11:39:08 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2014-03-21 11:39:08 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2014-03-21 11:39:06 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2014-03-21 11:39:06 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2014-03-21 11:39:06 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2014-03-21 11:28:42 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
2014-03-21 11:28:36 1395712 ----a-w- C:\Windows\System32\mfc42.dll
2014-03-21 11:28:32 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
2014-03-21 11:28:28 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2014-03-21 10:26:43 362496 ----a-w- C:\Windows\System32\wow64win.dll
2014-03-21 10:26:36 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2014-03-21 10:26:36 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2014-03-21 10:21:02 961024 ----a-w- C:\Windows\System32\CPFilters.dll
2014-03-21 10:21:02 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll
2014-03-21 10:21:00 259072 ----a-w- C:\Windows\System32\mpg2splt.ax
2014-03-21 10:21:00 1118720 ----a-w- C:\Windows\System32\sbe.dll
2014-03-21 10:20:59 850944 ----a-w- C:\Windows\SysWow64\sbe.dll
2014-03-21 10:20:58 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax
2014-03-21 10:19:12 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll
2014-03-21 10:19:11 1572864 ----a-w- C:\Windows\System32\quartz.dll
2014-03-21 10:18:56 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2014-03-21 10:18:55 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2014-03-21 10:17:50 27520 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2014-03-21 10:17:44 33792 ----a-w- C:\Windows\System32\profprov.dll
2014-03-21 10:17:44 209920 ----a-w- C:\Windows\System32\profsvc.dll
2014-03-21 10:17:39 183296 ----a-w- C:\Windows\System32\dnsrslvr.dll
2014-03-21 10:17:38 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
2014-03-21 10:17:37 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
2014-03-21 10:12:35 478208 ----a-w- C:\Windows\System32\dpnet.dll
2014-03-21 10:12:35 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2014-03-21 10:12:34 3072 ----a-w- C:\Windows\System32\dpnaddr.dll
2014-03-21 10:12:34 2560 ----a-w- C:\Windows\SysWow64\dpnaddr.dll
2014-03-21 10:10:03 800768 ----a-w- C:\Windows\System32\usp10.dll
2014-03-21 10:10:02 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2014-03-21 10:07:17 613888 ----a-w- C:\Windows\System32\psisdecd.dll
2014-03-21 10:07:17 108032 ----a-w- C:\Windows\System32\psisrndr.ax
2014-03-21 10:07:16 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2014-03-21 10:07:15 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll
2014-03-21 10:07:15 288256 ----a-w- C:\Windows\System32\MSNP.ax
2014-03-21 10:07:14 104960 ----a-w- C:\Windows\System32\Mpeg2Data.ax
2014-03-21 10:07:13 204288 ----a-w- C:\Windows\SysWow64\MSNP.ax
2014-03-21 10:07:12 72704 ----a-w- C:\Windows\SysWow64\Mpeg2Data.ax
2014-03-21 10:07:11 75776 ----a-w- C:\Windows\System32\MSDvbNP.ax
2014-03-21 10:07:10 59904 ----a-w- C:\Windows\SysWow64\MSDvbNP.ax
2014-03-21 10:06:52 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2014-03-21 10:06:47 723456 ----a-w- C:\Windows\System32\EncDec.dll
2014-03-21 10:06:46 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2014-03-21 10:06:19 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2014-03-21 10:03:34 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2014-03-21 10:03:28 715776 ----a-w- C:\Windows\System32\kerberos.dll
2014-03-21 10:03:28 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-03-21 10:03:19 3216384 ----a-w- C:\Windows\System32\msi.dll
2014-03-21 10:03:18 2342400 ----a-w- C:\Windows\SysWow64\msi.dll
2014-03-21 09:56:35 95744 ----a-w- C:\Windows\System32\synceng.dll
2014-03-21 09:56:35 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2014-03-21 09:56:17 605552 ----a-w- C:\Windows\System32\winload.exe
2014-03-21 09:56:15 642944 ----a-w- C:\Windows\System32\winload.efi
2014-03-21 09:56:13 518672 ----a-w- C:\Windows\System32\winresume.exe
2014-03-21 09:56:12 566208 ----a-w- C:\Windows\System32\winresume.efi
2014-03-21 09:56:10 20352 ----a-w- C:\Windows\System32\kdusb.dll
2014-03-21 09:56:10 19328 ----a-w- C:\Windows\System32\kd1394.dll
2014-03-21 09:56:09 63488 ----a-w- C:\Windows\System32\setbcdlocale.dll
2014-03-21 09:56:09 17792 ----a-w- C:\Windows\System32\kdcom.dll
2014-03-21 09:53:48 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll
2014-03-21 09:53:48 207872 ----a-w- C:\Windows\System32\cfgmgr32.dll
2014-03-21 09:53:48 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
2014-03-21 09:53:47 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
2014-03-21 09:53:46 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2014-03-21 09:53:46 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
2014-03-21 09:46:59 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2014-03-21 09:46:57 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2014-03-21 09:46:18 136704 ----a-w- C:\Windows\System32\browser.dll
2014-03-21 09:46:12 59392 ----a-w- C:\Windows\System32\browcli.dll
2014-03-21 09:46:06 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
2014-03-21 09:45:17 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2014-03-21 09:45:17 31232 ----a-w- C:\Windows\System32\prevhost.exe
2014-03-21 09:45:08 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys
2014-03-21 09:45:02 503808 ----a-w- C:\Windows\System32\srcore.dll
2014-03-21 09:45:01 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2014-03-21 09:45:01 296960 ----a-w- C:\Windows\System32\rstrui.exe
2014-03-21 09:44:54 974336 ----a-w- C:\Windows\System32\WFS.exe
2014-03-21 09:44:54 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe
2014-03-21 09:44:47 956928 ----a-w- C:\Windows\System32\localspl.dll
2014-03-21 09:44:46 39424 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\winprint.dll
2014-03-21 09:44:37 634880 ----a-w- C:\Windows\System32\msvcrt.dll
2014-03-21 09:44:33 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2014-03-21 09:43:58 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-03-21 09:43:57 331776 ----a-w- C:\Windows\System32\oleacc.dll
2014-03-21 09:43:56 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2014-03-21 09:43:55 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-03-21 08:48:34 2164224 ----a-w- C:\Program Files\Windows Journal\Journal.exe
2014-03-21 08:15:08 106496 ----a-w- C:\Windows\System32\odbccu32.dll
2014-03-21 08:15:07 106496 ----a-w- C:\Windows\System32\odbccr32.dll
2014-03-21 08:15:06 126976 ----a-w- C:\Program Files\Common Files\System\Ole DB\msdaosp.dll
2014-03-21 08:15:05 163840 ----a-w- C:\Windows\System32\odbccp32.dll
2014-03-21 08:15:04 212992 ----a-w- C:\Windows\System32\odbctrac.dll
2014-03-21 08:15:03 319488 ----a-w- C:\Windows\SysWow64\odbcjt32.dll
2014-03-21 08:15:02 122880 ----a-w- C:\Windows\SysWow64\odbccp32.dll
2014-03-21 08:15:01 81920 ----a-w- C:\Windows\SysWow64\odbccr32.dll
2014-03-21 08:15:00 94208 ----a-w- C:\Program Files (x86)\Common Files\System\Ole DB\msdaosp.dll
2014-03-21 08:15:00 86016 ----a-w- C:\Windows\SysWow64\odbccu32.dll
2014-03-21 08:14:59 163840 ----a-w- C:\Windows\SysWow64\odbctrac.dll
2014-03-21 08:14:41 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2014-03-21 08:14:40 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
2014-03-21 08:13:11 142336 ----a-w- C:\Windows\System32\poqexec.exe
2014-03-21 08:13:10 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2014-03-21 08:12:20 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2014-03-21 08:11:49 5120 ----a-w- C:\Windows\System32\wmi.dll
2014-03-21 08:11:48 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2014-03-21 05:54:13 2315776 ----a-w- C:\Windows\System32\tquery.dll
2014-03-21 05:54:09 2223616 ----a-w- C:\Windows\System32\mssrch.dll
2014-03-21 05:54:04 1549312 ----a-w- C:\Windows\SysWow64\tquery.dll
2014-03-21 05:54:03 1401344 ----a-w- C:\Windows\SysWow64\mssrch.dll
2014-03-21 05:54:00 591872 ----a-w- C:\Windows\System32\SearchIndexer.exe
2014-03-21 05:51:41 288768 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2014-03-21 05:51:40 158208 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2014-03-21 05:51:39 128000 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2014-03-21 05:51:32 395776 ----a-w- C:\Windows\System32\webio.dll
2014-03-21 05:51:31 314880 ----a-w- C:\Windows\SysWow64\webio.dll
2014-03-21 05:47:55 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2014-03-21 05:47:34 515584 ----a-w- C:\Windows\System32\timedate.cpl
2014-03-21 05:47:32 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
2014-03-21 05:40:12 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2014-03-21 05:40:12 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2014-03-21 05:40:12 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2014-03-21 05:40:08 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
2014-03-21 03:38:05 77312 ----a-w- C:\Windows\System32\packager.dll
2014-03-21 03:38:04 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2014-03-20 05:38:51 -------- d-----w- C:\Program Files (x86)\Your Uninstaller! 7
2014-03-20 05:38:41 -------- d-----w- C:\Users\Verner\AppData\Roaming\URSoft
2014-03-20 05:00:43 21040 ----a-w- C:\Windows\System32\sdnclean64.exe
2014-03-20 05:00:35 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2014-03-20 05:00:20 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-03-20 04:59:53 -------- d-----w- C:\Users\Verner\AppData\Local\Programs
2014-03-20 04:57:19 -------- d-----w- C:\Program Files\CCleaner
2014-03-20 04:03:33 270496 ------w- C:\Windows\System32\MpSigStub.exe
2014-03-20 04:02:01 -------- d-----w- C:\Program Files (x86)\McAfeeMOBK
2014-03-20 04:01:48 66040 ----a-w- C:\Windows\System32\drivers\MOBK.sys
2014-03-20 04:01:48 197704 ----a-w- C:\Windows\System32\drivers\HipShieldK.sys
2014-03-20 04:01:40 -------- d-----w- C:\Program Files (x86)\McAfee Online Backup
2014-03-20 04:00:50 -------- d-----w- C:\Program Files (x86)\McAfee.com
2014-03-20 03:59:44 -------- d-----w- C:\Program Files\McAfee.com
2014-03-20 03:59:43 -------- d-----w- C:\Program Files\McAfee
2014-03-20 03:59:41 -------- d-----w- C:\Program Files (x86)\McAfee
2014-03-20 03:46:06 185792 ----a-w- C:\Windows\System32\mfevtps.exe
2014-03-20 03:46:01 -------- d-----w- C:\Program Files\Common Files\McAfee
2014-03-20 03:05:51 -------- d-----w- C:\Users\Verner\AppData\Local\Google
2014-03-20 03:05:30 -------- d-----w- C:\Users\Verner\AppData\Local\Apps
2014-03-20 03:05:29 -------- d-----w- C:\Users\Verner\AppData\Local\Deployment
2014-03-20 02:30:13 -------- d-----w- C:\Users\Verner\My Backup Files
2014-03-20 02:14:33 101376 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\HPZPPWN7.DLL
2014-03-20 02:13:32 -------- d-----w- C:\Users\Verner\AppData\Roaming\Dell
2014-03-20 02:13:11 -------- d-----w- C:\Users\Verner\AppData\Local\ATI
2014-03-20 02:12:07 -------- d-sh--w- C:\$RECYCLE.BIN
2014-03-20 02:11:55 -------- d-----w- C:\Users\Verner\AppData\Local\Stardock_Corporation
2014-03-20 02:11:49 -------- d-----w- C:\Users\Verner\AppData\Local\SoftThinks
2014-03-20 02:11:16 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2014-03-20 02:11:16 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2014-03-20 02:11:16 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2014-03-20 02:11:02 -------- d-----w- C:\Users\Verner\AppData\Local\VirtualStore
2014-03-20 02:06:16 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2014-03-20 02:06:07 99840 ----a-w- C:\Windows\System32\wudriver.dll
2014-03-20 02:05:38 36864 ----a-w- C:\Windows\System32\wuapp.exe
2014-03-20 02:05:38 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2014-03-20 02:03:50 -------- d-sh--we C:\Documents and Settings
2014-03-19 03:35:24 -------- d-----w- C:\Windows\SMINST
2014-03-11 20:07:42 4550656 ----a-w- C:\Windows\SysWow64\GPhotos.scr
.
==================== Find3M  ====================
.
2014-03-25 23:44:37 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-21 17:55:21 175616 ----a-w- C:\Windows\System32\msclmd.dll
2014-03-21 17:55:21 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2014-03-01 05:17:02 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-03-01 05:16:26 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-03-01 04:52:55 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-03-01 04:51:59 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-03-01 04:33:52 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-03-01 04:33:34 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-03-01 04:32:59 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-03-01 04:23:49 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-01 04:11:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-03-01 03:54:33 5768704 ----a-w- C:\Windows\System32\jscript9.dll
2014-03-01 03:52:43 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-03-01 03:51:53 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-03-01 03:38:26 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-03-01 03:37:35 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-03-01 03:35:11 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-03-01 03:14:15 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-03-01 03:10:28 2334208 ----a-w- C:\Windows\System32\wininet.dll
2014-03-01 03:00:08 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-03-01 02:32:16 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-01-27 13:43:26 70592 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2014-01-27 13:37:32 344688 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2014-01-27 13:33:26 783864 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
2014-01-27 13:31:34 520696 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2014-01-27 13:30:06 311600 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2014-01-27 13:29:22 180272 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
2014-01-21 08:50:46 11336 ----a-w- C:\Windows\System32\drivers\mfeclnrk.sys
2014-01-21 08:50:24 96592 ----a-w- C:\Windows\System32\drivers\mfencrk.sys
2014-01-21 08:50:02 422712 ----a-w- C:\Windows\System32\drivers\mfencbdc.sys
.
============= FINISH: 10:39:31.24 ===============
 
 


BC AdBot (Login to Remove)

 


#2 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:02:10 AM

Posted 04 April 2014 - 02:25 PM

Good evening. :)
 

Unreachable dll's !! Cant remove them!

 

What dlls and why do you want to remove them?

 

 

Action Security Center keeps telling me I have no antivirus or firewall active when I do....i hope i do.... :-(

 

DDS sees McAfee, so so far so good, but it reports it as Disabled so you might like to check if it is in fact active.


So long, and thanks for all the fish.

 

 


#3 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:02:10 AM

Posted 09 April 2014 - 04:25 PM

Helpers are limited in the number of logs they can take by the time they have available and having threads sit idle means that somebody else who could be being helped has to wait.
Given that there has been no response for at least five days, and I have no way of knowing when there will be one, this thread is now closed - thanks for the wait!
 


So long, and thanks for all the fish.

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users