Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Before it's too late...


  • Please log in to reply
31 replies to this topic

#1 My.Rhapsodies12

My.Rhapsodies12

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:51 AM

Posted 08 April 2014 - 06:52 PM

I have just reformatted my laptop three days ago (after panicking about malware infection) for the third time. Till now, I have upgraded several drivers and downloaded some programs before realising that I should take precautions before the same ordeal happens to my laptop for the fourth time (infection isn't obviously gone). So any help is really appreciated.

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16521
Run by User at 7:26:33 on 2014-04-09
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.1975.580 [GMT 8:00]
.
AV: Bitdefender Antivirus *Enabled/Updated* {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
SP: Bitdefender Antispyware *Enabled/Updated* {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall *Enabled* {A23392FD-84B9-F933-2C71-81E751F6EF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSSa
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\snuvcdsm.exe
C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com/
mStart Page = about:blank
mWinlogon: Userinit = userinit.exe
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: Bitdefender Wallet: {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
uRun: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
uRun: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
uRun: [Bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
uRun: [Bitdefender Wallet Application Agent] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
dRun: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
dRun: [Bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
dRun: [Bitdefender Wallet Application Agent] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.0.1 192.168.0.1
TCP: Interfaces\{EC51F13A-B82D-4174-8740-647CCB5EBBFB} : DHCPNameServer = 192.168.0.1 192.168.0.1
TCP: Interfaces\{EC51F13A-B82D-4174-8740-647CCB5EBBFB}\3516E6364757D6 : DHCPNameServer = 192.168.0.1 192.168.0.1
TCP: Interfaces\{EC51F13A-B82D-4174-8740-647CCB5EBBFB}\45F6073507F647 : DHCPNameServer = 192.168.0.1 192.168.0.1
TCP: Interfaces\{EC51F13A-B82D-4174-8740-647CCB5EBBFB}\46C696E6B6 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{EC51F13A-B82D-4174-8740-647CCB5EBBFB}\47F6073505F445 : DHCPNameServer = 192.168.0.1 192.168.0.1
TCP: Interfaces\{EC51F13A-B82D-4174-8740-647CCB5EBBFB}\5334037383F5D4168796372427F616462616E646 : DHCPNameServer = 192.168.0.1 192.168.0.1
TCP: Interfaces\{EC51F13A-B82D-4174-8740-647CCB5EBBFB}\D4970244563656D6265627 : DHCPNameServer = 192.168.43.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-mStart Page = about:blank
x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
x64-BHO: Bitdefender Wallet : {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [PLFSetL] C:\Windows\PLFSetL.exe
x64-Run: [SNUVCDSM] C:\Windows\snuvcdsm.exe
x64-Run: [Bdagent] "C:\Program Files\Bitdefender\Bitdefender\bdagent.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\plxkpptm.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2014-4-9 893440]
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2014-4-6 653296]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2014-4-6 28656]
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2014-4-6 20024]
R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [2014-4-9 93600]
R1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2014-4-9 103504]
R1 BDVEDISK;BDVEDISK;C:\Windows\System32\drivers\bdvedisk.sys [2014-4-9 76944]
R2 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2014-4-3 175480]
R2 SafeBox;SafeBox;C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe [2014-4-9 94624]
R2 UPDATESRV;Bitdefender Desktop Update Service;C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [2014-4-9 67320]
R3 ATSwpWDF;AuthenTec TruePrint WBF Driver;C:\Windows\System32\drivers\ATSwpWDF.sys [2014-4-6 1111856]
R3 avchv;avchv Function Driver;C:\Windows\System32\drivers\avchv.sys [2014-4-7 261056]
R3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2014-4-9 635392]
R3 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2014-4-9 150256]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2014-4-6 56344]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2014-4-6 435512]
R3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-14 292864]
R3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-14 1485312]
R3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-14 740864]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 bdfwfpf_pc;bdfwfpf_pc;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [2014-4-9 121928]
S3 BDSandBox;BDSandBox;C:\Windows\System32\drivers\bdsandbox.sys [2014-4-9 82824]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-4-7 111616]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-4-7 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S4 BdDesktopParental;Bitdefender Desktop Parental Control;C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [2014-4-9 77632]
.
=============== Created Last 30 ================
.
2014-04-08 22:48:18    8199504    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2014-04-08 22:47:48    10521840    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{824CC364-D9B8-42F4-BCE3-8FE498FE8975}\mpengine.dll
2014-04-08 18:12:17    966229    ----a-w-    C:\ProgramData\1396978910.bdinstall.bin
2014-04-08 18:04:22    76944    ----a-w-    C:\Windows\System32\drivers\bdvedisk.sys
2014-04-08 18:04:09    93600    ----a-w-    C:\Windows\System32\drivers\BdfNdisf6.sys
2014-04-08 18:04:08    82824    ----a-w-    C:\Windows\System32\drivers\bdsandbox.sys
2014-04-08 18:03:47    635392    ----a-w-    C:\Windows\System32\drivers\avckf.sys
2014-04-08 18:03:46    893440    ----a-w-    C:\Windows\System32\drivers\avc3.sys
2014-04-08 17:50:03    --------    d-----w-    C:\Users\User\AppData\Roaming\Bitdefender
2014-04-08 17:49:58    3271472    ---ha-w-    C:\bdr-bz01
2014-04-08 17:44:23    150256    ----a-w-    C:\Windows\System32\drivers\gzflt.sys
2014-04-08 17:44:21    389240    ----a-w-    C:\Windows\System32\drivers\trufos.sys
2014-04-08 17:24:17    62222    ----a-w-    C:\ProgramData\1396977825.bdinstall.bin
2014-04-08 17:11:14    319614    ----a-w-    C:\ProgramData\1396976262.bdinstall.bin
2014-04-08 17:11:14    --------    d-----w-    C:\Program Files\Bitdefender
2014-04-08 17:00:18    --------    d-----w-    C:\ProgramData\Bitdefender
2014-04-08 16:26:39    251874    ----a-w-    C:\ProgramData\1396974311.bdinstall.bin
2014-04-08 16:19:40    123264    ----a-w-    C:\Windows\System32\drivers\ZTEusbser6k.sys
2014-04-08 16:19:40    123264    ----a-w-    C:\Windows\System32\drivers\ZTEusbnmea.sys
2014-04-08 16:19:40    123264    ----a-w-    C:\Windows\System32\drivers\ZTEusbmdm6k.sys
2014-04-08 16:19:38    --------    d-----w-    C:\Windows\ZTEDriverforMF93
2014-04-07 08:55:58    --------    d-----w-    C:\ProgramData\GRETECH
2014-04-07 07:57:12    --------    d-----w-    C:\Program Files (x86)\GRETECH
2014-04-07 07:04:42    --------    d-----w-    C:\Users\User\AppData\Local\Diagnostics
2014-04-07 04:29:33    2871808    ----a-w-    C:\Windows\explorer.exe
2014-04-07 04:29:33    2616320    ----a-w-    C:\Windows\SysWow64\explorer.exe
2014-04-07 04:01:21    --------    d-----w-    C:\Windows\Migration
2014-04-07 03:56:19    --------    d-----w-    C:\Windows\System32\MRT
2014-04-07 03:34:29    --------    d-----w-    C:\Windows\SysWow64\Wat
2014-04-07 03:34:27    --------    d-----w-    C:\Windows\System32\Wat
2014-04-07 02:51:34    2560    ----a-w-    C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2014-04-07 02:21:44    87040    ----a-w-    C:\Windows\System32\drivers\WUDFPf.sys
2014-04-07 02:21:44    198656    ----a-w-    C:\Windows\System32\drivers\WUDFRd.sys
2014-04-07 02:21:42    84992    ----a-w-    C:\Windows\System32\WUDFSvc.dll
2014-04-07 02:21:42    194048    ----a-w-    C:\Windows\System32\WUDFPlatform.dll
2014-04-07 02:21:40    744448    ----a-w-    C:\Windows\System32\WUDFx.dll
2014-04-07 02:21:40    45056    ----a-w-    C:\Windows\System32\WUDFCoinstaller.dll
2014-04-07 02:21:40    229888    ----a-w-    C:\Windows\System32\WUDFHost.exe
2014-04-07 02:16:37    548864    ----a-w-    C:\Windows\System32\vbscript.dll
2014-04-07 02:16:37    454656    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-04-07 02:15:46    5120    ----a-w-    C:\Windows\SysWow64\wmi.dll
2014-04-07 02:15:46    5120    ----a-w-    C:\Windows\System32\wmi.dll
2014-04-07 02:15:46    23408    ----a-w-    C:\Windows\System32\drivers\fs_rec.sys
2014-04-07 01:13:51    633856    ----a-w-    C:\Windows\System32\comctl32.dll
2014-04-07 01:13:51    530432    ----a-w-    C:\Windows\SysWow64\comctl32.dll
2014-04-07 01:11:52    886784    ----a-w-    C:\Program Files\Common Files\System\wab32.dll
2014-04-07 01:11:52    708608    ----a-w-    C:\Program Files (x86)\Common Files\System\wab32.dll
2014-04-07 01:11:12    142336    ----a-w-    C:\Windows\System32\poqexec.exe
2014-04-07 01:11:11    123904    ----a-w-    C:\Windows\SysWow64\poqexec.exe
2014-04-07 01:10:45    55296    ----a-w-    C:\Windows\System32\dhcpcsvc6.dll
2014-04-07 01:10:45    44032    ----a-w-    C:\Windows\SysWow64\dhcpcsvc6.dll
2014-04-07 01:10:45    226816    ----a-w-    C:\Windows\System32\dhcpcore6.dll
2014-04-07 01:10:45    193536    ----a-w-    C:\Windows\SysWow64\dhcpcore6.dll
2014-04-07 01:10:28    3717632    ----a-w-    C:\Windows\System32\mstscax.dll
2014-04-07 01:10:27    44032    ----a-w-    C:\Windows\System32\tsgqec.dll
2014-04-07 01:10:27    36864    ----a-w-    C:\Windows\SysWow64\tsgqec.dll
2014-04-07 01:10:27    3217408    ----a-w-    C:\Windows\SysWow64\mstscax.dll
2014-04-07 01:10:27    158720    ----a-w-    C:\Windows\System32\aaclient.dll
2014-04-07 01:10:27    131584    ----a-w-    C:\Windows\SysWow64\aaclient.dll
2014-04-07 01:08:50    224256    ----a-w-    C:\Windows\System32\wintrust.dll
2014-04-07 01:08:50    175104    ----a-w-    C:\Windows\SysWow64\wintrust.dll
2014-04-07 01:08:19    70144    ----a-w-    C:\Windows\System32\appinfo.dll
2014-04-07 01:08:19    111448    ----a-w-    C:\Windows\System32\consent.exe
2014-04-07 01:05:58    2048    ----a-w-    C:\Windows\SysWow64\msxml3r.dll
2014-04-07 01:05:58    2048    ----a-w-    C:\Windows\System32\msxml3r.dll
2014-04-07 01:05:58    1882112    ----a-w-    C:\Windows\System32\msxml3.dll
2014-04-07 01:05:58    1237504    ----a-w-    C:\Windows\SysWow64\msxml3.dll
2014-04-07 01:03:44    46080    ----a-w-    C:\Windows\System32\atmlib.dll
2014-04-07 01:00:57    99840    ----a-w-    C:\Windows\System32\drivers\usbccgp.sys
2014-04-07 01:00:57    7808    ----a-w-    C:\Windows\System32\drivers\usbd.sys
2014-04-07 01:00:57    53248    ----a-w-    C:\Windows\System32\drivers\usbehci.sys
2014-04-07 01:00:57    343040    ----a-w-    C:\Windows\System32\drivers\usbhub.sys
2014-04-07 01:00:57    325120    ----a-w-    C:\Windows\System32\drivers\usbport.sys
2014-04-07 01:00:12    41472    ----a-w-    C:\Windows\System32\drivers\rndismpx.sys
2014-04-07 01:00:12    19968    ----a-w-    C:\Windows\System32\drivers\usb8023x.sys
2014-04-07 01:00:12    19968    ----a-w-    C:\Windows\System32\drivers\usb8023.sys
2014-04-07 01:00:05    9728    ----a-w-    C:\Windows\System32\Wdfres.dll
2014-04-07 01:00:05    785624    ----a-w-    C:\Windows\System32\drivers\Wdf01000.sys
2014-04-07 01:00:05    54376    ----a-w-    C:\Windows\System32\drivers\WdfLdr.sys
2014-04-07 01:00:02    663552    ----a-w-    C:\Windows\SysWow64\rpcrt4.dll
2014-04-07 01:00:02    1217024    ----a-w-    C:\Windows\System32\rpcrt4.dll
2014-04-07 00:58:44    259584    ----a-w-    C:\Windows\System32\WebClnt.dll
2014-04-07 00:58:44    205824    ----a-w-    C:\Windows\SysWow64\WebClnt.dll
2014-04-07 00:58:43    81920    ----a-w-    C:\Windows\SysWow64\davclnt.dll
2014-04-07 00:58:43    140800    ----a-w-    C:\Windows\System32\drivers\mrxdav.sys
2014-04-07 00:58:43    102400    ----a-w-    C:\Windows\System32\davclnt.dll
2014-04-07 00:58:42    478208    ----a-w-    C:\Windows\System32\dpnet.dll
2014-04-07 00:58:42    376832    ----a-w-    C:\Windows\SysWow64\dpnet.dll
2014-04-07 00:58:38    2565120    ----a-w-    C:\Windows\System32\d3d10warp.dll
2014-04-07 00:58:38    1987584    ----a-w-    C:\Windows\SysWow64\d3d10warp.dll
2014-04-07 00:58:37    3928064    ----a-w-    C:\Windows\System32\d2d1.dll
2014-04-07 00:58:37    3419136    ----a-w-    C:\Windows\SysWow64\d2d1.dll
2014-04-07 00:51:59    715776    ----a-w-    C:\Windows\System32\kerberos.dll
2014-04-07 00:51:59    542208    ----a-w-    C:\Windows\SysWow64\kerberos.dll
2014-04-07 00:51:55    376768    ----a-w-    C:\Windows\System32\drivers\netio.sys
2014-04-07 00:48:51    936448    ----a-w-    C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-04-07 00:48:51    1732608    ----a-w-    C:\Program Files\Windows Journal\NBDoc.DLL
2014-04-07 00:48:51    1402880    ----a-w-    C:\Program Files\Windows Journal\JNWDRV.dll
2014-04-07 00:48:51    1393152    ----a-w-    C:\Program Files\Windows Journal\JNTFiltr.dll
2014-04-07 00:48:51    1367040    ----a-w-    C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2014-04-07 00:48:44    102608    ----a-w-    C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2014-04-07 00:48:43    124112    ----a-w-    C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2014-04-07 00:47:26    223752    ----a-w-    C:\Windows\System32\drivers\fvevol.sys
2014-04-07 00:47:25    503808    ----a-w-    C:\Windows\System32\srcore.dll
2014-04-07 00:47:25    43008    ----a-w-    C:\Windows\SysWow64\srclient.dll
2014-04-07 00:47:16    1192448    ----a-w-    C:\Windows\System32\certutil.exe
2014-04-07 00:47:15    903168    ----a-w-    C:\Windows\SysWow64\certutil.exe
2014-04-07 00:47:14    52224    ----a-w-    C:\Windows\System32\certenc.dll
2014-04-07 00:47:14    43008    ----a-w-    C:\Windows\SysWow64\certenc.dll
2014-04-07 00:46:17    202752    ----a-w-    C:\Windows\System32\scrrun.dll
2014-04-07 00:46:17    168960    ----a-w-    C:\Windows\System32\wscript.exe
2014-04-07 00:46:17    163840    ----a-w-    C:\Windows\SysWow64\scrrun.dll
2014-04-07 00:46:17    156160    ----a-w-    C:\Windows\System32\cscript.exe
2014-04-07 00:46:17    150016    ----a-w-    C:\Windows\System32\wshom.ocx
2014-04-07 00:46:17    141824    ----a-w-    C:\Windows\SysWow64\wscript.exe
2014-04-07 00:46:17    126976    ----a-w-    C:\Windows\SysWow64\cscript.exe
2014-04-07 00:46:17    121856    ----a-w-    C:\Windows\SysWow64\wshom.ocx
2014-04-07 00:46:15    983488    ----a-w-    C:\Windows\System32\drivers\dxgkrnl.sys
2014-04-07 00:46:15    265064    ----a-w-    C:\Windows\System32\drivers\dxgmms1.sys
2014-04-07 00:46:15    144384    ----a-w-    C:\Windows\System32\cdd.dll
2014-04-07 00:43:01    509952    ----a-w-    C:\Windows\System32\ntshrui.dll
2014-04-07 00:43:01    442880    ----a-w-    C:\Windows\SysWow64\ntshrui.dll
2014-04-07 00:41:55    800768    ----a-w-    C:\Windows\System32\usp10.dll
2014-04-07 00:41:55    626688    ----a-w-    C:\Windows\SysWow64\usp10.dll
2014-04-07 00:41:51    288768    ----a-w-    C:\Windows\System32\drivers\mrxsmb10.sys
2014-04-07 00:41:51    158208    ----a-w-    C:\Windows\System32\drivers\mrxsmb.sys
2014-04-07 00:41:51    128000    ----a-w-    C:\Windows\System32\drivers\mrxsmb20.sys
2014-04-07 00:36:39    --------    d-----w-    C:\Users\User\AppData\Roaming\IDM
2014-04-07 00:36:39    --------    d-----w-    C:\ProgramData\IDM
2014-04-07 00:36:38    --------    d-----w-    C:\Users\User\AppData\Roaming\DMCache
2014-04-07 00:36:09    --------    d-----w-    C:\Program Files (x86)\Internet Download Manager
2014-04-07 00:35:19    395776    ----a-w-    C:\Windows\System32\webio.dll
2014-04-07 00:35:19    314880    ----a-w-    C:\Windows\SysWow64\webio.dll
2014-04-07 00:30:58    90624    ----a-w-    C:\Windows\System32\drivers\bowser.sys
2014-04-07 00:29:58    267776    ----a-w-    C:\Windows\System32\FXSCOVER.exe
2014-04-07 00:29:55    31232    ----a-w-    C:\Windows\SysWow64\prevhost.exe
2014-04-07 00:29:55    31232    ----a-w-    C:\Windows\System32\prevhost.exe
2014-04-07 00:29:52    64512    ----a-w-    C:\Windows\SysWow64\devobj.dll
2014-04-07 00:29:52    44544    ----a-w-    C:\Windows\SysWow64\devrtl.dll
2014-04-07 00:29:52    404480    ----a-w-    C:\Windows\System32\umpnpmgr.dll
2014-04-07 00:29:52    252928    ----a-w-    C:\Windows\SysWow64\drvinst.exe
2014-04-07 00:29:52    145920    ----a-w-    C:\Windows\SysWow64\cfgmgr32.dll
2014-04-07 00:29:47    27520    ----a-w-    C:\Windows\System32\drivers\Diskdump.sys
2014-04-07 00:25:21    --------    d-----w-    C:\Users\User\AppData\Local\Google
2014-04-07 00:24:17    --------    d-----w-    C:\Users\User\AppData\Local\Apps
2014-04-07 00:24:16    --------    d-----w-    C:\Users\User\AppData\Local\Deployment
2014-04-06 23:45:26    74512    ----a-w-    C:\Windows\System32\bdsandboxuiskin32.dll
2014-04-06 23:41:28    826880    ----a-w-    C:\Windows\SysWow64\rdpcore.dll
2014-04-06 23:41:28    1031680    ----a-w-    C:\Windows\System32\rdpcore.dll
2014-04-06 23:41:27    23552    ----a-w-    C:\Windows\System32\drivers\tdtcp.sys
2014-04-06 23:41:24    1395712    ----a-w-    C:\Windows\System32\mfc42.dll
2014-04-06 23:41:24    1359872    ----a-w-    C:\Windows\System32\mfc42u.dll
2014-04-06 23:41:24    1164288    ----a-w-    C:\Windows\SysWow64\mfc42u.dll
2014-04-06 23:41:24    1137664    ----a-w-    C:\Windows\SysWow64\mfc42.dll
2014-04-06 23:38:53    --------    d-----w-    C:\Windows\Panther
2014-04-06 23:38:50    566208    ----a-w-    C:\Windows\System32\winresume.efi
2014-04-06 23:38:49    605552    ----a-w-    C:\Windows\System32\winload.exe
2014-04-06 23:38:48    642944    ----a-w-    C:\Windows\System32\winload.efi
2014-04-06 23:38:48    518672    ----a-w-    C:\Windows\System32\winresume.exe
2014-04-06 23:38:48    20352    ----a-w-    C:\Windows\System32\kdusb.dll
2014-04-06 23:38:48    19328    ----a-w-    C:\Windows\System32\kd1394.dll
2014-04-06 23:38:48    17792    ----a-w-    C:\Windows\System32\kdcom.dll
2014-04-06 23:37:56    961024    ----a-w-    C:\Windows\System32\CPFilters.dll
2014-04-06 23:37:56    642048    ----a-w-    C:\Windows\SysWow64\CPFilters.dll
2014-04-06 23:37:55    850944    ----a-w-    C:\Windows\SysWow64\sbe.dll
2014-04-06 23:37:55    259072    ----a-w-    C:\Windows\System32\mpg2splt.ax
2014-04-06 23:37:55    199680    ----a-w-    C:\Windows\SysWow64\mpg2splt.ax
2014-04-06 23:37:55    1118720    ----a-w-    C:\Windows\System32\sbe.dll
2014-04-06 23:16:17    866604    ----a-w-    C:\ProgramData\1396824957.bdinstall.bin
2014-04-06 23:13:26    --------    d-----w-    C:\ProgramData\BDLogging
2014-04-06 23:12:53    74512    ----a-w-    C:\Windows\SysWow64\bdsandboxuiskin32.dll
2014-04-06 23:12:53    511328    ----a-w-    C:\Windows\capicom.dll
2014-04-06 23:12:46    261056    ----a-w-    C:\Windows\System32\drivers\avchv.sys
2014-04-06 22:57:09    84848    ----a-w-    C:\Windows\System32\BDSandBoxUISkin.dll
2014-04-06 22:57:09    34384    ----a-w-    C:\Windows\System32\BDSandBoxUH.dll
2014-04-06 18:35:21    2622464    ----a-w-    C:\Windows\System32\wucltux.dll
2014-04-06 18:34:27    99840    ----a-w-    C:\Windows\System32\wudriver.dll
2014-04-06 18:33:12    36864    ----a-w-    C:\Windows\System32\wuapp.exe
2014-04-06 18:33:12    186752    ----a-w-    C:\Windows\System32\wuwebv.dll
2014-04-06 18:27:25    878080    ----a-w-    C:\Windows\System32\advapi32.dll
2014-04-06 18:26:46    327168    ----a-w-    C:\Windows\System32\mswsock.dll
2014-04-06 18:26:46    288088    ----a-w-    C:\Windows\System32\drivers\FWPKCLNT.SYS
2014-04-06 18:26:46    231424    ----a-w-    C:\Windows\SysWow64\mswsock.dll
2014-04-06 18:26:46    1903552    ----a-w-    C:\Windows\System32\drivers\tcpip.sys
2014-04-06 18:26:23    68608    ----a-w-    C:\Windows\System32\taskhost.exe
2014-04-06 18:19:26    1887232    ----a-w-    C:\Windows\System32\d3d11.dll
2014-04-06 18:19:26    1505280    ----a-w-    C:\Windows\SysWow64\d3d11.dll
2014-04-06 16:58:54    --------    d-----w-    C:\Program Files\Windows Service
2014-04-06 12:48:08    --------    d-----w-    C:\Users\User\AppData\Local\ElevatedDiagnostics
2014-04-06 12:35:58    --------    d-----w-    C:\Users\User\AppData\Local\Adobe
2014-04-06 12:18:16    259889    ----a-w-    C:\ProgramData\1396786565.bdinstall.bin
2014-04-06 12:16:05    --------    d-----w-    C:\Users\User\AppData\Roaming\QuickScan
2014-04-06 12:15:17    --------    d-----w-    C:\Program Files\Common Files\Bitdefender
2014-04-06 12:15:10    --------    d-----w-    C:\Program Files (x86)\Common Files\Bitdefender
2014-04-06 09:19:30    --------    d-----w-    C:\Users\User\AppData\Local\Mozilla
2014-04-06 08:30:20    --------    d-----w-    C:\Users\User\AppData\Local\CyberLink
2014-04-06 08:19:07    --------    d-----w-    C:\Program Files (x86)\Microsoft Synchronization Services
2014-04-06 08:18:44    --------    d-----w-    C:\Windows\PCHEALTH
2014-04-06 08:18:44    --------    d-----w-    C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-04-06 08:17:05    --------    d-----w-    C:\Program Files (x86)\Microsoft Visual Studio 8
2014-04-06 08:16:18    --------    d-----w-    C:\Program Files (x86)\Microsoft Analysis Services
2014-04-06 08:16:07    20024    ----a-w-    C:\Windows\System32\drivers\iusb3hcs.sys
2014-04-06 08:15:38    --------    d-----w-    C:\Users\User\AppData\Local\Microsoft Help
2014-04-06 08:15:21    3868160    ----a-w-    C:\Windows\System32\drivers\athrx.sys
2014-04-06 08:14:52    1806592    ----a-w-    C:\Windows\System32\drivers\snp2uvc.sys
2014-04-06 08:14:48    40960    ----a-w-    C:\Windows\System32\drivers\sncduvc.sys
2014-04-06 08:14:34    30080    ----a-w-    C:\Windows\snuvcdsm.exe
2014-04-06 08:14:32    99712    ----a-w-    C:\Windows\PLFSetL.exe
2014-04-06 08:14:15    --------    d-----w-    C:\Program Files (x86)\NVIDIA Corporation
2014-04-06 08:14:01    877856    ----a-w-    C:\Windows\System32\nvvsvc.exe
2014-04-06 08:14:01    63776    ----a-w-    C:\Windows\System32\nvshext.dll
2014-04-06 08:14:01    3477280    ----a-w-    C:\Windows\System32\nvsvc64.dll
2014-04-06 08:14:01    2555680    ----a-w-    C:\Windows\System32\nvsvcr.dll
2014-04-06 08:14:00    6398240    ----a-w-    C:\Windows\System32\nvcpl.dll
2014-04-06 08:14:00    237856    ----a-w-    C:\Windows\System32\nvmctray.dll
2014-04-06 08:13:37    61216    ----a-w-    C:\Windows\System32\OpenCL.dll
2014-04-06 08:13:37    53024    ----a-w-    C:\Windows\SysWow64\OpenCL.dll
2014-04-06 08:12:51    --------    d-----w-    C:\ProgramData\NVIDIA Corporation
2014-04-06 08:12:43    --------    d-----w-    C:\Program Files\NVIDIA Corporation
2014-04-06 08:09:59    991816    ----a-w-    C:\Windows\System32\RtkApi64.dll
2014-04-06 08:08:46    435512    ----a-w-    C:\Windows\System32\drivers\k57nd60a.sys
2014-04-06 08:08:32    --------    d-----w-    C:\Program Files\CCleaner
2014-04-06 08:02:46    56344    ----a-w-    C:\Windows\System32\drivers\HECIx64.sys
2014-04-06 08:02:40    --------    d-----w-    C:\Program Files\AuthenTec
2014-04-06 08:02:38    1111856    ----a-w-    C:\Windows\System32\drivers\ATSwpWDF.sys
2014-04-06 08:02:36    1721576    ----a-w-    C:\Windows\System32\WdfCoinstaller01009.dll
2014-04-06 07:59:57    --------    d-sh--w-    C:\Windows\Installer
2014-04-06 07:59:40    --------    d-----w-    C:\ProgramData\Alwil Software
2014-04-06 07:46:02    --------    d-----w-    C:\Users\User\AppData\Local\VirtualStore
2014-04-03 13:43:33    175480    ----a-w-    C:\Windows\System32\drivers\idmwfp.sys
.
==================== Find3M  ====================
.
2014-04-06 18:27:25    859648    ----a-w-    C:\Windows\System32\tdh.dll
2014-04-06 18:23:29    9728    ---ha-w-    C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-31 01:35:08    270496    ------w-    C:\Windows\System32\MpSigStub.exe
2014-03-01 05:17:02    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-03-01 05:16:26    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-03-01 04:52:55    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2014-03-01 04:51:59    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-03-01 04:33:52    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-03-01 04:33:34    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-03-01 04:32:59    708608    ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-03-01 04:23:49    940032    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-01 04:11:20    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-03-01 03:54:33    5768704    ----a-w-    C:\Windows\System32\jscript9.dll
2014-03-01 03:52:43    61952    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-03-01 03:51:53    51200    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-03-01 03:38:26    112128    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-03-01 03:37:35    553472    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-03-01 03:35:11    2041856    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-03-01 03:14:15    4244480    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-03-01 03:10:28    2334208    ----a-w-    C:\Windows\System32\wininet.dll
2014-03-01 03:00:08    1964032    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-03-01 02:32:16    1820160    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-02-07 01:23:30    3156480    ----a-w-    C:\Windows\System32\win32k.sys
2014-02-04 02:32:22    1424384    ----a-w-    C:\Windows\System32\WindowsCodecs.dll
2014-02-04 02:32:12    624128    ----a-w-    C:\Windows\System32\qedit.dll
2014-02-04 02:04:22    1230336    ----a-w-    C:\Windows\SysWow64\WindowsCodecs.dll
2014-02-04 02:04:11    509440    ----a-w-    C:\Windows\SysWow64\qedit.dll
2014-01-29 02:32:18    484864    ----a-w-    C:\Windows\System32\wer.dll
2014-01-29 02:06:47    381440    ----a-w-    C:\Windows\SysWow64\wer.dll
2014-01-28 02:32:46    228864    ----a-w-    C:\Windows\System32\wwansvc.dll
.
============= FINISH:  7:27:41.10 ===============
 

 

 

Attached Files



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,761 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:51 PM

Posted 13 April 2014 - 06:55 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/530425 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 My.Rhapsodies12

My.Rhapsodies12
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:51 AM

Posted 15 April 2014 - 01:51 AM

Greetings,

 

I have reformatted my hard drive many times after malware infections. The original problem was my internet quota was used up although I did not really use it to download big files. I'm using a portawifi broadband modem and after the ordeal keeps repeating itself, I am not sure whether the settings of my broadband is still reliable or not. My friend tried to help by restoring my system to the original setting but it didn't work and now there's a bunch of files outside my C:users folder. He also tweaked some registry and some programmes but still it didn't work.

 

I was a kaspersky Internet Security before but now I'm using Bitdefender Total Security. After reformatting my hard drive many times, now I'm back to using 64-bit operating system of Windows 7 Home Premium. I don't have the original windows CD available.Thank you for helping me with this problem.

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17041
Run by User at 14:20:54 on 2014-04-15
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.1975.374 [GMT 8:00]
.
AV: Bitdefender Antivirus *Enabled/Updated* {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
SP: Bitdefender Antispyware *Enabled/Updated* {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall *Disabled* {A23392FD-84B9-F933-2C71-81E751F6EF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\snuvcdsm.exe
C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
C:\Program Files (x86)\Hostless Modem\Maxis Broadband\CheckNDISPort_df.exe
C:\Program Files (x86)\Hostless Modem\Maxis Broadband\CancelAutoPlay_df.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
C:\Program Files\Bitdefender\Bitdefender\seccenter.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Hostless Modem\Maxis Broadband\ShowTip.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com/
mStart Page = about:blank
mWinlogon: Userinit = userinit.exe
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: Bitdefender Wallet: {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
uRun: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
uRun: [Bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
uRun: [Bitdefender Wallet Application Agent] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [CheckNDISPortf0ac48] C:\Program Files (x86)\Hostless Modem\Maxis Broadband\CheckNDISPort_df.exe
mRun: [CancelAutoPlay_df] "C:\Program Files (x86)\Hostless Modem\Maxis Broadband\CancelAutoPlay_df.exe" run
dRun: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
dRun: [Bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
dRun: [Bitdefender Wallet Application Agent] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: Interfaces\{EC51F13A-B82D-4174-8740-647CCB5EBBFB} : DHCPNameServer = 192.168.0.1 192.168.0.1
TCP: Interfaces\{EC51F13A-B82D-4174-8740-647CCB5EBBFB}\3516E6364757D6 : DHCPNameServer = 192.168.0.1 192.168.0.1
TCP: Interfaces\{EC51F13A-B82D-4174-8740-647CCB5EBBFB}\45F6073507F647 : DHCPNameServer = 192.168.0.1 192.168.0.1
TCP: Interfaces\{EC51F13A-B82D-4174-8740-647CCB5EBBFB}\46C696E6B6 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{EC51F13A-B82D-4174-8740-647CCB5EBBFB}\47F6073505F445 : DHCPNameServer = 192.168.0.1 192.168.0.1
TCP: Interfaces\{EC51F13A-B82D-4174-8740-647CCB5EBBFB}\5334037383F5D4168796372427F616462616E646 : DHCPNameServer = 192.168.0.1 192.168.0.1
TCP: Interfaces\{EC51F13A-B82D-4174-8740-647CCB5EBBFB}\D4970244563656D6265627 : DHCPNameServer = 192.168.43.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
AppInit_DLLs=  
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
IFEO: bitguard.exe - tasklist.exe
IFEO: bprotect.exe - tasklist.exe
IFEO: bpsvc.exe - tasklist.exe
IFEO: browserdefender.exe - tasklist.exe
IFEO: browserprotect.exe - tasklist.exe
x64-mStart Page = about:blank
x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
x64-BHO: Bitdefender Wallet : {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll
x64-BHO: {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} - <orphaned>
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [SNUVCDSM] C:\Windows\snuvcdsm.exe
x64-Run: [Bdagent] "C:\Program Files\Bitdefender\Bitdefender\bdagent.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-IFEO: bitguard.exe - tasklist.exe
x64-IFEO: bprotect.exe - tasklist.exe
x64-IFEO: bpsvc.exe - tasklist.exe
x64-IFEO: browserdefender.exe - tasklist.exe
x64-IFEO: browserprotect.exe - tasklist.exe
.
Note: multiple IFEO entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\plxkpptm.default\
FF - prefs.js: browser.search.selectedEngine - default-search.net
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com.my/
FF - prefs.js: keyword.URL - hxxp://www.default-search.net/search?sid=476&aid=107&itype=n&ver=12302&tm=312&src=ds&p=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll
.
============= SERVICES / DRIVERS ===============
.
R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2014-4-9 893440]
R0 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2014-4-9 150256]
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2014-4-6 653296]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2014-4-6 28656]
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2014-4-6 20024]
R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [2014-4-9 93600]
R1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2014-4-9 103504]
R1 BDVEDISK;BDVEDISK;C:\Windows\System32\drivers\bdvedisk.sys [2014-4-9 76944]
R2 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2014-4-3 175480]
R2 SafeBox;SafeBox;C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe [2014-4-9 94624]
R2 UPDATESRV;Bitdefender Desktop Update Service;C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [2014-4-9 67320]
R3 ATSwpWDF;AuthenTec TruePrint WBF Driver;C:\Windows\System32\drivers\ATSwpWDF.sys [2014-4-6 1111856]
R3 avchv;avchv Function Driver;C:\Windows\System32\drivers\avchv.sys [2014-4-7 261056]
R3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2014-4-9 635392]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2014-4-6 56344]
R3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-14 292864]
R3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-14 1485312]
R3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-14 740864]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 bdfwfpf_pc;bdfwfpf_pc;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [2014-4-9 121928]
S3 BDSandBox;BDSandBox;C:\Windows\System32\drivers\bdsandbox.sys [2014-4-9 82824]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-4-9 111616]
S3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2014-4-6 435512]
S3 Sony PC Companion;Sony PC Companion;C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2014-4-14 155824]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-4-7 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S4 BdDesktopParental;Bitdefender Desktop Parental Control;C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [2014-4-9 77632]
.
=============== Created Last 30 ================
.
2014-04-13 18:58:35    --------    d-----w-    C:\Program Files (x86)\Sony
2014-04-12 00:49:26    10521840    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C3B04F9A-8A01-43F4-A440-C97EB87BA51E}\mpengine.dll
2014-04-09 10:59:20    --------    d-----w-    C:\Lyrics
2014-04-09 10:59:10    --------    d-----w-    C:\Users\User\AppData\Roaming\MiniLyrics
2014-04-09 10:58:39    --------    d-----w-    C:\Program Files (x86)\MiniLyrics
2014-04-09 10:24:55    --------    d-----w-    C:\Users\User\AppData\Roaming\Foxit Software
2014-04-09 10:24:03    --------    d-----w-    C:\Program Files (x86)\Foxit Software
2014-04-09 08:21:23    --------    d-----w-    C:\Users\User\AppData\Local\Macromedia
2014-04-09 08:15:59    70832    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-09 08:15:59    692400    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-04-09 08:13:05    --------    d-sh--w-    C:\Users\User\AppData\Local\EmieUserList
2014-04-09 08:13:05    --------    d-sh--w-    C:\Users\User\AppData\Local\EmieSiteList
2014-04-09 08:11:41    --------    d-----w-    C:\ProgramData\MindGems
2014-04-09 08:11:25    --------    d-----w-    C:\Users\User\AppData\Local\Programs
2014-04-09 07:32:39    --------    d-----w-    C:\Windows\SysWow64\SupportAppPBHostless Modem
2014-04-09 07:32:36    --------    d-----w-    C:\Program Files (x86)\Hostless Modem
2014-04-09 06:52:38    1684928    ----a-w-    C:\Windows\System32\drivers\ntfs.sys
2014-04-09 06:51:49    27584    ----a-w-    C:\Windows\System32\drivers\Diskdump.sys
2014-04-09 06:51:49    274880    ----a-w-    C:\Windows\System32\drivers\msiscsi.sys
2014-04-09 06:51:49    2048    ----a-w-    C:\Windows\SysWow64\iologmsg.dll
2014-04-09 06:51:49    2048    ----a-w-    C:\Windows\System32\iologmsg.dll
2014-04-09 06:51:49    190912    ----a-w-    C:\Windows\System32\drivers\storport.sys
2014-04-09 06:50:04    362496    ----a-w-    C:\Windows\System32\wow64win.dll
2014-04-09 06:50:04    243712    ----a-w-    C:\Windows\System32\wow64.dll
2014-04-09 06:50:03    7680    ----a-w-    C:\Windows\SysWow64\instnm.exe
2014-04-09 06:50:03    5120    ----a-w-    C:\Windows\SysWow64\wow32.dll
2014-04-09 06:50:03    25600    ----a-w-    C:\Windows\SysWow64\setup16.exe
2014-04-09 06:50:03    2048    ----a-w-    C:\Windows\SysWow64\user.exe
2014-04-09 06:50:03    16384    ----a-w-    C:\Windows\System32\ntvdm64.dll
2014-04-09 06:50:03    14336    ----a-w-    C:\Windows\SysWow64\ntvdm64.dll
2014-04-09 06:50:03    13312    ----a-w-    C:\Windows\System32\wow64cpu.dll
2014-04-08 22:48:18    10521840    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2014-04-08 18:12:17    966229    ----a-w-    C:\ProgramData\1396978910.bdinstall.bin
2014-04-08 18:04:22    76944    ----a-w-    C:\Windows\System32\drivers\bdvedisk.sys
2014-04-08 18:04:09    93600    ----a-w-    C:\Windows\System32\drivers\BdfNdisf6.sys
2014-04-08 18:04:08    82824    ----a-w-    C:\Windows\System32\drivers\bdsandbox.sys
2014-04-08 18:03:47    635392    ----a-w-    C:\Windows\System32\drivers\avckf.sys
2014-04-08 18:03:46    893440    ----a-w-    C:\Windows\System32\drivers\avc3.sys
2014-04-08 17:50:03    --------    d-----w-    C:\Users\User\AppData\Roaming\Bitdefender
2014-04-08 17:49:58    3271472    ---ha-w-    C:\bdr-bz01
2014-04-08 17:44:23    150256    ----a-w-    C:\Windows\System32\drivers\gzflt.sys
2014-04-08 17:44:21    389240    ----a-w-    C:\Windows\System32\drivers\trufos.sys
2014-04-08 17:24:17    62222    ----a-w-    C:\ProgramData\1396977825.bdinstall.bin
2014-04-08 17:11:14    319614    ----a-w-    C:\ProgramData\1396976262.bdinstall.bin
2014-04-08 17:11:14    --------    d-----w-    C:\Program Files\Bitdefender
2014-04-08 17:00:18    --------    d-----w-    C:\ProgramData\Bitdefender
2014-04-08 16:26:39    251874    ----a-w-    C:\ProgramData\1396974311.bdinstall.bin
2014-04-07 08:55:58    --------    d-----w-    C:\ProgramData\GRETECH
2014-04-07 07:57:12    --------    d-----w-    C:\Program Files (x86)\GRETECH
2014-04-07 07:04:42    --------    d-----w-    C:\Users\User\AppData\Local\Diagnostics
2014-04-07 04:29:33    2871808    ----a-w-    C:\Windows\explorer.exe
2014-04-07 04:29:33    2616320    ----a-w-    C:\Windows\SysWow64\explorer.exe
2014-04-07 04:28:58    2565632    ----a-w-    C:\Windows\System32\esent.dll
2014-04-07 04:28:57    96768    ----a-w-    C:\Windows\System32\fsutil.exe
2014-04-07 04:28:57    74240    ----a-w-    C:\Windows\SysWow64\fsutil.exe
2014-04-07 04:28:57    410496    ----a-w-    C:\Windows\System32\drivers\iaStorV.sys
2014-04-07 04:28:57    27008    ----a-w-    C:\Windows\System32\drivers\amdxata.sys
2014-04-07 04:28:57    1699328    ----a-w-    C:\Windows\SysWow64\esent.dll
2014-04-07 04:28:57    166272    ----a-w-    C:\Windows\System32\drivers\nvstor.sys
2014-04-07 04:28:57    148352    ----a-w-    C:\Windows\System32\drivers\nvraid.sys
2014-04-07 04:28:57    107904    ----a-w-    C:\Windows\System32\drivers\amdsata.sys
2014-04-07 04:28:47    67072    ----a-w-    C:\Windows\splwow64.exe
2014-04-07 04:28:47    559104    ----a-w-    C:\Windows\System32\spoolsv.exe
2014-04-07 04:01:21    --------    d-----w-    C:\Windows\Migration
2014-04-07 03:56:19    --------    d-----w-    C:\Windows\System32\MRT
2014-04-07 03:34:29    --------    d-----w-    C:\Windows\SysWow64\Wat
2014-04-07 03:34:27    --------    d-----w-    C:\Windows\System32\Wat
2014-04-07 02:51:34    2560    ----a-w-    C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2014-04-07 02:21:44    87040    ----a-w-    C:\Windows\System32\drivers\WUDFPf.sys
2014-04-07 02:21:44    198656    ----a-w-    C:\Windows\System32\drivers\WUDFRd.sys
2014-04-07 02:21:42    84992    ----a-w-    C:\Windows\System32\WUDFSvc.dll
2014-04-07 02:21:42    194048    ----a-w-    C:\Windows\System32\WUDFPlatform.dll
2014-04-07 02:21:40    744448    ----a-w-    C:\Windows\System32\WUDFx.dll
2014-04-07 02:21:40    45056    ----a-w-    C:\Windows\System32\WUDFCoinstaller.dll
2014-04-07 02:21:40    229888    ----a-w-    C:\Windows\System32\WUDFHost.exe
2014-04-07 02:15:46    5120    ----a-w-    C:\Windows\SysWow64\wmi.dll
2014-04-07 02:15:46    5120    ----a-w-    C:\Windows\System32\wmi.dll
2014-04-07 02:15:46    23408    ----a-w-    C:\Windows\System32\drivers\fs_rec.sys
2014-04-07 01:25:28    59392    ----a-w-    C:\Windows\System32\browcli.dll
2014-04-07 01:25:28    41984    ----a-w-    C:\Windows\SysWow64\browcli.dll
2014-04-07 01:25:28    136704    ----a-w-    C:\Windows\System32\browser.dll
2014-04-07 01:13:51    633856    ----a-w-    C:\Windows\System32\comctl32.dll
2014-04-07 01:13:51    530432    ----a-w-    C:\Windows\SysWow64\comctl32.dll
2014-04-07 01:11:52    886784    ----a-w-    C:\Program Files\Common Files\System\wab32.dll
2014-04-07 01:11:52    708608    ----a-w-    C:\Program Files (x86)\Common Files\System\wab32.dll
2014-04-07 01:11:12    142336    ----a-w-    C:\Windows\System32\poqexec.exe
2014-04-07 01:11:11    123904    ----a-w-    C:\Windows\SysWow64\poqexec.exe
2014-04-07 01:10:45    55296    ----a-w-    C:\Windows\System32\dhcpcsvc6.dll
2014-04-07 01:10:45    44032    ----a-w-    C:\Windows\SysWow64\dhcpcsvc6.dll
2014-04-07 01:10:45    226816    ----a-w-    C:\Windows\System32\dhcpcore6.dll
2014-04-07 01:10:45    193536    ----a-w-    C:\Windows\SysWow64\dhcpcore6.dll
2014-04-07 01:10:28    3717632    ----a-w-    C:\Windows\System32\mstscax.dll
2014-04-07 01:10:27    44032    ----a-w-    C:\Windows\System32\tsgqec.dll
2014-04-07 01:10:27    36864    ----a-w-    C:\Windows\SysWow64\tsgqec.dll
2014-04-07 01:10:27    3217408    ----a-w-    C:\Windows\SysWow64\mstscax.dll
2014-04-07 01:10:27    158720    ----a-w-    C:\Windows\System32\aaclient.dll
2014-04-07 01:10:27    131584    ----a-w-    C:\Windows\SysWow64\aaclient.dll
2014-04-07 01:08:50    224256    ----a-w-    C:\Windows\System32\wintrust.dll
2014-04-07 01:08:50    175104    ----a-w-    C:\Windows\SysWow64\wintrust.dll
2014-04-07 01:08:19    70144    ----a-w-    C:\Windows\System32\appinfo.dll
2014-04-07 01:08:19    111448    ----a-w-    C:\Windows\System32\consent.exe
2014-04-07 01:05:58    2048    ----a-w-    C:\Windows\SysWow64\msxml3r.dll
2014-04-07 01:05:58    2048    ----a-w-    C:\Windows\System32\msxml3r.dll
2014-04-07 01:05:58    1882112    ----a-w-    C:\Windows\System32\msxml3.dll
2014-04-07 01:05:58    1237504    ----a-w-    C:\Windows\SysWow64\msxml3.dll
2014-04-07 01:03:44    46080    ----a-w-    C:\Windows\System32\atmlib.dll
2014-04-07 01:00:57    99840    ----a-w-    C:\Windows\System32\drivers\usbccgp.sys
2014-04-07 01:00:57    7808    ----a-w-    C:\Windows\System32\drivers\usbd.sys
2014-04-07 01:00:57    53248    ----a-w-    C:\Windows\System32\drivers\usbehci.sys
2014-04-07 01:00:57    343040    ----a-w-    C:\Windows\System32\drivers\usbhub.sys
2014-04-07 01:00:57    325120    ----a-w-    C:\Windows\System32\drivers\usbport.sys
2014-04-07 01:00:12    41472    ----a-w-    C:\Windows\System32\drivers\rndismpx.sys
2014-04-07 01:00:12    19968    ----a-w-    C:\Windows\System32\drivers\usb8023x.sys
2014-04-07 01:00:12    19968    ----a-w-    C:\Windows\System32\drivers\usb8023.sys
2014-04-07 01:00:05    9728    ----a-w-    C:\Windows\System32\Wdfres.dll
2014-04-07 01:00:05    785624    ----a-w-    C:\Windows\System32\drivers\Wdf01000.sys
2014-04-07 01:00:05    54376    ----a-w-    C:\Windows\System32\drivers\WdfLdr.sys
2014-04-07 01:00:02    663552    ----a-w-    C:\Windows\SysWow64\rpcrt4.dll
2014-04-07 01:00:02    1217024    ----a-w-    C:\Windows\System32\rpcrt4.dll
2014-04-07 00:58:44    259584    ----a-w-    C:\Windows\System32\WebClnt.dll
2014-04-07 00:58:44    205824    ----a-w-    C:\Windows\SysWow64\WebClnt.dll
2014-04-07 00:58:43    81920    ----a-w-    C:\Windows\SysWow64\davclnt.dll
2014-04-07 00:58:43    140800    ----a-w-    C:\Windows\System32\drivers\mrxdav.sys
2014-04-07 00:58:43    102400    ----a-w-    C:\Windows\System32\davclnt.dll
2014-04-07 00:58:42    478208    ----a-w-    C:\Windows\System32\dpnet.dll
2014-04-07 00:58:42    376832    ----a-w-    C:\Windows\SysWow64\dpnet.dll
2014-04-07 00:58:38    2565120    ----a-w-    C:\Windows\System32\d3d10warp.dll
2014-04-07 00:58:38    1987584    ----a-w-    C:\Windows\SysWow64\d3d10warp.dll
2014-04-07 00:58:37    3928064    ----a-w-    C:\Windows\System32\d2d1.dll
2014-04-07 00:58:37    3419136    ----a-w-    C:\Windows\SysWow64\d2d1.dll
2014-04-07 00:51:59    715776    ----a-w-    C:\Windows\System32\kerberos.dll
2014-04-07 00:51:59    542208    ----a-w-    C:\Windows\SysWow64\kerberos.dll
2014-04-07 00:51:55    376768    ----a-w-    C:\Windows\System32\drivers\netio.sys
2014-04-07 00:48:51    936448    ----a-w-    C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-04-07 00:48:51    1732608    ----a-w-    C:\Program Files\Windows Journal\NBDoc.DLL
2014-04-07 00:48:51    1402880    ----a-w-    C:\Program Files\Windows Journal\JNWDRV.dll
2014-04-07 00:48:51    1393152    ----a-w-    C:\Program Files\Windows Journal\JNTFiltr.dll
2014-04-07 00:48:51    1367040    ----a-w-    C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2014-04-07 00:48:44    102608    ----a-w-    C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2014-04-07 00:48:43    124112    ----a-w-    C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2014-04-07 00:47:26    223752    ----a-w-    C:\Windows\System32\drivers\fvevol.sys
2014-04-07 00:47:25    503808    ----a-w-    C:\Windows\System32\srcore.dll
2014-04-07 00:47:25    43008    ----a-w-    C:\Windows\SysWow64\srclient.dll
2014-04-07 00:47:16    1192448    ----a-w-    C:\Windows\System32\certutil.exe
2014-04-07 00:47:15    903168    ----a-w-    C:\Windows\SysWow64\certutil.exe
2014-04-07 00:47:14    52224    ----a-w-    C:\Windows\System32\certenc.dll
2014-04-07 00:47:14    43008    ----a-w-    C:\Windows\SysWow64\certenc.dll
2014-04-07 00:46:17    202752    ----a-w-    C:\Windows\System32\scrrun.dll
2014-04-07 00:46:17    168960    ----a-w-    C:\Windows\System32\wscript.exe
2014-04-07 00:46:17    163840    ----a-w-    C:\Windows\SysWow64\scrrun.dll
2014-04-07 00:46:17    156160    ----a-w-    C:\Windows\System32\cscript.exe
2014-04-07 00:46:17    150016    ----a-w-    C:\Windows\System32\wshom.ocx
2014-04-07 00:46:17    141824    ----a-w-    C:\Windows\SysWow64\wscript.exe
2014-04-07 00:46:17    126976    ----a-w-    C:\Windows\SysWow64\cscript.exe
2014-04-07 00:46:17    121856    ----a-w-    C:\Windows\SysWow64\wshom.ocx
2014-04-07 00:46:15    983488    ----a-w-    C:\Windows\System32\drivers\dxgkrnl.sys
2014-04-07 00:46:15    265064    ----a-w-    C:\Windows\System32\drivers\dxgmms1.sys
2014-04-07 00:46:15    144384    ----a-w-    C:\Windows\System32\cdd.dll
2014-04-07 00:43:01    509952    ----a-w-    C:\Windows\System32\ntshrui.dll
2014-04-07 00:43:01    442880    ----a-w-    C:\Windows\SysWow64\ntshrui.dll
2014-04-07 00:41:55    800768    ----a-w-    C:\Windows\System32\usp10.dll
2014-04-07 00:41:55    626688    ----a-w-    C:\Windows\SysWow64\usp10.dll
2014-04-07 00:41:51    288768    ----a-w-    C:\Windows\System32\drivers\mrxsmb10.sys
2014-04-07 00:41:51    158208    ----a-w-    C:\Windows\System32\drivers\mrxsmb.sys
2014-04-07 00:41:51    128000    ----a-w-    C:\Windows\System32\drivers\mrxsmb20.sys
2014-04-07 00:36:39    --------    d-----w-    C:\Users\User\AppData\Roaming\IDM
2014-04-07 00:36:39    --------    d-----w-    C:\ProgramData\IDM
2014-04-07 00:36:38    --------    d-----w-    C:\Users\User\AppData\Roaming\DMCache
2014-04-07 00:36:09    --------    d-----w-    C:\Program Files (x86)\Internet Download Manager
2014-04-07 00:35:19    395776    ----a-w-    C:\Windows\System32\webio.dll
2014-04-07 00:35:19    314880    ----a-w-    C:\Windows\SysWow64\webio.dll
2014-04-07 00:30:58    90624    ----a-w-    C:\Windows\System32\drivers\bowser.sys
2014-04-07 00:29:58    267776    ----a-w-    C:\Windows\System32\FXSCOVER.exe
2014-04-07 00:29:55    31232    ----a-w-    C:\Windows\SysWow64\prevhost.exe
2014-04-07 00:29:55    31232    ----a-w-    C:\Windows\System32\prevhost.exe
2014-04-07 00:29:52    64512    ----a-w-    C:\Windows\SysWow64\devobj.dll
2014-04-07 00:29:52    44544    ----a-w-    C:\Windows\SysWow64\devrtl.dll
2014-04-07 00:29:52    404480    ----a-w-    C:\Windows\System32\umpnpmgr.dll
2014-04-07 00:29:52    252928    ----a-w-    C:\Windows\SysWow64\drvinst.exe
2014-04-07 00:29:52    145920    ----a-w-    C:\Windows\SysWow64\cfgmgr32.dll
2014-04-07 00:25:21    --------    d-----w-    C:\Users\User\AppData\Local\Google
2014-04-07 00:24:17    --------    d-----w-    C:\Users\User\AppData\Local\Apps
2014-04-07 00:24:16    --------    d-----w-    C:\Users\User\AppData\Local\Deployment
2014-04-06 23:45:26    74512    ----a-w-    C:\Windows\System32\bdsandboxuiskin32.dll
2014-04-06 23:41:28    826880    ----a-w-    C:\Windows\SysWow64\rdpcore.dll
2014-04-06 23:41:28    1031680    ----a-w-    C:\Windows\System32\rdpcore.dll
2014-04-06 23:41:27    23552    ----a-w-    C:\Windows\System32\drivers\tdtcp.sys
2014-04-06 23:41:24    1395712    ----a-w-    C:\Windows\System32\mfc42.dll
2014-04-06 23:41:24    1359872    ----a-w-    C:\Windows\System32\mfc42u.dll
2014-04-06 23:41:24    1164288    ----a-w-    C:\Windows\SysWow64\mfc42u.dll
2014-04-06 23:41:24    1137664    ----a-w-    C:\Windows\SysWow64\mfc42.dll
2014-04-06 23:38:53    --------    d-----w-    C:\Windows\Panther
2014-04-06 23:38:50    566208    ----a-w-    C:\Windows\System32\winresume.efi
2014-04-06 23:38:49    605552    ----a-w-    C:\Windows\System32\winload.exe
2014-04-06 23:38:48    642944    ----a-w-    C:\Windows\System32\winload.efi
2014-04-06 23:38:48    518672    ----a-w-    C:\Windows\System32\winresume.exe
2014-04-06 23:38:48    20352    ----a-w-    C:\Windows\System32\kdusb.dll
2014-04-06 23:38:48    19328    ----a-w-    C:\Windows\System32\kd1394.dll
2014-04-06 23:38:48    17792    ----a-w-    C:\Windows\System32\kdcom.dll
2014-04-06 23:37:56    961024    ----a-w-    C:\Windows\System32\CPFilters.dll
2014-04-06 23:37:56    642048    ----a-w-    C:\Windows\SysWow64\CPFilters.dll
2014-04-06 23:37:55    850944    ----a-w-    C:\Windows\SysWow64\sbe.dll
2014-04-06 23:37:55    259072    ----a-w-    C:\Windows\System32\mpg2splt.ax
2014-04-06 23:37:55    199680    ----a-w-    C:\Windows\SysWow64\mpg2splt.ax
2014-04-06 23:37:55    1118720    ----a-w-    C:\Windows\System32\sbe.dll
2014-04-06 23:16:17    866604    ----a-w-    C:\ProgramData\1396824957.bdinstall.bin
2014-04-06 23:13:26    --------    d-----w-    C:\ProgramData\BDLogging
2014-04-06 23:12:53    74512    ----a-w-    C:\Windows\SysWow64\bdsandboxuiskin32.dll
2014-04-06 23:12:53    511328    ----a-w-    C:\Windows\capicom.dll
2014-04-06 23:12:46    261056    ----a-w-    C:\Windows\System32\drivers\avchv.sys
2014-04-06 22:57:09    84848    ----a-w-    C:\Windows\System32\BDSandBoxUISkin.dll
2014-04-06 22:57:09    34384    ----a-w-    C:\Windows\System32\BDSandBoxUH.dll
2014-04-06 18:35:21    2622464    ----a-w-    C:\Windows\System32\wucltux.dll
2014-04-06 18:34:27    99840    ----a-w-    C:\Windows\System32\wudriver.dll
2014-04-06 18:33:12    36864    ----a-w-    C:\Windows\System32\wuapp.exe
2014-04-06 18:33:12    186752    ----a-w-    C:\Windows\System32\wuwebv.dll
2014-04-06 18:27:25    878080    ----a-w-    C:\Windows\System32\advapi32.dll
2014-04-06 18:27:25    859648    ----a-w-    C:\Windows\System32\tdh.dll
2014-04-06 18:27:25    640512    ----a-w-    C:\Windows\SysWow64\advapi32.dll
2014-04-06 18:27:25    619520    ----a-w-    C:\Windows\SysWow64\tdh.dll
2014-04-06 18:27:25    5549504    ----a-w-    C:\Windows\System32\ntoskrnl.exe
2014-04-06 18:27:25    3969472    ----a-w-    C:\Windows\SysWow64\ntkrnlpa.exe
2014-04-06 18:27:25    3914176    ----a-w-    C:\Windows\SysWow64\ntoskrnl.exe
2014-04-06 18:27:25    1732032    ----a-w-    C:\Windows\System32\ntdll.dll
2014-04-06 18:27:25    1292192    ----a-w-    C:\Windows\SysWow64\ntdll.dll
2014-04-06 18:26:46    327168    ----a-w-    C:\Windows\System32\mswsock.dll
2014-04-06 18:26:46    288088    ----a-w-    C:\Windows\System32\drivers\FWPKCLNT.SYS
2014-04-06 18:26:46    231424    ----a-w-    C:\Windows\SysWow64\mswsock.dll
2014-04-06 18:26:46    1903552    ----a-w-    C:\Windows\System32\drivers\tcpip.sys
2014-04-06 18:26:23    68608    ----a-w-    C:\Windows\System32\taskhost.exe
2014-04-06 18:19:26    1887232    ----a-w-    C:\Windows\System32\d3d11.dll
2014-04-06 18:19:26    1505280    ----a-w-    C:\Windows\SysWow64\d3d11.dll
2014-04-06 16:58:54    --------    d-----w-    C:\Program Files\Windows Service
2014-04-06 12:48:08    --------    d-----w-    C:\Users\User\AppData\Local\ElevatedDiagnostics
2014-04-06 12:35:58    --------    d-----w-    C:\Users\User\AppData\Local\Adobe
2014-04-06 12:18:16    259889    ----a-w-    C:\ProgramData\1396786565.bdinstall.bin
2014-04-06 12:16:05    --------    d-----w-    C:\Users\User\AppData\Roaming\QuickScan
2014-04-06 12:15:17    --------    d-----w-    C:\Program Files\Common Files\Bitdefender
2014-04-06 12:15:10    --------    d-----w-    C:\Program Files (x86)\Common Files\Bitdefender
2014-04-06 09:19:30    --------    d-----w-    C:\Users\User\AppData\Local\Mozilla
2014-04-06 08:30:20    --------    d-----w-    C:\Users\User\AppData\Local\CyberLink
2014-04-06 08:19:07    --------    d-----w-    C:\Program Files (x86)\Microsoft Synchronization Services
2014-04-06 08:18:44    --------    d-----w-    C:\Windows\PCHEALTH
2014-04-06 08:18:44    --------    d-----w-    C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-04-06 08:17:05    --------    d-----w-    C:\Program Files (x86)\Microsoft Visual Studio 8
2014-04-06 08:16:18    --------    d-----w-    C:\Program Files (x86)\Microsoft Analysis Services
2014-04-06 08:16:07    20024    ----a-w-    C:\Windows\System32\drivers\iusb3hcs.sys
2014-04-06 08:15:38    --------    d-----w-    C:\Users\User\AppData\Local\Microsoft Help
2014-04-06 08:15:21    3868160    ----a-w-    C:\Windows\System32\drivers\athrx.sys
2014-04-06 08:14:52    1806592    ----a-w-    C:\Windows\System32\drivers\snp2uvc.sys
2014-04-06 08:14:48    40960    ----a-w-    C:\Windows\System32\drivers\sncduvc.sys
2014-04-06 08:14:34    30080    ----a-w-    C:\Windows\snuvcdsm.exe
2014-04-06 08:14:32    99712    ----a-w-    C:\Windows\PLFSetL.exe
2014-04-06 08:14:15    --------    d-----w-    C:\Program Files (x86)\NVIDIA Corporation
2014-04-06 08:14:01    877856    ----a-w-    C:\Windows\System32\nvvsvc.exe
2014-04-06 08:14:01    63776    ----a-w-    C:\Windows\System32\nvshext.dll
2014-04-06 08:14:01    3477280    ----a-w-    C:\Windows\System32\nvsvc64.dll
2014-04-06 08:14:01    2555680    ----a-w-    C:\Windows\System32\nvsvcr.dll
2014-04-06 08:14:00    6398240    ----a-w-    C:\Windows\System32\nvcpl.dll
2014-04-06 08:14:00    237856    ----a-w-    C:\Windows\System32\nvmctray.dll
2014-04-06 08:13:37    61216    ----a-w-    C:\Windows\System32\OpenCL.dll
2014-04-06 08:13:37    53024    ----a-w-    C:\Windows\SysWow64\OpenCL.dll
2014-04-06 08:12:51    --------    d-----w-    C:\ProgramData\NVIDIA Corporation
2014-04-06 08:12:43    --------    d-----w-    C:\Program Files\NVIDIA Corporation
2014-04-06 08:09:59    991816    ----a-w-    C:\Windows\System32\RtkApi64.dll
2014-04-06 08:08:46    435512    ----a-w-    C:\Windows\System32\drivers\k57nd60a.sys
2014-04-06 08:08:32    --------    d-----w-    C:\Program Files\CCleaner
2014-04-06 08:02:46    56344    ----a-w-    C:\Windows\System32\drivers\HECIx64.sys
2014-04-06 08:02:40    --------    d-----w-    C:\Program Files\AuthenTec
2014-04-06 08:02:38    1111856    ----a-w-    C:\Windows\System32\drivers\ATSwpWDF.sys
2014-04-06 08:02:36    1721576    ----a-w-    C:\Windows\System32\WdfCoinstaller01009.dll
2014-04-06 07:59:57    --------    d-sh--w-    C:\Windows\Installer
2014-04-06 07:59:40    --------    d-----w-    C:\ProgramData\Alwil Software
2014-04-06 07:46:02    --------    d-----w-    C:\Users\User\AppData\Local\VirtualStore
2014-04-03 13:43:33    175480    ----a-w-    C:\Windows\System32\drivers\idmwfp.sys
.
==================== Find3M  ====================
.
2014-04-06 18:23:29    9728    ---ha-w-    C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-31 01:35:08    270496    ------w-    C:\Windows\System32\MpSigStub.exe
2014-03-06 09:32:16    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-03-06 09:31:33    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-03-06 08:59:04    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2014-03-06 08:57:34    548352    ----a-w-    C:\Windows\System32\vbscript.dll
2014-03-06 08:57:20    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-03-06 08:32:07    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-03-06 08:29:40    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-03-06 08:29:14    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-03-06 08:28:15    752640    ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-03-06 08:15:54    940032    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-06 08:11:41    5784064    ----a-w-    C:\Windows\System32\jscript9.dll
2014-03-06 08:02:34    61952    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-03-06 08:02:33    455168    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-03-06 08:01:01    51200    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-03-06 07:56:43    38400    ----a-w-    C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-03-06 07:46:36    4254720    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-03-06 07:38:13    112128    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-03-06 07:36:40    592896    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-03-06 07:13:43    32256    ----a-w-    C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-06 07:11:15    2043904    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-03-06 06:40:39    1967104    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-03-06 06:22:40    2260480    ----a-w-    C:\Windows\System32\wininet.dll
2014-03-06 05:41:49    1789440    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-03-04 09:17:05    44032    ----a-w-    C:\Windows\apppatch\acwow64.dll
2014-02-07 01:23:30    3156480    ----a-w-    C:\Windows\System32\win32k.sys
2014-02-04 02:32:22    1424384    ----a-w-    C:\Windows\System32\WindowsCodecs.dll
2014-02-04 02:32:12    624128    ----a-w-    C:\Windows\System32\qedit.dll
2014-02-04 02:04:22    1230336    ----a-w-    C:\Windows\SysWow64\WindowsCodecs.dll
2014-02-04 02:04:11    509440    ----a-w-    C:\Windows\SysWow64\qedit.dll
2014-01-29 02:32:18    484864    ----a-w-    C:\Windows\System32\wer.dll
2014-01-29 02:06:47    381440    ----a-w-    C:\Windows\SysWow64\wer.dll
2014-01-28 02:32:46    228864    ----a-w-    C:\Windows\System32\wwansvc.dll
.
============= FINISH: 14:22:23.35 ===============
 

Attached Files



#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:51 PM

Posted 15 April 2014 - 08:57 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).
  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the correct version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.

Let me know what problem persists.

#5 My.Rhapsodies12

My.Rhapsodies12
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:51 AM

Posted 16 April 2014 - 05:22 AM

Before I begin, thank you for your assistance. I really appreciate it. Back to the topic, I had to run two scans using Malwarebytes because during the first scan, the program was cancelled after not responding. So I enclose both logs below for your perusal. Another persistent problem is that every time I restart my laptop, the display settings are different as if I were using another user account  in my laptop. Other than that, my bitdefender total security is acting weird at times - instead of operating in autopilot, it is operating in user mode even though I have set a password. Last but not least, I am not really sure why mozilla firefox always redirects my search from http to https and my google homepage has weird alphabets after .com. Is that normal?

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 4/16/2014
Scan Time: 4:38:37 PM
Logfile: one.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.04.16.04
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: User

Scan Type: Threat Scan
Result: Cancelled
Objects Scanned: 33817
Time Elapsed: 3 min, 5 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 2
PUP.Optional.Linkey.A, HKU\S-1-5-21-1994508450-2691115098-2183105878-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}, Quarantined, [a75da18a750603335b93080b89799868],
PUP.Optional.Linkey.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}, Quarantined, [a75da18a750603335b93080b89799868],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 4/16/2014
Scan Time: 4:51:21 PM
Logfile: two.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.04.16.04
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: User

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 268092
Time Elapsed: 12 min, 6 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 2
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\SYSTEMK\General, Quarantined, [52ae19e78e7214ec5078b8b57a88a25e],
PUP.Optional.Softonic.A, HKU\S-1-5-21-1994508450-2691115098-2183105878-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, Quarantined, [38c8eb15ee1238c8baf4bbaefb072fd1],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 1
PUP.Optional.DefaultSearch.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml, Quarantined, [34cc2ad6ca36ae52d8e8cf9e07fbf10f],

Physical Sectors: 0
(No malicious items detected)


(end)

 

 

 

 

# AdwCleaner v3.023 - Report created 16/04/2014 at 17:22:50
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : User - MYSANCTUARY
# Running from : C:\Users\User\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Deleted : HKCU\Software\Softonic

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v28.0 (en-US)

[ File : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\wl5z8jmm.default-1397589509359\prefs.js ]


*************************

AdwCleaner[R0].txt - [1298 octets] - [16/04/2014 17:16:00]
AdwCleaner[R1].txt - [1358 octets] - [16/04/2014 17:20:48]
AdwCleaner[S0].txt - [1247 octets] - [16/04/2014 17:22:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1307 octets] ##########
 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-04-2014
Ran by User (administrator) on MYSANCTUARY on 16-04-2014 17:36:43
Running from C:\Users\User\Desktop\the folder
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\snuvcdsm.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
() C:\Program Files (x86)\Hostless Modem\Maxis Broadband\CheckNDISPort_df.exe
() C:\Program Files (x86)\Hostless Modem\Maxis Broadband\CancelAutoPlay_df.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13286472 2013-02-19] (Realtek Semiconductor)
HKLM\...\Run: [SNUVCDSM] => C:\Windows\snuvcdsm.exe [30080 2010-01-13] ()
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1742064 2014-03-25] (Bitdefender)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [CheckNDISPortf0ac48] => C:\Program Files (x86)\Hostless Modem\Maxis Broadband\CheckNDISPort_df.exe [419072 2013-05-13] ()
HKLM-x32\...\Run: [CancelAutoPlay_df] => C:\Program Files (x86)\Hostless Modem\Maxis Broadband\CancelAutoPlay_df.exe [440648 2013-05-13] ()
HKU\.DEFAULT\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [567888 2014-03-19] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1001536 2014-03-15] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614232 2014-03-19] (Bitdefender)
HKU\S-1-5-19\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-21-1994508450-2691115098-2183105878-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3829328 2014-03-18] (Tonec Inc.)
HKU\S-1-5-21-1994508450-2691115098-2183105878-1000\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1001536 2014-03-15] (Bitdefender)
HKU\S-1-5-21-1994508450-2691115098-2183105878-1000\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614232 2014-03-19] (Bitdefender)
HKU\S-1-5-21-1994508450-2691115098-2183105878-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-1994508450-2691115098-2183105878-1001\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~2\Linkey\IEEXTE~1\iedll64.dll => C:\PROGRA~2\Linkey\IEEXTE~1\iedll64.dll File Not Found
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe

==================== Internet (Whitelisted) ====================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO: Bitdefender Wallet  - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO-x32: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\wl5z8jmm.default-1397589509359
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-04-09]
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\ []
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-04-09]
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\User\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\User\AppData\Roaming\IDM\idmmzcc5 [2014-04-07]
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\User\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\User\AppData\Roaming\IDM\idmmzcc5 [2014-04-07]

==================== Services (Whitelisted) =================

S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2013-11-21] (Bitdefender)
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-07] (Bitdefender)
R2 vsserv; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1523728 2014-03-24] (Bitdefender)

==================== Drivers (Whitelisted) ====================

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [893440 2013-12-02] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [635392 2013-12-02] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-02-22] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-02-04] (Intel Corporation)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [119512 2014-04-16] (Malwarebytes Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806592 2010-01-13] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-08-07] (BitDefender S.R.L.)
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-16 17:35 - 2014-04-16 17:36 - 00000000 ____D () C:\FRST
2014-04-16 17:32 - 2014-04-16 17:36 - 00000000 ____D () C:\Users\User\Desktop\the folder
2014-04-16 17:15 - 2014-04-16 17:22 - 00000000 ____D () C:\AdwCleaner
2014-04-16 17:15 - 2014-04-16 17:15 - 01426178 _____ () C:\Users\User\Desktop\adwcleaner.exe
2014-04-16 16:58 - 2014-04-16 16:58 - 00001479 _____ () C:\Users\User\Desktop\two.txt
2014-04-16 16:58 - 2014-04-16 16:58 - 00001467 _____ () C:\Users\User\Desktop\one.txt
2014-04-16 16:56 - 2014-04-16 16:56 - 00001482 _____ () C:\Users\User\Desktop\mydata.txt
2014-04-16 16:56 - 2014-04-16 16:56 - 00001480 _____ () C:\Users\User\Desktop\data.txt
2014-04-16 16:34 - 2014-04-16 16:39 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-16 16:34 - 2014-04-16 16:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-16 16:34 - 2014-04-16 16:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-16 16:34 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-16 16:34 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-16 16:34 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-16 16:32 - 2014-04-16 16:33 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\User\Desktop\mbam-setup-2.0.1.1004.exe
2014-04-16 16:32 - 2014-04-16 16:32 - 00006892 _____ () C:\Users\User\Documents\Siti Nurhaliza.txt
2014-04-16 01:43 - 2014-04-16 02:28 - 00000056 _____ () C:\Windows\system32\bdsandbox.txt
2014-04-15 21:56 - 2014-04-16 17:24 - 00001242 _____ () C:\Windows\setupact.log
2014-04-15 21:56 - 2014-04-15 21:56 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-15 20:57 - 2014-04-16 17:01 - 00001062 _____ () C:\Windows\PFRO.log
2014-04-14 05:52 - 2014-04-14 05:53 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc
2014-04-09 18:59 - 2014-04-09 19:44 - 00000000 ____D () C:\Users\User\AppData\Roaming\MiniLyrics
2014-04-09 18:59 - 2014-04-09 18:59 - 00000000 ____D () C:\Lyrics
2014-04-09 18:58 - 2014-04-09 18:58 - 00000000 ____D () C:\Program Files (x86)\MiniLyrics
2014-04-09 18:25 - 2014-04-09 18:25 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-04-09 18:24 - 2014-04-09 18:25 - 00000000 ____D () C:\Users\User\AppData\Roaming\Foxit Software
2014-04-09 18:24 - 2014-04-09 18:24 - 00000000 ____D () C:\Program Files (x86)\Foxit Software
2014-04-09 16:21 - 2014-04-09 16:21 - 00000000 ____D () C:\Users\User\AppData\Roaming\Macromedia
2014-04-09 16:21 - 2014-04-09 16:21 - 00000000 ____D () C:\Users\User\AppData\Local\Macromedia
2014-04-09 16:15 - 2014-04-09 16:19 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-09 16:15 - 2014-04-09 16:19 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-09 16:15 - 2014-04-09 16:15 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-04-09 16:15 - 2014-04-09 16:15 - 00000000 ____D () C:\Windows\system32\Macromed
2014-04-09 16:13 - 2014-04-09 16:13 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieUserList
2014-04-09 16:13 - 2014-04-09 16:13 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieSiteList
2014-04-09 16:11 - 2014-04-09 16:11 - 00000000 ____D () C:\ProgramData\MindGems
2014-04-09 16:07 - 2014-04-09 16:07 - 00000000 ____H () C:\Users\User\Documents\Default.rdp
2014-04-09 15:32 - 2014-04-09 15:32 - 00001970 _____ () C:\Users\Public\Desktop\Maxis Broadband.lnk
2014-04-09 15:32 - 2014-04-09 15:32 - 00000000 ____D () C:\Windows\SysWOW64\SupportAppPBHostless Modem
2014-04-09 15:32 - 2014-04-09 15:32 - 00000000 ____D () C:\Program Files (x86)\Hostless Modem
2014-04-09 14:58 - 2014-03-06 18:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-09 14:58 - 2014-03-06 17:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-09 14:58 - 2014-03-06 17:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-09 14:58 - 2014-03-06 17:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-09 14:58 - 2014-03-06 16:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-09 14:58 - 2014-03-06 16:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-09 14:58 - 2014-03-06 16:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-09 14:58 - 2014-03-06 16:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-09 14:58 - 2014-03-06 16:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-09 14:58 - 2014-03-06 16:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-09 14:58 - 2014-03-06 16:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-09 14:58 - 2014-03-06 16:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-09 14:58 - 2014-03-06 16:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-09 14:58 - 2014-03-06 16:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-09 14:58 - 2014-03-06 16:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-09 14:58 - 2014-03-06 16:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-09 14:58 - 2014-03-06 16:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-09 14:58 - 2014-03-06 16:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-09 14:58 - 2014-03-06 16:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-09 14:58 - 2014-03-06 16:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-09 14:58 - 2014-03-06 16:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-09 14:58 - 2014-03-06 16:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-09 14:58 - 2014-03-06 15:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-09 14:58 - 2014-03-06 15:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-09 14:58 - 2014-03-06 15:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-09 14:58 - 2014-03-06 15:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-09 14:58 - 2014-03-06 15:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-09 14:58 - 2014-03-06 15:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-09 14:58 - 2014-03-06 15:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-09 14:58 - 2014-03-06 15:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-09 14:58 - 2014-03-06 15:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-09 14:58 - 2014-03-06 15:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-09 14:58 - 2014-03-06 15:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-09 14:58 - 2014-03-06 15:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-09 14:58 - 2014-03-06 15:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-09 14:58 - 2014-03-06 15:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-09 14:58 - 2014-03-06 15:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-09 14:58 - 2014-03-06 15:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-09 14:58 - 2014-03-06 14:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-09 14:58 - 2014-03-06 14:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-09 14:58 - 2014-03-06 14:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-09 14:58 - 2014-03-06 14:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-09 14:58 - 2014-03-06 14:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-09 14:58 - 2014-03-06 13:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-09 14:58 - 2014-03-06 13:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-09 14:58 - 2014-03-06 13:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-09 14:58 - 2014-03-06 13:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-09 14:58 - 2014-03-06 13:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-09 14:52 - 2014-01-24 10:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-09 14:51 - 2014-02-04 10:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 14:51 - 2014-02-04 10:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 14:51 - 2014-02-04 10:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 14:51 - 2014-02-04 10:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 14:51 - 2014-02-04 10:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 14:50 - 2014-03-04 17:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 14:50 - 2014-03-04 17:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 14:50 - 2014-03-04 17:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 14:50 - 2014-03-04 17:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 14:50 - 2014-03-04 17:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 14:50 - 2014-03-04 17:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 14:50 - 2014-03-04 17:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 14:50 - 2014-03-04 17:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 14:50 - 2014-03-04 17:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 14:50 - 2014-03-04 16:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 14:50 - 2014-03-04 16:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 06:52 - 2014-04-16 01:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-09 02:12 - 2014-04-09 02:12 - 00966229 _____ () C:\ProgramData\1396978910.bdinstall.bin
2014-04-09 02:05 - 2014-04-09 02:05 - 00002190 _____ () C:\Users\Public\Desktop\Bitdefender Safepay.lnk
2014-04-09 02:05 - 2014-04-09 02:05 - 00002071 _____ () C:\Users\Public\Desktop\Bitdefender Total Security.lnk
2014-04-09 02:05 - 2014-04-09 02:05 - 00000684 ____H () C:\bdr-cf01
2014-04-09 02:04 - 2013-11-04 15:47 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2014-04-09 02:04 - 2013-02-22 18:46 - 00093600 _____ (BitDefender LLC) C:\Windows\system32\Drivers\BdfNdisf6.sys
2014-04-09 02:04 - 2012-04-17 13:34 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2014-04-09 02:03 - 2013-12-02 11:58 - 00635392 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2014-04-09 02:03 - 2013-12-02 11:56 - 00893440 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2014-04-09 01:50 - 2014-04-09 06:35 - 00000000 ____D () C:\Users\User\AppData\Roaming\Bitdefender
2014-04-09 01:49 - 2014-04-09 02:05 - 00253404 ____H () C:\bdr-ld01
2014-04-09 01:49 - 2014-04-09 02:05 - 00009216 ____H () C:\bdr-ld01.mbr
2014-04-09 01:49 - 2013-09-24 15:38 - 46879860 ____H () C:\bdr-im01.gz
2014-04-09 01:49 - 2013-08-13 12:38 - 03271472 ____H () C:\bdr-bz01
2014-04-09 01:48 - 2014-04-09 01:48 - 00134312 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-09 01:44 - 2013-08-23 12:48 - 00150256 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2014-04-09 01:44 - 2013-08-07 12:46 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-04-09 01:24 - 2014-04-09 01:24 - 00062222 _____ () C:\ProgramData\1396977825.bdinstall.bin
2014-04-09 01:11 - 2014-04-09 01:50 - 00000000 ____D () C:\Program Files\Bitdefender
2014-04-09 01:11 - 2014-04-09 01:11 - 00319614 _____ () C:\ProgramData\1396976262.bdinstall.bin
2014-04-09 01:00 - 2014-04-09 02:06 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-04-09 00:26 - 2014-04-09 00:26 - 00251874 _____ () C:\ProgramData\1396974311.bdinstall.bin
2014-04-08 23:06 - 2014-04-09 00:03 - 00000000 ____D () C:\Windows\Minidump
2014-04-08 19:02 - 2014-04-08 19:02 - 00000017 _____ () C:\Users\User\AppData\Local\resmon.resmoncfg
2014-04-07 16:55 - 2014-04-07 16:55 - 00000000 ____D () C:\ProgramData\GRETECH
2014-04-07 16:48 - 2014-04-07 16:48 - 00000983 _____ () C:\Users\Public\Desktop\Winamp.lnk
2014-04-07 16:47 - 2014-04-16 16:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\Winamp
2014-04-07 16:47 - 2014-04-09 14:50 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-04-07 16:40 - 2014-04-15 23:09 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-07 16:25 - 2014-04-07 16:25 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-04-07 16:14 - 2014-04-09 14:34 - 00000000 ____D () C:\Users\User\AppData\Roaming\GRETECH
2014-04-07 16:14 - 2014-04-07 16:14 - 00001213 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2014-04-07 16:14 - 2014-04-07 16:14 - 00001189 _____ () C:\Users\Public\Desktop\GOM Player.lnk
2014-04-07 15:57 - 2014-04-09 14:32 - 00000000 ____D () C:\Program Files (x86)\GRETECH
2014-04-07 12:29 - 2011-02-25 14:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-04-07 12:29 - 2011-02-25 13:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-04-07 12:28 - 2012-02-11 14:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-04-07 12:28 - 2012-02-11 14:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2014-04-07 12:28 - 2011-03-11 14:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-04-07 12:28 - 2011-03-11 14:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-04-07 12:28 - 2011-03-11 14:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-04-07 12:28 - 2011-03-11 14:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-04-07 12:28 - 2011-03-11 14:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-04-07 12:28 - 2011-03-11 14:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-04-07 12:28 - 2011-03-11 14:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-04-07 12:28 - 2011-03-11 13:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2014-04-07 12:28 - 2011-03-11 13:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2014-04-07 12:28 - 2011-03-11 12:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-04-07 12:05 - 2014-04-07 12:34 - 00774004 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-04-07 11:56 - 2014-04-09 14:57 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-07 11:56 - 2014-04-09 14:55 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-07 10:21 - 2012-07-26 11:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-04-07 10:21 - 2012-07-26 11:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-04-07 10:21 - 2012-07-26 11:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-04-07 10:21 - 2012-07-26 11:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-04-07 10:21 - 2012-07-26 11:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-04-07 10:21 - 2012-07-26 10:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-04-07 10:21 - 2012-07-26 10:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-04-07 10:21 - 2012-06-02 22:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-04-07 10:15 - 2012-03-01 14:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-04-07 10:15 - 2012-03-01 14:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-04-07 10:15 - 2012-03-01 13:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2014-04-07 09:54 - 2014-04-07 09:54 - 00000385 _____ () C:\Users\User\AppData\Roaminguser_gensett.xml
2014-04-07 09:52 - 2014-04-07 09:52 - 00000385 _____ () C:\Windows\system32\user_gensett.xml
2014-04-07 09:31 - 2013-08-02 10:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-04-07 09:31 - 2013-08-02 10:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-04-07 09:31 - 2013-08-02 10:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-04-07 09:31 - 2013-08-02 10:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-04-07 09:31 - 2013-08-02 10:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 10:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 10:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 10:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 10:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 10:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 10:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 10:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 10:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 10:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 10:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 10:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 10:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 10:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 10:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 09:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-04-07 09:31 - 2013-08-02 09:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-04-07 09:31 - 2013-08-02 09:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 09:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 09:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 09:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 09:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 09:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 09:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 09:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 09:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 09:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 09:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 09:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 09:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 09:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-04-07 09:31 - 2013-08-02 08:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-04-07 09:31 - 2013-08-02 08:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 08:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 08:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-04-07 09:31 - 2013-08-02 08:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-04-07 09:25 - 2012-07-05 06:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-04-07 09:25 - 2012-07-05 06:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-04-07 09:25 - 2012-07-05 06:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-04-07 09:25 - 2012-07-05 05:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-04-07 09:25 - 2012-07-05 05:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-04-07 09:14 - 2014-01-28 10:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-04-07 09:14 - 2013-10-30 10:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-04-07 09:14 - 2013-10-30 10:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-04-07 09:14 - 2013-03-19 13:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-04-07 09:14 - 2011-06-16 13:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-04-07 09:14 - 2011-06-16 12:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2014-04-07 09:14 - 2011-06-15 18:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-04-07 09:14 - 2011-06-15 18:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-04-07 09:14 - 2011-06-15 18:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-04-07 09:14 - 2011-06-15 18:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-04-07 09:14 - 2011-06-15 16:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2014-04-07 09:14 - 2011-06-15 16:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2014-04-07 09:14 - 2011-06-15 16:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2014-04-07 09:14 - 2011-06-15 16:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2014-04-07 09:14 - 2011-06-15 16:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2014-04-07 09:13 - 2013-07-04 20:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-04-07 09:13 - 2013-07-04 19:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-04-07 09:11 - 2011-04-09 14:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-04-07 09:11 - 2011-04-09 13:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-04-07 09:10 - 2013-02-15 14:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-04-07 09:10 - 2013-02-15 14:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-07 09:10 - 2013-02-15 14:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-04-07 09:10 - 2013-02-15 12:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-07 09:10 - 2013-02-15 12:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-04-07 09:10 - 2013-02-15 11:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-04-07 09:10 - 2012-10-10 02:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-04-07 09:10 - 2012-10-10 02:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-04-07 09:10 - 2012-10-10 01:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-04-07 09:10 - 2012-10-10 01:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-04-07 09:08 - 2013-07-09 13:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-04-07 09:08 - 2013-07-09 12:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-04-07 09:08 - 2013-02-27 14:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-04-07 09:08 - 2013-02-27 13:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-04-07 09:06 - 2014-01-29 10:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-04-07 09:06 - 2014-01-29 10:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-04-07 09:06 - 2013-11-24 02:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-04-07 09:06 - 2013-11-24 01:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-04-07 09:06 - 2013-11-12 10:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-04-07 09:06 - 2013-11-12 10:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-04-07 09:06 - 2013-10-19 10:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-04-07 09:06 - 2013-10-19 09:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-04-07 09:06 - 2013-10-06 04:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-04-07 09:06 - 2013-10-06 03:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-04-07 09:06 - 2013-07-09 13:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-04-07 09:06 - 2013-07-09 13:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-04-07 09:06 - 2013-07-09 12:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-04-07 09:06 - 2013-07-09 12:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-04-07 09:05 - 2013-12-06 10:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-04-07 09:05 - 2013-12-06 10:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-04-07 09:05 - 2013-12-06 10:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-04-07 09:05 - 2013-12-06 10:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-04-07 09:04 - 2014-02-07 09:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-07 09:04 - 2013-10-04 10:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-04-07 09:04 - 2013-10-04 10:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-04-07 09:04 - 2013-10-04 10:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-04-07 09:04 - 2013-10-04 10:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-04-07 09:04 - 2013-10-04 09:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-04-07 09:04 - 2013-10-04 09:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-04-07 09:04 - 2013-10-04 09:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-04-07 09:04 - 2013-10-04 09:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-04-07 09:04 - 2013-09-28 09:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-04-07 09:03 - 2013-12-04 10:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-04-07 09:03 - 2013-12-04 10:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-04-07 09:03 - 2013-12-04 10:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-04-07 09:03 - 2013-12-04 10:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-04-07 09:03 - 2013-12-04 10:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-04-07 09:03 - 2013-12-04 10:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-04-07 09:03 - 2013-12-04 10:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-04-07 09:03 - 2013-12-04 10:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-04-07 09:03 - 2013-12-04 10:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-04-07 09:03 - 2013-12-04 10:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-04-07 09:03 - 2013-12-04 10:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-04-07 09:03 - 2013-12-04 10:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-04-07 09:03 - 2013-12-04 10:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-04-07 09:03 - 2013-12-04 10:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-04-07 09:03 - 2013-12-04 09:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-04-07 09:03 - 2013-12-04 09:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-04-07 09:03 - 2013-12-04 09:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-04-07 09:03 - 2013-12-04 09:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-04-07 09:03 - 2013-09-25 10:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-04-07 09:03 - 2013-09-25 10:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-04-07 09:03 - 2013-09-25 10:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-04-07 09:03 - 2013-09-25 10:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-04-07 09:03 - 2013-09-25 10:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-04-07 09:03 - 2013-09-25 10:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-04-07 09:03 - 2013-09-25 10:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-04-07 09:03 - 2013-09-25 10:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-04-07 09:03 - 2013-09-25 09:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-04-07 09:03 - 2013-09-25 09:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-04-07 09:03 - 2013-09-25 09:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-04-07 09:03 - 2013-09-25 09:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-04-07 09:03 - 2013-09-25 09:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-04-07 09:03 - 2013-07-04 20:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-04-07 09:03 - 2013-06-06 13:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-04-07 09:03 - 2013-06-06 13:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-04-07 09:03 - 2013-06-06 13:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-04-07 09:03 - 2013-06-06 13:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-04-07 09:03 - 2013-06-06 12:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-04-07 09:03 - 2013-06-06 12:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-04-07 09:03 - 2013-06-06 12:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-04-07 09:03 - 2013-06-06 11:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-04-07 09:03 - 2013-06-06 11:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-04-07 09:03 - 2013-06-06 11:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-04-07 09:00 - 2013-11-27 09:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-04-07 09:00 - 2013-11-27 09:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-04-07 09:00 - 2013-11-27 09:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-04-07 09:00 - 2013-11-27 09:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-04-07 09:00 - 2013-11-27 09:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-04-07 09:00 - 2013-07-09 13:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-04-07 09:00 - 2013-07-09 12:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-04-07 09:00 - 2013-06-26 06:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-04-07 09:00 - 2013-02-12 12:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023x.sys
2014-04-07 09:00 - 2013-02-12 12:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-04-07 09:00 - 2012-11-29 06:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-04-07 09:00 - 2012-11-29 06:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-04-07 09:00 - 2012-11-29 06:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-04-07 09:00 - 2012-07-05 04:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rndismpx.sys
2014-04-07 08:59 - 2013-07-12 18:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-04-07 08:59 - 2013-07-12 18:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-04-07 08:59 - 2013-07-03 12:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-04-07 08:59 - 2013-07-03 12:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-04-07 08:59 - 2012-11-01 13:43 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-04-07 08:59 - 2012-11-01 12:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-04-07 08:59 - 2012-10-04 01:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-04-07 08:59 - 2012-10-04 01:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-04-07 08:59 - 2012-10-04 01:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-04-07 08:59 - 2012-10-04 01:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-04-07 08:59 - 2012-10-04 01:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-04-07 08:59 - 2012-10-04 01:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-04-07 08:59 - 2012-10-04 00:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2014-04-07 08:59 - 2012-10-04 00:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2014-04-07 08:59 - 2012-10-04 00:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2014-04-07 08:59 - 2012-10-04 00:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-04-07 08:59 - 2012-01-13 15:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2014-04-07 08:58 - 2013-12-25 07:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-04-07 08:58 - 2013-12-25 06:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-04-07 08:58 - 2013-11-26 16:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-04-07 08:58 - 2013-11-23 06:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-04-07 08:58 - 2013-07-04 20:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-04-07 08:58 - 2013-07-04 20:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-04-07 08:58 - 2013-07-04 19:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-04-07 08:58 - 2013-07-04 19:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-04-07 08:58 - 2013-07-04 18:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-04-07 08:58 - 2012-11-02 13:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-04-07 08:58 - 2012-11-02 13:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-04-07 08:56 - 2013-06-15 12:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-04-07 08:56 - 2012-12-07 21:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-04-07 08:56 - 2012-12-07 21:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-04-07 08:56 - 2012-12-07 20:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-04-07 08:56 - 2012-12-07 20:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-04-07 08:56 - 2012-12-07 19:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-04-07 08:56 - 2012-12-07 19:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-04-07 08:56 - 2012-12-07 19:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-04-07 08:56 - 2012-12-07 19:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-04-07 08:56 - 2012-12-07 19:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-04-07 08:56 - 2012-12-07 19:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-04-07 08:56 - 2012-12-07 19:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-04-07 08:56 - 2012-12-07 19:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-04-07 08:56 - 2012-12-07 19:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-04-07 08:56 - 2012-12-07 19:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-04-07 08:56 - 2012-12-07 19:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-04-07 08:56 - 2012-12-07 19:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-04-07 08:56 - 2012-12-07 19:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-04-07 08:56 - 2012-12-07 19:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-04-07 08:56 - 2012-12-07 18:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2014-04-07 08:56 - 2012-12-07 18:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2014-04-07 08:56 - 2012-12-07 18:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2014-04-07 08:56 - 2012-12-07 18:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2014-04-07 08:56 - 2012-12-07 18:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2014-04-07 08:56 - 2012-12-07 18:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2014-04-07 08:56 - 2012-12-07 18:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2014-04-07 08:56 - 2012-12-07 18:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2014-04-07 08:56 - 2012-12-07 18:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2014-04-07 08:56 - 2012-12-07 18:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2014-04-07 08:56 - 2012-12-07 18:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2014-04-07 08:56 - 2012-12-07 18:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2014-04-07 08:56 - 2012-12-07 18:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2014-04-07 08:56 - 2012-12-07 18:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2014-04-07 08:51 - 2013-11-26 19:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-04-07 08:51 - 2012-08-11 08:56 - 00715776 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-04-07 08:51 - 2012-08-11 07:56 - 00542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-04-07 08:49 - 2014-02-04 10:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-04-07 08:49 - 2014-02-04 10:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-04-07 08:49 - 2013-10-03 10:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-04-07 08:49 - 2013-10-03 10:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-04-07 08:49 - 2013-07-26 10:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-04-07 08:49 - 2013-07-26 10:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-04-07 08:49 - 2013-07-26 09:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-04-07 08:49 - 2013-07-26 09:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-04-07 08:49 - 2013-05-10 13:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-04-07 08:49 - 2013-05-10 11:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-04-07 08:49 - 2013-04-26 13:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-04-07 08:49 - 2013-04-26 12:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-04-07 08:49 - 2012-09-26 06:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-04-07 08:49 - 2012-09-26 06:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-04-07 08:48 - 2013-07-20 18:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-04-07 08:48 - 2013-07-20 18:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-04-07 08:47 - 2013-05-13 13:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-04-07 08:47 - 2013-05-13 11:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-04-07 08:47 - 2013-05-13 11:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-04-07 08:47 - 2013-05-13 11:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-04-07 08:47 - 2013-01-24 14:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-04-07 08:47 - 2012-05-05 16:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-04-07 08:47 - 2012-05-05 15:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-04-07 08:46 - 2013-10-12 10:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-04-07 08:46 - 2013-10-12 10:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-04-07 08:46 - 2013-10-12 10:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-04-07 08:46 - 2013-10-12 10:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-04-07 08:46 - 2013-10-12 09:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-04-07 08:46 - 2013-10-12 09:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-04-07 08:46 - 2013-10-12 09:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-04-07 08:46 - 2013-10-12 09:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-04-07 08:46 - 2013-08-01 20:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-04-07 08:46 - 2013-04-10 14:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-04-07 08:46 - 2011-02-03 19:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-04-07 08:45 - 2014-02-04 10:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-04-07 08:45 - 2014-02-04 10:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-04-07 08:45 - 2014-01-01 07:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-04-07 08:45 - 2014-01-01 07:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-04-07 08:45 - 2013-10-12 10:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-04-07 08:45 - 2013-10-12 10:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-04-07 08:45 - 2013-10-12 10:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-04-07 08:45 - 2013-10-12 10:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-04-07 08:45 - 2013-10-12 10:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-04-07 08:45 - 2013-08-28 09:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-04-07 08:45 - 2013-04-10 07:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-04-07 08:45 - 2013-04-03 06:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-04-07 08:45 - 2011-10-26 13:25 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-04-07 08:45 - 2011-10-26 13:25 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-04-07 08:45 - 2011-10-26 12:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-04-07 08:45 - 2011-10-26 12:32 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-04-07 08:43 - 2012-01-04 18:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-04-07 08:43 - 2012-01-04 16:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2014-04-07 08:42 - 2013-07-25 17:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-04-07 08:42 - 2013-07-25 16:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-04-07 08:42 - 2011-05-04 13:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-04-07 08:42 - 2011-05-04 13:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-04-07 08:42 - 2011-05-04 13:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-04-07 08:42 - 2011-05-04 13:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-04-07 08:42 - 2011-05-04 13:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-04-07 08:42 - 2011-05-04 13:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-04-07 08:42 - 2011-05-04 13:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-04-07 08:42 - 2011-05-04 13:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-04-07 08:42 - 2011-05-04 13:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-04-07 08:42 - 2011-05-04 12:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2014-04-07 08:42 - 2011-05-04 12:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2014-04-07 08:42 - 2011-05-04 12:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2014-04-07 08:42 - 2011-05-04 12:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2014-04-07 08:42 - 2011-05-04 12:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2014-04-07 08:42 - 2011-05-04 12:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2014-04-07 08:42 - 2011-05-04 12:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-04-07 08:42 - 2011-05-04 12:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-04-07 08:42 - 2011-05-04 12:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2014-04-07 08:41 - 2012-11-22 13:44 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-04-07 08:41 - 2012-11-22 12:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-04-07 08:41 - 2011-07-09 10:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-04-07 08:41 - 2011-04-27 10:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-04-07 08:41 - 2011-04-27 10:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-04-07 08:36 - 2014-04-16 16:59 - 00000000 ____D () C:\Users\User\AppData\Roaming\DMCache
2014-04-07 08:36 - 2014-04-16 00:54 - 00000000 ____D () C:\Users\User\AppData\Roaming\IDM
2014-04-07 08:36 - 2014-04-15 12:39 - 00000000 ____D () C:\Users\User\Downloads\Compressed
2014-04-07 08:36 - 2014-04-09 14:50 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2014-04-07 08:36 - 2014-04-09 14:50 - 00000000 ____D () C:\Program Files (x86)\Internet Download Manager
2014-04-07 08:36 - 2014-04-07 08:36 - 00000000 ____D () C:\Users\User\Downloads\Video
2014-04-07 08:36 - 2014-04-07 08:36 - 00000000 ____D () C:\ProgramData\IDM
2014-04-07 08:35 - 2011-11-17 14:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-04-07 08:35 - 2011-11-17 13:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2014-04-07 08:34 - 2013-08-05 10:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-04-07 08:34 - 2012-08-23 02:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-04-07 08:34 - 2012-08-22 05:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2014-04-07 08:34 - 2012-07-05 04:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-04-07 08:34 - 2012-06-06 14:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-04-07 08:34 - 2012-06-06 13:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2014-04-07 08:34 - 2012-04-26 13:41 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-04-07 08:34 - 2012-04-26 13:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-04-07 08:34 - 2012-04-26 13:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-04-07 08:34 - 2012-03-17 15:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-04-07 08:30 - 2012-05-14 13:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-04-07 08:30 - 2012-05-01 13:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-04-07 08:30 - 2012-04-28 11:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-04-07 08:30 - 2012-04-07 20:31 - 03216384 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-04-07 08:30 - 2012-04-07 19:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-04-07 08:30 - 2011-12-30 14:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-04-07 08:30 - 2011-12-30 13:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2014-04-07 08:30 - 2011-12-16 16:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-04-07 08:30 - 2011-12-16 15:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2014-04-07 08:30 - 2011-11-19 22:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-04-07 08:30 - 2011-11-19 22:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-04-07 08:30 - 2011-10-15 14:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-04-07 08:30 - 2011-10-15 13:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-04-07 08:30 - 2011-08-27 13:37 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-04-07 08:30 - 2011-08-27 13:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-04-07 08:30 - 2011-08-27 12:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-04-07 08:30 - 2011-08-27 12:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-04-07 08:30 - 2011-08-17 13:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-04-07 08:30 - 2011-08-17 13:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-04-07 08:30 - 2011-08-17 12:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-04-07 08:30 - 2011-08-17 12:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2014-04-07 08:30 - 2011-05-03 13:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-04-07 08:30 - 2011-05-03 12:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-04-07 08:30 - 2011-04-29 11:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-04-07 08:30 - 2011-04-29 11:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-04-07 08:30 - 2011-04-29 11:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-04-07 08:30 - 2011-03-03 14:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-04-07 08:30 - 2011-03-03 14:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-04-07 08:30 - 2011-03-03 14:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-04-07 08:30 - 2011-03-03 13:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-04-07 08:30 - 2011-03-03 13:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2014-04-07 08:30 - 2011-02-23 12:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-04-07 08:29 - 2011-05-24 19:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-04-07 08:29 - 2011-05-24 18:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2014-04-07 08:29 - 2011-05-24 18:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2014-04-07 08:29 - 2011-05-24 18:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2014-04-07 08:29 - 2011-05-24 18:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-04-07 08:29 - 2011-02-18 18:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-04-07 08:29 - 2011-02-18 13:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2014-04-07 08:29 - 2011-02-12 19:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-04-07 08:25 - 2014-04-09 06:48 - 00000000 ____D () C:\Users\User\AppData\Local\Google
2014-04-07 08:24 - 2014-04-09 14:50 - 00000000 ____D () C:\Users\User\AppData\Local\Apps\2.0
2014-04-07 08:24 - 2014-04-07 08:25 - 00000000 ____D () C:\Users\User\AppData\Local\Deployment
2014-04-07 07:45 - 2014-04-07 07:45 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-04-07 07:41 - 2012-02-17 14:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-04-07 07:41 - 2012-02-17 13:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-04-07 07:41 - 2012-02-17 12:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-04-07 07:41 - 2011-03-11 14:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-04-07 07:41 - 2011-03-11 14:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-04-07 07:41 - 2011-03-11 13:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2014-04-07 07:41 - 2011-03-11 13:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2014-04-07 07:38 - 2014-04-07 03:01 - 00000000 ____D () C:\Windows\Panther
2014-04-07 07:38 - 2011-02-06 01:10 - 00642944 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-04-07 07:38 - 2011-02-06 01:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2014-04-07 07:38 - 2011-02-06 01:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2014-04-07 07:38 - 2011-02-06 01:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2014-04-07 07:38 - 2011-02-06 01:06 - 00605552 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-04-07 07:38 - 2011-02-06 01:06 - 00566208 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-04-07 07:38 - 2011-02-06 01:06 - 00518672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-04-07 07:37 - 2010-12-23 18:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-04-07 07:37 - 2010-12-23 18:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-04-07 07:37 - 2010-12-23 18:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-04-07 07:37 - 2010-12-23 13:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2014-04-07 07:37 - 2010-12-23 13:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2014-04-07 07:37 - 2010-12-23 13:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2014-04-07 07:16 - 2014-04-07 07:16 - 00866604 _____ () C:\ProgramData\1396824957.bdinstall.bin
2014-04-07 07:13 - 2014-04-07 07:18 - 00000000 ____D () C:\ProgramData\BDLogging
2014-04-07 07:13 - 2014-04-07 07:13 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-04-07 07:12 - 2013-11-04 15:47 - 00074512 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2014-04-07 07:12 - 2012-11-02 13:17 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2014-04-07 07:12 - 2007-04-11 10:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2014-04-07 06:57 - 2013-11-04 15:47 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUISkin.dll
2014-04-07 06:57 - 2013-11-04 15:46 - 00034384 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUH.dll
2014-04-07 06:41 - 2014-04-07 06:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-04-07 02:35 - 2012-06-03 06:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-04-07 02:35 - 2012-06-03 06:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-04-07 02:35 - 2012-06-03 06:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-04-07 02:35 - 2012-06-03 06:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-04-07 02:34 - 2012-06-03 06:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-04-07 02:34 - 2012-06-03 06:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-04-07 02:34 - 2012-06-03 06:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-04-07 02:33 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-04-07 02:33 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-04-07 02:32 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-04-07 02:29 - 2014-04-07 02:29 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-04-07 02:29 - 2014-04-07 02:29 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-07 02:29 - 2014-04-07 02:29 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-07 02:29 - 2014-04-07 02:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-04-07 02:29 - 2014-04-07 02:29 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-07 02:29 - 2014-04-07 02:29 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-04-07 02:29 - 2014-04-07 02:29 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-07 02:29 - 2014-04-07 02:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-04-07 02:29 - 2014-04-07 02:29 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-07 02:29 - 2014-04-07 02:29 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-07 02:29 - 2014-04-07 02:29 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-07 02:29 - 2014-04-07 02:29 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-04-07 02:29 - 2014-04-07 02:29 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-04-07 02:29 - 2014-04-07 02:29 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-04-07 02:29 - 2014-04-07 02:29 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-07 02:29 - 2014-04-07 02:29 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-04-07 02:29 - 2014-04-07 02:29 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-07 02:29 - 2014-04-07 02:29 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-04-07 02:27 - 2014-04-07 02:27 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-04-07 02:27 - 2014-04-07 02:27 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-04-07 02:27 - 2014-04-07 02:27 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-04-07 02:27 - 2014-04-07 02:27 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-04-07 02:27 - 2014-04-07 02:27 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-04-07 02:27 - 2014-04-07 02:27 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-04-07 02:27 - 2014-04-07 02:27 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-04-07 02:27 - 2014-04-07 02:27 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-04-07 02:27 - 2014-04-07 02:27 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-04-07 02:26 - 2014-04-07 02:26 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-04-07 02:26 - 2014-04-07 02:26 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-04-07 02:26 - 2014-04-07 02:26 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-04-07 02:26 - 2014-04-07 02:26 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-04-07 02:26 - 2014-04-07 02:26 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-04-07 02:23 - 2014-04-07 02:23 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-04-07 02:19 - 2014-04-07 02:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-04-07 02:19 - 2014-04-07 02:19 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-04-07 00:58 - 2014-04-09 15:31 - 00000000 ____D () C:\Program Files\Windows Service
2014-04-06 23:56 - 2014-04-16 17:35 - 01496950 _____ () C:\Windows\WindowsUpdate.log
2014-04-06 20:35 - 2014-04-09 16:22 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2014-04-06 20:35 - 2014-04-09 14:34 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe
2014-04-06 20:18 - 2014-04-06 20:18 - 00259889 _____ () C:\ProgramData\1396786565.bdinstall.bin
2014-04-06 20:16 - 2014-04-06 20:16 - 00000000 ____D () C:\Users\User\AppData\Roaming\QuickScan
2014-04-06 20:15 - 2014-04-09 01:44 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-04-06 17:19 - 2014-04-16 01:26 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mozilla
2014-04-06 17:19 - 2014-04-06 23:52 - 00000000 ____D () C:\Users\User\AppData\Local\Mozilla
2014-04-06 17:19 - 2014-04-06 17:19 - 10485760 _____ () C:\Users\places.sqlite
2014-04-06 17:19 - 2014-04-06 17:19 - 05242880 _____ () C:\Users\urlclassifier3.sqlite
2014-04-06 17:19 - 2014-04-06 17:19 - 00640950 _____ () C:\Users\startupCache.4.little
2014-04-06 17:19 - 2014-04-06 17:19 - 00524288 _____ () C:\Users\cookies.sqlite
2014-04-06 17:19 - 2014-04-06 17:19 - 00458752 _____ () C:\Users\extensions.sqlite
2014-04-06 17:19 - 2014-04-06 17:19 - 00327680 _____ () C:\Users\signons.sqlite
2014-04-06 17:19 - 2014-04-06 17:19 - 00262144 _____ () C:\Users\index.sqlite
2014-04-06 17:19 - 2014-04-06 17:19 - 00229376 _____ () C:\Users\content-prefs.sqlite
2014-04-06 17:19 - 2014-04-06 17:19 - 00196608 _____ () C:\Users\formhistory.sqlite
2014-04-06 17:19 - 2014-04-06 17:19 - 00102288 _____ () C:\Users\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000002.db
2014-04-06 17:19 - 2014-04-06 17:19 - 00098304 _____ () C:\Users\webappsstore.sqlite
2014-04-06 17:19 - 2014-04-06 17:19 - 00098304 _____ () C:\Users\chromeappsstore.sqlite
2014-04-06 17:19 - 2014-04-06 17:19 - 00070212 _____ () C:\Users\_CACHE_003_
2014-04-06 17:19 - 2014-04-06 17:19 - 00065536 _____ () C:\Users\permissions.sqlite
2014-04-06 17:19 - 2014-04-06 17:19 - 00065536 _____ () C:\Users\cert8.db
2014-04-06 17:19 - 2014-04-06 17:19 - 00025978 _____ () C:\Users\_CACHE_001_
2014-04-06 17:19 - 2014-04-06 17:19 - 00016384 _____ () C:\Users\secmod.db
2014-04-06 17:19 - 2014-04-06 17:19 - 00016384 _____ () C:\Users\key3.db
2014-04-06 17:19 - 2014-04-06 17:19 - 00011759 _____ () C:\Users\search.json
2014-04-06 17:19 - 2014-04-06 17:19 - 00008468 _____ () C:\Users\_CACHE_MAP_
2014-04-06 17:19 - 2014-04-06 17:19 - 00007587 _____ () C:\Users\_CACHE_002_
2014-04-06 17:19 - 2014-04-06 17:19 - 00003137 _____ () C:\Users\bookmarks-2014-04-06.json
2014-04-06 17:19 - 2014-04-06 17:19 - 00002096 _____ () C:\Users\prefs.js
2014-04-06 17:19 - 2014-04-06 17:19 - 00001098 _____ () C:\Users\sessionstore.js
2014-04-06 17:19 - 2014-04-06 17:19 - 00001022 _____ () C:\Users\localstore.rdf
2014-04-06 17:19 - 2014-04-06 17:19 - 00000222 _____ () C:\Users\compatibility.ini
2014-04-06 17:19 - 2014-04-06 17:19 - 00000133 _____ () C:\Users\extensions.ini
2014-04-06 17:19 - 2014-04-06 17:19 - 00000111 _____ () C:\Users\profiles.ini
2014-04-06 17:19 - 2014-04-06 17:19 - 00000032 _____ () C:\Users\urlclassifier.pset
2014-04-06 17:19 - 2014-04-06 17:19 - 00000010 _____ () C:\Users\InstallTime20121010144125
2014-04-06 17:19 - 2014-04-06 17:19 - 00000000 _____ () C:\Users\parent.lock
2014-04-06 17:15 - 2014-04-06 17:15 - 00000342 ____S () C:\Users\94308059B57B3142E455B38A6EB92015
2014-04-06 16:30 - 2014-04-09 14:34 - 00000000 ____D () C:\Users\User\AppData\Local\CyberLink
2014-04-06 16:30 - 2014-04-09 14:34 - 00000000 ____D () C:\Users\Public\CyberLink
2014-04-06 16:30 - 2014-04-09 07:01 - 00000000 ____D () C:\Users\User\Documents\Youcam
2014-04-06 16:30 - 2014-04-06 16:30 - 00100256 _____ () C:\Users\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000001.db
2014-04-06 16:30 - 2014-04-06 16:30 - 00016384 _____ () C:\Users\cversions.1.db
2014-04-06 16:30 - 2014-04-06 16:30 - 00003913 _____ () C:\Users\subsys.cache
2014-04-06 16:30 - 2014-04-06 16:30 - 00002552 _____ () C:\Users\ManualOrder_Gadget.xml
2014-04-06 16:30 - 2014-04-06 16:30 - 00002346 _____ () C:\Users\ManualOrder_Emotion.xml
2014-04-06 16:30 - 2014-04-06 16:30 - 00001578 _____ () C:\Users\ManualOrder_Avatar.xml
2014-04-06 16:30 - 2014-04-06 16:30 - 00001331 _____ () C:\Users\ManualOrder_Filter.xml
2014-04-06 16:30 - 2014-04-06 16:30 - 00001234 _____ () C:\Users\ManualOrder_Distortion.xml
2014-04-06 16:30 - 2014-04-06 16:30 - 00001158 _____ () C:\Users\ManualOrder_FunnyScene.xml
2014-04-06 16:30 - 2014-04-06 16:30 - 00001129 _____ () C:\Users\YouCam(Webcam).lnk
2014-04-06 16:30 - 2014-04-06 16:30 - 00001125 _____ () C:\Users\ManualOrder_Frame.xml
2014-04-06 16:30 - 2014-04-06 16:30 - 00000068 _____ () C:\Users\build.ini
2014-04-06 16:30 - 2014-04-06 16:30 - 00000066 _____ () C:\Users\koan.ini
2014-04-06 16:30 - 2014-04-06 16:30 - 00000012 _____ () C:\Users\version.dat
2014-04-06 16:30 - 2014-04-06 16:30 - 00000004 _____ () C:\Users\hw.ini
2014-04-06 16:30 - 2014-04-06 16:30 - 00000000 ____D () C:\Users\User\AppData\Roaming\WinRAR
2014-04-06 16:30 - 2014-04-06 16:30 - 00000000 ____D () C:\Users\User\AppData\Roaming\CyberLink
2014-04-06 16:30 - 2009-06-11 13:15 - 11648096 ____H (CyberLink Corp.) C:\Users\YouCamDiskMemory.tmp
2014-04-06 16:27 - 2014-04-06 16:27 - 00020520 _____ () C:\Users\Normal.dotm
2014-04-06 16:27 - 2014-04-06 16:27 - 00001080 _____ () C:\Users\Templates.LNK
2014-04-06 16:26 - 2014-04-15 19:21 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-06 16:26 - 2014-04-09 14:50 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2014-04-06 16:26 - 2014-04-09 14:50 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2014-04-06 16:26 - 2014-04-09 14:50 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2014-04-06 16:26 - 2014-04-09 14:50 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2014-04-06 16:26 - 2014-04-06 16:29 - 00001121 _____ () C:\Users\User\Desktop\CyberLink YouCam.lnk
2014-04-06 16:26 - 2014-04-06 16:26 - 00001449 _____ () C:\Users\YouCam Help.lnk
2014-04-06 16:26 - 2014-04-06 16:26 - 00001449 _____ () C:\Users\Readme.lnk
2014-04-06 16:26 - 2014-04-06 16:26 - 00001368 _____ () C:\Users\OnLine Registration.lnk
2014-04-06 16:26 - 2014-04-06 16:26 - 00001223 _____ () C:\Users\CyberLink YouCam Mirror.lnk
2014-04-06 16:26 - 2014-04-06 16:26 - 00001139 _____ () C:\Users\UpdatusUser\Desktop\CyberLink YouCam.lnk
2014-04-06 16:26 - 2014-04-06 16:26 - 00001139 _____ () C:\Users\Default\Desktop\CyberLink YouCam.lnk
2014-04-06 16:26 - 2014-04-06 16:26 - 00001139 _____ () C:\Users\Default User\Desktop\CyberLink YouCam.lnk
2014-04-06 16:26 - 2014-04-06 16:26 - 00001139 _____ () C:\Users\CyberLink YouCam.lnk
2014-04-06 16:26 - 2014-04-06 16:26 - 00000000 _____ () C:\Users\WindowsUpdate.log
2014-04-06 16:24 - 2014-04-06 16:24 - 00108840 _____ () C:\Users\GDIPFONTCACHEV1.DAT
2014-04-06 16:24 - 2014-04-06 16:24 - 00037762 _____ () C:\Users\MSO1033.acl
2014-04-06 16:24 - 2014-04-06 16:24 - 00000002 _____ () C:\Users\CUSTOM.DIC
2014-04-06 16:24 - 2010-01-09 20:24 - 04187307 _____ () C:\Users\Built-In Building Blocks.dotx
2014-04-06 16:19 - 2014-04-06 16:19 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2014-04-06 16:18 - 2014-04-06 16:18 - 00000000 ____D () C:\Windows\PCHEALTH
2014-04-06 16:18 - 2014-04-06 16:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Sync Framework
2014-04-06 16:18 - 2014-04-06 16:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-04-06 16:17 - 2014-04-09 14:51 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-04-06 16:17 - 2014-04-06 16:17 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-04-06 16:16 - 2014-04-06 16:16 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2014-04-06 16:16 - 2014-04-06 16:16 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-04-06 16:16 - 2014-04-06 16:16 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-04-06 16:16 - 2012-12-04 09:21 - 00020024 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hcs.sys
2014-04-06 16:15 - 2014-04-06 16:22 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-06 16:15 - 2014-04-06 16:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-04-06 16:15 - 2014-04-06 16:15 - 00000000 __RHD () C:\MSOCache
2014-04-06 16:15 - 2014-04-06 16:15 - 00000000 ____D () C:\Users\User\AppData\Local\Microsoft Help
2014-04-06 16:15 - 2013-02-19 07:22 - 03868160 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys
2014-04-06 16:14 - 2014-04-09 14:33 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-06 16:14 - 2014-04-06 16:14 - 00000468 ___SH () C:\Users\09f67d3d-468c-4469-b811-b39e34798910
2014-04-06 16:14 - 2014-04-06 16:14 - 00000024 ___SH () C:\Users\Preferred
2014-04-06 16:14 - 2014-04-06 16:14 - 00000024 ___SH () C:\Users\CREDHIST
2014-04-06 16:14 - 2014-04-06 16:14 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-04-06 16:14 - 2014-04-06 16:14 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-04-06 16:14 - 2013-03-15 12:16 - 06398240 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-04-06 16:14 - 2013-03-15 12:16 - 03477280 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-04-06 16:14 - 2013-03-15 12:16 - 02555680 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-04-06 16:14 - 2013-03-15 12:16 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-04-06 16:14 - 2013-03-15 12:16 - 00237856 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-04-06 16:14 - 2013-03-15 12:16 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-04-06 16:14 - 2010-01-13 14:56 - 01806592 _____ () C:\Windows\system32\Drivers\snp2uvc.sys
2014-04-06 16:14 - 2010-01-13 14:56 - 00040960 _____ () C:\Windows\system32\Drivers\sncduvc.sys
2014-04-06 16:14 - 2010-01-13 14:55 - 00099712 _____ (sonix) C:\Windows\PLFSetL.exe
2014-04-06 16:14 - 2010-01-13 14:55 - 00030080 _____ () C:\Windows\snuvcdsm.exe
2014-04-06 16:14 - 2009-11-06 14:55 - 00000378 _____ () C:\Windows\PidList.ini
2014-04-06 16:14 - 2009-07-14 12:54 - 00001358 _____ () C:\Users\Ease of Access.lnk
2014-04-06 16:14 - 2009-07-14 12:54 - 00001306 _____ () C:\Users\Private Character Editor.lnk
2014-04-06 16:14 - 2009-07-14 12:54 - 00001304 _____ () C:\Users\Notepad.lnk
2014-04-06 16:14 - 2009-07-14 12:54 - 00001280 _____ () C:\Users\Command Prompt.lnk
2014-04-06 16:14 - 2009-07-14 12:54 - 00001262 _____ () C:\Users\Narrator.lnk
2014-04-06 16:14 - 2009-07-14 12:54 - 00001258 _____ () C:\Users\Magnify.lnk
2014-04-06 16:14 - 2009-07-14 12:54 - 00001250 _____ () C:\Users\On-Screen Keyboard.lnk
2014-04-06 16:14 - 2009-07-14 12:54 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-06 16:14 - 2009-07-14 12:49 - 00001228 _____ () C:\Users\Windows Explorer.lnk
2014-04-06 16:14 - 2009-07-14 12:49 - 00000290 _____ () C:\Users\Shows Desktop.lnk
2014-04-06 16:14 - 2009-07-14 12:49 - 00000272 _____ () C:\Users\Window Switcher.lnk
2014-04-06 16:14 - 2009-07-14 12:49 - 00000262 _____ () C:\Users\Run.lnk
2014-04-06 16:14 - 2009-07-14 12:49 - 00000262 _____ () C:\Users\Help.lnk
2014-04-06 16:14 - 2009-07-14 12:49 - 00000262 _____ () C:\Users\Control Panel.lnk
2014-04-06 16:14 - 2009-07-14 12:49 - 00000262 _____ () C:\Users\computer.lnk
2014-04-06 16:14 - 2009-07-14 12:49 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-06 16:13 - 2013-03-15 13:53 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-04-06 16:13 - 2013-03-15 13:53 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-04-06 16:12 - 2014-04-09 14:50 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-04-06 16:12 - 2014-04-06 16:12 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-04-06 16:11 - 2013-03-15 13:53 - 26956576 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-04-06 16:11 - 2013-03-15 13:53 - 25256736 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-04-06 16:11 - 2013-03-15 13:53 - 20542752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-04-06 16:11 - 2013-03-15 13:53 - 17990800 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-04-06 16:11 - 2013-03-15 13:53 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-04-06 16:11 - 2013-03-15 13:53 - 15508512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-04-06 16:11 - 2013-03-15 13:53 - 15042928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-04-06 16:11 - 2013-03-15 13:53 - 13088000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-04-06 16:11 - 2013-03-15 13:53 - 11048736 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-04-06 16:11 - 2013-03-15 13:53 - 09414456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-04-06 16:11 - 2013-03-15 13:53 - 07959000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-04-06 16:11 - 2013-03-15 13:53 - 07573816 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-04-06 16:11 - 2013-03-15 13:53 - 06271872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-04-06 16:11 - 2013-03-15 13:53 - 02913056 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-04-06 16:11 - 2013-03-15 13:53 - 02864144 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-04-06 16:11 - 2013-03-15 13:53 - 02728736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-04-06 16:11 - 2013-03-15 13:53 - 02539128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-04-06 16:11 - 2013-03-15 13:53 - 02355488 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-04-06 16:11 - 2013-03-15 13:53 - 01995552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-04-06 16:11 - 2013-03-15 13:53 - 01807136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6431422.dll
2014-04-06 16:11 - 2013-03-15 13:53 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6431422.dll
2014-04-06 16:11 - 2013-03-15 13:53 - 00017738 _____ () C:\Windows\system32\nvinfo.pb
2014-04-06 16:10 - 2014-04-08 21:34 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-06 16:10 - 2014-04-06 16:10 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-04-06 16:10 - 2014-04-06 16:10 - 00000000 ____D () C:\Program Files\Realtek
2014-04-06 16:10 - 2013-02-20 05:20 - 03325000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-04-06 16:10 - 2013-02-20 01:30 - 18610688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-04-06 16:10 - 2013-02-20 01:22 - 00424769 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-04-06 16:10 - 2013-02-19 22:11 - 02751560 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-04-06 16:10 - 2013-02-19 17:29 - 03685448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-04-06 16:10 - 2013-02-16 02:45 - 00858032 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2014-04-06 16:10 - 2013-02-16 02:45 - 00148912 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2014-04-06 16:10 - 2013-02-16 02:44 - 00569256 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2014-04-06 16:10 - 2013-02-15 21:41 - 00912960 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-04-06 16:10 - 2013-02-08 22:36 - 03155536 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-04-06 16:10 - 2013-02-06 03:32 - 01658952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-04-06 16:10 - 2013-02-03 04:30 - 02099480 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-04-06 16:10 - 2013-01-17 13:05 - 00801560 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2014-04-06 16:10 - 2013-01-17 13:05 - 00635160 _____ (SRS Labs, Inc.) C:\Windows\system32\sltech64.dll
2014-04-06 16:10 - 2013-01-17 13:05 - 00518936 _____ (SRS Labs, Inc.) C:\Windows\system32\sl3apo64.dll
2014-04-06 16:10 - 2013-01-17 13:05 - 00215320 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2014-04-06 16:10 - 2012-09-01 02:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2014-04-06 16:10 - 2012-09-01 02:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2014-04-06 16:10 - 2012-09-01 02:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2014-04-06 16:10 - 2012-09-01 02:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2014-04-06 16:10 - 2012-09-01 02:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2014-04-06 16:10 - 2012-01-30 18:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2014-04-06 16:10 - 2012-01-10 17:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2014-04-06 16:10 - 2011-12-20 22:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-04-06 16:10 - 2011-11-22 23:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-04-06 16:10 - 2011-09-02 21:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2014-04-06 16:10 - 2011-09-02 21:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2014-04-06 16:10 - 2011-09-02 21:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2014-04-06 16:10 - 2011-03-17 19:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2014-04-06 16:10 - 2011-03-08 00:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2014-04-06 16:10 - 2010-11-04 01:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-04-06 16:10 - 2010-07-22 23:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2014-04-06 16:10 - 2009-11-24 16:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-04-06 16:10 - 2009-11-24 16:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-04-06 16:10 - 2009-11-24 16:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-04-06 16:10 - 2009-11-24 16:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-04-06 16:09 - 2014-04-09 14:50 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-04-06 16:09 - 2014-04-09 14:33 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-04-06 16:09 - 2014-04-06 17:19 - 00001163 _____ () C:\Users\Mozilla Firefox.lnk
2014-04-06 16:09 - 2014-04-06 16:09 - 00001057 _____ () C:\Users\What is new in the latest version.lnk
2014-04-06 16:09 - 2014-04-06 16:09 - 00001045 _____ () C:\Users\WinRAR.lnk
2014-04-06 16:09 - 2014-04-06 16:09 - 00001045 _____ () C:\Users\WinRAR help.lnk
2014-04-06 16:09 - 2014-04-06 16:09 - 00001026 _____ () C:\Users\Console RAR manual.lnk
2014-04-06 16:09 - 2014-04-06 16:09 - 00000045 ____S () C:\Users\f58155b4b1d5a524ca0261c3ee99fb50_cee9db31-25a4-436b-9e9a-87147069244e
2014-04-06 16:09 - 2014-04-06 16:09 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-04-06 16:09 - 2014-04-06 16:09 - 00000000 ____D () C:\ProgramData\Mozilla
2014-04-06 16:09 - 2013-02-20 01:52 - 00991816 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-04-06 16:09 - 2013-02-19 22:21 - 00131144 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-04-06 16:09 - 2013-02-04 17:00 - 00653296 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2014-04-06 16:09 - 2013-02-04 17:00 - 00028656 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorF.sys
2014-04-06 16:09 - 2013-02-03 04:30 - 00907544 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-04-06 16:09 - 2013-02-03 04:29 - 13975320 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-04-06 16:09 - 2013-02-03 04:29 - 01898776 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-04-06 16:09 - 2013-01-23 23:36 - 00613448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-04-06 16:09 - 2013-01-22 08:41 - 00204864 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-04-06 16:09 - 2013-01-15 17:33 - 02722848 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-04-06 16:09 - 2013-01-03 22:02 - 01276128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-04-06 16:09 - 2012-12-19 13:42 - 00031672 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-04-06 16:09 - 2012-12-19 13:41 - 00194488 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-04-06 16:09 - 2012-12-18 16:31 - 01510328 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-04-06 16:09 - 2012-12-18 00:49 - 02032584 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-04-06 16:09 - 2012-12-12 18:17 - 00395208 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-04-06 16:09 - 2012-10-02 21:41 - 00501192 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2014-04-06 16:09 - 2012-10-02 21:41 - 00487368 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2014-04-06 16:09 - 2012-10-02 21:41 - 00415688 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2014-04-06 16:09 - 2012-07-16 04:13 - 00394616 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-04-06 16:09 - 2012-06-21 00:26 - 00110592 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-04-06 16:09 - 2012-03-08 18:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-04-06 16:09 - 2011-08-24 00:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2014-04-06 16:09 - 2011-05-31 16:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2014-04-06 16:09 - 2011-05-31 16:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2014-04-06 16:09 - 2011-05-31 16:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2014-04-06 16:09 - 2011-05-31 16:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2014-04-06 16:09 - 2011-05-31 16:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2014-04-06 16:09 - 2011-05-31 16:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2014-04-06 16:09 - 2011-05-31 16:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2014-04-06 16:09 - 2011-05-31 16:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2014-04-06 16:09 - 2011-05-31 16:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2014-04-06 16:09 - 2011-05-31 16:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2014-04-06 16:09 - 2011-05-31 16:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2014-04-06 16:09 - 2011-05-31 16:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2014-04-06 16:09 - 2010-11-08 14:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-04-06 16:09 - 2010-11-08 14:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-04-06 16:09 - 2010-11-08 14:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-04-06 16:09 - 2010-11-08 14:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-04-06 16:09 - 2010-11-08 14:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-04-06 16:09 - 2010-11-08 14:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-04-06 16:09 - 2010-09-27 16:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-04-06 16:08 - 2014-04-09 19:01 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-04-06 16:08 - 2014-04-09 18:59 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-06 16:08 - 2014-04-06 16:08 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-04-06 16:08 - 2014-04-06 16:08 - 00000004 _____ () C:\Users\chrome_shutdown_ms.txt
2014-04-06 16:08 - 2014-04-06 16:08 - 00000000 _____ () C:\Users\EB66.tmp
2014-04-06 16:08 - 2014-04-06 16:08 - 00000000 _____ () C:\Users\EB65.tmp
2014-04-06 16:08 - 2014-04-06 16:08 - 00000000 _____ () C:\Users\1384.tmp
2014-04-06 16:08 - 2014-04-06 16:08 - 00000000 _____ () C:\Users\1383.tmp
2014-04-06 16:08 - 2014-04-06 16:08 - 00000000 _____ () C:\Users\1373.tmp
2014-04-06 16:08 - 2014-04-06 16:08 - 00000000 _____ () C:\Users\1371.tmp
2014-04-06 16:08 - 2012-10-16 01:09 - 00435512 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\k57nd60a.sys
2014-04-06 16:02 - 2014-04-06 16:03 - 00000000 _____ () C:\Users\Safe Browsing Extension Blacklist_new
2014-04-06 16:02 - 2014-04-06 16:03 - 00000000 _____ () C:\Users\Safe Browsing Download_new
2014-04-06 16:02 - 2014-04-06 16:03 - 00000000 _____ () C:\Users\Safe Browsing Download Whitelist_new
2014-04-06 16:02 - 2014-04-06 16:03 - 00000000 _____ () C:\Users\Safe Browsing Csd Whitelist_new
2014-04-06 16:02 - 2014-04-06 16:03 - 00000000 _____ () C:\Users\Safe Browsing Bloom_new
2014-04-06 16:02 - 2014-04-06 16:02 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ATSwpWDF_01009.Wdf
2014-04-06 16:02 - 2014-04-06 16:02 - 00000000 ____D () C:\Program Files\AuthenTec
2014-04-06 16:02 - 2012-10-18 13:16 - 01111856 _____ (AuthenTec, Inc.) C:\Windows\system32\Drivers\ATSwpWDF.sys
2014-04-06 16:02 - 2009-09-18 10:54 - 00056344 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2014-04-06 16:02 - 2009-07-15 00:21 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoinstaller01009.dll
2014-04-06 16:01 - 2014-04-06 16:08 - 00000136 _____ () C:\Users\000003.log
2014-04-06 16:01 - 2014-04-06 16:01 - 00000180 _____ () C:\Users\README
2014-04-06 16:01 - 2014-04-06 16:01 - 00000050 _____ () C:\Users\MANIFEST-000002
2014-04-06 16:01 - 2014-04-06 16:01 - 00000047 _____ () C:\Users\LOG
2014-04-06 16:01 - 2014-04-06 16:01 - 00000016 _____ () C:\Users\CURRENT
2014-04-06 16:01 - 2014-04-06 16:01 - 00000000 _____ () C:\Users\LOCK
2014-04-06 16:00 - 2014-04-06 16:08 - 00270336 _____ () C:\Users\data_1
2014-04-06 16:00 - 2014-04-06 16:08 - 00045056 _____ () C:\Users\data_0
2014-04-06 16:00 - 2014-04-06 16:08 - 00019148 _____ () C:\Users\Preferences
2014-04-06 16:00 - 2014-04-06 16:08 - 00016384 _____ () C:\Users\History-journal
2014-04-06 16:00 - 2014-04-06 16:08 - 00002263 _____ () C:\Users\Local State
2014-04-06 16:00 - 2014-04-06 16:08 - 00001669 _____ () C:\Users\Current Session
2014-04-06 16:00 - 2014-04-06 16:08 - 00001199 _____ () C:\Users\Current Tabs
2014-04-06 16:00 - 2014-04-06 16:08 - 00000484 _____ () C:\Users\History Provider Cache
2014-04-06 16:00 - 2014-04-06 16:00 - 00524656 _____ () C:\Users\index
2014-04-06 16:00 - 2014-04-06 16:00 - 00077824 _____ () C:\Users\Web Data
2014-04-06 16:00 - 2014-04-06 16:00 - 00020480 _____ () C:\Users\Top Sites
2014-04-06 16:00 - 2014-04-06 16:00 - 00020480 _____ () C:\Users\Favicons
2014-04-06 16:00 - 2014-04-06 16:00 - 00016384 _____ () C:\Users\Network Action Predictor
2014-04-06 16:00 - 2014-04-06 16:00 - 00012824 _____ () C:\Users\Top Sites-journal
2014-04-06 16:00 - 2014-04-06 16:00 - 00012288 _____ () C:\Users\Shortcuts
2014-04-06 16:00 - 2014-04-06 16:00 - 00008192 _____ () C:\Users\data_3
2014-04-06 16:00 - 2014-04-06 16:00 - 00008192 _____ () C:\Users\data_2
2014-04-06 16:00 - 2014-04-06 16:00 - 00004624 _____ () C:\Users\Web Data-journal
2014-04-06 16:00 - 2014-04-06 16:00 - 00003608 _____ () C:\Users\Network Action Predictor-journal
2014-04-06 16:00 - 2014-04-06 16:00 - 00002325 _____ () C:\Users\Google Chrome.lnk
2014-04-06 16:00 - 2014-04-06 16:00 - 00001544 _____ () C:\Users\Safe Browsing Cookies-journal
2014-04-06 16:00 - 2014-04-06 16:00 - 00001544 _____ () C:\Users\Cookies-journal
2014-04-06 16:00 - 2014-04-06 16:00 - 00000755 _____ () C:\Users\manifest.json
2014-04-06 16:00 - 2014-04-06 16:00 - 00000512 _____ () C:\Users\Shortcuts-journal
2014-04-06 16:00 - 2014-04-06 16:00 - 00000512 _____ () C:\Users\Favicons-journal
2014-04-06 16:00 - 2014-04-06 16:00 - 00000512 _____ () C:\Users\Archived History-journal
2014-04-06 16:00 - 2014-04-06 16:00 - 00000393 _____ () C:\Users\VisualElementsManifest.xml
2014-04-06 16:00 - 2014-04-06 16:00 - 00000321 _____ () C:\Users\messages.json
2014-04-06 16:00 - 2014-04-06 16:00 - 00000092 _____ () C:\Users\main.html
2014-04-06 16:00 - 2014-04-06 16:00 - 00000079 _____ () C:\Users\main.js
2014-04-06 16:00 - 2014-04-06 16:00 - 00000008 _____ () C:\Users\Managed Mode Settings
2014-04-06 16:00 - 2014-04-06 16:00 - 00000000 _____ () C:\Windows\SysWOW64\config.nt
2014-04-06 16:00 - 2014-04-06 16:00 - 00000000 _____ () C:\Users\First Run
2014-04-06 16:00 - 2014-04-06 16:00 - 00000000 _____ () C:\Users\Custom.css
2014-04-06 16:00 - 2014-04-06 15:59 - 01188304 _____ (Google Inc.) C:\Users\setup.exe
2014-04-06 16:00 - 2013-08-13 17:14 - 13602768 _____ () C:\Users\pepflashplayer.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 09962960 _____ (The ICU Project) C:\Users\icudt.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 04055504 _____ () C:\Users\pdf.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 02122704 _____ (Google Inc.) C:\Users\libpeerconnection.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 02094544 _____ (Google Inc.) C:\Users\npchrome_frame.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 01861584 _____ (Google Inc.) C:\Users\nacl64.exe
2014-04-06 16:00 - 2013-08-13 17:14 - 01604560 _____ () C:\Users\ffmpegsumo.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 01485264 _____ (Google Inc.) C:\Users\delegate_execute.exe
2014-04-06 16:00 - 2013-08-13 17:14 - 00889808 _____ (Google Inc.) C:\Users\metro_driver.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00847312 _____ (Google Inc.) C:\Users\chrome.exe
2014-04-06 16:00 - 2013-08-13 17:14 - 00698832 _____ () C:\Users\libglesv2.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00415184 _____ () C:\Users\ppgooglenaclpluginchrome.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00099792 _____ () C:\Users\libegl.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00096720 _____ () C:\Users\widevinecdmadapter.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00010192 _____ () C:\Users\tr.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00010192 _____ () C:\Users\te.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00010192 _____ () C:\Users\ta.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00010192 _____ () C:\Users\sw.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00010192 _____ () C:\Users\sl.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00010192 _____ () C:\Users\sk.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00010192 _____ () C:\Users\ro.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00010192 _____ () C:\Users\pt-PT.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00010192 _____ () C:\Users\pt-BR.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00010192 _____ () C:\Users\pl.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00010192 _____ () C:\Users\nl.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00010192 _____ () C:\Users\ml.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00010192 _____ () C:\Users\lt.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00010192 _____ () C:\Users\kn.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00010192 _____ () C:\Users\it.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00010192 _____ () C:\Users\id.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00010192 _____ () C:\Users\hu.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00010192 _____ () C:\Users\hr.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00010192 _____ () C:\Users\hi.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00010192 _____ () C:\Users\fr.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00010192 _____ () C:\Users\fil.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00010192 _____ () C:\Users\es-419.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00010192 _____ () C:\Users\es.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00010192 _____ () C:\Users\el.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00010192 _____ () C:\Users\de.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00010192 _____ () C:\Users\da.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00010192 _____ () C:\Users\cs.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00009680 _____ () C:\Users\zh-TW.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00009680 _____ () C:\Users\zh-CN.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00009680 _____ () C:\Users\vi.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00009680 _____ () C:\Users\uk.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00009680 _____ () C:\Users\th.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00009680 _____ () C:\Users\sv.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00009680 _____ () C:\Users\sr.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00009680 _____ () C:\Users\ru.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00009680 _____ () C:\Users\nb.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00009680 _____ () C:\Users\ms.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00009680 _____ () C:\Users\mr.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00009680 _____ () C:\Users\lv.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00009680 _____ () C:\Users\ko.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00009680 _____ () C:\Users\ja.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00009680 _____ () C:\Users\he.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00009680 _____ () C:\Users\gu.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00009680 _____ () C:\Users\fi.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00009680 _____ () C:\Users\fa.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00009680 _____ () C:\Users\et.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00009680 _____ () C:\Users\en-US.dll
2014-04-06 16:00 - 2013-08-13 17:14 - 00009680 _____ () C:\Users\en-GB.dll
2014-04-06 16:00 - 2013-08-13 17:13 - 00123344 _____ (Google Inc.) C:\Users\chrome_launcher.exe
2014-04-06 16:00 - 2013-08-13 17:13 - 00083408 _____ (Google Inc.) C:\Users\chrome_frame_helper.exe
2014-04-06 16:00 - 2013-08-13 17:13 - 00057296 _____ (Google Inc.) C:\Users\chrome_frame_helper.dll
2014-04-06 16:00 - 2013-08-13 15:19 - 05705472 _____ () C:\Users\nacl_irt_x86_32.nexe
2014-04-06 16:00 - 2013-08-13 15:19 - 05368298 _____ () C:\Users\resources.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 04078080 _____ () C:\Users\nacl_irt_x86_64.nexe
2014-04-06 16:00 - 2013-08-13 15:19 - 03231688 _____ (Microsoft Corporation) C:\Users\d3dcompiler_46.dll
2014-04-06 16:00 - 2013-08-13 15:19 - 02106216 _____ (Microsoft Corporation) C:\Users\d3dcompiler_43.dll
2014-04-06 16:00 - 2013-08-13 15:19 - 00966420 _____ () C:\Users\chrome_touch_100_percent.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00953937 _____ () C:\Users\chrome_100_percent.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00686828 _____ () C:\Users\ml.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00618343 _____ () C:\Users\ta.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00592512 _____ () C:\Users\kn.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00575537 _____ () C:\Users\te.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00544076 _____ () C:\Users\bn.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00533806 _____ () C:\Users\hi.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00532731 _____ () C:\Users\th.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00524524 _____ () C:\Users\mr.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00517499 _____ () C:\Users\gu.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00473602 _____ () C:\Users\el.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00435383 _____ () C:\Users\bg.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00413917 _____ () C:\Users\ru.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00411637 _____ () C:\Users\uk.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00402118 _____ () C:\Users\sr.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00372259 _____ () C:\Users\fa.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00362793 _____ () C:\Users\am.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00349914 _____ () C:\Users\ar.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00319555 _____ () C:\Users\ja.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00306226 _____ () C:\Users\vi.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00301676 _____ () C:\Users\he.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00283082 _____ () C:\Users\fr.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00280457 _____ () C:\Users\hu.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00278380 _____ () C:\Users\sk.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00275982 _____ () C:\Users\ro.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00273965 _____ () C:\Users\es.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00272812 _____ () C:\Users\fil.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00271027 _____ () C:\Users\ko.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00269085 _____ () C:\Users\cs.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00268952 _____ () C:\Users\es-419.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00268388 _____ () C:\Users\ca.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00267240 _____ () C:\Users\lv.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00266392 _____ () C:\Users\pl.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00266230 _____ () C:\Users\tr.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00265295 _____ () C:\Users\pt-PT.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00263463 _____ () C:\Users\lt.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00262629 _____ () C:\Users\it.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00259888 _____ () C:\Users\nl.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00259561 _____ () C:\Users\pt-BR.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00252383 _____ () C:\Users\hr.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00252298 _____ () C:\Users\fi.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00248134 _____ () C:\Users\sl.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00246645 _____ () C:\Users\sv.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00244686 _____ () C:\Users\da.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00243988 _____ () C:\Users\nb.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00243198 _____ () C:\Users\id.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00236496 _____ () C:\Users\et.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00229525 _____ () C:\Users\de.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00227206 _____ () C:\Users\en-US.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00227083 _____ () C:\Users\en-GB.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00224756 _____ () C:\Users\sw.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00221000 _____ () C:\Users\zh-TW.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00220240 _____ () C:\Users\zh-CN.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00200450 _____ () C:\Users\ms.pak
2014-04-06 16:00 - 2013-08-13 15:19 - 00081768 _____ (Microsoft Corporation) C:\Users\xinput1_3.dll
2014-04-06 16:00 - 2013-08-13 15:19 - 00000099 _____ () C:\Users\external_extensions.json
2014-04-06 15:59 - 2014-04-09 14:50 - 00000000 ____D () C:\ProgramData\Alwil Software
2014-04-06 15:59 - 2014-04-08 21:34 - 00000000 ____D () C:\Program Files\Alwil Software
2014-04-06 15:59 - 2014-04-06 15:59 - 00016384 _____ () C:\Users\MSIMGSIZ.DAT
2014-04-06 15:59 - 2013-08-13 17:15 - 128949574 _____ () C:\Users\chrome.7z
2014-04-06 15:59 - 2013-08-13 17:14 - 00010192 _____ () C:\Users\ca.dll
2014-04-06 15:59 - 2013-08-13 17:14 - 00010192 _____ () C:\Users\bg.dll
2014-04-06 15:59 - 2013-08-13 17:14 - 00009680 _____ () C:\Users\bn.dll
2014-04-06 15:59 - 2013-08-13 17:14 - 00009680 _____ () C:\Users\ar.dll
2014-04-06 15:59 - 2013-08-13 17:14 - 00009680 _____ () C:\Users\am.dll
2014-04-06 15:59 - 2013-08-13 17:13 - 47726032 _____ (Google Inc.) C:\Users\chrome.dll
2014-04-06 15:59 - 2013-08-13 15:19 - 00026392 _____ () C:\Users\search.crx
2014-04-06 15:59 - 2013-08-13 15:19 - 00025561 _____ () C:\Users\drive.crx
2014-04-06 15:59 - 2013-08-13 15:19 - 00024040 _____ () C:\Users\gmail.crx
2014-04-06 15:59 - 2013-08-13 15:19 - 00023668 _____ () C:\Users\youtube.crx
2014-04-06 15:59 - 2013-08-13 15:19 - 00004578 _____ () C:\Users\docs.crx
2014-04-06 15:54 - 2014-04-06 15:54 - 00297531 _____ () C:\Users\StructuredQuerySchema.bin
2014-04-06 15:46 - 2014-04-09 14:50 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-06 15:46 - 2014-04-09 14:50 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-06 15:46 - 2014-04-07 02:59 - 00001417 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-06 15:46 - 2014-04-06 15:59 - 00262144 ___SH () C:\Users\index.dat
2014-04-06 15:46 - 2014-04-06 15:46 - 02121728 _____ () C:\Users\WindowsMail.MSMessageStore
2014-04-06 15:46 - 2014-04-06 15:46 - 02097152 _____ () C:\Users\edbres00002.jrs
2014-04-06 15:46 - 2014-04-06 15:46 - 02097152 _____ () C:\Users\edbres00001.jrs
2014-04-06 15:46 - 2014-04-06 15:46 - 02097152 _____ () C:\Users\edb00001.log
2014-04-06 15:46 - 2014-04-06 15:46 - 02097152 _____ () C:\Users\edb.log
2014-04-06 15:46 - 2014-04-06 15:46 - 01069056 _____ () C:\Users\CurrentDatabase_372.wmdb
2014-04-06 15:46 - 2014-04-06 15:46 - 01048576 _____ () C:\Users\thumbcache_96.db
2014-04-06 15:46 - 2014-04-06 15:46 - 01048576 _____ () C:\Users\thumbcache_32.db
2014-04-06 15:46 - 2014-04-06 15:46 - 01048576 _____ () C:\Users\thumbcache_256.db
2014-04-06 15:46 - 2014-04-06 15:46 - 00069740 _____ () C:\Users\LocalMLS_3.wmdb
2014-04-06 15:46 - 2014-04-06 15:46 - 00068373 _____ () C:\Users\User.contact
2014-04-06 15:46 - 2014-04-06 15:46 - 00028672 _____ () C:\Users\Web Slice Gallery~.feed-ms
2014-04-06 15:46 - 2014-04-06 15:46 - 00028672 _____ () C:\Users\USA~dgov Updates~c News and Features~.feed-ms
2014-04-06 15:46 - 2014-04-06 15:46 - 00028672 _____ () C:\Users\Popular Government Questions from USA~dgov~.feed-ms
2014-04-06 15:46 - 2014-04-06 15:46 - 00028672 _____ () C:\Users\MSNBC News~.feed-ms
2014-04-06 15:46 - 2014-04-06 15:46 - 00028672 _____ () C:\Users\Microsoft at Work~.feed-ms
2014-04-06 15:46 - 2014-04-06 15:46 - 00028672 _____ () C:\Users\Microsoft at Home~.feed-ms
2014-04-06 15:46 - 2014-04-06 15:46 - 00016384 _____ () C:\Users\WindowsMail.pat
2014-04-06 15:46 - 2014-04-06 15:46 - 00012192 _____ () C:\Users\brndlog.bak
2014-04-06 15:46 - 2014-04-06 15:46 - 00010191 _____ () C:\Users\WMSDKNS.XML
2014-04-06 15:46 - 2014-04-06 15:46 - 00008192 _____ () C:\Users\edb.chk
2014-04-06 15:46 - 2014-04-06 15:46 - 00007168 _____ () C:\Users\FeedsStore.feedsdb-ms
2014-04-06 15:46 - 2014-04-06 15:46 - 00003541 _____ () C:\Users\Documents.library-ms
2014-04-06 15:46 - 2014-04-06 15:46 - 00003533 _____ () C:\Users\Pictures.library-ms
2014-04-06 15:46 - 2014-04-06 15:46 - 00003513 _____ () C:\Users\Videos.library-ms
2014-04-06 15:46 - 2014-04-06 15:46 - 00003499 _____ () C:\Users\Music.library-ms
2014-04-06 15:46 - 2014-04-06 15:46 - 00003256 _____ () C:\Users\thumbcache_idx.db
2014-04-06 15:46 - 2014-04-06 15:46 - 00001736 _____ () C:\Users\account{D1267DDA-783D-42DF-90B5-B7B5DAC1E5EC}.oeaccount
2014-04-06 15:46 - 2014-04-06 15:46 - 00001508 _____ () C:\Users\account{2F48A18A-E711-4090-9AF1-3F025F32190F}.oeaccount
2014-04-06 15:46 - 2014-04-06 15:46 - 00001497 _____ () C:\Users\Internet Explorer (No Add-ons).lnk
2014-04-06 15:46 - 2014-04-06 15:46 - 00001447 _____ () C:\Users\Internet Explorer.lnk
2014-04-06 15:46 - 2014-04-06 15:46 - 00001413 _____ () C:\Users\Internet Explorer (64-bit).lnk
2014-04-06 15:46 - 2014-04-06 15:46 - 00001284 _____ () C:\Users\04_Music_played_in_the_last_month.wpl
2014-04-06 15:46 - 2014-04-06 15:46 - 00001279 _____ () C:\Users\02_Music_added_in_the_last_month.wpl
2014-04-06 15:46 - 2014-04-06 15:46 - 00001267 _____ () C:\Users\03_Music_rated_at_4_or_5_stars.wpl
2014-04-06 15:46 - 2014-04-06 15:46 - 00001079 _____ () C:\Users\12_All_Video.wpl
2014-04-06 15:46 - 2014-04-06 15:46 - 00001063 _____ () C:\Users\10_All_Music.wpl
2014-04-06 15:46 - 2014-04-06 15:46 - 00001044 _____ () C:\Users\01_Music_auto_rated_at_5_stars.wpl
2014-04-06 15:46 - 2014-04-06 15:46 - 00001040 _____ () C:\Users\07_TV_recorded_in_the_last_week.wpl
2014-04-06 15:46 - 2014-04-06 15:46 - 00001025 _____ () C:\Users\09_Music_played_the_most.wpl
2014-04-06 15:46 - 2014-04-06 15:46 - 00001020 _____ () C:\Users\08_Video_rated_at_4_or_5_stars.wpl
2014-04-06 15:46 - 2014-04-06 15:46 - 00000843 _____ () C:\Users\Downloads.lnk
2014-04-06 15:46 - 2014-04-06 15:46 - 00000797 _____ () C:\Users\05_Pictures_taken_in_the_last_month.wpl
2014-04-06 15:46 - 2014-04-06 15:46 - 00000785 _____ () C:\Users\06_Pictures_rated_4_or_5_stars.wpl
2014-04-06 15:46 - 2014-04-06 15:46 - 00000672 _____ () C:\Users\account{EF2A4864-A5E4-4298-81F2-CCDE5A0BF24C}.oeaccount
2014-04-06 15:46 - 2014-04-06 15:46 - 00000585 _____ () C:\Users\11_All_Pictures.wpl
2014-04-06 15:46 - 2014-04-06 15:46 - 00000498 _____ () C:\Users\WMSDKNS.DTD
2014-04-06 15:46 - 2014-04-06 15:46 - 00000468 ___SH () C:\Users\e64a7333-4b84-4e23-9907-385b42ce3f11
2014-04-06 15:46 - 2014-04-06 15:46 - 00000432 _____ () C:\Users\Desktop.lnk
2014-04-06 15:46 - 2014-04-06 15:46 - 00000363 _____ () C:\Users\RecentPlaces.lnk
2014-04-06 15:46 - 2014-04-06 15:46 - 00000260 _____ () C:\Users\oeold.xml
2014-04-06 15:46 - 2014-04-06 15:46 - 00000248 ___RH () C:\Users\Indexed Locations.search-ms
2014-04-06 15:46 - 2014-04-06 15:46 - 00000248 ___RH () C:\Users\Everywhere.search-ms
2014-04-06 15:46 - 2014-04-06 15:46 - 00000226 _____ () C:\Users\Web Slice Gallery.url
2014-04-06 15:46 - 2014-04-06 15:46 - 00000134 _____ () C:\Users\Microsoft Store.url
2014-04-06 15:46 - 2014-04-06 15:46 - 00000133 _____ () C:\Users\Windows Live Spaces.url
2014-04-06 15:46 - 2014-04-06 15:46 - 00000133 _____ () C:\Users\Windows Live Mail.url
2014-04-06 15:46 - 2014-04-06 15:46 - 00000133 _____ () C:\Users\Windows Live Gallery.url
2014-04-06 15:46 - 2014-04-06 15:46 - 00000133 _____ () C:\Users\MSNBC News.url
2014-04-06 15:46 - 2014-04-06 15:46 - 00000133 _____ () C:\Users\MSN.url
2014-04-06 15:46 - 2014-04-06 15:46 - 00000133 _____ () C:\Users\MSN Sports.url
2014-04-06 15:46 - 2014-04-06 15:46 - 00000133 _____ () C:\Users\MSN Money.url
2014-04-06 15:46 - 2014-04-06 15:46 - 00000133 _____ () C:\Users\MSN Entertainment.url
2014-04-06 15:46 - 2014-04-06 15:46 - 00000133 _____ () C:\Users\MSN Autos.url
2014-04-06 15:46 - 2014-04-06 15:46 - 00000133 _____ () C:\Users\Microsoft At Work.url
2014-04-06 15:46 - 2014-04-06 15:46 - 00000133 _____ () C:\Users\Microsoft At Home.url
2014-04-06 15:46 - 2014-04-06 15:46 - 00000133 _____ () C:\Users\IE site on Microsoft.com.url
2014-04-06 15:46 - 2014-04-06 15:46 - 00000133 _____ () C:\Users\IE Add-on site.url
2014-04-06 15:46 - 2014-04-06 15:46 - 00000133 _____ () C:\Users\Get Windows Live.url
2014-04-06 15:46 - 2014-04-06 15:46 - 00000084 _____ () C:\Users\settings.ini
2014-04-06 15:46 - 2014-04-06 15:46 - 00000024 _____ () C:\Users\thumbcache_sr.db
2014-04-06 15:46 - 2014-04-06 15:46 - 00000024 _____ () C:\Users\thumbcache_1024.db
2014-04-06 15:46 - 2014-04-06 15:46 - 00000000 ____D () C:\Users\User\AppData\Local\VirtualStore
2014-04-06 15:46 - 2014-04-06 15:46 - 00000000 _____ () C:\Users\rasphone.pbk
2014-04-06 15:46 - 2011-04-12 16:31 - 00000134 _____ () C:\Users\USA.gov.url
2014-04-06 15:46 - 2011-04-12 16:31 - 00000134 _____ () C:\Users\GobiernoUSA.gov.url
2014-04-06 15:46 - 2010-11-21 11:40 - 00001547 _____ () C:\Users\Windows Media Player.lnk
2014-04-06 15:46 - 2009-07-14 07:01 - 00000255 _____ () C:\Users\Bears.htm
2014-04-06 15:46 - 2009-07-14 07:01 - 00000237 _____ () C:\Users\Shades of Blue.htm
2014-04-06 15:46 - 2009-07-14 07:01 - 00000237 _____ () C:\Users\Orange Circles.htm
2014-04-06 15:46 - 2009-07-14 07:01 - 00000237 _____ () C:\Users\Green Bubbles.htm
2014-04-06 15:46 - 2009-07-14 07:01 - 00000235 _____ () C:\Users\Hand Prints.htm
2014-04-06 15:46 - 2009-07-14 07:01 - 00000233 _____ () C:\Users\Roses.htm
2014-04-06 15:46 - 2009-07-14 07:01 - 00000232 _____ () C:\Users\Soft Blue.htm
2014-04-06 15:46 - 2009-07-14 07:01 - 00000232 _____ () C:\Users\Peacock.htm
2014-04-06 15:46 - 2009-07-14 07:01 - 00000231 _____ () C:\Users\Garden.htm
2014-04-06 15:46 - 2009-07-14 07:01 - 00000230 _____ () C:\Users\Stars.htm
2014-04-06 15:46 - 2009-06-11 04:44 - 00152300 _____ () C:\Users\Memo.emf
2014-04-06 15:46 - 2009-06-11 04:44 - 00116724 _____ () C:\Users\Graph.emf
2014-04-06 15:46 - 2009-06-11 04:44 - 00081292 _____ () C:\Users\Shorthand.emf
2014-04-06 15:46 - 2009-06-11 04:44 - 00037316 _____ () C:\Users\Seyes.emf
2014-04-06 15:46 - 2009-06-11 04:44 - 00026720 _____ () C:\Users\To_Do_List.emf
2014-04-06 15:46 - 2009-06-11 04:44 - 00026036 _____ () C:\Users\Music.emf
2014-04-06 15:46 - 2009-06-11 04:44 - 00010340 _____ () C:\Users\Genko_2.emf
2014-04-06 15:46 - 2009-06-11 04:44 - 00007498 _____ () C:\Users\grid_(inch).wmf
2014-04-06 15:46 - 2009-06-11 04:44 - 00005524 _____ () C:\Users\Genko_1.emf
2014-04-06 15:46 - 2009-06-11 04:44 - 00004192 _____ () C:\Users\Month_Calendar.emf
2014-04-06 15:46 - 2009-06-11 04:44 - 00003792 _____ () C:\Users\Dotted_Lines.emf
2014-04-06 15:46 - 2009-06-11 04:44 - 00002920 _____ () C:\Users\grid_(cm).wmf
2014-04-06 15:45 - 2014-04-06 19:33 - 00016384 _____ () C:\Users\ExplorerStartupLog_RunOnce.etl
2014-04-06 15:45 - 2014-04-06 15:46 - 00040960 _____ () C:\Users\ExplorerStartupLog.etl
2014-04-06 15:45 - 2014-04-06 15:45 - 00000020 ___SH () C:\Users\User\ntuser.ini
2014-04-06 15:45 - 2014-04-06 15:45 - 00000000 __SHD () C:\Recovery
2014-04-06 15:45 - 2009-07-14 12:54 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-06 15:45 - 2009-07-14 12:49 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-06 10:29 - 2014-04-06 10:33 - 1003072754 _____ () C:\Users\User\Documents\Documents.rar
2014-04-03 21:43 - 2013-11-28 08:24 - 00175480 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys

==================== One Month Modified Files and Folders =======

2014-04-16 17:36 - 2014-04-16 17:35 - 00000000 ____D () C:\FRST
2014-04-16 17:36 - 2014-04-16 17:32 - 00000000 ____D () C:\Users\User\Desktop\the folder
2014-04-16 17:35 - 2014-04-06 23:56 - 01496950 _____ () C:\Windows\WindowsUpdate.log
2014-04-16 17:35 - 2009-07-14 12:45 - 00021648 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-16 17:35 - 2009-07-14 12:45 - 00021648 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-16 17:24 - 2014-04-15 21:56 - 00001242 _____ () C:\Windows\setupact.log
2014-04-16 17:24 - 2009-07-14 13:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-16 17:22 - 2014-04-16 17:15 - 00000000 ____D () C:\AdwCleaner
2014-04-16 17:15 - 2014-04-16 17:15 - 01426178 _____ () C:\Users\User\Desktop\adwcleaner.exe
2014-04-16 17:01 - 2014-04-15 20:57 - 00001062 _____ () C:\Windows\PFRO.log
2014-04-16 17:01 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-04-16 16:59 - 2014-04-07 08:36 - 00000000 ____D () C:\Users\User\AppData\Roaming\DMCache
2014-04-16 16:58 - 2014-04-16 16:58 - 00001479 _____ () C:\Users\User\Desktop\two.txt
2014-04-16 16:58 - 2014-04-16 16:58 - 00001467 _____ () C:\Users\User\Desktop\one.txt
2014-04-16 16:56 - 2014-04-16 16:56 - 00001482 _____ () C:\Users\User\Desktop\mydata.txt
2014-04-16 16:56 - 2014-04-16 16:56 - 00001480 _____ () C:\Users\User\Desktop\data.txt
2014-04-16 16:39 - 2014-04-16 16:34 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-16 16:34 - 2014-04-16 16:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-16 16:34 - 2014-04-16 16:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-16 16:33 - 2014-04-16 16:32 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\User\Desktop\mbam-setup-2.0.1.1004.exe
2014-04-16 16:32 - 2014-04-16 16:32 - 00006892 _____ () C:\Users\User\Documents\Siti Nurhaliza.txt
2014-04-16 16:28 - 2014-04-07 16:47 - 00000000 ____D () C:\Users\User\AppData\Roaming\Winamp
2014-04-16 15:50 - 2009-07-14 13:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-16 02:28 - 2014-04-16 01:43 - 00000056 _____ () C:\Windows\system32\bdsandbox.txt
2014-04-16 01:26 - 2014-04-06 17:19 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mozilla
2014-04-16 01:18 - 2014-04-09 06:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-16 00:54 - 2014-04-07 08:36 - 00000000 ____D () C:\Users\User\AppData\Roaming\IDM
2014-04-15 23:29 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-15 23:09 - 2014-04-07 16:40 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-15 21:56 - 2014-04-15 21:56 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-15 19:21 - 2014-04-06 16:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-15 12:39 - 2014-04-07 08:36 - 00000000 ____D () C:\Users\User\Downloads\Compressed
2014-04-14 05:53 - 2014-04-14 05:52 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc
2014-04-10 07:33 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\rescache
2014-04-09 19:44 - 2014-04-09 18:59 - 00000000 ____D () C:\Users\User\AppData\Roaming\MiniLyrics
2014-04-09 19:01 - 2014-04-06 16:08 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-04-09 18:59 - 2014-04-09 18:59 - 00000000 ____D () C:\Lyrics
2014-04-09 18:59 - 2014-04-06 16:08 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-09 18:58 - 2014-04-09 18:58 - 00000000 ____D () C:\Program Files (x86)\MiniLyrics
2014-04-09 18:25 - 2014-04-09 18:25 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-04-09 18:25 - 2014-04-09 18:24 - 00000000 ____D () C:\Users\User\AppData\Roaming\Foxit Software
2014-04-09 18:24 - 2014-04-09 18:24 - 00000000 ____D () C:\Program Files (x86)\Foxit Software
2014-04-09 16:22 - 2014-04-06 20:35 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2014-04-09 16:21 - 2014-04-09 16:21 - 00000000 ____D () C:\Users\User\AppData\Roaming\Macromedia
2014-04-09 16:21 - 2014-04-09 16:21 - 00000000 ____D () C:\Users\User\AppData\Local\Macromedia
2014-04-09 16:19 - 2014-04-09 16:15 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-09 16:19 - 2014-04-09 16:15 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-09 16:15 - 2014-04-09 16:15 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-04-09 16:15 - 2014-04-09 16:15 - 00000000 ____D () C:\Windows\system32\Macromed
2014-04-09 16:13 - 2014-04-09 16:13 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieUserList
2014-04-09 16:13 - 2014-04-09 16:13 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieSiteList
2014-04-09 16:11 - 2014-04-09 16:11 - 00000000 ____D () C:\ProgramData\MindGems
2014-04-09 16:07 - 2014-04-09 16:07 - 00000000 ____H () C:\Users\User\Documents\Default.rdp
2014-04-09 15:32 - 2014-04-09 15:32 - 00001970 _____ () C:\Users\Public\Desktop\Maxis Broadband.lnk
2014-04-09 15:32 - 2014-04-09 15:32 - 00000000 ____D () C:\Windows\SysWOW64\SupportAppPBHostless Modem
2014-04-09 15:32 - 2014-04-09 15:32 - 00000000 ____D () C:\Program Files (x86)\Hostless Modem
2014-04-09 15:31 - 2014-04-07 00:58 - 00000000 ____D () C:\Program Files\Windows Service
2014-04-09 15:12 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-09 14:57 - 2014-04-07 11:56 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 14:55 - 2014-04-07 11:56 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-09 14:52 - 2011-04-12 16:28 - 00000000 ____D () C:\Windows\ShellNew
2014-04-09 14:52 - 2011-04-12 16:28 - 00000000 ____D () C:\Program Files\Windows Journal
2014-04-09 14:52 - 2009-07-14 13:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2014-04-09 14:52 - 2009-07-14 13:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-04-09 14:52 - 2009-07-14 13:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-04-09 14:52 - 2009-07-14 13:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-04-09 14:52 - 2009-07-14 11:20 - 00000000 __RSD () C:\Windows\Media
2014-04-09 14:52 - 2009-07-14 11:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-04-09 14:52 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-04-09 14:52 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-04-09 14:52 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-04-09 14:52 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-04-09 14:52 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\servicing
2014-04-09 14:52 - 2009-07-14 11:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-04-09 14:51 - 2014-04-06 16:17 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-04-09 14:51 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\security
2014-04-09 14:50 - 2014-04-07 16:47 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-04-09 14:50 - 2014-04-07 08:36 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2014-04-09 14:50 - 2014-04-07 08:36 - 00000000 ____D () C:\Program Files (x86)\Internet Download Manager
2014-04-09 14:50 - 2014-04-07 08:24 - 00000000 ____D () C:\Users\User\AppData\Local\Apps\2.0
2014-04-09 14:50 - 2014-04-06 16:26 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2014-04-09 14:50 - 2014-04-06 16:26 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2014-04-09 14:50 - 2014-04-06 16:26 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2014-04-09 14:50 - 2014-04-06 16:26 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2014-04-09 14:50 - 2014-04-06 16:12 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-04-09 14:50 - 2014-04-06 16:09 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-04-09 14:50 - 2014-04-06 15:59 - 00000000 ____D () C:\ProgramData\Alwil Software
2014-04-09 14:50 - 2014-04-06 15:46 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-09 14:50 - 2014-04-06 15:46 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-09 14:50 - 2011-04-12 16:28 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-04-09 14:50 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\AppCompat
2014-04-09 14:50 - 2009-07-14 11:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-04-09 14:49 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\registration
2014-04-09 14:34 - 2014-04-07 16:14 - 00000000 ____D () C:\Users\User\AppData\Roaming\GRETECH
2014-04-09 14:34 - 2014-04-06 20:35 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe
2014-04-09 14:34 - 2014-04-06 16:30 - 00000000 ____D () C:\Users\User\AppData\Local\CyberLink
2014-04-09 14:34 - 2014-04-06 16:30 - 00000000 ____D () C:\Users\Public\CyberLink
2014-04-09 14:33 - 2014-04-06 16:14 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-09 14:33 - 2014-04-06 16:09 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-04-09 14:33 - 2009-07-14 13:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-04-09 14:32 - 2014-04-07 15:57 - 00000000 ____D () C:\Program Files (x86)\GRETECH
2014-04-09 07:01 - 2014-04-06 16:30 - 00000000 ____D () C:\Users\User\Documents\Youcam
2014-04-09 06:48 - 2014-04-07 08:25 - 00000000 ____D () C:\Users\User\AppData\Local\Google
2014-04-09 06:35 - 2014-04-09 01:50 - 00000000 ____D () C:\Users\User\AppData\Roaming\Bitdefender
2014-04-09 02:12 - 2014-04-09 02:12 - 00966229 _____ () C:\ProgramData\1396978910.bdinstall.bin
2014-04-09 02:06 - 2014-04-09 01:00 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-04-09 02:05 - 2014-04-09 02:05 - 00002190 _____ () C:\Users\Public\Desktop\Bitdefender Safepay.lnk
2014-04-09 02:05 - 2014-04-09 02:05 - 00002071 _____ () C:\Users\Public\Desktop\Bitdefender Total Security.lnk
2014-04-09 02:05 - 2014-04-09 02:05 - 00000684 ____H () C:\bdr-cf01
2014-04-09 02:05 - 2014-04-09 01:49 - 00253404 ____H () C:\bdr-ld01
2014-04-09 02:05 - 2014-04-09 01:49 - 00009216 ____H () C:\bdr-ld01.mbr
2014-04-09 01:50 - 2014-04-09 01:11 - 00000000 ____D () C:\Program Files\Bitdefender
2014-04-09 01:48 - 2014-04-09 01:48 - 00134312 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-09 01:44 - 2014-04-06 20:15 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-04-09 01:24 - 2014-04-09 01:24 - 00062222 _____ () C:\ProgramData\1396977825.bdinstall.bin
2014-04-09 01:11 - 2014-04-09 01:11 - 00319614 _____ () C:\ProgramData\1396976262.bdinstall.bin
2014-04-09 00:26 - 2014-04-09 00:26 - 00251874 _____ () C:\ProgramData\1396974311.bdinstall.bin
2014-04-09 00:03 - 2014-04-08 23:06 - 00000000 ____D () C:\Windows\Minidump
2014-04-08 23:06 - 2009-07-14 12:45 - 00556232 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-08 21:34 - 2014-04-06 16:10 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-08 21:34 - 2014-04-06 15:59 - 00000000 ____D () C:\Program Files\Alwil Software
2014-04-08 19:02 - 2014-04-08 19:02 - 00000017 _____ () C:\Users\User\AppData\Local\resmon.resmoncfg
2014-04-07 16:55 - 2014-04-07 16:55 - 00000000 ____D () C:\ProgramData\GRETECH
2014-04-07 16:48 - 2014-04-07 16:48 - 00000983 _____ () C:\Users\Public\Desktop\Winamp.lnk
2014-04-07 16:25 - 2014-04-07 16:25 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-04-07 16:14 - 2014-04-07 16:14 - 00001213 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2014-04-07 16:14 - 2014-04-07 16:14 - 00001189 _____ () C:\Users\Public\Desktop\GOM Player.lnk
2014-04-07 12:34 - 2014-04-07 12:05 - 00774004 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-04-07 09:54 - 2014-04-07 09:54 - 00000385 _____ () C:\Users\User\AppData\Roaminguser_gensett.xml
2014-04-07 09:52 - 2014-04-07 09:52 - 00000385 _____ () C:\Windows\system32\user_gensett.xml
2014-04-07 08:36 - 2014-04-07 08:36 - 00000000 ____D () C:\Users\User\Downloads\Video
2014-04-07 08:36 - 2014-04-07 08:36 - 00000000 ____D () C:\ProgramData\IDM
2014-04-07 08:25 - 2014-04-07 08:24 - 00000000 ____D () C:\Users\User\AppData\Local\Deployment
2014-04-07 07:45 - 2014-04-07 07:45 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-04-07 07:38 - 2009-07-14 13:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-04-07 07:38 - 2009-07-14 13:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-04-07 07:18 - 2014-04-07 07:13 - 00000000 ____D () C:\ProgramData\BDLogging
2014-04-07 07:16 - 2014-04-07 07:16 - 00866604 _____ () C:\ProgramData\1396824957.bdinstall.bin
2014-04-07 07:13 - 2014-04-07 07:13 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-04-07 06:42 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-04-07 06:41 - 2014-04-07 06:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-04-07 03:01 - 2014-04-07 07:38 - 00000000 ____D () C:\Windows\Panther
2014-04-07 02:59 - 2014-04-06 15:46 - 00001417 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-07 02:29 - 2014-04-07 02:29 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-04-07 02:29 - 2014-04-07 02:29 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-07 02:29 - 2014-04-07 02:29 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-07 02:29 - 2014-04-07 02:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-04-07 02:29 - 2014-04-07 02:29 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-07 02:29 - 2014-04-07 02:29 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-04-07 02:29 - 2014-04-07 02:29 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-07 02:29 - 2014-04-07 02:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-04-07 02:29 - 2014-04-07 02:29 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-07 02:29 - 2014-04-07 02:29 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-07 02:29 - 2014-04-07 02:29 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-07 02:29 - 2014-04-07 02:29 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-04-07 02:29 - 2014-04-07 02:29 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-04-07 02:29 - 2014-04-07 02:29 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-04-07 02:29 - 2014-04-07 02:29 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-04-07 02:29 - 2014-04-07 02:29 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-07 02:29 - 2014-04-07 02:29 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-04-07 02:29 - 2014-04-07 02:29 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-07 02:29 - 2014-04-07 02:29 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-04-07 02:27 - 2014-04-07 02:27 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-04-07 02:27 - 2014-04-07 02:27 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-04-07 02:27 - 2014-04-07 02:27 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-04-07 02:27 - 2014-04-07 02:27 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-04-07 02:27 - 2014-04-07 02:27 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-04-07 02:27 - 2014-04-07 02:27 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-04-07 02:27 - 2014-04-07 02:27 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-04-07 02:27 - 2014-04-07 02:27 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-04-07 02:27 - 2014-04-07 02:27 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-04-07 02:26 - 2014-04-07 02:26 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-04-07 02:26 - 2014-04-07 02:26 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-04-07 02:26 - 2014-04-07 02:26 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-04-07 02:26 - 2014-04-07 02:26 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-04-07 02:26 - 2014-04-07 02:26 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-04-07 02:23 - 2014-04-07 02:23 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-04-07 02:23 - 2014-04-07 02:23 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-04-07 02:19 - 2014-04-07 02:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-04-07 02:19 - 2014-04-07 02:19 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-04-06 23:52 - 2014-04-06 17:19 - 00000000 ____D () C:\Users\User\AppData\Local\Mozilla
2014-04-06 20:18 - 2014-04-06 20:18 - 00259889 _____ () C:\ProgramData\1396786565.bdinstall.bin
2014-04-06 20:16 - 2014-04-06 20:16 - 00000000 ____D () C:\Users\User\AppData\Roaming\QuickScan
2014-04-06 19:33 - 2014-04-06 15:45 - 00016384 _____ () C:\Users\ExplorerStartupLog_RunOnce.etl
2014-04-06 17:19 - 2014-04-06 17:19 - 10485760 _____ () C:\Users\places.sqlite
2014-04-06 17:19 - 2014-04-06 17:19 - 05242880 _____ () C:\Users\urlclassifier3.sqlite
2014-04-06 17:19 - 2014-04-06 17:19 - 00640950 _____ () C:\Users\startupCache.4.little
2014-04-06 17:19 - 2014-04-06 17:19 - 00524288 _____ () C:\Users\cookies.sqlite
2014-04-06 17:19 - 2014-04-06 17:19 - 00458752 _____ () C:\Users\extensions.sqlite
2014-04-06 17:19 - 2014-04-06 17:19 - 00327680 _____ () C:\Users\signons.sqlite
2014-04-06 17:19 - 2014-04-06 17:19 - 00262144 _____ () C:\Users\index.sqlite
2014-04-06 17:19 - 2014-04-06 17:19 - 00229376 _____ () C:\Users\content-prefs.sqlite
2014-04-06 17:19 - 2014-04-06 17:19 - 00196608 _____ () C:\Users\formhistory.sqlite
2014-04-06 17:19 - 2014-04-06 17:19 - 00102288 _____ () C:\Users\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000002.db
2014-04-06 17:19 - 2014-04-06 17:19 - 00098304 _____ () C:\Users\webappsstore.sqlite
2014-04-06 17:19 - 2014-04-06 17:19 - 00098304 _____ () C:\Users\chromeappsstore.sqlite
2014-04-06 17:19 - 2014-04-06 17:19 - 00070212 _____ () C:\Users\_CACHE_003_
2014-04-06 17:19 - 2014-04-06 17:19 - 00065536 _____ () C:\Users\permissions.sqlite
2014-04-06 17:19 - 2014-04-06 17:19 - 00065536 _____ () C:\Users\cert8.db
2014-04-06 17:19 - 2014-04-06 17:19 - 00025978 _____ () C:\Users\_CACHE_001_
2014-04-06 17:19 - 2014-04-06 17:19 - 00016384 _____ () C:\Users\secmod.db
2014-04-06 17:19 - 2014-04-06 17:19 - 00016384 _____ () C:\Users\key3.db
2014-04-06 17:19 - 2014-04-06 17:19 - 00011759 _____ () C:\Users\search.json
2014-04-06 17:19 - 2014-04-06 17:19 - 00008468 _____ () C:\Users\_CACHE_MAP_
2014-04-06 17:19 - 2014-04-06 17:19 - 00007587 _____ () C:\Users\_CACHE_002_
2014-04-06 17:19 - 2014-04-06 17:19 - 00003137 _____ () C:\Users\bookmarks-2014-04-06.json
2014-04-06 17:19 - 2014-04-06 17:19 - 00002096 _____ () C:\Users\prefs.js
2014-04-06 17:19 - 2014-04-06 17:19 - 00001098 _____ () C:\Users\sessionstore.js
2014-04-06 17:19 - 2014-04-06 17:19 - 00001022 _____ () C:\Users\localstore.rdf
2014-04-06 17:19 - 2014-04-06 17:19 - 00000222 _____ () C:\Users\compatibility.ini
2014-04-06 17:19 - 2014-04-06 17:19 - 00000133 _____ () C:\Users\extensions.ini
2014-04-06 17:19 - 2014-04-06 17:19 - 00000111 _____ () C:\Users\profiles.ini
2014-04-06 17:19 - 2014-04-06 17:19 - 00000032 _____ () C:\Users\urlclassifier.pset
2014-04-06 17:19 - 2014-04-06 17:19 - 00000010 _____ () C:\Users\InstallTime20121010144125
2014-04-06 17:19 - 2014-04-06 17:19 - 00000000 _____ () C:\Users\parent.lock
2014-04-06 17:19 - 2014-04-06 16:09 - 00001163 _____ () C:\Users\Mozilla Firefox.lnk
2014-04-06 17:15 - 2014-04-06 17:15 - 00000342 ____S () C:\Users\94308059B57B3142E455B38A6EB92015
2014-04-06 16:30 - 2014-04-06 16:30 - 00100256 _____ () C:\Users\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000001.db
2014-04-06 16:30 - 2014-04-06 16:30 - 00016384 _____ () C:\Users\cversions.1.db
2014-04-06 16:30 - 2014-04-06 16:30 - 00003913 _____ () C:\Users\subsys.cache
2014-04-06 16:30 - 2014-04-06 16:30 - 00002552 _____ () C:\Users\ManualOrder_Gadget.xml
2014-04-06 16:30 - 2014-04-06 16:30 - 00002346 _____ () C:\Users\ManualOrder_Emotion.xml
2014-04-06 16:30 - 2014-04-06 16:30 - 00001578 _____ () C:\Users\ManualOrder_Avatar.xml
2014-04-06 16:30 - 2014-04-06 16:30 - 00001331 _____ () C:\Users\ManualOrder_Filter.xml
2014-04-06 16:30 - 2014-04-06 16:30 - 00001234 _____ () C:\Users\ManualOrder_Distortion.xml
2014-04-06 16:30 - 2014-04-06 16:30 - 00001158 _____ () C:\Users\ManualOrder_FunnyScene.xml
2014-04-06 16:30 - 2014-04-06 16:30 - 00001129 _____ () C:\Users\YouCam(Webcam).lnk
2014-04-06 16:30 - 2014-04-06 16:30 - 00001125 _____ () C:\Users\ManualOrder_Frame.xml
2014-04-06 16:30 - 2014-04-06 16:30 - 00000068 _____ () C:\Users\build.ini
2014-04-06 16:30 - 2014-04-06 16:30 - 00000066 _____ () C:\Users\koan.ini
2014-04-06 16:30 - 2014-04-06 16:30 - 00000012 _____ () C:\Users\version.dat
2014-04-06 16:30 - 2014-04-06 16:30 - 00000004 _____ () C:\Users\hw.ini
2014-04-06 16:30 - 2014-04-06 16:30 - 00000000 ____D () C:\Users\User\AppData\Roaming\WinRAR
2014-04-06 16:30 - 2014-04-06 16:30 - 00000000 ____D () C:\Users\User\AppData\Roaming\CyberLink
2014-04-06 16:29 - 2014-04-06 16:26 - 00001121 _____ () C:\Users\User\Desktop\CyberLink YouCam.lnk
2014-04-06 16:27 - 2014-04-06 16:27 - 00020520 _____ () C:\Users\Normal.dotm
2014-04-06 16:27 - 2014-04-06 16:27 - 00001080 _____ () C:\Users\Templates.LNK
2014-04-06 16:26 - 2014-04-06 16:26 - 00001449 _____ () C:\Users\YouCam Help.lnk
2014-04-06 16:26 - 2014-04-06 16:26 - 00001449 _____ () C:\Users\Readme.lnk
2014-04-06 16:26 - 2014-04-06 16:26 - 00001368 _____ () C:\Users\OnLine Registration.lnk
2014-04-06 16:26 - 2014-04-06 16:26 - 00001223 _____ () C:\Users\CyberLink YouCam Mirror.lnk
2014-04-06 16:26 - 2014-04-06 16:26 - 00001139 _____ () C:\Users\UpdatusUser\Desktop\CyberLink YouCam.lnk
2014-04-06 16:26 - 2014-04-06 16:26 - 00001139 _____ () C:\Users\Default\Desktop\CyberLink YouCam.lnk
2014-04-06 16:26 - 2014-04-06 16:26 - 00001139 _____ () C:\Users\Default User\Desktop\CyberLink YouCam.lnk
2014-04-06 16:26 - 2014-04-06 16:26 - 00001139 _____ () C:\Users\CyberLink YouCam.lnk
2014-04-06 16:26 - 2014-04-06 16:26 - 00000000 _____ () C:\Users\WindowsUpdate.log
2014-04-06 16:24 - 2014-04-06 16:24 - 00108840 _____ () C:\Users\GDIPFONTCACHEV1.DAT
2014-04-06 16:24 - 2014-04-06 16:24 - 00037762 _____ () C:\Users\MSO1033.acl
2014-04-06 16:24 - 2014-04-06 16:24 - 00000002 _____ () C:\Users\CUSTOM.DIC
2014-04-06 16:22 - 2014-04-06 16:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-06 16:19 - 2014-04-06 16:19 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2014-04-06 16:19 - 2009-07-14 13:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-04-06 16:18 - 2014-04-06 16:18 - 00000000 ____D () C:\Windows\PCHEALTH
2014-04-06 16:18 - 2014-04-06 16:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Sync Framework
2014-04-06 16:18 - 2014-04-06 16:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-04-06 16:18 - 2014-04-06 16:15 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-04-06 16:17 - 2014-04-06 16:17 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-04-06 16:16 - 2014-04-06 16:16 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2014-04-06 16:16 - 2014-04-06 16:16 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-04-06 16:16 - 2014-04-06 16:16 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-04-06 16:16 - 2009-07-14 10:34 - 00000478 _____ () C:\Windows\win.ini
2014-04-06 16:15 - 2014-04-06 16:15 - 00000000 __RHD () C:\MSOCache
2014-04-06 16:15 - 2014-04-06 16:15 - 00000000 ____D () C:\Users\User\AppData\Local\Microsoft Help
2014-04-06 16:14 - 2014-04-06 16:14 - 00000468 ___SH () C:\Users\09f67d3d-468c-4469-b811-b39e34798910
2014-04-06 16:14 - 2014-04-06 16:14 - 00000024 ___SH () C:\Users\Preferred
2014-04-06 16:14 - 2014-04-06 16:14 - 00000024 ___SH () C:\Users\CREDHIST
2014-04-06 16:14 - 2014-04-06 16:14 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-04-06 16:14 - 2014-04-06 16:14 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-04-06 16:13 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\Help
2014-04-06 16:12 - 2014-04-06 16:12 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-04-06 16:10 - 2014-04-06 16:10 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-04-06 16:10 - 2014-04-06 16:10 - 00000000 ____D () C:\Program Files\Realtek
2014-04-06 16:09 - 2014-04-06 16:09 - 00001057 _____ () C:\Users\What is new in the latest version.lnk
2014-04-06 16:09 - 2014-04-06 16:09 - 00001045 _____ () C:\Users\WinRAR.lnk
2014-04-06 16:09 - 2014-04-06 16:09 - 00001045 _____ () C:\Users\WinRAR help.lnk
2014-04-06 16:09 - 2014-04-06 16:09 - 00001026 _____ () C:\Users\Console RAR manual.lnk
2014-04-06 16:09 - 2014-04-06 16:09 - 00000045 ____S () C:\Users\f58155b4b1d5a524ca0261c3ee99fb50_cee9db31-25a4-436b-9e9a-87147069244e
2014-04-06 16:09 - 2014-04-06 16:09 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-04-06 16:09 - 2014-04-06 16:09 - 00000000 ____D () C:\ProgramData\Mozilla
2014-04-06 16:08 - 2014-04-06 16:08 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-04-06 16:08 - 2014-04-06 16:08 - 00000004 _____ () C:\Users\chrome_shutdown_ms.txt
2014-04-06 16:08 - 2014-04-06 16:08 - 00000000 _____ () C:\Users\EB66.tmp
2014-04-06 16:08 - 2014-04-06 16:08 - 00000000 _____ () C:\Users\EB65.tmp
2014-04-06 16:08 - 2014-04-06 16:08 - 00000000 _____ () C:\Users\1384.tmp
2014-04-06 16:08 - 2014-04-06 16:08 - 00000000 _____ () C:\Users\1383.tmp
2014-04-06 16:08 - 2014-04-06 16:08 - 00000000 _____ () C:\Users\1373.tmp
2014-04-06 16:08 - 2014-04-06 16:08 - 00000000 _____ () C:\Users\1371.tmp
2014-04-06 16:08 - 2014-04-06 16:01 - 00000136 _____ () C:\Users\000003.log
2014-04-06 16:08 - 2014-04-06 16:00 - 00270336 _____ () C:\Users\data_1
2014-04-06 16:08 - 2014-04-06 16:00 - 00045056 _____ () C:\Users\data_0
2014-04-06 16:08 - 2014-04-06 16:00 - 00019148 _____ () C:\Users\Preferences
2014-04-06 16:08 - 2014-04-06 16:00 - 00016384 _____ () C:\Users\History-journal
2014-04-06 16:08 - 2014-04-06 16:00 - 00002263 _____ () C:\Users\Local State
2014-04-06 16:08 - 2014-04-06 16:00 - 00001669 _____ () C:\Users\Current Session
2014-04-06 16:08 - 2014-04-06 16:00 - 00001199 _____ () C:\Users\Current Tabs
2014-04-06 16:08 - 2014-04-06 16:00 - 00000484 _____ () C:\Users\History Provider Cache
2014-04-06 16:03 - 2014-04-06 16:02 - 00000000 _____ () C:\Users\Safe Browsing Extension Blacklist_new
2014-04-06 16:03 - 2014-04-06 16:02 - 00000000 _____ () C:\Users\Safe Browsing Download_new
2014-04-06 16:03 - 2014-04-06 16:02 - 00000000 _____ () C:\Users\Safe Browsing Download Whitelist_new
2014-04-06 16:03 - 2014-04-06 16:02 - 00000000 _____ () C:\Users\Safe Browsing Csd Whitelist_new
2014-04-06 16:03 - 2014-04-06 16:02 - 00000000 _____ () C:\Users\Safe Browsing Bloom_new
2014-04-06 16:02 - 2014-04-06 16:02 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ATSwpWDF_01009.Wdf
2014-04-06 16:02 - 2014-04-06 16:02 - 00000000 ____D () C:\Program Files\AuthenTec
2014-04-06 16:02 - 2009-07-14 13:32 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2014-04-06 16:01 - 2014-04-06 16:01 - 00000180 _____ () C:\Users\README
2014-04-06 16:01 - 2014-04-06 16:01 - 00000050 _____ () C:\Users\MANIFEST-000002
2014-04-06 16:01 - 2014-04-06 16:01 - 00000047 _____ () C:\Users\LOG
2014-04-06 16:01 - 2014-04-06 16:01 - 00000016 _____ () C:\Users\CURRENT
2014-04-06 16:01 - 2014-04-06 16:01 - 00000000 _____ () C:\Users\LOCK
2014-04-06 16:00 - 2014-04-06 16:00 - 00524656 _____ () C:\Users\index
2014-04-06 16:00 - 2014-04-06 16:00 - 00077824 _____ () C:\Users\Web Data
2014-04-06 16:00 - 2014-04-06 16:00 - 00020480 _____ () C:\Users\Top Sites
2014-04-06 16:00 - 2014-04-06 16:00 - 00020480 _____ () C:\Users\Favicons
2014-04-06 16:00 - 2014-04-06 16:00 - 00016384 _____ () C:\Users\Network Action Predictor
2014-04-06 16:00 - 2014-04-06 16:00 - 00012824 _____ () C:\Users\Top Sites-journal
2014-04-06 16:00 - 2014-04-06 16:00 - 00012288 _____ () C:\Users\Shortcuts
2014-04-06 16:00 - 2014-04-06 16:00 - 00008192 _____ () C:\Users\data_3
2014-04-06 16:00 - 2014-04-06 16:00 - 00008192 _____ () C:\Users\data_2
2014-04-06 16:00 - 2014-04-06 16:00 - 00004624 _____ () C:\Users\Web Data-journal
2014-04-06 16:00 - 2014-04-06 16:00 - 00003608 _____ () C:\Users\Network Action Predictor-journal
2014-04-06 16:00 - 2014-04-06 16:00 - 00002325 _____ () C:\Users\Google Chrome.lnk
2014-04-06 16:00 - 2014-04-06 16:00 - 00001544 _____ () C:\Users\Safe Browsing Cookies-journal
2014-04-06 16:00 - 2014-04-06 16:00 - 00001544 _____ () C:\Users\Cookies-journal
2014-04-06 16:00 - 2014-04-06 16:00 - 00000755 _____ () C:\Users\manifest.json
2014-04-06 16:00 - 2014-04-06 16:00 - 00000512 _____ () C:\Users\Shortcuts-journal
2014-04-06 16:00 - 2014-04-06 16:00 - 00000512 _____ () C:\Users\Favicons-journal
2014-04-06 16:00 - 2014-04-06 16:00 - 00000512 _____ () C:\Users\Archived History-journal
2014-04-06 16:00 - 2014-04-06 16:00 - 00000393 _____ () C:\Users\VisualElementsManifest.xml
2014-04-06 16:00 - 2014-04-06 16:00 - 00000321 _____ () C:\Users\messages.json
2014-04-06 16:00 - 2014-04-06 16:00 - 00000092 _____ () C:\Users\main.html
2014-04-06 16:00 - 2014-04-06 16:00 - 00000079 _____ () C:\Users\main.js
2014-04-06 16:00 - 2014-04-06 16:00 - 00000008 _____ () C:\Users\Managed Mode Settings
2014-04-06 16:00 - 2014-04-06 16:00 - 00000000 _____ () C:\Windows\SysWOW64\config.nt
2014-04-06 16:00 - 2014-04-06 16:00 - 00000000 _____ () C:\Users\First Run
2014-04-06 16:00 - 2014-04-06 16:00 - 00000000 _____ () C:\Users\Custom.css
2014-04-06 15:59 - 2014-04-06 16:00 - 01188304 _____ (Google Inc.) C:\Users\setup.exe
2014-04-06 15:59 - 2014-04-06 15:59 - 00016384 _____ () C:\Users\MSIMGSIZ.DAT
2014-04-06 15:59 - 2014-04-06 15:46 - 00262144 ___SH () C:\Users\index.dat
2014-04-06 15:59 - 2009-07-14 13:32 - 00000000 ____D () C:\Windows\system32\restore
2014-04-06 15:54 - 2014-04-06 15:54 - 00297531 _____ () C:\Users\StructuredQuerySchema.bin
2014-04-06 15:46 - 2014-04-06 15:46 - 02121728 _____ () C:\Users\WindowsMail.MSMessageStore
2014-04-06 15:46 - 2014-04-06 15:46 - 02097152 _____ () C:\Users\edbres00002.jrs
2014-04-06 15:46 - 2014-04-06 15:46 - 02097152 _____ () C:\Users\edbres00001.jrs
2014-04-06 15:46 - 2014-04-06 15:46 - 02097152 _____ () C:\Users\edb00001.log
2014-04-06 15:46 - 2014-04-06 15:46 - 02097152 _____ () C:\Users\edb.log
2014-04-06 15:46 - 2014-04-06 15:46 - 01069056 _____ () C:\Users\CurrentDatabase_372.wmdb
2014-04-06 15:46 - 2014-04-06 15:46 - 01048576 _____ () C:\Users\thumbcache_96.db
2014-04-06 15:46 - 2014-04-06 15:46 - 01048576 _____ () C:\Users\thumbcache_32.db
2014-04-06 15:46 - 2014-04-06 15:46 - 01048576 _____ () C:\Users\thumbcache_256.db
2014-04-06 15:46 - 2014-04-06 15:46 - 00069740 _____ () C:\Users\LocalMLS_3.wmdb
2014-04-06 15:46 - 2014-04-06 15:46 - 00068373 _____ () C:\Users\User.contact
2014-04-06 15:46 - 2014-04-06 15:46 - 00028672 _____ () C:\Users\Web Slice Gallery~.feed-ms
2014-04-06 15:46 - 2014-04-06 15:46 - 00028672 _____ () C:\Users\USA~dgov Updates~c News and Features~.feed-ms
2014-04-06 15:46 - 2014-04-06 15:46 - 00028672 _____ () C:\Users\Popular Government Questions from USA~dgov~.feed-ms
2014-04-06 15:46 - 2014-04-06 15:46 - 00028672 _____ () C:\Users\MSNBC News~.feed-ms
2014-04-06 15:46 - 2014-04-06 15:46 - 00028672 _____ () C:\Users\Microsoft at Work~.feed-ms
2014-04-06 15:46 - 2014-04-06 15:46 - 00028672 _____ () C:\Users\Microsoft at Home~.feed-ms
2014-04-06 15:46 - 2014-04-06 15:46 - 00016384 _____ () C:\Users\WindowsMail.pat
2014-04-06 15:46 - 2014-04-06 15:46 - 00012192 _____ () C:\Users\brndlog.bak
2014-04-06 15:46 - 2014-04-06 15:46 - 00010191 _____ () C:\Users\WMSDKNS.XML
2014-04-06 15:46 - 2014-04-06 15:46 - 00008192 _____ () C:\Users\edb.chk
2014-04-06 15:46 - 2014-04-06 15:46 - 00007168 _____ () C:\Users\FeedsStore.feedsdb-ms
2014-04-06 15:46 - 2014-04-06 15:46 - 00003541 _____ () C:\Users\Documents.library-ms
2014-04-06 15:46 - 2014-04-06 15:46 - 00003533 _____ () C:\Users\Pictures.library-ms
2014-04-06 15:46 - 2014-04-06 15:46 - 00003513 _____ () C:\Users\Videos.library-ms
2014-04-06 15:46 - 2014-04-06 15:46 - 00003499 _____ () C:\Users\Music.library-ms
2014-04-06 15:46 - 2014-04-06 15:46 - 00003256 _____ () C:\Users\thumbcache_idx.db
2014-04-06 15:46 - 2014-04-06 15:46 - 00001736 _____ () C:\Users\account{D1267DDA-783D-42DF-90B5-B7B5DAC1E5EC}.oeaccount
2014-04-06 15:46 - 2014-04-06 15:46 - 00001508 _____ () C:\Users\account{2F48A18A-E711-4090-9AF1-3F025F32190F}.oeaccount
2014-04-06 15:46 - 2014-04-06 15:46 - 00001497 _____ () C:\Users\Internet Explorer (No Add-ons).lnk
2014-04-06 15:46 - 2014-04-06 15:46 - 00001447 _____ () C:\Users\Internet Explorer.lnk
2014-04-06 15:46 - 2014-04-06 15:46 - 00001413 _____ () C:\Users\Internet Explorer (64-bit).lnk
2014-04-06 15:46 - 2014-04-06 15:46 - 00001284 _____ () C:\Users\04_Music_played_in_the_last_month.wpl
2014-04-06 15:46 - 2014-04-06 15:46 - 00001279 _____ () C:\Users\02_Music_added_in_the_last_month.wpl
2014-04-06 15:46 - 2014-04-06 15:46 - 00001267 _____ () C:\Users\03_Music_rated_at_4_or_5_stars.wpl
2014-04-06 15:46 - 2014-04-06 15:46 - 00001079 _____ () C:\Users\12_All_Video.wpl
2014-04-06 15:46 - 2014-04-06 15:46 - 00001063 _____ () C:\Users\10_All_Music.wpl
2014-04-06 15:46 - 2014-04-06 15:46 - 00001044 _____ () C:\Users\01_Music_auto_rated_at_5_stars.wpl
2014-04-06 15:46 - 2014-04-06 15:46 - 00001040 _____ () C:\Users\07_TV_recorded_in_the_last_week.wpl
2014-04-06 15:46 - 2014-04-06 15:46 - 00001025 _____ () C:\Users\09_Music_played_the_most.wpl
2014-04-06 15:46 - 2014-04-06 15:46 - 00001020 _____ () C:\Users\08_Video_rated_at_4_or_5_stars.wpl
2014-04-06 15:46 - 2014-04-06 15:46 - 00000843 _____ () C:\Users\Downloads.lnk
2014-04-06 15:46 - 2014-04-06 15:46 - 00000797 _____ () C:\Users\05_Pictures_taken_in_the_last_month.wpl
2014-04-06 15:46 - 2014-04-06 15:46 - 00000785 _____ () C:\Users\06_Pictures_rated_4_or_5_stars.wpl
2014-04-06 15:46 - 2014-04-06 15:46 - 00000672 _____ () C:\Users\account{EF2A4864-A5E4-4298-81F2-CCDE5A0BF24C}.oeaccount
2014-04-06 15:46 - 2014-04-06 15:46 - 00000585 _____ () C:\Users\11_All_Pictures.wpl
2014-04-06 15:46 - 2014-04-06 15:46 - 00000498 _____ () C:\Users\WMSDKNS.DTD
2014-04-06 15:46 - 2014-04-06 15:46 - 00000468 ___SH () C:\Users\e64a7333-4b84-4e23-9907-385b42ce3f11
2014-04-06 15:46 - 2014-04-06 15:46 - 00000432 _____ () C:\Users\Desktop.lnk
2014-04-06 15:46 - 2014-04-06 15:46 - 00000363 _____ () C:\Users\RecentPlaces.lnk
2014-04-06 15:46 - 2014-04-06 15:46 - 00000260 _____ () C:\Users\oeold.xml
2014-04-06 15:46 - 2014-04-06 15:46 - 00000248 ___RH () C:\Users\Indexed Locations.search-ms
2014-04-06 15:46 - 2014-04-06 15:46 - 00000248 ___RH () C:\Users\Everywhere.search-ms
2014-04-06 15:46 - 2014-04-06 15:46 - 00000226 _____ () C:\Users\Web Slice Gallery.url
2014-04-06 15:46 - 2014-04-06 15:46 - 00000134 _____ () C:\Users\Microsoft Store.url
2014-04-06 15:46 - 2014-04-06 15:46 - 00000133 _____ () C:\Users\Windows Live Spaces.url
2014-04-06 15:46 - 2014-04-06 15:46 - 00000133 _____ () C:\Users\Windows Live Mail.url
2014-04-06 15:46 - 2014-04-06 15:46 - 00000133 _____ () C:\Users\Windows Live Gallery.url
2014-04-06 15:46 - 2014-04-06 15:46 - 00000133 _____ () C:\Users\MSNBC News.url
2014-04-06 15:46 - 2014-04-06 15:46 - 00000133 _____ () C:\Users\MSN.url
2014-04-06 15:46 - 2014-04-06 15:46 - 00000133 _____ () C:\Users\MSN Sports.url
2014-04-06 15:46 - 2014-04-06 15:46 - 00000133 _____ () C:\Users\MSN Money.url
2014-04-06 15:46 - 2014-04-06 15:46 - 00000133 _____ () C:\Users\MSN Entertainment.url
2014-04-06 15:46 - 2014-04-06 15:46 - 00000133 _____ () C:\Users\MSN Autos.url
2014-04-06 15:46 - 2014-04-06 15:46 - 00000133 _____ () C:\Users\Microsoft At Work.url
2014-04-06 15:46 - 2014-04-06 15:46 - 00000133 _____ () C:\Users\Microsoft At Home.url
2014-04-06 15:46 - 2014-04-06 15:46 - 00000133 _____ () C:\Users\IE site on Microsoft.com.url
2014-04-06 15:46 - 2014-04-06 15:46 - 00000133 _____ () C:\Users\IE Add-on site.url
2014-04-06 15:46 - 2014-04-06 15:46 - 00000133 _____ () C:\Users\Get Windows Live.url
2014-04-06 15:46 - 2014-04-06 15:46 - 00000084 _____ () C:\Users\settings.ini
2014-04-06 15:46 - 2014-04-06 15:46 - 00000024 _____ () C:\Users\thumbcache_sr.db
2014-04-06 15:46 - 2014-04-06 15:46 - 00000024 _____ () C:\Users\thumbcache_1024.db
2014-04-06 15:46 - 2014-04-06 15:46 - 00000000 ____D () C:\Users\User\AppData\Local\VirtualStore
2014-04-06 15:46 - 2014-04-06 15:46 - 00000000 _____ () C:\Users\rasphone.pbk
2014-04-06 15:46 - 2014-04-06 15:45 - 00040960 _____ () C:\Users\ExplorerStartupLog.etl
2014-04-06 15:45 - 2014-04-06 15:45 - 00000020 ___SH () C:\Users\User\ntuser.ini
2014-04-06 15:45 - 2014-04-06 15:45 - 00000000 __SHD () C:\Recovery
2014-04-06 15:45 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\Recovery
2014-04-06 10:33 - 2014-04-06 10:29 - 1003072754 _____ () C:\Users\User\Documents\Documents.rar
2014-04-03 09:51 - 2014-04-16 16:34 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-16 16:34 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-16 16:34 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 09:35 - 2010-11-21 11:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-10 07:25

==================== End Of Log ============================

Attached Files



#6 nasdaq

nasdaq

  • Malware Response Team
  • 40,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:51 PM

Posted 16 April 2014 - 08:48 AM


Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.

start

AppInit_DLLs: C:\PROGRA~2\Linkey\IEEXTE~1\iedll64.dll => C:\PROGRA~2\Linkey\IEEXTE~1\iedll64.dll File Not Found
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

end

Save the files as fixlist.txt in to the same folder as FRST
Run FRST and click Fix only once and wait
The tool will create a log (Fixlog.txt) please post it to your reply.
===

Restart the computer normally.

Let me know if the problems persists.

#7 My.Rhapsodies12

My.Rhapsodies12
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:51 AM

Posted 17 April 2014 - 07:17 AM

Trying to run FRST after creating fixlist.txt was very difficult because once clicked, it would quickly become unresponsive after the programme automatically searched for an updated version. After having my laptop restarted, a new folder entitled FRST-OlderVersion was created inside the original folder that I created for the fixlist.txt and the FRST programme. Now, my internet browser is acting weird. Every time I try to log in to this website, my bitdefender total security will pop out and request for my password. I don't feel secure accessing the internet with my internet browsers acting strange. One more thing, I think there is a possibility that my internet connection has been hacked by remote computers because after disabling the page style of the admin login page, I could see several original settings (just like from the manual setup that comes with my broadband modem) that could not be seen if the page style is enabled. Every time I use my broadband modem, it gets hot very quickly and the connection becomes even slower. Once again, thank you for your assistance.

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-04-2014
Ran by User at 2014-04-17 18:25:01 Run:1
Running from C:\Users\User\Desktop\the folder
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start

AppInit_DLLs: C:\PROGRA~2\Linkey\IEEXTE~1\iedll64.dll => C:\PROGRA~2\Linkey\IEEXTE~1\iedll64.dll File Not Found
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

end
*****************

"C:\PROGRA~2\Linkey\IEEXTE~1\iedll64.dll" => Value Data removed successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bpsvc.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browsersafeguard.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\dprotectsvc.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\jumpflip => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\protectedsearch.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchinstaller.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotection.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotector.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchsettings.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchsettings64.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\snapdo.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst32.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst64.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\umbrella.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\utiljumpflip.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\volaro => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\vonteera => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\websteroids.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\websteroidsservice.exe => Key deleted successfully.
ZTEusbmdm6k => Service deleted successfully.
ZTEusbnmea => Service deleted successfully.
ZTEusbser6k => Service deleted successfully.

==== End of Fixlog ====



#8 nasdaq

nasdaq

  • Malware Response Team
  • 40,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:51 PM

Posted 17 April 2014 - 09:13 AM

Flush your DNS.

Click the StartBtn.gif button. In the Search box, type Command Prompt, and then, in the list of results, double-click Command Prompt.

at the cursor type:
ipconfig /flushdns <-- (A space between g and / is needed)

repeat with
ipconfig /renew

Then hit Enter, type Exit, hit the Enter key.

You may need to run CMD - Command Prompt on Vista - Windows 7/8 with Elevated Privilege
http://www.bleepingcomputer.com/tutorials/windows-elevated-command-prompt/

If that fails to solve the situation reset you router.

How to Reset a Router Back to the Factory Default Settings
http://www.ehow.com/how_2110924_reset-back-factory-default-settings.html

Then, please reconfigure it back to your preferred setting.. Below is the list of default username and password, should you don't know it ;)

http://www.routerpasswords.com/
http://www.phenoelit-us.org/dpl/dpl.html
===

Reset for Linksys, Netgear, D-Link and Belkin Routers
http://www.techsupportforum.com/2763-reset-for-linksys-netgear-d-link-and-belkin-routers/

How to Secure Your Wireless Router
http://www.ehow.com/how_2253625_secure-wireless-router.html

p.s. change you router password. Yours and any other guest connection.

#9 My.Rhapsodies12

My.Rhapsodies12
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:51 AM

Posted 19 April 2014 - 01:18 PM

Greetings,

 

Sorry for the late reply. I just had my laptop reformatted for the fourth time since it kept restarting over and over again without allowing me to log in to my user account. And now, even after having it reformatted, my laptop just never ceases from getting problems. I tried to uninstall avira anti-virus that was installed by the IT department that reformatted my drive but it just won't allow me to do so and due to this complication, my laptop does not have any antivirus or security sort-of. Windows update kept asking me to install some updates which seem unreliable. Can you suggest me what step should I do next?



#10 nasdaq

nasdaq

  • Malware Response Team
  • 40,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:51 PM

Posted 20 April 2014 - 08:13 AM

Remove Avira using their uninstaller tool.
You will find the link of this page.
http://answers.microsoft.com/en-us/protect/forum/mse-protect_start/list-of-anti-malware-product-removal-tools/407bf6da-c05d-4546-8788-0aa4c25a1f91
===

Lets check your master boot record.

Read carefully and follow these steps.
TDSS
  • Download TDSSKiller and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application.
  • Then click on Start Scan.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.

    TDSSKillerSuspicious-1.png
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • Important: Do NOT change the default action on your own unless instructed by a malware Helper! Doing so may render your computer unbootable.
    TDSSKillerMal-1.png
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.

    TDSSKillerCompleted.png
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it
  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please post the contents of that log in your next reply.
  • There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.

    Note: You may be asked if you want to download Avast Free Antivirus I suggest you deny this download unless you do not have any Antivirus protection on the computer.
    ===


#11 My.Rhapsodies12

My.Rhapsodies12
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:51 AM

Posted 21 April 2014 - 04:43 AM

I already ran those avira uninstallers but i kept getting this message about too many hkeys to delete. I had bitdefender total security installed once again and let's see what my logs contain;
 
17:25:23.0119 2980  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:25:25.0132 2980  ============================================================
17:25:25.0132 2980  Current date / time: 2014/04/21 17:25:25.0132
17:25:25.0132 2980  SystemInfo:
17:25:25.0132 2980  
17:25:25.0132 2980  OS Version: 6.1.7601 ServicePack: 1.0
17:25:25.0132 2980  Product type: Workstation
17:25:25.0133 2980  ComputerName: ACER-PC
17:25:25.0133 2980  UserName: Acer
17:25:25.0133 2980  Windows directory: C:\Windows
17:25:25.0133 2980  System windows directory: C:\Windows
17:25:25.0133 2980  Running under WOW64
17:25:25.0133 2980  Processor architecture: Intel x64
17:25:25.0133 2980  Number of processors: 4
17:25:25.0133 2980  Page size: 0x1000
17:25:25.0133 2980  Boot type: Normal boot
17:25:25.0133 2980  ============================================================
17:25:27.0102 2980  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:25:27.0201 2980  ============================================================
17:25:27.0201 2980  \Device\Harddisk0\DR0:
17:25:27.0201 2980  MBR partitions:
17:25:27.0201 2980  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:25:27.0201 2980  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D1A0000
17:25:27.0201 2980  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1D1D2800, BlocksNum 0x1D1B3000
17:25:27.0201 2980  ============================================================
17:25:27.0271 2980  C: <-> \Device\Harddisk0\DR0\Partition2
17:25:27.0304 2980  D: <-> \Device\Harddisk0\DR0\Partition3
17:25:27.0304 2980  ============================================================
17:25:27.0304 2980  Initialize success
17:25:27.0305 2980  ============================================================
17:25:45.0403 2376  ============================================================
17:25:45.0403 2376  Scan started
17:25:45.0403 2376  Mode: Manual;
17:25:45.0403 2376  ============================================================
17:25:47.0019 2376  ================ Scan system memory ========================
17:25:47.0020 2376  System memory - ok
17:25:47.0020 2376  ================ Scan services =============================
17:25:47.0433 2376  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:25:47.0452 2376  1394ohci - ok
17:25:47.0511 2376  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:25:47.0516 2376  ACPI - ok
17:25:47.0554 2376  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:25:47.0556 2376  AcpiPmi - ok
17:25:47.0657 2376  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:25:47.0663 2376  AdobeARMservice - ok
17:25:47.0738 2376  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
17:25:47.0746 2376  adp94xx - ok
17:25:47.0768 2376  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
17:25:47.0799 2376  adpahci - ok
17:25:47.0808 2376  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
17:25:47.0824 2376  adpu320 - ok
17:25:47.0857 2376  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:25:47.0859 2376  AeLookupSvc - ok
17:25:47.0924 2376  [ 79059559E89D06E8B80CE2944BE20228 ] AFD             C:\Windows\system32\drivers\afd.sys
17:25:47.0931 2376  AFD - ok
17:25:47.0983 2376  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
17:25:47.0986 2376  agp440 - ok
17:25:48.0009 2376  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
17:25:48.0026 2376  ALG - ok
17:25:48.0074 2376  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:25:48.0076 2376  aliide - ok
17:25:48.0094 2376  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
17:25:48.0104 2376  amdide - ok
17:25:48.0143 2376  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
17:25:48.0146 2376  AmdK8 - ok
17:25:48.0152 2376  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:25:48.0158 2376  AmdPPM - ok
17:25:48.0212 2376  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:25:48.0216 2376  amdsata - ok
17:25:48.0240 2376  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
17:25:48.0265 2376  amdsbs - ok
17:25:48.0282 2376  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:25:48.0294 2376  amdxata - ok
17:25:48.0320 2376  AntiVirSchedulerService - ok
17:25:48.0327 2376  AntiVirService - ok
17:25:48.0333 2376  AntiVirWebService - ok
17:25:48.0410 2376  [ 59D01FA91962C9C1E9B4022B2D3B46DB ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
17:25:48.0465 2376  AppHostSvc - ok
17:25:48.0491 2376  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
17:25:48.0494 2376  AppID - ok
17:25:48.0530 2376  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:25:48.0544 2376  AppIDSvc - ok
17:25:48.0569 2376  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
17:25:48.0571 2376  Appinfo - ok
17:25:48.0613 2376  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
17:25:48.0616 2376  arc - ok
17:25:48.0623 2376  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
17:25:48.0627 2376  arcsas - ok
17:25:48.0644 2376  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:25:48.0648 2376  AsyncMac - ok
17:25:48.0711 2376  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
17:25:48.0712 2376  atapi - ok
17:25:48.0788 2376  [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
17:25:48.0812 2376  athr - ok
17:25:48.0881 2376  [ 225FB1C90CF88CD478D25940B3930873 ] ATSwpWDF        C:\Windows\system32\DRIVERS\ATSwpWDF.sys
17:25:48.0903 2376  ATSwpWDF - ok
17:25:48.0959 2376  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:25:48.0966 2376  AudioEndpointBuilder - ok
17:25:48.0976 2376  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
17:25:48.0980 2376  AudioSrv - ok
17:25:49.0049 2376  [ 636B15879AE62E47444F99C60C900AA6 ] avc3            C:\Windows\system32\DRIVERS\avc3.sys
17:25:49.0081 2376  avc3 - ok
17:25:49.0141 2376  [ 3B9549FEF98AB1768A1D6A919F355B70 ] avchv           C:\Windows\system32\DRIVERS\avchv.sys
17:25:49.0153 2376  avchv - ok
17:25:49.0193 2376  [ 14023A39BC91AC5A2077766D28EBA7C5 ] avckf           C:\Windows\system32\DRIVERS\avckf.sys
17:25:49.0202 2376  avckf - ok
17:25:49.0244 2376  [ 0909E9AD4019AFF25C58E0DFFDCD744E ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
17:25:49.0248 2376  avgntflt - ok
17:25:49.0266 2376  [ DBAB18B20FDA2542EEF8C588D878B7B5 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
17:25:49.0295 2376  avipbb - ok
17:25:49.0316 2376  [ 390184FAD8FCC1B6DA25AEBAE928C3B6 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
17:25:49.0339 2376  avkmgr - ok
17:25:49.0345 2376  [ 09E9CA6E7C6BD01D6AE7BECDEC224D06 ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
17:25:49.0348 2376  avnetflt - ok
17:25:49.0396 2376  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:25:49.0400 2376  AxInstSV - ok
17:25:49.0458 2376  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
17:25:49.0466 2376  b06bdrv - ok
17:25:49.0517 2376  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
17:25:49.0523 2376  b57nd60a - ok
17:25:49.0770 2376  [ B56C89AC51CDE54CBDC5E49B94ED54BF ] BdDesktopParental C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe
17:25:49.0795 2376  BdDesktopParental - ok
17:25:49.0850 2376  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:25:49.0854 2376  BDESVC - ok
17:25:50.0014 2376  [ 3FAFE12C5D1D4D5F3567E7A0A2F15A7C ] BdfNdisf        c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
17:25:50.0022 2376  BdfNdisf - ok
17:25:50.0066 2376  [ 4CE4B0098FC315C237FA8867F07886C4 ] bdfwfpf         C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
17:25:50.0074 2376  bdfwfpf - ok
17:25:50.0108 2376  [ C0247341C1BCD7FF2742821D0AD7AFBC ] bdfwfpf_pc      C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys
17:25:50.0135 2376  bdfwfpf_pc - ok
17:25:50.0174 2376  [ B9ECE7FD9F58DAF19450C88338DC5267 ] BDSandBox       C:\Windows\system32\drivers\bdsandbox.sys
17:25:50.0201 2376  BDSandBox - ok
17:25:50.0235 2376  [ 50F796CB1E8C80F3D19435CB50C3DAB5 ] BDVEDISK        C:\Windows\system32\DRIVERS\bdvedisk.sys
17:25:50.0257 2376  BDVEDISK - ok
17:25:50.0305 2376  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:25:50.0320 2376  Beep - ok
17:25:50.0406 2376  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
17:25:50.0417 2376  BFE - ok
17:25:50.0517 2376  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
17:25:50.0531 2376  BITS - ok
17:25:50.0562 2376  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:25:50.0573 2376  blbdrive - ok
17:25:50.0625 2376  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:25:50.0628 2376  bowser - ok
17:25:50.0649 2376  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:25:50.0670 2376  BrFiltLo - ok
17:25:50.0675 2376  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:25:50.0678 2376  BrFiltUp - ok
17:25:50.0722 2376  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
17:25:50.0725 2376  Browser - ok
17:25:50.0742 2376  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:25:50.0755 2376  Brserid - ok
17:25:50.0761 2376  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:25:50.0773 2376  BrSerWdm - ok
17:25:50.0779 2376  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:25:50.0782 2376  BrUsbMdm - ok
17:25:50.0789 2376  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:25:50.0805 2376  BrUsbSer - ok
17:25:50.0850 2376  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
17:25:50.0866 2376  BthEnum - ok
17:25:50.0882 2376  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
17:25:50.0895 2376  BTHMODEM - ok
17:25:50.0932 2376  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
17:25:50.0936 2376  BthPan - ok
17:25:50.0992 2376  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
17:25:51.0018 2376  BTHPORT - ok
17:25:51.0067 2376  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
17:25:51.0088 2376  bthserv - ok
17:25:51.0123 2376  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
17:25:51.0127 2376  BTHUSB - ok
17:25:51.0170 2376  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:25:51.0172 2376  cdfs - ok
17:25:51.0219 2376  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
17:25:51.0224 2376  cdrom - ok
17:25:51.0278 2376  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
17:25:51.0281 2376  CertPropSvc - ok
17:25:51.0306 2376  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
17:25:51.0320 2376  circlass - ok
17:25:51.0370 2376  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
17:25:51.0375 2376  CLFS - ok
17:25:51.0543 2376  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:25:51.0548 2376  clr_optimization_v2.0.50727_32 - ok
17:25:51.0662 2376  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:25:51.0665 2376  clr_optimization_v2.0.50727_64 - ok
17:25:51.0889 2376  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:25:51.0892 2376  clr_optimization_v4.0.30319_32 - ok
17:25:52.0021 2376  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:25:52.0023 2376  clr_optimization_v4.0.30319_64 - ok
17:25:52.0042 2376  clwvd - ok
17:25:52.0078 2376  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
17:25:52.0080 2376  CmBatt - ok
17:25:52.0109 2376  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:25:52.0111 2376  cmdide - ok
17:25:52.0160 2376  [ EBF28856F69CF094A902F884CF989706 ] CNG             C:\Windows\system32\Drivers\cng.sys
17:25:52.0168 2376  CNG - ok
17:25:52.0213 2376  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
17:25:52.0215 2376  Compbatt - ok
17:25:52.0283 2376  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
17:25:52.0285 2376  CompositeBus - ok
17:25:52.0302 2376  COMSysApp - ok
17:25:52.0310 2376  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
17:25:52.0312 2376  crcdisk - ok
17:25:52.0361 2376  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:25:52.0365 2376  CryptSvc - ok
17:25:52.0422 2376  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:25:52.0441 2376  DcomLaunch - ok
17:25:52.0501 2376  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
17:25:52.0524 2376  defragsvc - ok
17:25:52.0575 2376  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:25:52.0579 2376  DfsC - ok
17:25:52.0601 2376  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:25:52.0607 2376  Dhcp - ok
17:25:52.0640 2376  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
17:25:52.0641 2376  discache - ok
17:25:52.0701 2376  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
17:25:52.0726 2376  Disk - ok
17:25:52.0758 2376  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:25:52.0762 2376  Dnscache - ok
17:25:52.0806 2376  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:25:52.0812 2376  dot3svc - ok
17:25:52.0854 2376  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
17:25:52.0858 2376  DPS - ok
17:25:52.0899 2376  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:25:52.0901 2376  drmkaud - ok
17:25:52.0942 2376  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:25:52.0954 2376  DXGKrnl - ok
17:25:52.0979 2376  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
17:25:52.0981 2376  EapHost - ok
17:25:53.0076 2376  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
17:25:53.0179 2376  ebdrv - ok
17:25:53.0219 2376  [ 4D71227301DD8D09097B9E4CC6527E5A ] EFS             C:\Windows\System32\lsass.exe
17:25:53.0222 2376  EFS - ok
17:25:53.0270 2376  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
17:25:53.0279 2376  elxstor - ok
17:25:53.0307 2376  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:25:53.0309 2376  ErrDev - ok
17:25:53.0368 2376  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
17:25:53.0374 2376  EventSystem - ok
17:25:53.0431 2376  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
17:25:53.0437 2376  exfat - ok
17:25:53.0447 2376  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:25:53.0469 2376  fastfat - ok
17:25:53.0476 2376  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:25:53.0492 2376  fdc - ok
17:25:53.0537 2376  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
17:25:53.0538 2376  fdPHost - ok
17:25:53.0547 2376  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:25:53.0549 2376  FDResPub - ok
17:25:53.0558 2376  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:25:53.0569 2376  FileInfo - ok
17:25:53.0575 2376  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:25:53.0579 2376  Filetrace - ok
17:25:53.0595 2376  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:25:53.0611 2376  flpydisk - ok
17:25:53.0648 2376  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:25:53.0653 2376  FltMgr - ok
17:25:53.0701 2376  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
17:25:53.0717 2376  FontCache - ok
17:25:53.0784 2376  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:25:53.0787 2376  FontCache3.0.0.0 - ok
17:25:53.0813 2376  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:25:53.0827 2376  FsDepends - ok
17:25:53.0870 2376  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:25:53.0872 2376  Fs_Rec - ok
17:25:53.0925 2376  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:25:53.0927 2376  fvevol - ok
17:25:53.0981 2376  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
17:25:54.0005 2376  gagp30kx - ok
17:25:54.0056 2376  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
17:25:54.0065 2376  gpsvc - ok
17:25:54.0117 2376  [ 0A9D58AABD01DA97B1D101473EFA7659 ] gzflt           C:\Windows\system32\DRIVERS\gzflt.sys
17:25:54.0125 2376  gzflt - ok
17:25:54.0146 2376  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:25:54.0148 2376  hcw85cir - ok
17:25:54.0211 2376  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:25:54.0219 2376  HdAudAddService - ok
17:25:54.0262 2376  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
17:25:54.0264 2376  HDAudBus - ok
17:25:54.0316 2376  [ 7F40163C7A7369A147761C9B57A1223E ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
17:25:54.0323 2376  HECIx64 - ok
17:25:54.0349 2376  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
17:25:54.0368 2376  HidBatt - ok
17:25:54.0376 2376  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
17:25:54.0380 2376  HidBth - ok
17:25:54.0400 2376  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
17:25:54.0411 2376  HidIr - ok
17:25:54.0468 2376  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
17:25:54.0483 2376  hidserv - ok
17:25:54.0549 2376  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
17:25:54.0551 2376  HidUsb - ok
17:25:54.0602 2376  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:25:54.0626 2376  hkmsvc - ok
17:25:54.0674 2376  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:25:54.0679 2376  HomeGroupListener - ok
17:25:54.0715 2376  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:25:54.0720 2376  HomeGroupProvider - ok
17:25:54.0764 2376  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:25:54.0768 2376  HpSAMD - ok
17:25:54.0808 2376  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:25:54.0816 2376  HTTP - ok
17:25:54.0861 2376  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:25:54.0862 2376  hwpolicy - ok
17:25:54.0906 2376  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
17:25:54.0909 2376  i8042prt - ok
17:25:54.0950 2376  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:25:54.0957 2376  iaStorV - ok
17:25:55.0014 2376  [ 929DF302F15BFE24AC66EF45D858C413 ] IDMWFP          C:\Windows\system32\DRIVERS\idmwfp.sys
17:25:55.0017 2376  IDMWFP - ok
17:25:55.0103 2376  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:25:55.0135 2376  idsvc - ok
17:25:55.0157 2376  IEEtwCollectorService - ok
17:25:55.0194 2376  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
17:25:55.0197 2376  iirsp - ok
17:25:55.0236 2376  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
17:25:55.0245 2376  IKEEXT - ok
17:25:55.0346 2376  [ D45DD81112A179255A06E030F818BAE8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:25:55.0375 2376  IntcAzAudAddService - ok
17:25:55.0395 2376  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
17:25:55.0410 2376  intelide - ok
17:25:55.0452 2376  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:25:55.0453 2376  intelppm - ok
17:25:55.0512 2376  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:25:55.0535 2376  IPBusEnum - ok
17:25:55.0585 2376  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:25:55.0588 2376  IpFilterDriver - ok
17:25:55.0631 2376  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:25:55.0638 2376  iphlpsvc - ok
17:25:55.0667 2376  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:25:55.0680 2376  IPMIDRV - ok
17:25:55.0712 2376  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:25:55.0725 2376  IPNAT - ok
17:25:55.0748 2376  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:25:55.0750 2376  IRENUM - ok
17:25:55.0784 2376  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:25:55.0786 2376  isapnp - ok
17:25:55.0818 2376  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:25:55.0839 2376  iScsiPrt - ok
17:25:55.0904 2376  [ 6EEB253FABF511192D05841B47A15FF9 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
17:25:55.0922 2376  k57nd60a - ok
17:25:55.0963 2376  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
17:25:55.0986 2376  kbdclass - ok
17:25:56.0036 2376  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
17:25:56.0038 2376  kbdhid - ok
17:25:56.0074 2376  [ 4D71227301DD8D09097B9E4CC6527E5A ] KeyIso          C:\Windows\system32\lsass.exe
17:25:56.0076 2376  KeyIso - ok
17:25:56.0120 2376  [ 8F489706472F7E9A06BAAA198703FA64 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:25:56.0125 2376  KSecDD - ok
17:25:56.0143 2376  [ 868A2CAAB12EFC7A021682BCA0EEC54C ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:25:56.0148 2376  KSecPkg - ok
17:25:56.0175 2376  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
17:25:56.0177 2376  ksthunk - ok
17:25:56.0211 2376  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:25:56.0219 2376  KtmRm - ok
17:25:56.0282 2376  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:25:56.0288 2376  LanmanServer - ok
17:25:56.0329 2376  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:25:56.0334 2376  LanmanWorkstation - ok
17:25:56.0386 2376  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:25:56.0389 2376  lltdio - ok
17:25:56.0414 2376  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:25:56.0483 2376  lltdsvc - ok
17:25:56.0489 2376  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:25:56.0492 2376  lmhosts - ok
17:25:56.0524 2376  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
17:25:56.0528 2376  LSI_FC - ok
17:25:56.0534 2376  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
17:25:56.0552 2376  LSI_SAS - ok
17:25:56.0571 2376  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:25:56.0574 2376  LSI_SAS2 - ok
17:25:56.0581 2376  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:25:56.0599 2376  LSI_SCSI - ok
17:25:56.0609 2376  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
17:25:56.0612 2376  luafv - ok
17:25:56.0634 2376  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
17:25:56.0637 2376  megasas - ok
17:25:56.0653 2376  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
17:25:56.0659 2376  MegaSR - ok
17:25:56.0777 2376  Microsoft SharePoint Workspace Audit Service - ok
17:25:56.0807 2376  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
17:25:56.0810 2376  MMCSS - ok
17:25:56.0830 2376  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
17:25:56.0831 2376  Modem - ok
17:25:56.0857 2376  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:25:56.0858 2376  monitor - ok
17:25:56.0899 2376  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
17:25:56.0902 2376  mouclass - ok
17:25:56.0920 2376  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:25:56.0923 2376  mouhid - ok
17:25:56.0973 2376  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:25:56.0975 2376  mountmgr - ok
17:25:57.0030 2376  [ AEE4E9CC59CDEB55B1ECB0E596E796BE ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:25:57.0050 2376  MozillaMaintenance - ok
17:25:57.0073 2376  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:25:57.0078 2376  mpio - ok
17:25:57.0108 2376  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:25:57.0111 2376  mpsdrv - ok
17:25:57.0168 2376  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:25:57.0182 2376  MpsSvc - ok
17:25:57.0220 2376  [ 1A4F75E63C9FB84B85DFFC6B63FD5404 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:25:57.0225 2376  MRxDAV - ok
17:25:57.0260 2376  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:25:57.0264 2376  mrxsmb - ok
17:25:57.0275 2376  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:25:57.0280 2376  mrxsmb10 - ok
17:25:57.0320 2376  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:25:57.0323 2376  mrxsmb20 - ok
17:25:57.0361 2376  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:25:57.0364 2376  msahci - ok
17:25:57.0393 2376  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:25:57.0397 2376  msdsm - ok
17:25:57.0416 2376  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
17:25:57.0421 2376  MSDTC - ok
17:25:57.0470 2376  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:25:57.0490 2376  Msfs - ok
17:25:57.0511 2376  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:25:57.0513 2376  mshidkmdf - ok
17:25:57.0538 2376  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:25:57.0557 2376  msisadrv - ok
17:25:57.0592 2376  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:25:57.0597 2376  MSiSCSI - ok
17:25:57.0605 2376  msiserver - ok
17:25:57.0653 2376  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:25:57.0656 2376  MSKSSRV - ok
17:25:57.0661 2376  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:25:57.0678 2376  MSPCLOCK - ok
17:25:57.0683 2376  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:25:57.0685 2376  MSPQM - ok
17:25:57.0722 2376  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:25:57.0741 2376  MsRPC - ok
17:25:57.0773 2376  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
17:25:57.0774 2376  mssmbios - ok
17:25:57.0786 2376  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:25:57.0799 2376  MSTEE - ok
17:25:57.0819 2376  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
17:25:57.0821 2376  MTConfig - ok
17:25:57.0825 2376  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
17:25:57.0828 2376  Mup - ok
17:25:57.0859 2376  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
17:25:57.0865 2376  napagent - ok
17:25:57.0907 2376  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:25:57.0912 2376  NativeWifiP - ok
17:25:57.0982 2376  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:25:57.0992 2376  NDIS - ok
17:25:58.0046 2376  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:25:58.0048 2376  NdisCap - ok
17:25:58.0071 2376  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:25:58.0094 2376  NdisTapi - ok
17:25:58.0123 2376  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:25:58.0125 2376  Ndisuio - ok
17:25:58.0146 2376  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:25:58.0150 2376  NdisWan - ok
17:25:58.0202 2376  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:25:58.0220 2376  NDProxy - ok
17:25:58.0266 2376  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:25:58.0268 2376  NetBIOS - ok
17:25:58.0306 2376  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:25:58.0309 2376  NetBT - ok
17:25:58.0341 2376  [ 4D71227301DD8D09097B9E4CC6527E5A ] Netlogon        C:\Windows\system32\lsass.exe
17:25:58.0343 2376  Netlogon - ok
17:25:58.0390 2376  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
17:25:58.0396 2376  Netman - ok
17:25:58.0415 2376  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
17:25:58.0475 2376  netprofm - ok
17:25:58.0500 2376  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:25:58.0503 2376  NetTcpPortSharing - ok
17:25:58.0549 2376  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
17:25:58.0560 2376  nfrd960 - ok
17:25:58.0620 2376  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:25:58.0627 2376  NlaSvc - ok
17:25:58.0632 2376  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:25:58.0635 2376  Npfs - ok
17:25:58.0657 2376  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
17:25:58.0660 2376  nsi - ok
17:25:58.0664 2376  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:25:58.0665 2376  nsiproxy - ok
17:25:58.0729 2376  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:25:58.0770 2376  Ntfs - ok
17:25:58.0791 2376  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
17:25:58.0794 2376  Null - ok
17:25:59.0068 2376  [ F554291C0A11F5B713B54C5886D4AA31 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:25:59.0491 2376  nvlddmkm - ok
17:25:59.0526 2376  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:25:59.0530 2376  nvraid - ok
17:25:59.0565 2376  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:25:59.0588 2376  nvstor - ok
17:25:59.0659 2376  [ 8E99BF264C1F20934A67E91BC9F4FB20 ] nvsvc           C:\Windows\system32\nvvsvc.exe
17:25:59.0670 2376  nvsvc - ok
17:25:59.0702 2376  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:25:59.0706 2376  nv_agp - ok
17:25:59.0721 2376  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:25:59.0740 2376  ohci1394 - ok
17:25:59.0814 2376  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:25:59.0828 2376  ose - ok
17:25:59.0986 2376  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:26:00.0146 2376  osppsvc - ok
17:26:00.0184 2376  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:26:00.0188 2376  p2pimsvc - ok
17:26:00.0208 2376  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:26:00.0233 2376  p2psvc - ok
17:26:00.0271 2376  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
17:26:00.0288 2376  Parport - ok
17:26:00.0309 2376  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:26:00.0313 2376  partmgr - ok
17:26:00.0333 2376  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:26:00.0336 2376  PcaSvc - ok
17:26:00.0349 2376  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
17:26:00.0353 2376  pci - ok
17:26:00.0383 2376  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
17:26:00.0385 2376  pciide - ok
17:26:00.0407 2376  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
17:26:00.0448 2376  pcmcia - ok
17:26:00.0453 2376  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:26:00.0466 2376  pcw - ok
17:26:00.0498 2376  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:26:00.0505 2376  PEAUTH - ok
17:26:00.0725 2376  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:26:00.0728 2376  PerfHost - ok
17:26:00.0797 2376  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
17:26:00.0833 2376  pla - ok
17:26:00.0883 2376  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:26:00.0891 2376  PlugPlay - ok
17:26:00.0923 2376  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:26:00.0926 2376  PNRPAutoReg - ok
17:26:00.0936 2376  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:26:00.0941 2376  PNRPsvc - ok
17:26:00.0977 2376  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:26:00.0987 2376  PolicyAgent - ok
17:26:01.0034 2376  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
17:26:01.0037 2376  Power - ok
17:26:01.0087 2376  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:26:01.0091 2376  PptpMiniport - ok
17:26:01.0117 2376  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
17:26:01.0135 2376  Processor - ok
17:26:01.0172 2376  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:26:01.0176 2376  ProfSvc - ok
17:26:01.0185 2376  [ 4D71227301DD8D09097B9E4CC6527E5A ] ProtectedStorage C:\Windows\system32\lsass.exe
17:26:01.0187 2376  ProtectedStorage - ok
17:26:01.0210 2376  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:26:01.0212 2376  Psched - ok
17:26:01.0267 2376  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
17:26:01.0289 2376  ql2300 - ok
17:26:01.0300 2376  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
17:26:01.0303 2376  ql40xx - ok
17:26:01.0328 2376  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
17:26:01.0352 2376  QWAVE - ok
17:26:01.0359 2376  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:26:01.0362 2376  QWAVEdrv - ok
17:26:01.0368 2376  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:26:01.0392 2376  RasAcd - ok
17:26:01.0450 2376  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:26:01.0469 2376  RasAgileVpn - ok
17:26:01.0524 2376  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
17:26:01.0529 2376  RasAuto - ok
17:26:01.0565 2376  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:26:01.0570 2376  Rasl2tp - ok
17:26:01.0587 2376  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
17:26:01.0596 2376  RasMan - ok
17:26:01.0633 2376  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:26:01.0637 2376  RasPppoe - ok
17:26:01.0661 2376  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:26:01.0665 2376  RasSstp - ok
17:26:01.0675 2376  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:26:01.0682 2376  rdbss - ok
17:26:01.0700 2376  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:26:01.0719 2376  rdpbus - ok
17:26:01.0723 2376  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:26:01.0724 2376  RDPCDD - ok
17:26:01.0745 2376  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:26:01.0746 2376  RDPENCDD - ok
17:26:01.0753 2376  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:26:01.0754 2376  RDPREFMP - ok
17:26:01.0781 2376  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:26:01.0786 2376  RDPWD - ok
17:26:01.0848 2376  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:26:01.0853 2376  rdyboost - ok
17:26:01.0889 2376  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:26:01.0903 2376  RemoteAccess - ok
17:26:01.0937 2376  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:26:01.0960 2376  RemoteRegistry - ok
17:26:02.0014 2376  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
17:26:02.0036 2376  RFCOMM - ok
17:26:02.0055 2376  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:26:02.0058 2376  RpcEptMapper - ok
17:26:02.0079 2376  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
17:26:02.0096 2376  RpcLocator - ok
17:26:02.0142 2376  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
17:26:02.0148 2376  RpcSs - ok
17:26:02.0190 2376  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:26:02.0192 2376  rspndr - ok
17:26:02.0255 2376  [ E228C336F195FA629D00B02F9FFC5667 ] SafeBox         C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
17:26:02.0257 2376  SafeBox - ok
17:26:02.0274 2376  [ 4D71227301DD8D09097B9E4CC6527E5A ] SamSs           C:\Windows\system32\lsass.exe
17:26:02.0276 2376  SamSs - ok
17:26:02.0317 2376  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:26:02.0334 2376  sbp2port - ok
17:26:02.0368 2376  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:26:02.0373 2376  SCardSvr - ok
17:26:02.0405 2376  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:26:02.0420 2376  scfilter - ok
17:26:02.0507 2376  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
17:26:02.0523 2376  Schedule - ok
17:26:02.0566 2376  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:26:02.0567 2376  SCPolicySvc - ok
17:26:02.0613 2376  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:26:02.0638 2376  SDRSVC - ok
17:26:02.0686 2376  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:26:02.0688 2376  secdrv - ok
17:26:02.0710 2376  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
17:26:02.0725 2376  seclogon - ok
17:26:02.0780 2376  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
17:26:02.0784 2376  SENS - ok
17:26:02.0800 2376  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:26:02.0805 2376  SensrSvc - ok
17:26:02.0811 2376  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:26:02.0813 2376  Serenum - ok
17:26:02.0866 2376  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:26:02.0870 2376  Serial - ok
17:26:02.0884 2376  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
17:26:02.0886 2376  sermouse - ok
17:26:02.0923 2376  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:26:02.0939 2376  SessionEnv - ok
17:26:02.0962 2376  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:26:02.0965 2376  sffdisk - ok
17:26:02.0970 2376  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:26:02.0987 2376  sffp_mmc - ok
17:26:02.0994 2376  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:26:02.0999 2376  sffp_sd - ok
17:26:03.0003 2376  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
17:26:03.0006 2376  sfloppy - ok
17:26:03.0034 2376  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:26:03.0040 2376  SharedAccess - ok
17:26:03.0090 2376  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:26:03.0098 2376  ShellHWDetection - ok
17:26:03.0138 2376  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:26:03.0154 2376  SiSRaid2 - ok
17:26:03.0161 2376  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
17:26:03.0165 2376  SiSRaid4 - ok
17:26:03.0197 2376  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:26:03.0217 2376  Smb - ok
17:26:03.0264 2376  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:26:03.0267 2376  SNMPTRAP - ok
17:26:03.0271 2376  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:26:03.0274 2376  spldr - ok
17:26:03.0312 2376  [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler         C:\Windows\System32\spoolsv.exe
17:26:03.0319 2376  Spooler - ok
17:26:03.0434 2376  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
17:26:03.0513 2376  sppsvc - ok
17:26:03.0545 2376  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:26:03.0549 2376  sppuinotify - ok
17:26:03.0572 2376  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:26:03.0578 2376  srv - ok
17:26:03.0612 2376  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:26:03.0617 2376  srv2 - ok
17:26:03.0677 2376  [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
17:26:03.0683 2376  SrvHsfHDA - ok
17:26:03.0719 2376  [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
17:26:03.0736 2376  SrvHsfV92 - ok
17:26:03.0756 2376  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
17:26:03.0775 2376  SrvHsfWinac - ok
17:26:03.0792 2376  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:26:03.0796 2376  srvnet - ok
17:26:03.0841 2376  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:26:03.0845 2376  SSDPSRV - ok
17:26:03.0863 2376  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:26:03.0867 2376  SstpSvc - ok
17:26:03.0889 2376  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
17:26:03.0904 2376  stexstor - ok
17:26:03.0973 2376  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
17:26:03.0982 2376  stisvc - ok
17:26:04.0012 2376  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
17:26:04.0014 2376  swenum - ok
17:26:04.0042 2376  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
17:26:04.0050 2376  swprv - ok
17:26:04.0125 2376  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
17:26:04.0151 2376  SysMain - ok
17:26:04.0188 2376  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:26:04.0194 2376  TabletInputService - ok
17:26:04.0237 2376  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:26:04.0244 2376  TapiSrv - ok
17:26:04.0264 2376  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
17:26:04.0266 2376  TBS - ok
17:26:04.0359 2376  [ 40AF23633D197905F03AB5628C558C51 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:26:04.0380 2376  Tcpip - ok
17:26:04.0410 2376  [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:26:04.0422 2376  TCPIP6 - ok
17:26:04.0482 2376  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:26:04.0484 2376  tcpipreg - ok
17:26:04.0539 2376  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:26:04.0548 2376  TDPIPE - ok
17:26:04.0589 2376  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:26:04.0609 2376  TDTCP - ok
17:26:04.0655 2376  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:26:04.0660 2376  tdx - ok
17:26:04.0694 2376  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
17:26:04.0698 2376  TermDD - ok
17:26:04.0749 2376  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
17:26:04.0762 2376  TermService - ok
17:26:04.0809 2376  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
17:26:04.0812 2376  Themes - ok
17:26:04.0829 2376  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
17:26:04.0831 2376  THREADORDER - ok
17:26:04.0852 2376  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
17:26:04.0856 2376  TrkWks - ok
17:26:04.0923 2376  [ 325A512F98BEB97B1FFBE88927B8090D ] trufos          C:\Windows\system32\DRIVERS\trufos.sys
17:26:04.0935 2376  trufos - ok
17:26:04.0986 2376  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:26:04.0989 2376  TrustedInstaller - ok
17:26:05.0022 2376  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:26:05.0024 2376  tssecsrv - ok
17:26:05.0077 2376  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:26:05.0080 2376  TsUsbFlt - ok
17:26:05.0121 2376  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:26:05.0142 2376  tunnel - ok
17:26:05.0163 2376  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
17:26:05.0166 2376  uagp35 - ok
17:26:05.0189 2376  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:26:05.0209 2376  udfs - ok
17:26:05.0252 2376  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:26:05.0256 2376  UI0Detect - ok
17:26:05.0269 2376  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:26:05.0284 2376  uliagpkx - ok
17:26:05.0311 2376  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
17:26:05.0313 2376  umbus - ok
17:26:05.0363 2376  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
17:26:05.0366 2376  UmPass - ok
17:26:05.0614 2376  [ 612AACDDFF7EF81375927C2D7E4E810C ] UPDATESRV       C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
17:26:05.0617 2376  UPDATESRV - ok
17:26:05.0650 2376  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
17:26:05.0676 2376  upnphost - ok
17:26:05.0711 2376  [ DCA68B0943D6FA415F0C56C92158A83A ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:26:05.0715 2376  usbccgp - ok
17:26:05.0765 2376  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:26:05.0769 2376  usbcir - ok
17:26:05.0792 2376  [ 18A85013A3E0F7E1755365D287443965 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:26:05.0795 2376  usbehci - ok
17:26:05.0816 2376  [ 8D1196CFBB223621F2C67D45710F25BA ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:26:05.0823 2376  usbhub - ok
17:26:05.0844 2376  [ 765A92D428A8DB88B960DA5A8D6089DC ] usbohci         C:\Windows\system32\drivers\usbohci.sys
17:26:05.0846 2376  usbohci - ok
17:26:05.0867 2376  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:26:05.0892 2376  usbprint - ok
17:26:05.0915 2376  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
17:26:05.0917 2376  USBSTOR - ok
17:26:05.0935 2376  [ DD253AFC3BC6CBA412342DE60C3647F3 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
17:26:05.0938 2376  usbuhci - ok
17:26:05.0992 2376  [ 1F775DA4CF1A3A1834207E975A72E9D7 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
17:26:05.0997 2376  usbvideo - ok
17:26:06.0049 2376  [ 7B28E2FBE75115660FAB31079C0A9F29 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
17:26:06.0051 2376  usb_rndisx - ok
17:26:06.0081 2376  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
17:26:06.0085 2376  UxSms - ok
17:26:06.0108 2376  [ 4D71227301DD8D09097B9E4CC6527E5A ] VaultSvc        C:\Windows\system32\lsass.exe
17:26:06.0110 2376  VaultSvc - ok
17:26:06.0158 2376  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:26:06.0161 2376  vdrvroot - ok
17:26:06.0198 2376  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
17:26:06.0210 2376  vds - ok
17:26:06.0239 2376  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:26:06.0241 2376  vga - ok
17:26:06.0246 2376  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:26:06.0249 2376  VgaSave - ok
17:26:06.0286 2376  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:26:06.0292 2376  vhdmp - ok
17:26:06.0320 2376  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:26:06.0322 2376  viaide - ok
17:26:06.0355 2376  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:26:06.0358 2376  volmgr - ok
17:26:06.0401 2376  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:26:06.0406 2376  volmgrx - ok
17:26:06.0447 2376  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:26:06.0455 2376  volsnap - ok
17:26:06.0506 2376  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
17:26:06.0511 2376  vsmraid - ok
17:26:06.0574 2376  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
17:26:06.0605 2376  VSS - ok
17:26:06.0659 2376  [ F2E77091A09315A896F2FC5F973694B1 ] VSSERV          C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
17:26:06.0674 2376  VSSERV - ok
17:26:06.0694 2376  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
17:26:06.0696 2376  vwifibus - ok
17:26:06.0717 2376  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
17:26:06.0733 2376  vwififlt - ok
17:26:06.0796 2376  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
17:26:06.0803 2376  W32Time - ok
17:26:06.0906 2376  [ B32009DB1972E7F2C227499289C4384A ] W3SVC           C:\Windows\system32\inetsrv\iisw3adm.dll
17:26:06.0913 2376  W3SVC - ok
17:26:06.0951 2376  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
17:26:06.0953 2376  WacomPen - ok
17:26:07.0020 2376  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:26:07.0024 2376  WANARP - ok
17:26:07.0029 2376  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:26:07.0031 2376  Wanarpv6 - ok
17:26:07.0041 2376  [ B32009DB1972E7F2C227499289C4384A ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
17:26:07.0044 2376  WAS - ok
17:26:07.0112 2376  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
17:26:07.0132 2376  WatAdminSvc - ok
17:26:07.0202 2376  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
17:26:07.0226 2376  wbengine - ok
17:26:07.0267 2376  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:26:07.0273 2376  WbioSrvc - ok
17:26:07.0302 2376  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:26:07.0309 2376  wcncsvc - ok
17:26:07.0330 2376  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:26:07.0333 2376  WcsPlugInService - ok
17:26:07.0354 2376  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
17:26:07.0356 2376  Wd - ok
17:26:07.0395 2376  [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:26:07.0405 2376  Wdf01000 - ok
17:26:07.0426 2376  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:26:07.0429 2376  WdiServiceHost - ok
17:26:07.0433 2376  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:26:07.0435 2376  WdiSystemHost - ok
17:26:07.0463 2376  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D ] WebClient       C:\Windows\System32\webclnt.dll
17:26:07.0469 2376  WebClient - ok
17:26:07.0502 2376  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:26:07.0508 2376  Wecsvc - ok
17:26:07.0519 2376  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:26:07.0522 2376  wercplsupport - ok
17:26:07.0561 2376  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:26:07.0579 2376  WerSvc - ok
17:26:07.0608 2376  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:26:07.0610 2376  WfpLwf - ok
17:26:07.0614 2376  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:26:07.0617 2376  WIMMount - ok
17:26:07.0648 2376  WinDefend - ok
17:26:07.0653 2376  WinHttpAutoProxySvc - ok
17:26:07.0790 2376  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:26:07.0795 2376  Winmgmt - ok
17:26:07.0860 2376  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
17:26:07.0890 2376  WinRM - ok
17:26:07.0977 2376  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:26:07.0991 2376  Wlansvc - ok
17:26:08.0044 2376  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
17:26:08.0045 2376  WmiAcpi - ok
17:26:08.0075 2376  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:26:08.0080 2376  wmiApSrv - ok
17:26:08.0113 2376  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:26:08.0117 2376  WPCSvc - ok
17:26:08.0150 2376  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:26:08.0155 2376  WPDBusEnum - ok
17:26:08.0177 2376  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:26:08.0179 2376  ws2ifsl - ok
17:26:08.0199 2376  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
17:26:08.0207 2376  wscsvc - ok
17:26:08.0272 2376  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:26:08.0299 2376  wuauserv - ok
17:26:08.0325 2376  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:26:08.0327 2376  WudfPf - ok
17:26:08.0387 2376  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:26:08.0389 2376  WUDFRd - ok
17:26:08.0412 2376  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:26:08.0439 2376  wudfsvc - ok
17:26:08.0471 2376  [ 04F82965C09CBDF646B487E145060301 ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:26:08.0477 2376  WwanSvc - ok
17:26:08.0509 2376  ================ Scan global ===============================
17:26:08.0544 2376  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:26:08.0573 2376  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
17:26:08.0587 2376  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
17:26:08.0618 2376  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:26:08.0645 2376  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:26:08.0649 2376  [Global] - ok
17:26:08.0650 2376  ================ Scan MBR ==================================
17:26:08.0662 2376  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:26:08.0883 2376  \Device\Harddisk0\DR0 - ok
17:26:08.0884 2376  ================ Scan VBR ==================================
17:26:08.0888 2376  [ 8065DEFF499B5412BB9BB826B65663EA ] \Device\Harddisk0\DR0\Partition1
17:26:08.0890 2376  \Device\Harddisk0\DR0\Partition1 - ok
17:26:08.0906 2376  [ 5F756A9FA4EAAA5FCADC2824D4387FE9 ] \Device\Harddisk0\DR0\Partition2
17:26:08.0908 2376  \Device\Harddisk0\DR0\Partition2 - ok
17:26:08.0937 2376  [ 6E13B4B6E97C5E93547419BC262056CB ] \Device\Harddisk0\DR0\Partition3
17:26:08.0940 2376  \Device\Harddisk0\DR0\Partition3 - ok
17:26:08.0940 2376  ============================================================
17:26:08.0940 2376  Scan finished
17:26:08.0940 2376  ============================================================
17:26:08.0957 3708  Detected object count: 0
17:26:08.0958 3708  Actual detected object count: 0
17:26:40.0127 2132  Deinitialize success

 
aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-04-21 17:27:13
-----------------------------
17:27:13.147    OS Version: Windows x64 6.1.7601 Service Pack 1
17:27:13.148    Number of processors: 4 586 0x2502
17:27:13.150    ComputerName: ACER-PC  UserName: Acer
17:27:48.746    Initialize success
17:28:15.705    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
17:28:15.709    Disk 0 Vendor: Hitachi_HTS545050B9A300 PB4OC60F Size: 476940MB BusType: 11
17:28:16.420    Disk 0 MBR read successfully
17:28:16.425    Disk 0 MBR scan
17:28:16.428    Disk 0 Windows 7 default MBR code
17:28:16.548    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
17:28:16.626    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       238400 MB offset 206848
17:28:16.702    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       238438 MB offset 488450048
17:28:17.338    Disk 0 scanning C:\Windows\system32\drivers
17:29:15.764    Service scanning
17:29:36.886    Service BdfNdisf c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys **LOCKED** 5
17:29:37.083    Service bdfwfpf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys **LOCKED** 5
17:29:37.335    Service bdfwfpf_pc C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys **LOCKED** 5
17:30:49.816    Modules scanning
17:30:50.156    Disk 0 trace - called modules:
17:30:50.176    ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
17:30:50.186    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8002915060]
17:30:50.196    3 CLASSPNP.SYS[fffff88001a7f43f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8002667680]
17:30:50.206    Scan finished successfully
17:33:52.776    Disk 0 MBR has been saved successfully to "C:\Users\Acer\Desktop\MBR.dat"
17:33:52.876    The log file has been saved successfully to "C:\Users\Acer\Desktop\aswMBR.txt"



#12 My.Rhapsodies12

My.Rhapsodies12
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:51 AM

Posted 21 April 2014 - 04:58 AM

Sorry I could not find the attachment button in my previous entry. I had to disable all sections in the permissions part in the url bar before I finally able to see it. I couldn't send the mbar.dat to zipped folder due to "access is denied".



#13 nasdaq

nasdaq

  • Malware Response Team
  • 40,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:51 PM

Posted 21 April 2014 - 07:47 AM

Your master boot record is clean.
I do not need that MBR.dat file.
===


I had bitdefender total security installed once again and let's see what my logs contain;

Bitdefender is installed on that computer.
===

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.
===

Let me know of the know issues with this computer.

#14 My.Rhapsodies12

My.Rhapsodies12
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:51 AM

Posted 21 April 2014 - 10:44 AM

After installing BDUSBImmunizer, my portawifi broadband stick cannot be used to access the internet if my wi-fi network is turned off although it is plugged in my laptop. I had Firebug add-on installed before this and when I inspected the element of the default login page of my internet, it said "Password fields present in a form with an insecure (http://) form action. This is a security risk that allows user login credentials to be stolen." One more thing, Is there any possibility of an infection with my portable hard drive, pendrives etc? Why do I keep having this access control and permissions problem? Thanks in advance!

 

 Results of screen317's Security Check version 0.99.82  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Bitdefender Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 Adobe Reader XI  
 Mozilla Firefox (28.0)
 Google Chrome 33.0.1750.5  
````````Process Check: objlist.exe by Laurent````````  
 Bitdefender Bitdefender bdagent.exe  
 Bitdefender Bitdefender pmbxag.exe  
 Bitdefender Bitdefender antispam32 bdapppassmgr.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
 



#15 nasdaq

nasdaq

  • Malware Response Team
  • 40,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:51 PM

Posted 21 April 2014 - 01:46 PM

After installing BDUSBImmunizer, my portawifi broadband stick cannot be used to access the internet if my wi-fi network is turned off although it is plugged in my laptop. I had Firebug add-on installed before this and when I inspected the element of the default login page of my internet, it said "Password fields present in a form with an insecure (http://) form action. This is a security risk that allows user login credentials to be stolen."

Check with the Bitdefender forum. This is not my forte.

Or restore the Last Good Configuration.
http://windows.microsoft.com/en-CA/windows7/Using-Last-Known-Good-Configuration
Restart the computer.

One more thing, Is there any possibility of an infection with my portable hard drive, pendrives etc? Why do I keep having this access control and permissions problem? Thanks in advance!


You can run now run this tool.

1 - Flash Drive Disinfector
Download Flash_Disinfector.exe by sUBs from >here< and save it to your desktop.
  • Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
  • The utility may ask you to insert your flash drive and/or other removable drives including your mobile phone. Please do so and allow the utility to clean up those drives as well.
  • Wait until it has finished scanning and then exit the program.
  • Reboot your computer when done.
Note: Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive plugged in when you ran it. Don't delete this folder...it will help protect your drives from future infection.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users