Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Some Outdated Java Plugin fake java redirection, Printer prints blank pages...


  • This topic is locked This topic is locked
33 replies to this topic

#1 Omar Yehia

Omar Yehia

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Local time:02:26 AM

Posted 02 May 2014 - 07:21 PM

Hello,

I was told to post in this area after some logs that have been created, please read the original post before replying since i am unable to create the necessary logs for Windows 8.1, original link here:

 

http://www.bleepingcomputer.com/forums/t/532595/some-outdated-java-plugin-fake-java-redirection-printer-prints-blank-pages/

 

Regards,



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:26 AM

Posted 08 May 2014 - 07:55 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/533105 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,079 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:07:26 AM

Posted 11 May 2014 - 08:26 AM

Greetings and :welcome: to BleepingComputer,
My name is xXToffeeXx, but feel free to call me Toffee if it is easier for you. I will be helping you with your malware problems.
 
A few points to cover before we start:

  • Do not run any tools without being instructed to as this makes my job much harder in trying to figure out what you have done.
  • Make sure to read my instructions fully before attempting a step.
  • If you have problems or questions with any of the steps, feel free to ask me. I will be happy to answer any questions you have.
  • Please follow the topic by clicking on the "Follow this topic" button, and make sure a tick is in the "receive notifications" and is set to "Instantly". Any replies should be made in this topic by clicking the "Reply to this topic" button.
  • Important information in my posts will often be in bold, make sure to take note of these.
  • I will attempt to reply as soon as possible, and normally within 24 hours of your reply. If this is not possible or I have a delay then I will let you know.
  • I will bump a topic after 3 days of no activity, and then will give you another 2 days to reply before a topic is closed. If you need more time than this please let me know.
  • Lets get going now :thumbup2:

==========================

Hi Omar Yehia,
 
Please download Farbar Recovery Scan Tool and save it to your Desktop.
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.

Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.

--------------
 
To recap, in your next reply I would like to see the following. Make sure to copy & paste them unless I ask otherwise:

  • FRST.txt
  • Addition.txt

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#4 Omar Yehia

Omar Yehia
  • Topic Starter

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Local time:02:26 AM

Posted 11 May 2014 - 07:41 PM

Windows Smart Screen prevented from running FRST.EXE, running this app might run you at risk



#5 Omar Yehia

Omar Yehia
  • Topic Starter

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Local time:02:26 AM

Posted 11 May 2014 - 07:51 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:11-05-2014 01
Ran by R0M (administrator) on ROMSTER2 on 11-05-2014 20:43:37
Running from C:\Users\R0M\Desktop
Platform: Microsoft Windows 8.1 Pro Update 1 (X86) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(GEAR Software) C:\Windows\System32\gearsec.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Express Tray\ExpressTray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-3280362830-1658806349-1528821950-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [122200 2014-04-23] (Garmin Ltd or its subsidiaries)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.ca.msn.com/?rd=1&ucc=CA&dcc=CA&opt=0
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x842FDA6C555ECF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.ca/
CHR StartupUrls: "hxxp://www.google.ca/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\R0M\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\34.0.1847.131\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_182.dll No File
CHR Extension: (Google Drive) - C:\Users\R0M\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-26]
CHR Extension: (YouTube) - C:\Users\R0M\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-26]
CHR Extension: (Google Search) - C:\Users\R0M\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-26]
CHR Extension: (Google Wallet) - C:\Users\R0M\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-26]
CHR Extension: (Gmail) - C:\Users\R0M\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-26]
 
========================== Services (Whitelisted) =================
 
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [436056 2014-04-23] (Garmin Ltd or its subsidiaries)
R2 gearsec; C:\WINDOWS\system32\gearsec.exe [53248 2003-12-01] (GEAR Software)
R2 HPSLPSVC; C:\Users\R0M\AppData\Local\Temp\7zS5B92\hpslpsvc32.dll [701288 2013-07-19] (Hewlett-Packard Co.)
S3 ScDeviceEnum; C:\WINDOWS\System32\ScDeviceEnum.dll [105472 2013-08-21] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280296 2013-10-30] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\WINDOWS\system32\wephostsvc.dll [20992 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22224 2013-10-30] (Microsoft Corporation)
S3 workfolderssvc; C:\WINDOWS\system32\workfolderssvc.dll [1210368 2013-10-21] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
R1 BasicRender; C:\WINDOWS\System32\drivers\BasicRender.sys [25600 2014-02-22] (Microsoft Corporation)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63l.sys [4715008 2013-07-01] (Broadcom Corporation)
R3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [137632 2012-10-19] (Windows ® Win 7 DDK provider)
R3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [22432 2012-10-19] (Windows ® Win 7 DDK provider)
S3 GPIO; C:\WINDOWS\System32\drivers\iaiogpio.sys [22016 2013-07-23] (Intel Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [93016 2013-10-30] (Microsoft Corporation)
R0 Wof; C:\WINDOWS\system32\Drivers\Wof.sys [138584 2014-03-13] (Microsoft Corporation)
R3 WUDFSensorLP; C:\WINDOWS\System32\drivers\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-05-11 20:43 - 2014-05-11 20:44 - 00009865 _____ () C:\Users\R0M\Desktop\FRST.txt
2014-05-11 20:43 - 2014-05-11 20:43 - 00000000 ____D () C:\FRST
2014-05-11 20:40 - 2014-05-11 20:40 - 01056256 _____ (Farbar) C:\Users\R0M\Desktop\FRST (1).exe
2014-05-11 20:38 - 2014-05-11 20:38 - 01056256 _____ (Farbar) C:\Users\R0M\Desktop\FRST.exe
2014-05-09 17:04 - 2014-05-09 17:04 - 00400518 _____ () C:\Users\R0M\Desktop\circus-logo-black (1).ai
2014-05-08 12:34 - 2014-05-08 12:34 - 00541302 _____ () C:\Users\R0M\Desktop\DeviceWin8.meta.diagcab
2014-05-05 17:40 - 2014-05-05 17:40 - 00127172 _____ () C:\Users\R0M\Desktop\ImageProxy.jfif
2014-05-02 14:44 - 2014-05-02 14:44 - 00345269 _____ () C:\Users\R0M\Desktop\Vaness,jpg
2014-05-02 11:00 - 2014-05-02 11:00 - 00000953 _____ () C:\Users\Public\Desktop\Speccy.lnk
2014-05-02 11:00 - 2014-05-02 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2014-05-02 11:00 - 2014-05-02 11:00 - 00000000 ____D () C:\Program Files\Speccy
2014-05-02 10:55 - 2014-05-02 10:55 - 00003363 _____ () C:\Users\R0M\Desktop\FSS.txt
2014-05-02 10:54 - 2014-05-02 10:54 - 04890736 _____ (Piriform Ltd) C:\Users\R0M\Desktop\spsetup126.exe
2014-05-02 10:52 - 2014-05-02 10:52 - 00982016 _____ (Farbar) C:\Users\R0M\Desktop\MiniToolBox.exe
2014-05-02 10:52 - 2014-05-02 10:52 - 00854355 _____ () C:\Users\R0M\Desktop\SecurityCheck.exe
2014-05-02 10:51 - 2014-05-02 10:51 - 00409600 _____ (Farbar) C:\Users\R0M\Desktop\FSS.exe
2014-05-01 18:08 - 2014-04-29 08:48 - 17384448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-01 18:06 - 2014-05-01 18:06 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-05-01 14:03 - 2014-05-01 14:04 - 64662552 _____ () C:\Users\R0M\Desktop\My Movie.mp4
2014-05-01 14:02 - 2014-05-01 14:02 - 18125647 _____ () C:\Users\R0M\Desktop\animoto_360p.mp4
2014-05-01 13:49 - 2014-05-01 13:50 - 03220376 _____ () C:\Users\R0M\Desktop\Happy Birthday Rock Song - Dog playing guitar - Funny Greeting Card - Human Dog.mp4
2014-05-01 13:40 - 2014-05-01 13:40 - 07615664 _____ () C:\Users\R0M\Desktop\1127835_10151600030329495_56686_n.mp4
2014-05-01 12:50 - 2014-05-01 12:52 - 00002698 _____ () C:\Users\R0M\Desktop\Rkill.txt
2014-05-01 12:50 - 2014-05-01 12:50 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\R0M\Desktop\rkill.exe
2014-04-30 22:29 - 2014-04-30 22:29 - 00000000 __SHD () C:\Users\R0M\AppData\Local\EmieUserList
2014-04-30 22:29 - 2014-04-30 22:29 - 00000000 __SHD () C:\Users\R0M\AppData\Local\EmieSiteList
2014-04-30 22:00 - 2014-04-30 22:00 - 00001048 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
2014-04-30 21:59 - 2014-04-30 21:59 - 00001135 _____ () C:\Users\Public\Desktop\Shop for HP Supplies.lnk
2014-04-30 21:58 - 2014-04-30 21:58 - 00001299 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2014-04-30 21:58 - 2014-04-30 21:58 - 00001293 _____ () C:\Users\Public\Desktop\HP Solution Center.lnk
2014-04-30 21:58 - 2014-04-30 21:58 - 00000000 ____D () C:\ProgramData\HP Product Assistant
2014-04-30 21:57 - 2014-04-30 21:57 - 00000000 ____D () C:\Program Files\Common Files\HP
2014-04-30 21:54 - 2014-04-30 22:01 - 00188158 _____ () C:\WINDOWS\hpoins28.dat
2014-04-30 21:54 - 2012-09-26 11:48 - 00000584 ____N () C:\WINDOWS\hpomdl28.dat
2014-04-30 21:23 - 2014-04-30 21:23 - 02338824 _____ () C:\Users\R0M\Desktop\hppiw.exe
2014-04-30 21:18 - 2014-04-30 21:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2014-04-30 21:09 - 2014-04-30 21:09 - 00000000 ____D () C:\Users\R0M\Documents\Optimizer Pro
2014-04-30 21:04 - 2014-04-30 21:04 - 00000000 ____D () C:\Users\R0M\AppData\Roaming\HP DESKJET F4200 Driver Utility
2014-04-30 21:03 - 2014-04-30 21:03 - 02076256 _____ (Lavians Inc. ) C:\Users\R0M\Downloads\hp-deskjet-f4200-driver-utility.exe
2014-04-29 15:17 - 2014-02-26 02:35 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-04-29 15:15 - 2014-02-22 10:42 - 01017936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2014-04-29 15:15 - 2014-02-22 10:42 - 00422968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2014-04-29 15:15 - 2014-02-22 10:42 - 00410568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-04-29 15:15 - 2014-02-22 10:42 - 00369288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-04-29 15:15 - 2014-02-22 10:38 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-04-29 15:15 - 2014-02-22 10:38 - 01129064 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2014-04-29 15:15 - 2014-02-22 10:38 - 01077944 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2014-04-29 15:15 - 2014-02-22 10:25 - 02871672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-04-29 15:15 - 2014-02-22 10:25 - 02410496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-04-29 15:15 - 2014-02-22 10:08 - 01451392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-04-29 15:15 - 2014-02-22 10:08 - 01389960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-04-29 15:15 - 2014-02-22 10:08 - 01280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-04-29 15:15 - 2014-02-22 10:08 - 01270608 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-04-29 15:15 - 2014-02-22 10:08 - 01167856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-04-29 15:15 - 2014-02-22 10:08 - 00431960 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2014-04-29 15:15 - 2014-02-22 10:08 - 00265048 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-04-29 15:15 - 2014-02-22 10:04 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-04-29 15:15 - 2014-02-22 10:04 - 01206000 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-04-29 15:15 - 2014-02-22 10:04 - 01011280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2014-04-29 15:15 - 2014-02-22 10:04 - 00869720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-04-29 15:15 - 2014-02-22 07:22 - 03499008 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-04-29 15:15 - 2014-02-22 07:17 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\OobeFldr.dll
2014-04-29 15:15 - 2014-02-22 06:44 - 02178048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-04-29 15:15 - 2014-02-22 06:40 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-04-29 15:15 - 2014-02-22 06:36 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-04-29 15:15 - 2014-02-22 06:33 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-04-29 15:15 - 2014-02-22 06:18 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-04-29 15:15 - 2014-02-22 06:02 - 08946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2014-04-29 15:15 - 2014-02-22 05:40 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-04-29 15:15 - 2014-02-22 05:39 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-04-29 15:15 - 2014-02-22 05:33 - 11745792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-04-29 15:15 - 2014-02-22 05:33 - 01967104 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-04-29 15:15 - 2014-02-22 05:28 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2014-04-29 15:15 - 2014-02-22 05:26 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2014-04-29 15:15 - 2014-02-22 05:16 - 11776000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2014-04-29 15:15 - 2014-02-22 05:14 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2014-04-29 15:15 - 2014-02-22 05:14 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofTasks.dll
2014-04-29 15:15 - 2014-02-22 05:07 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2014-04-29 15:15 - 2014-02-22 05:04 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-04-29 15:15 - 2014-02-22 05:00 - 01341440 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2014-04-29 15:15 - 2014-02-22 04:59 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2014-04-29 15:15 - 2014-02-22 04:56 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-04-29 15:15 - 2014-02-22 04:49 - 08874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-04-29 15:15 - 2014-02-22 04:47 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-04-29 15:15 - 2014-02-22 04:45 - 00612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-04-29 15:15 - 2014-02-22 04:37 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2014-04-29 15:15 - 2014-02-22 04:35 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-04-29 15:15 - 2014-02-22 04:32 - 01789440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-04-29 15:15 - 2014-02-22 04:29 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-04-29 15:15 - 2014-02-22 04:27 - 01143808 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-04-29 15:15 - 2014-02-22 04:03 - 01496576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2014-04-29 15:15 - 2014-02-22 04:01 - 00978944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-04-29 15:15 - 2014-02-22 04:00 - 00514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2014-04-29 15:14 - 2014-02-22 10:52 - 01767440 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2014-04-29 15:14 - 2014-02-22 10:52 - 00251504 _____ (Microsoft Corporation) C:\WINDOWS\system32\powrprof.dll
2014-04-29 15:14 - 2014-02-22 10:52 - 00171936 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2014-04-29 15:14 - 2014-02-22 10:52 - 00063592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2014-04-29 15:14 - 2014-02-22 10:51 - 01063976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2014-04-29 15:14 - 2014-02-22 10:51 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2014-04-29 15:14 - 2014-02-22 10:51 - 00140456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2014-04-29 15:14 - 2014-02-22 10:51 - 00066624 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostex.exe
2014-04-29 15:14 - 2014-02-22 10:51 - 00065056 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhost.exe
2014-04-29 15:14 - 2014-02-22 10:42 - 01370696 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-04-29 15:14 - 2014-02-22 10:42 - 00232896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2014-04-29 15:14 - 2014-02-22 10:42 - 00146672 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2014-04-29 15:14 - 2014-02-22 10:42 - 00137344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2014-04-29 15:14 - 2014-02-22 10:42 - 00098072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-04-29 15:14 - 2014-02-22 10:40 - 00333656 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-04-29 15:14 - 2014-02-22 10:40 - 00311128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-04-29 15:14 - 2014-02-22 10:40 - 00261464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-04-29 15:14 - 2014-02-22 10:40 - 00211800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-04-29 15:14 - 2014-02-22 10:40 - 00122712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-04-29 15:14 - 2014-02-22 10:40 - 00120664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-04-29 15:14 - 2014-02-22 10:38 - 00506120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2014-04-29 15:14 - 2014-02-22 10:38 - 00336232 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-04-29 15:14 - 2014-02-22 10:38 - 00197280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2014-04-29 15:14 - 2014-02-22 10:38 - 00125976 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2014-04-29 15:14 - 2014-02-22 10:38 - 00089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-04-29 15:14 - 2014-02-22 10:26 - 00502616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-04-29 15:14 - 2014-02-22 10:26 - 00198488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2014-04-29 15:14 - 2014-02-22 10:26 - 00197976 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-04-29 15:14 - 2014-02-22 10:26 - 00130904 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-04-29 15:14 - 2014-02-22 10:26 - 00063832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2014-04-29 15:14 - 2014-02-22 10:26 - 00030552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-04-29 15:14 - 2014-02-22 10:25 - 00180240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-04-29 15:14 - 2014-02-22 10:18 - 01914616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-04-29 15:14 - 2014-02-22 10:18 - 00759192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2014-04-29 15:14 - 2014-02-22 10:18 - 00477744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-04-29 15:14 - 2014-02-22 10:18 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-04-29 15:14 - 2014-02-22 10:18 - 00224664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-04-29 15:14 - 2014-02-22 10:18 - 00089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RestoreOptIn.exe
2014-04-29 15:14 - 2014-02-22 10:18 - 00041320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2014-04-29 15:14 - 2014-02-22 10:18 - 00029912 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserAccountBroker.exe
2014-04-29 15:14 - 2014-02-22 10:12 - 01468872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2014-04-29 15:14 - 2014-02-22 10:11 - 00490136 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2014-04-29 15:14 - 2014-02-22 10:10 - 00105896 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2014-04-29 15:14 - 2014-02-22 10:08 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2014-04-29 15:14 - 2014-02-22 10:08 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-04-29 15:14 - 2014-02-22 10:08 - 00271192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-04-29 15:14 - 2014-02-22 10:04 - 01155392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-04-29 15:14 - 2014-02-22 10:04 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-04-29 15:14 - 2014-02-22 10:04 - 00650736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2014-04-29 15:14 - 2014-02-22 10:04 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-04-29 15:14 - 2014-02-22 10:04 - 00317584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2014-04-29 15:14 - 2014-02-22 10:04 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2014-04-29 15:14 - 2014-02-22 10:04 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-04-29 15:14 - 2014-02-22 07:28 - 02428928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2014-04-29 15:14 - 2014-02-22 07:28 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2014-04-29 15:14 - 2014-02-22 07:28 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-power-events.dll
2014-04-29 15:14 - 2014-02-22 07:23 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-04-29 15:14 - 2014-02-22 07:22 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-04-29 15:14 - 2014-02-22 07:22 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2014-04-29 15:14 - 2014-02-22 07:19 - 00205312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2014-04-29 15:14 - 2014-02-22 07:18 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2014-04-29 15:14 - 2014-02-22 07:16 - 00617472 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2014-04-29 15:14 - 2014-02-22 07:16 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofUtil.dll
2014-04-29 15:14 - 2014-02-22 07:16 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\clrhost.dll
2014-04-29 15:14 - 2014-02-22 07:15 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-04-29 15:14 - 2014-02-22 07:11 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\aelupsvc.dll
2014-04-29 15:14 - 2014-02-22 07:06 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2014-04-29 15:14 - 2014-02-22 07:05 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2014-04-29 15:14 - 2014-02-22 07:01 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsutil.exe
2014-04-29 15:14 - 2014-02-22 06:58 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-04-29 15:14 - 2014-02-22 06:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2014-04-29 15:14 - 2014-02-22 06:57 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-04-29 15:14 - 2014-02-22 06:40 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\system32\recimg.exe
2014-04-29 15:14 - 2014-02-22 06:33 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2014-04-29 15:14 - 2014-02-22 06:24 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2014-04-29 15:14 - 2014-02-22 06:21 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContent.dll
2014-04-29 15:14 - 2014-02-22 06:17 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-04-29 15:14 - 2014-02-22 06:16 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\srchadmin.dll
2014-04-29 15:14 - 2014-02-22 06:14 - 02811392 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2014-04-29 15:14 - 2014-02-22 06:14 - 02165760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2014-04-29 15:14 - 2014-02-22 06:14 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-04-29 15:14 - 2014-02-22 06:13 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2014-04-29 15:14 - 2014-02-22 06:12 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2014-04-29 15:14 - 2014-02-22 06:09 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfp.exe
2014-04-29 15:14 - 2014-02-22 06:03 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-04-29 15:14 - 2014-02-22 06:02 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DfpCommon.dll
2014-04-29 15:14 - 2014-02-22 06:02 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2014-04-29 15:14 - 2014-02-22 06:01 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-04-29 15:14 - 2014-02-22 06:01 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2014-04-29 15:14 - 2014-02-22 06:01 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2014-04-29 15:14 - 2014-02-22 06:00 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2014-04-29 15:14 - 2014-02-22 05:55 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-04-29 15:14 - 2014-02-22 05:52 - 00926720 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2014-04-29 15:14 - 2014-02-22 05:46 - 00528896 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-04-29 15:14 - 2014-02-22 05:44 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2014-04-29 15:14 - 2014-02-22 05:44 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2014-04-29 15:14 - 2014-02-22 05:43 - 01294848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2014-04-29 15:14 - 2014-02-22 05:43 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe
2014-04-29 15:14 - 2014-02-22 05:42 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2014-04-29 15:14 - 2014-02-22 05:42 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2014-04-29 15:14 - 2014-02-22 05:40 - 02537472 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2014-04-29 15:14 - 2014-02-22 05:40 - 01095680 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2014-04-29 15:14 - 2014-02-22 05:39 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PurchaseWindowsLicense.dll
2014-04-29 15:14 - 2014-02-22 05:37 - 02220032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-04-29 15:14 - 2014-02-22 05:36 - 01392640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-04-29 15:14 - 2014-02-22 05:36 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2014-04-29 15:14 - 2014-02-22 05:36 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2014-04-29 15:14 - 2014-02-22 05:33 - 01882624 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-04-29 15:14 - 2014-02-22 05:32 - 01162752 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2014-04-29 15:14 - 2014-02-22 05:31 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-04-29 15:14 - 2014-02-22 05:28 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2014-04-29 15:14 - 2014-02-22 05:24 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2014-04-29 15:14 - 2014-02-22 05:23 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-04-29 15:14 - 2014-02-22 05:23 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-04-29 15:14 - 2014-02-22 05:21 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2014-04-29 15:14 - 2014-02-22 05:21 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2014-04-29 15:14 - 2014-02-22 05:20 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2014-04-29 15:14 - 2014-02-22 05:20 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-04-29 15:14 - 2014-02-22 05:19 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2014-04-29 15:14 - 2014-02-22 05:16 - 00593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2014-04-29 15:14 - 2014-02-22 05:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-04-29 15:14 - 2014-02-22 05:15 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2014-04-29 15:14 - 2014-02-22 05:14 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2014-04-29 15:14 - 2014-02-22 05:13 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2014-04-29 15:14 - 2014-02-22 05:13 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2014-04-29 15:14 - 2014-02-22 05:12 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2014-04-29 15:14 - 2014-02-22 05:10 - 00300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2014-04-29 15:14 - 2014-02-22 05:08 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-04-29 15:14 - 2014-02-22 05:08 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-04-29 15:14 - 2014-02-22 05:08 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2014-04-29 15:14 - 2014-02-22 05:07 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2014-04-29 15:14 - 2014-02-22 05:07 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2014-04-29 15:14 - 2014-02-22 05:07 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2014-04-29 15:14 - 2014-02-22 05:06 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-04-29 15:14 - 2014-02-22 05:06 - 00434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2014-04-29 15:14 - 2014-02-22 05:00 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2014-04-29 15:14 - 2014-02-22 04:59 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-04-29 15:14 - 2014-02-22 04:58 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-04-29 15:14 - 2014-02-22 04:57 - 00829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\perftrack.dll
2014-04-29 15:14 - 2014-02-22 04:56 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2014-04-29 15:14 - 2014-02-22 04:54 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2014-04-29 15:14 - 2014-02-22 04:54 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-04-29 15:14 - 2014-02-22 04:51 - 01258496 _____ (Microsoft Corporation) C:\WINDOWS\system32\RacEngn.dll
2014-04-29 15:14 - 2014-02-22 04:48 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2014-04-29 15:14 - 2014-02-22 04:45 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-04-29 15:14 - 2014-02-22 04:45 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-04-29 15:14 - 2014-02-22 04:43 - 01108480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-04-29 15:14 - 2014-02-22 04:43 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2014-04-29 15:14 - 2014-02-22 04:43 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2014-04-29 15:14 - 2014-02-22 04:42 - 00943104 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2014-04-29 15:14 - 2014-02-22 04:42 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2014-04-29 15:14 - 2014-02-22 04:42 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-04-29 15:14 - 2014-02-22 04:42 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AltTab.dll
2014-04-29 15:14 - 2014-02-22 04:41 - 00662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-04-29 15:14 - 2014-02-22 04:39 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-04-29 15:14 - 2014-02-22 04:38 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2014-04-29 15:14 - 2014-02-22 04:38 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-04-29 15:14 - 2014-02-22 04:37 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2014-04-29 15:14 - 2014-02-22 04:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-04-29 15:14 - 2014-02-22 04:33 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2014-04-29 15:14 - 2014-02-22 04:29 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2014-04-29 15:14 - 2014-02-22 04:28 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2014-04-29 15:14 - 2014-02-22 04:21 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-04-29 15:14 - 2014-02-22 04:21 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2014-04-29 15:14 - 2014-02-22 04:20 - 02302976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-04-29 15:14 - 2014-02-22 04:19 - 00698880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-04-29 15:14 - 2014-02-22 04:17 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-04-29 15:14 - 2014-02-22 03:56 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-04-29 15:14 - 2014-02-22 03:54 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-04-29 15:14 - 2014-02-22 00:35 - 00262335 _____ () C:\WINDOWS\system32\dfpinc.dat
2014-04-29 15:14 - 2014-02-07 21:08 - 00081975 _____ () C:\WINDOWS\system32\systemsf.ebd
2014-04-29 15:14 - 2014-02-07 21:08 - 00024518 _____ () C:\WINDOWS\system32\systemsflm.ebd
2014-04-29 15:14 - 2014-02-02 09:33 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-04-29 15:14 - 2014-01-31 05:35 - 03085824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2014-04-29 15:14 - 2014-01-31 05:08 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2014-04-29 15:14 - 2014-01-31 05:04 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2014-04-29 15:14 - 2014-01-29 03:44 - 01369736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-04-29 15:14 - 2014-01-29 03:43 - 00411992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2014-04-29 15:14 - 2014-01-29 02:41 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2014-04-29 15:14 - 2014-01-29 02:25 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2014-04-29 15:14 - 2014-01-27 13:25 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-04-29 15:14 - 2014-01-27 12:47 - 01165312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-04-29 15:14 - 2014-01-17 13:04 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2014-04-29 15:14 - 2014-01-07 20:33 - 00552632 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-04-29 15:14 - 2013-12-10 02:10 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2014-04-29 15:14 - 2013-12-04 09:53 - 00473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-04-29 15:13 - 2014-02-22 10:41 - 00033056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2014-04-29 15:13 - 2014-02-22 10:40 - 00163672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2014-04-29 15:13 - 2014-02-22 10:40 - 00064344 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2014-04-29 15:13 - 2014-02-22 10:38 - 00136320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2014-04-29 15:13 - 2014-02-22 10:38 - 00107352 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-04-29 15:13 - 2014-02-22 10:38 - 00078000 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-04-29 15:13 - 2014-02-22 10:26 - 00025944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2014-04-29 15:13 - 2014-02-22 10:18 - 00046000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-04-29 15:13 - 2014-02-22 10:08 - 00079496 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2014-04-29 15:13 - 2014-02-22 07:24 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2014-04-29 15:13 - 2014-02-22 07:24 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2014-04-29 15:13 - 2014-02-22 07:24 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2014-04-29 15:13 - 2014-02-22 07:24 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SSShim.dll
2014-04-29 15:13 - 2014-02-22 07:24 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-session-winsta-l1-1-0.dll
2014-04-29 15:13 - 2014-02-22 07:22 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys
2014-04-29 15:13 - 2014-02-22 07:22 - 00025600 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2014-04-29 15:13 - 2014-02-22 07:16 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2014-04-29 15:13 - 2014-02-22 07:13 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2014-04-29 15:13 - 2014-02-22 07:12 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2014-04-29 15:13 - 2014-02-22 07:11 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2014-04-29 15:13 - 2014-02-22 07:09 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-04-29 15:13 - 2014-02-22 07:09 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2014-04-29 15:13 - 2014-02-22 07:09 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-04-29 15:13 - 2014-02-22 07:07 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-04-29 15:13 - 2014-02-22 07:04 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgrade.exe
2014-04-29 15:13 - 2014-02-22 07:01 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionQueue.dll
2014-04-29 15:13 - 2014-02-22 06:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-04-29 15:13 - 2014-02-22 06:58 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2014-04-29 15:13 - 2014-02-22 06:57 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2014-04-29 15:13 - 2014-02-22 06:56 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhevents.dll
2014-04-29 15:13 - 2014-02-22 06:54 - 00035024 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2014-04-29 15:13 - 2014-02-22 06:53 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PkgMgr.exe
2014-04-29 15:13 - 2014-02-22 06:50 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhengine.dll
2014-04-29 15:13 - 2014-02-22 06:50 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\diskpart.exe
2014-04-29 15:13 - 2014-02-22 06:47 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmdskmgr.dll
2014-04-29 15:13 - 2014-02-22 06:47 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2014-04-29 15:13 - 2014-02-22 06:46 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2014-04-29 15:13 - 2014-02-22 06:43 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2014-04-29 15:13 - 2014-02-22 06:41 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2014-04-29 15:13 - 2014-02-22 06:40 - 00304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-04-29 15:13 - 2014-02-22 06:40 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2014-04-29 15:13 - 2014-02-22 06:38 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-04-29 15:13 - 2014-02-22 06:37 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-04-29 15:13 - 2014-02-22 06:33 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2014-04-29 15:13 - 2014-02-22 06:33 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-04-29 15:13 - 2014-02-22 06:32 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2014-04-29 15:13 - 2014-02-22 06:30 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\cleanmgr.exe
2014-04-29 15:13 - 2014-02-22 06:27 - 00625664 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe
2014-04-29 15:13 - 2014-02-22 06:26 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2014-04-29 15:13 - 2014-02-22 06:25 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\scavengeui.dll
2014-04-29 15:13 - 2014-02-22 06:25 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2014-04-29 15:13 - 2014-02-22 06:23 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2014-04-29 15:13 - 2014-02-22 06:23 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentHost.dll
2014-04-29 15:13 - 2014-02-22 06:21 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfrgui.exe
2014-04-29 15:13 - 2014-02-22 06:21 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-04-29 15:13 - 2014-02-22 06:21 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2014-04-29 15:13 - 2014-02-22 06:17 - 00570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2014-04-29 15:13 - 2014-02-22 06:17 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2014-04-29 15:13 - 2014-02-22 06:17 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAConn.dll
2014-04-29 15:13 - 2014-02-22 06:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2014-04-29 15:13 - 2014-02-22 06:16 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-04-29 15:13 - 2014-02-22 06:16 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2014-04-29 15:13 - 2014-02-22 06:15 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll
2014-04-29 15:13 - 2014-02-22 06:15 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrTasks.exe
2014-04-29 15:13 - 2014-02-22 06:12 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2014-04-29 15:13 - 2014-02-22 06:09 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2014-04-29 15:13 - 2014-02-22 06:09 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-04-29 15:13 - 2014-02-22 06:08 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2014-04-29 15:13 - 2014-02-22 06:04 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\netid.dll
2014-04-29 15:13 - 2014-02-22 06:03 - 02544128 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2014-04-29 15:13 - 2014-02-22 06:00 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitagent.exe
2014-04-29 15:13 - 2014-02-22 05:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-04-29 15:13 - 2014-02-22 05:58 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeResults.exe
2014-04-29 15:13 - 2014-02-22 05:54 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-04-29 15:13 - 2014-02-22 05:54 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-04-29 15:13 - 2014-02-22 05:52 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2014-04-29 15:13 - 2014-02-22 05:48 - 01136128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2014-04-29 15:13 - 2014-02-22 05:41 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-04-29 15:13 - 2014-02-22 05:29 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2014-04-29 15:13 - 2014-02-22 05:28 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2014-04-29 15:13 - 2014-02-22 05:27 - 00484864 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-04-29 15:13 - 2014-02-22 05:26 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2014-04-29 15:13 - 2014-02-22 05:25 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2014-04-29 15:13 - 2014-02-22 05:23 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2014-04-29 15:13 - 2014-02-22 05:23 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2014-04-29 15:13 - 2014-02-22 05:22 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2014-04-29 15:13 - 2014-02-22 05:19 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-04-29 15:13 - 2014-02-22 05:17 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2014-04-29 15:13 - 2014-02-22 05:16 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxshared.dll
2014-04-29 15:13 - 2014-02-22 05:15 - 00178176 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-04-29 15:13 - 2014-02-22 05:10 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-04-29 15:13 - 2014-02-22 05:09 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2014-04-29 15:13 - 2014-02-22 05:08 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2014-04-29 15:13 - 2014-02-22 05:06 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2014-04-29 15:13 - 2014-02-22 05:03 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-04-29 15:13 - 2014-02-22 05:02 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2014-04-29 15:13 - 2014-02-22 04:58 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-04-29 15:13 - 2014-02-22 04:55 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\slpts.dll
2014-04-29 15:13 - 2014-02-22 04:52 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-04-29 15:13 - 2014-02-22 04:49 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-04-29 15:13 - 2014-02-22 04:48 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-29 15:13 - 2014-02-22 04:48 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-04-29 15:13 - 2014-02-22 04:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConfigureExpandedStorage.dll
2014-04-29 15:13 - 2014-02-22 04:48 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2014-04-29 15:13 - 2014-02-22 04:48 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\energytask.dll
2014-04-29 15:13 - 2014-02-22 04:48 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msshooks.dll
2014-04-29 15:13 - 2014-02-22 04:47 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2014-04-29 15:13 - 2014-02-22 04:47 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AepRoam.dll
2014-04-29 15:13 - 2014-02-22 04:45 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2014-04-29 15:13 - 2014-02-22 04:44 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2014-04-29 15:13 - 2014-02-22 04:43 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2014-04-29 15:13 - 2014-02-22 04:43 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2014-04-29 15:13 - 2014-02-22 04:43 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-04-29 15:13 - 2014-02-22 04:41 - 03278848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2014-04-29 15:13 - 2014-02-22 04:40 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2014-04-29 15:13 - 2014-02-22 04:39 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2014-04-29 15:13 - 2014-02-22 04:39 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\provsvc.dll
2014-04-29 15:13 - 2014-02-22 04:38 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Renewal.dll
2014-04-29 15:13 - 2014-02-22 04:33 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2014-04-29 15:13 - 2014-02-22 04:25 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-04-29 15:13 - 2014-02-22 04:24 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2014-04-29 15:13 - 2014-02-22 04:23 - 00165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2014-04-29 15:13 - 2014-02-22 04:20 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2014-04-29 15:13 - 2014-02-22 04:19 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2014-04-29 15:13 - 2014-02-22 04:17 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2014-04-29 15:13 - 2014-02-22 00:38 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-04-29 15:13 - 2014-02-22 00:38 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-04-29 15:13 - 2014-02-22 00:38 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-04-29 15:13 - 2014-02-22 00:38 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-04-29 15:13 - 2014-02-07 21:08 - 00100197 _____ () C:\WINDOWS\system32\RacRules.xml
2014-04-29 15:13 - 2014-02-01 02:00 - 00002255 _____ () C:\WINDOWS\system32\WimBootCompress.ini
2014-04-29 15:13 - 2014-01-31 07:11 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-04-29 15:13 - 2014-01-31 05:10 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2014-04-29 15:13 - 2014-01-31 04:24 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-04-29 15:13 - 2014-01-29 03:38 - 00735576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2014-04-29 15:13 - 2014-01-29 02:25 - 00457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2014-04-29 15:13 - 2014-01-22 01:50 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2014-04-29 15:13 - 2013-12-04 10:19 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-04-29 15:13 - 2013-11-27 05:20 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\finger.exe
2014-04-29 15:13 - 2013-11-27 04:56 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2014-04-29 15:13 - 2013-11-23 04:37 - 00036696 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-04-29 15:13 - 2013-11-07 23:47 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-04-29 15:12 - 2014-02-22 07:25 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\f3ahvoas.dll
2014-04-29 15:12 - 2014-02-22 07:25 - 00008192 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-1.dll
2014-04-29 15:12 - 2014-02-22 07:25 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-0.dll
2014-04-29 15:12 - 2014-02-22 07:24 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-networking-wcmapi-l1-1-0.dll
2014-04-29 15:12 - 2014-02-22 07:24 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-kernel32-package-l1-1-1.dll
2014-04-29 15:12 - 2014-02-22 07:23 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\workerdd.dll
2014-04-29 15:12 - 2014-02-22 06:59 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ocsetapi.dll
2014-04-29 15:12 - 2014-02-22 06:31 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-04-29 15:12 - 2014-02-22 05:59 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-04-29 15:12 - 2014-02-22 05:53 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-04-29 15:12 - 2014-02-22 05:27 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2014-04-29 15:12 - 2014-02-22 05:26 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2014-04-29 15:12 - 2014-02-22 05:21 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2014-04-29 15:12 - 2014-02-22 05:19 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\korwbrkr.dll
2014-04-29 15:12 - 2014-02-22 04:50 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-04-29 15:12 - 2014-02-22 04:48 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2014-04-29 15:12 - 2014-02-22 04:39 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2014-04-29 15:12 - 2014-02-22 00:46 - 00002440 ___RS () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk
2014-04-29 15:12 - 2014-02-01 02:00 - 00011109 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-04-29 15:12 - 2014-02-01 02:00 - 00007762 _____ () C:\WINDOWS\system32\connectedsearch-suggestions.searchconnector-ms
2014-04-29 15:12 - 2014-02-01 02:00 - 00007130 _____ () C:\WINDOWS\system32\connectedsearch-zeroinput.searchconnector-ms
2014-04-29 15:12 - 2014-01-27 07:52 - 00050053 _____ () C:\WINDOWS\system32\srms.dat
2014-04-29 14:41 - 2014-04-09 06:54 - 00049544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-04-29 14:41 - 2014-04-08 23:21 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-04-29 14:41 - 2014-04-08 23:21 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-04-29 14:41 - 2014-04-08 23:07 - 01634304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-04-29 14:41 - 2014-04-08 23:05 - 02767360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-04-29 14:41 - 2014-03-19 21:31 - 01037504 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-04-29 14:41 - 2014-03-19 21:20 - 18679216 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-04-29 14:41 - 2014-03-19 21:12 - 00863552 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-04-29 14:41 - 2014-03-19 21:09 - 01679704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-04-29 14:41 - 2014-03-19 21:09 - 00283992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-04-29 14:41 - 2014-03-19 20:08 - 03562496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-04-29 14:41 - 2014-03-06 06:37 - 05786968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-04-29 14:41 - 2014-03-06 04:20 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-04-29 14:41 - 2014-03-06 02:59 - 12732416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-04-29 14:41 - 2014-03-06 02:29 - 11791360 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-04-29 14:41 - 2014-03-06 02:23 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-04-29 14:41 - 2014-03-06 01:27 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-04-29 14:41 - 2014-03-06 01:21 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-04-29 14:40 - 2014-03-19 19:39 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-04-29 14:40 - 2014-03-19 19:36 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-04-29 14:40 - 2014-03-19 01:25 - 00491008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-04-29 14:40 - 2014-03-19 01:20 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-04-29 14:40 - 2014-03-19 01:08 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-04-29 14:40 - 2014-03-19 00:33 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-04-29 14:40 - 2014-03-19 00:10 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-04-29 14:40 - 2014-03-13 06:12 - 00138584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-04-29 14:40 - 2014-03-12 09:45 - 00387210 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-04-29 14:40 - 2014-03-11 11:05 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfg.exe
2014-04-29 14:40 - 2014-03-11 10:49 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2014-04-29 14:40 - 2014-03-11 10:28 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-04-29 14:40 - 2014-03-11 10:09 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2014-04-29 14:40 - 2014-03-11 09:46 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2014-04-29 14:40 - 2014-03-11 09:34 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2014-04-29 14:40 - 2014-03-11 09:32 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-04-29 14:40 - 2014-03-11 09:30 - 00571392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-04-29 14:40 - 2014-03-11 09:02 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-04-29 14:40 - 2014-03-11 08:35 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-04-29 14:40 - 2014-03-08 08:00 - 01092896 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-04-29 14:40 - 2014-03-08 08:00 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-04-29 14:40 - 2014-03-08 07:53 - 00147800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-04-29 14:40 - 2014-03-08 07:49 - 00482416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-04-29 14:40 - 2014-03-08 07:49 - 00376152 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-04-29 14:40 - 2014-03-08 07:45 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-04-29 14:40 - 2014-03-08 07:35 - 00295256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-04-29 14:40 - 2014-03-08 07:34 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-04-29 14:40 - 2014-03-08 04:44 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-04-29 14:40 - 2014-03-08 04:12 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-04-29 14:40 - 2014-03-08 03:47 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-04-29 14:40 - 2014-03-08 03:40 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-04-29 14:40 - 2014-03-08 03:14 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-04-29 14:40 - 2014-03-08 03:12 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-04-29 14:40 - 2014-03-08 02:40 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-04-29 14:40 - 2014-03-08 02:38 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-04-29 14:40 - 2014-03-08 02:37 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-04-29 14:40 - 2014-03-08 02:37 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-04-29 14:40 - 2014-03-08 02:30 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-04-29 14:40 - 2014-03-08 02:25 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-04-29 14:40 - 2014-03-08 02:23 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-04-29 14:40 - 2014-03-08 02:02 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-04-29 14:40 - 2014-03-08 01:58 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-04-29 14:40 - 2014-03-08 01:42 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-04-29 14:40 - 2014-03-08 01:16 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-04-29 14:40 - 2014-03-06 07:20 - 01200296 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-04-29 14:40 - 2014-03-06 07:19 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-04-29 14:40 - 2014-03-06 07:19 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-04-29 14:40 - 2014-03-06 07:13 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-04-29 14:40 - 2014-03-06 07:13 - 00406912 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-04-29 14:40 - 2014-03-06 06:46 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-04-29 14:40 - 2014-03-06 06:43 - 01326936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-04-29 14:40 - 2014-03-06 06:43 - 00321880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-04-29 14:40 - 2014-03-06 06:35 - 00406512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-04-29 14:40 - 2014-03-06 06:35 - 00388408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-04-29 14:40 - 2014-03-06 06:35 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-04-29 14:40 - 2014-03-06 06:35 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-04-29 14:40 - 2014-03-06 06:35 - 00194752 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-04-29 14:40 - 2014-03-06 06:34 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-04-29 14:40 - 2014-03-06 04:28 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-04-29 14:40 - 2014-03-06 04:24 - 00092160 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-04-29 14:40 - 2014-03-06 04:24 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-04-29 14:40 - 2014-03-06 04:24 - 00020992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-04-29 14:40 - 2014-03-06 04:23 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-04-29 14:40 - 2014-03-06 04:22 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-04-29 14:40 - 2014-03-06 04:22 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-04-29 14:40 - 2014-03-06 04:21 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-04-29 14:40 - 2014-03-06 04:21 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-04-29 14:40 - 2014-03-06 04:20 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-04-29 14:40 - 2014-03-06 04:20 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-04-29 14:40 - 2014-03-06 04:20 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-04-29 14:40 - 2014-03-06 04:20 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-04-29 14:40 - 2014-03-06 04:20 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-04-29 14:40 - 2014-03-06 04:10 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-04-29 14:40 - 2014-03-06 04:09 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-04-29 14:40 - 2014-03-06 03:47 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-04-29 14:40 - 2014-03-06 03:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-04-29 14:40 - 2014-03-06 03:44 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-04-29 14:40 - 2014-03-06 03:16 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-04-29 14:40 - 2014-03-06 03:08 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-04-29 14:40 - 2014-03-06 02:42 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2014-04-29 14:40 - 2014-03-06 02:29 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-04-29 14:40 - 2014-03-06 02:14 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-04-29 14:40 - 2014-03-06 02:13 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-04-29 14:40 - 2014-03-06 02:11 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-04-29 14:40 - 2014-03-06 02:09 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-04-29 14:40 - 2014-03-06 02:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-04-29 14:40 - 2014-03-06 02:06 - 00153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-04-29 14:40 - 2014-03-06 02:04 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-04-29 14:40 - 2014-03-06 02:04 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-04-29 14:40 - 2014-03-06 02:02 - 00623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-04-29 14:40 - 2014-03-06 02:01 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-04-29 14:40 - 2014-03-06 02:00 - 01309184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-04-29 14:40 - 2014-03-06 01:54 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-04-29 14:40 - 2014-03-06 01:51 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-04-29 14:40 - 2014-03-06 01:45 - 00833536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-04-29 14:40 - 2014-03-06 01:42 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-04-29 14:40 - 2014-03-06 01:33 - 00839168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-04-29 14:40 - 2014-03-06 01:32 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-04-29 14:40 - 2014-03-04 07:16 - 02088160 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-04-29 14:40 - 2014-03-04 07:10 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-04-29 14:40 - 2014-03-04 07:09 - 01871192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-04-29 14:40 - 2014-03-04 07:09 - 00286040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-04-29 14:40 - 2014-03-04 03:26 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AdmTmpl.dll
2014-04-29 14:40 - 2014-03-04 02:42 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-04-29 14:40 - 2014-03-04 02:42 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-04-29 14:40 - 2014-03-04 02:39 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-04-29 14:40 - 2014-03-04 02:32 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-04-29 14:40 - 2014-03-04 02:30 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-04-29 14:40 - 2014-03-04 02:26 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-04-29 14:40 - 2014-03-04 02:05 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-04-29 14:40 - 2014-03-04 01:54 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-04-29 14:40 - 2014-03-04 01:52 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-04-29 14:40 - 2014-02-06 17:26 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-04-29 14:40 - 2013-12-23 19:28 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-04-29 13:46 - 2014-04-29 13:51 - 00000000 ____D () C:\Users\R0M\Documents\Expenses
2014-04-29 07:01 - 2014-04-29 07:01 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-04-29 06:56 - 2014-04-29 06:56 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-04-29 06:56 - 2014-04-29 06:56 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-04-29 06:56 - 2014-04-29 06:56 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-04-29 06:56 - 2014-04-29 06:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-04-29 06:56 - 2014-04-29 06:56 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-04-29 06:56 - 2014-04-29 06:56 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-04-28 15:39 - 2014-04-28 15:39 - 00004722 _____ () C:\Users\R0M\Desktop\RKreport[0]_D_04282014_153904.txt
2014-04-28 15:38 - 2014-04-28 15:38 - 00004669 _____ () C:\Users\R0M\Desktop\RKreport[0]_S_04282014_153816.txt
2014-04-28 15:36 - 2014-04-28 15:36 - 00112640 _____ () C:\WINDOWS\system32\Drivers\amdacpksl.sys.dump
2014-04-28 15:36 - 2014-04-28 15:36 - 00000000 ____D () C:\WINDOWS\snack
2014-04-28 15:34 - 2014-04-28 15:49 - 00000000 ____D () C:\Users\R0M\Desktop\RK_Quarantine
2014-04-28 15:34 - 2014-04-28 15:34 - 03972608 _____ () C:\Users\R0M\Desktop\RogueKiller.exe
2014-04-28 15:09 - 2014-04-30 21:25 - 00001986 _____ () C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2014-04-28 15:09 - 2014-04-28 15:09 - 06598344 _____ () C:\Users\R0M\Desktop\HPPSdr.exe
2014-04-27 17:22 - 2014-04-27 17:22 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-27 17:21 - 2014-04-28 15:04 - 00000000 ____D () C:\WINDOWS\455F074C814E4520B69B5584BD90400C.TMP
2014-04-27 17:14 - 2014-04-27 17:14 - 04143738 _____ () C:\Users\R0M\Desktop\tdsskiller.zip
2014-04-27 17:14 - 2014-04-27 17:14 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\R0M\Desktop\tdsskiller.exe
2014-04-27 17:12 - 2014-04-27 17:14 - 00000000 ____D () C:\Users\R0M\AppData\Local\NPE
2014-04-27 17:12 - 2014-04-27 17:12 - 00000000 ____D () C:\ProgramData\Norton
2014-04-27 17:11 - 2014-04-27 17:11 - 03077584 ____N (Symantec Corporation) C:\Users\R0M\Desktop\NPE.exe
2014-04-27 17:10 - 2014-05-02 10:59 - 00028040 _____ () C:\Users\R0M\Desktop\Result.txt
2014-04-25 18:45 - 2014-04-25 20:53 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-04-25 18:45 - 2014-04-25 18:45 - 00001076 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-25 18:45 - 2014-04-25 18:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-25 18:45 - 2014-04-25 18:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-25 18:45 - 2014-04-25 18:45 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-25 18:45 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-04-25 18:45 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-04-25 18:45 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-04-25 18:39 - 2014-04-25 18:40 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\R0M\Desktop\mbam-setup-2.0.1.1004.exe
2014-04-25 18:32 - 2014-04-25 18:38 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-04-25 18:29 - 2014-04-25 18:29 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-04-25 18:23 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll
2014-04-25 18:22 - 2014-04-28 16:23 - 00000000 ____D () C:\AdwCleaner
2014-04-25 17:56 - 2014-04-25 17:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-04-22 10:53 - 2014-04-22 10:53 - 00001267 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-04-20 13:56 - 2014-04-20 13:56 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_netaapl_01009.Wdf
2014-04-17 15:47 - 2014-04-17 15:47 - 00002682 _____ () C:\Users\R0M\Documents\Barracuda Ouverture.wlmp
2014-04-16 14:34 - 2014-04-16 14:34 - 00000000 ____D () C:\Users\R0M\AppData\Roaming\Oracle
2014-04-16 14:32 - 2014-04-16 14:32 - 00000000 ____D () C:\ProgramData\Sun
2014-04-16 14:32 - 2014-04-16 14:32 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-16 14:32 - 2014-04-16 14:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-16 14:32 - 2014-04-16 14:32 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-04-16 14:32 - 2014-04-16 14:31 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-04-16 14:32 - 2014-04-16 14:31 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-04-16 14:32 - 2014-04-16 14:31 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-04-16 14:32 - 2014-04-16 14:31 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-04-16 14:31 - 2014-04-16 14:31 - 00000000 ____D () C:\Program Files\Java
2014-04-15 12:56 - 2014-04-15 12:56 - 00000981 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-04-15 12:56 - 2014-04-15 12:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-04-15 12:56 - 2014-04-15 12:56 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-15 12:55 - 2014-04-15 12:55 - 04787368 _____ (Piriform Ltd) C:\Users\R0M\Desktop\ccsetup412.exe
2014-04-11 12:09 - 2014-05-11 14:04 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
 
==================== One Month Modified Files and Folders =======
 
2014-05-11 20:44 - 2014-05-11 20:43 - 00009865 _____ () C:\Users\R0M\Desktop\FRST.txt
2014-05-11 20:43 - 2014-05-11 20:43 - 00000000 ____D () C:\FRST
2014-05-11 20:40 - 2014-05-11 20:40 - 01056256 _____ (Farbar) C:\Users\R0M\Desktop\FRST (1).exe
2014-05-11 20:38 - 2014-05-11 20:38 - 01056256 _____ (Farbar) C:\Users\R0M\Desktop\FRST.exe
2014-05-11 20:37 - 2013-10-18 15:15 - 01329532 _____ () C:\WINDOWS\WindowsUpdate.log
2014-05-11 14:07 - 2014-02-26 16:51 - 00000898 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-11 14:04 - 2014-04-11 12:09 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-05-11 14:02 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-05-11 13:07 - 2014-02-26 16:51 - 00002149 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-11 13:07 - 2014-02-26 16:51 - 00000894 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-11 11:34 - 2014-01-25 20:18 - 00007634 _____ () C:\Users\R0M\AppData\Local\Resmon.ResmonCfg
2014-05-11 05:42 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-05-10 22:39 - 2013-10-18 15:21 - 00000000 __RDO () C:\Users\R0M\SkyDrive
2014-05-10 21:09 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-05-09 17:08 - 2013-01-19 14:02 - 00000000 ____D () C:\Users\R0M\Documents\logos
2014-05-09 17:04 - 2014-05-09 17:04 - 00400518 _____ () C:\Users\R0M\Desktop\circus-logo-black (1).ai
2014-05-09 12:15 - 2013-10-18 15:13 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-09 12:08 - 2013-08-22 03:23 - 00308701 _____ () C:\WINDOWS\setupact.log
2014-05-08 12:34 - 2014-05-08 12:34 - 00541302 _____ () C:\Users\R0M\Desktop\DeviceWin8.meta.diagcab
2014-05-08 12:14 - 2013-09-29 23:50 - 00058730 _____ () C:\WINDOWS\PFRO.log
2014-05-08 12:14 - 2013-08-22 03:23 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-05-08 12:14 - 2013-08-22 03:22 - 00377968 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-05-08 12:13 - 2013-08-22 02:13 - 00786432 ___SH () C:\WINDOWS\system32\config\BBI
2014-05-08 09:11 - 2013-08-22 02:13 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-05-05 17:40 - 2014-05-05 17:40 - 00127172 _____ () C:\Users\R0M\Desktop\ImageProxy.jfif
2014-05-02 20:12 - 2013-01-21 13:39 - 00000000 ____D () C:\Users\R0M\Documents\My Scans
2014-05-02 14:44 - 2014-05-02 14:44 - 00345269 _____ () C:\Users\R0M\Desktop\Vaness,jpg
2014-05-02 11:00 - 2014-05-02 11:00 - 00000953 _____ () C:\Users\Public\Desktop\Speccy.lnk
2014-05-02 11:00 - 2014-05-02 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2014-05-02 11:00 - 2014-05-02 11:00 - 00000000 ____D () C:\Program Files\Speccy
2014-05-02 10:59 - 2014-04-27 17:10 - 00028040 _____ () C:\Users\R0M\Desktop\Result.txt
2014-05-02 10:55 - 2014-05-02 10:55 - 00003363 _____ () C:\Users\R0M\Desktop\FSS.txt
2014-05-02 10:54 - 2014-05-02 10:54 - 04890736 _____ (Piriform Ltd) C:\Users\R0M\Desktop\spsetup126.exe
2014-05-02 10:52 - 2014-05-02 10:52 - 00982016 _____ (Farbar) C:\Users\R0M\Desktop\MiniToolBox.exe
2014-05-02 10:52 - 2014-05-02 10:52 - 00854355 _____ () C:\Users\R0M\Desktop\SecurityCheck.exe
2014-05-02 10:51 - 2014-05-02 10:51 - 00409600 _____ (Farbar) C:\Users\R0M\Desktop\FSS.exe
2014-05-01 18:06 - 2014-05-01 18:06 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-05-01 14:04 - 2014-05-01 14:03 - 64662552 _____ () C:\Users\R0M\Desktop\My Movie.mp4
2014-05-01 14:02 - 2014-05-01 14:02 - 18125647 _____ () C:\Users\R0M\Desktop\animoto_360p.mp4
2014-05-01 13:50 - 2014-05-01 13:49 - 03220376 _____ () C:\Users\R0M\Desktop\Happy Birthday Rock Song - Dog playing guitar - Funny Greeting Card - Human Dog.mp4
2014-05-01 13:40 - 2014-05-01 13:40 - 07615664 _____ () C:\Users\R0M\Desktop\1127835_10151600030329495_56686_n.mp4
2014-05-01 12:52 - 2014-05-01 12:50 - 00002698 _____ () C:\Users\R0M\Desktop\Rkill.txt
2014-05-01 12:50 - 2014-05-01 12:50 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\R0M\Desktop\rkill.exe
2014-04-30 23:23 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\rescache
2014-04-30 22:30 - 2013-09-28 15:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-04-30 22:29 - 2014-04-30 22:29 - 00000000 __SHD () C:\Users\R0M\AppData\Local\EmieUserList
2014-04-30 22:29 - 2014-04-30 22:29 - 00000000 __SHD () C:\Users\R0M\AppData\Local\EmieSiteList
2014-04-30 22:01 - 2014-04-30 21:54 - 00188158 _____ () C:\WINDOWS\hpoins28.dat
2014-04-30 22:01 - 2013-09-28 14:52 - 00006226 _____ () C:\ProgramData\hpzinstall.log
2014-04-30 22:01 - 2012-07-26 00:17 - 00000127 _____ () C:\WINDOWS\win.ini
2014-04-30 22:00 - 2014-04-30 22:00 - 00001048 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
2014-04-30 21:59 - 2014-04-30 21:59 - 00001135 _____ () C:\Users\Public\Desktop\Shop for HP Supplies.lnk
2014-04-30 21:59 - 2013-09-28 15:05 - 00000000 ____D () C:\Program Files\HP
2014-04-30 21:58 - 2014-04-30 21:58 - 00001299 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2014-04-30 21:58 - 2014-04-30 21:58 - 00001293 _____ () C:\Users\Public\Desktop\HP Solution Center.lnk
2014-04-30 21:58 - 2014-04-30 21:58 - 00000000 ____D () C:\ProgramData\HP Product Assistant
2014-04-30 21:58 - 2013-09-28 14:51 - 00000000 ____D () C:\ProgramData\HP
2014-04-30 21:57 - 2014-04-30 21:57 - 00000000 ____D () C:\Program Files\Common Files\HP
2014-04-30 21:57 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\twain_32
2014-04-30 21:36 - 2013-08-22 04:17 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-04-30 21:36 - 2013-08-22 04:17 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-30 21:36 - 2013-08-22 04:17 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-30 21:36 - 2013-08-22 04:17 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-30 21:36 - 2013-08-22 04:17 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-30 21:36 - 2013-08-22 04:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\WinStore
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\zh-TW
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\zh-HK
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\zh-CN
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\uk-UA
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\tr-TR
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\th-TH
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\sv-SE
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\sl-SI
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\sk-SK
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\ru-RU
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\ro-RO
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\pt-PT
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\pt-BR
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\pl-PL
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\nl-NL
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\nb-NO
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\lv-LV
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\lt-LT
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\ko-KR
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\ja-JP
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\it-IT
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\hu-HU
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\hr-HR
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\he-IL
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\fr-FR
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\fi-FI
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\et-EE
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\el-GR
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\de-DE
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\bg-BG
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\ar-SA
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\FileManager
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\Camera
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2014-04-30 21:25 - 2014-04-28 15:09 - 00001986 _____ () C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2014-04-30 21:23 - 2014-04-30 21:23 - 02338824 _____ () C:\Users\R0M\Desktop\hppiw.exe
2014-04-30 21:19 - 2013-09-28 15:45 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-30 21:18 - 2014-04-30 21:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2014-04-30 21:18 - 2014-04-06 16:05 - 00001874 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2014-04-30 21:18 - 2013-09-28 15:58 - 00000000 ____D () C:\ProgramData\Garmin
2014-04-30 21:18 - 2013-09-28 15:58 - 00000000 ____D () C:\Program Files\Garmin
2014-04-30 21:09 - 2014-04-30 21:09 - 00000000 ____D () C:\Users\R0M\Documents\Optimizer Pro
2014-04-30 21:04 - 2014-04-30 21:04 - 00000000 ____D () C:\Users\R0M\AppData\Roaming\HP DESKJET F4200 Driver Utility
2014-04-30 21:03 - 2014-04-30 21:03 - 02076256 _____ (Lavians Inc. ) C:\Users\R0M\Downloads\hp-deskjet-f4200-driver-utility.exe
2014-04-29 13:51 - 2014-04-29 13:46 - 00000000 ____D () C:\Users\R0M\Documents\Expenses
2014-04-29 08:48 - 2014-05-01 18:08 - 17384448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-04-29 07:01 - 2014-04-29 07:01 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-04-29 06:56 - 2014-04-29 06:56 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-04-29 06:56 - 2014-04-29 06:56 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-04-29 06:56 - 2014-04-29 06:56 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-04-29 06:56 - 2014-04-29 06:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-04-29 06:56 - 2014-04-29 06:56 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-04-29 06:56 - 2014-04-29 06:56 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-04-28 16:23 - 2014-04-25 18:22 - 00000000 ____D () C:\AdwCleaner
2014-04-28 15:49 - 2014-04-28 15:34 - 00000000 ____D () C:\Users\R0M\Desktop\RK_Quarantine
2014-04-28 15:39 - 2014-04-28 15:39 - 00004722 _____ () C:\Users\R0M\Desktop\RKreport[0]_D_04282014_153904.txt
2014-04-28 15:38 - 2014-04-28 15:38 - 00004669 _____ () C:\Users\R0M\Desktop\RKreport[0]_S_04282014_153816.txt
2014-04-28 15:36 - 2014-04-28 15:36 - 00112640 _____ () C:\WINDOWS\system32\Drivers\amdacpksl.sys.dump
2014-04-28 15:36 - 2014-04-28 15:36 - 00000000 ____D () C:\WINDOWS\snack
2014-04-28 15:34 - 2014-04-28 15:34 - 03972608 _____ () C:\Users\R0M\Desktop\RogueKiller.exe
2014-04-28 15:09 - 2014-04-28 15:09 - 06598344 _____ () C:\Users\R0M\Desktop\HPPSdr.exe
2014-04-28 15:04 - 2014-04-27 17:21 - 00000000 ____D () C:\WINDOWS\455F074C814E4520B69B5584BD90400C.TMP
2014-04-28 15:04 - 2013-09-28 15:15 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2014-04-27 17:22 - 2014-04-27 17:22 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-27 17:21 - 2013-09-28 15:16 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-04-27 17:14 - 2014-04-27 17:14 - 04143738 _____ () C:\Users\R0M\Desktop\tdsskiller.zip
2014-04-27 17:14 - 2014-04-27 17:14 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\R0M\Desktop\tdsskiller.exe
2014-04-27 17:14 - 2014-04-27 17:12 - 00000000 ____D () C:\Users\R0M\AppData\Local\NPE
2014-04-27 17:12 - 2014-04-27 17:12 - 00000000 ____D () C:\ProgramData\Norton
2014-04-27 17:11 - 2014-04-27 17:11 - 03077584 ____N (Symantec Corporation) C:\Users\R0M\Desktop\NPE.exe
2014-04-25 20:53 - 2014-04-25 18:45 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-04-25 18:45 - 2014-04-25 18:45 - 00001076 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-25 18:45 - 2014-04-25 18:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-25 18:45 - 2014-04-25 18:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-25 18:45 - 2014-04-25 18:45 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-25 18:40 - 2014-04-25 18:39 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\R0M\Desktop\mbam-setup-2.0.1.1004.exe
2014-04-25 18:38 - 2014-04-25 18:32 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-04-25 18:29 - 2014-04-25 18:29 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-04-25 17:56 - 2014-04-25 17:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-04-22 20:24 - 2013-08-22 04:18 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-04-22 20:24 - 2013-08-22 04:18 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-04-22 10:53 - 2014-04-22 10:53 - 00001267 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-04-22 10:53 - 2013-09-27 14:51 - 00001336 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-04-22 10:52 - 2013-09-27 14:51 - 00000000 ____D () C:\Program Files\Windows Live
2014-04-20 13:56 - 2014-04-20 13:56 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_netaapl_01009.Wdf
2014-04-20 12:37 - 2014-04-01 02:07 - 00000600 _____ () C:\Users\R0M\AppData\Local\PUTTY.RND
2014-04-18 13:19 - 2013-01-19 13:54 - 00000000 ____D () C:\Users\R0M\Documents\Watermarks
2014-04-17 15:47 - 2014-04-17 15:47 - 00002682 _____ () C:\Users\R0M\Documents\Barracuda Ouverture.wlmp
2014-04-16 17:42 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-04-16 14:34 - 2014-04-16 14:34 - 00000000 ____D () C:\Users\R0M\AppData\Roaming\Oracle
2014-04-16 14:32 - 2014-04-16 14:32 - 00000000 ____D () C:\ProgramData\Sun
2014-04-16 14:32 - 2014-04-16 14:32 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-16 14:32 - 2014-04-16 14:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-16 14:32 - 2014-04-16 14:32 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-04-16 14:31 - 2014-04-16 14:32 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-04-16 14:31 - 2014-04-16 14:32 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-04-16 14:31 - 2014-04-16 14:32 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-04-16 14:31 - 2014-04-16 14:32 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-04-16 14:31 - 2014-04-16 14:31 - 00000000 ____D () C:\Program Files\Java
2014-04-15 12:56 - 2014-04-15 12:56 - 00000981 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-04-15 12:56 - 2014-04-15 12:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-04-15 12:56 - 2014-04-15 12:56 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-15 12:55 - 2014-04-15 12:55 - 04787368 _____ (Piriform Ltd) C:\Users\R0M\Desktop\ccsetup412.exe
2014-04-11 12:09 - 2013-09-28 15:54 - 00000000 ____D () C:\Users\R0M\AppData\Local\Adobe
 
Some content of TEMP:
====================
C:\Users\R0M\AppData\Local\Temp\AMDCleanupUtility.exe
C:\Users\R0M\AppData\Local\Temp\Cleanup.dll
C:\Users\R0M\AppData\Local\Temp\ExPromo.exe
C:\Users\R0M\AppData\Local\Temp\ffdshow.exe
C:\Users\R0M\AppData\Local\Temp\HPInstaller.exe
C:\Users\R0M\AppData\Local\Temp\MatroskaSplitter.exe
C:\Users\R0M\AppData\Local\Temp\msvcm80.dll
C:\Users\R0M\AppData\Local\Temp\msvcp80.dll
C:\Users\R0M\AppData\Local\Temp\msvcr80.dll
C:\Users\R0M\AppData\Local\Temp\ntdll_dump.dll
C:\Users\R0M\AppData\Local\Temp\Quarantine.exe
C:\Users\R0M\AppData\Local\Temp\raptrpatch.exe
C:\Users\R0M\AppData\Local\Temp\SHSetup.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\WINDOWS\explorer.exe
[2014-04-29 14:40] - [2014-03-04 07:16] - 2088160 ____A (Microsoft Corporation) 119E091B5386379BC5AA598BE9440C75
 
C:\WINDOWS\system32\winlogon.exe
[2014-04-29 15:14] - [2014-02-22 05:21] - 0459264 ____A (Microsoft Corporation) 70C57DC69D4A7D92D2CAC90C3AD16E6F
 
C:\WINDOWS\system32\wininit.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll
[2014-04-29 15:14] - [2014-02-22 10:42] - 1370696 ____A (Microsoft Corporation) 43B0EB86B10506AD564E2005A6156D30
 
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll
[2014-04-29 15:14] - [2014-02-22 05:16] - 0593408 ____A (Microsoft Corporation) 05C0337538BEECC04FC695808EFF201C
 
 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[2014-04-29 15:15] - [2014-02-22 10:08] - 0265048 ___AC (Microsoft Corporation) 085918BF459BCB835CFC535BE7138539
 
 
 
LastRegBack: 2014-05-08 15:30
 
==================== End Of Log ============================
 
2014-04-30 21:58 - 2013-09-28 14:51 - 00000000 ____D () C:\ProgramData\HP
2014-04-30 21:57 - 2014-04-30 21:57 - 00000000 ____D () C:\Program Files\Common Files\HP
2014-04-30 21:57 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\twain_32
2014-04-30 21:36 - 2013-08-22 04:17 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-04-30 21:36 - 2013-08-22 04:17 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-30 21:36 - 2013-08-22 04:17 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-30 21:36 - 2013-08-22 04:17 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-30 21:36 - 2013-08-22 04:17 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-30 21:36 - 2013-08-22 04:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\WinStore
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\zh-TW
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\zh-HK
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\zh-CN
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\uk-UA
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\tr-TR
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\th-TH
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\sv-SE
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\sl-SI
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\sk-SK
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\ru-RU
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\ro-RO
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\pt-PT
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\pt-BR
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\pl-PL
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\nl-NL
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\nb-NO
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\lv-LV
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\lt-LT
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\ko-KR
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\ja-JP
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\it-IT
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\hu-HU
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\hr-HR
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\he-IL
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\fr-FR
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\fi-FI
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\et-EE
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\el-GR
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\de-DE
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\bg-BG
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\ar-SA
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\FileManager
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\Camera
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-04-30 21:35 - 2013-08-22 04:17 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2014-04-30 21:25 - 2014-04-28 15:09 - 00001986 _____ () C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2014-04-30 21:23 - 2014-04-30 21:23 - 02338824 _____ () C:\Users\R0M\Desktop\hppiw.exe
2014-04-30 21:19 - 2013-09-28 15:45 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-30 21:18 - 2014-04-30 21:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2014-04-30 21:18 - 2014-04-06 16:05 - 00001874 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2014-04-30 21:18 - 2013-09-28 15:58 - 00000000 ____D () C:\ProgramData\Garmin
2014-04-30 21:18 - 2013-09-28 15:58 - 00000000 ____D () C:\Program Files\Garmin
2014-04-30 21:09 - 2014-04-30 21:09 - 00000000 ____D () C:\Users\R0M\Documents\Optimizer Pro
2014-04-30 21:04 - 2014-04-30 21:04 - 00000000 ____D () C:\Users\R0M\AppData\Roaming\HP DESKJET F4200 Driver Utility
2014-04-30 21:03 - 2014-04-30 21:03 - 02076256 _____ (Lavians Inc. ) C:\Users\R0M\Downloads\hp-deskjet-f4200-driver-utility.exe
2014-04-29 13:51 - 2014-04-29 13:46 - 00000000 ____D () C:\Users\R0M\Documents\Expenses
2014-04-29 08:48 - 2014-05-01 18:08 - 17384448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-04-29 07:01 - 2014-04-29 07:01 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-04-29 06:56 - 2014-04-29 06:56 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-04-29 06:56 - 2014-04-29 06:56 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-04-29 06:56 - 2014-04-29 06:56 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-04-29 06:56 - 2014-04-29 06:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-04-29 06:56 - 2014-04-29 06:56 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-04-29 06:56 - 2014-04-29 06:56 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-04-28 16:23 - 2014-04-25 18:22 - 00000000 ____D () C:\AdwCleaner
2014-04-28 15:49 - 2014-04-28 15:34 - 00000000 ____D () C:\Users\R0M\Desktop\RK_Quarantine
2014-04-28 15:39 - 2014-04-28 15:39 - 00004722 _____ () C:\Users\R0M\Desktop\RKreport[0]_D_04282014_153904.txt
2014-04-28 15:38 - 2014-04-28 15:38 - 00004669 _____ () C:\Users\R0M\Desktop\RKreport[0]_S_04282014_153816.txt
2014-04-28 15:36 - 2014-04-28 15:36 - 00112640 _____ () C:\WINDOWS\system32\Drivers\amdacpksl.sys.dump
2014-04-28 15:36 - 2014-04-28 15:36 - 00000000 ____D () C:\WINDOWS\snack
2014-04-28 15:34 - 2014-04-28 15:34 - 03972608 _____ () C:\Users\R0M\Desktop\RogueKiller.exe
2014-04-28 15:09 - 2014-04-28 15:09 - 06598344 _____ () C:\Users\R0M\Desktop\HPPSdr.exe
2014-04-28 15:04 - 2014-04-27 17:21 - 00000000 ____D () C:\WINDOWS\455F074C814E4520B69B5584BD90400C.TMP
2014-04-28 15:04 - 2013-09-28 15:15 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2014-04-27 17:22 - 2014-04-27 17:22 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-27 17:21 - 2013-09-28 15:16 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-04-27 17:14 - 2014-04-27 17:14 - 04143738 _____ () C:\Users\R0M\Desktop\tdsskiller.zip
2014-04-27 17:14 - 2014-04-27 17:14 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\R0M\Desktop\tdsskiller.exe
2014-04-27 17:14 - 2014-04-27 17:12 - 00000000 ____D () C:\Users\R0M\AppData\Local\NPE
2014-04-27 17:12 - 2014-04-27 17:12 - 00000000 ____D () C:\ProgramData\Norton
2014-04-27 17:11 - 2014-04-27 17:11 - 03077584 ____N (Symantec Corporation) C:\Users\R0M\Desktop\NPE.exe
2014-04-25 20:53 - 2014-04-25 18:45 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-04-25 18:45 - 2014-04-25 18:45 - 00001076 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-25 18:45 - 2014-04-25 18:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-25 18:45 - 2014-04-25 18:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-25 18:45 - 2014-04-25 18:45 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-25 18:40 - 2014-04-25 18:39 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\R0M\Desktop\mbam-setup-2.0.1.1004.exe
2014-04-25 18:38 - 2014-04-25 18:32 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-04-25 18:29 - 2014-04-25 18:29 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-04-25 17:56 - 2014-04-25 17:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-04-22 20:24 - 2013-08-22 04:18 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-04-22 20:24 - 2013-08-22 04:18 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-04-22 10:53 - 2014-04-22 10:53 - 00001267 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-04-22 10:53 - 2013-09-27 14:51 - 00001336 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-04-22 10:52 - 2013-09-27 14:51 - 00000000 ____D () C:\Program Files\Windows Live
2014-04-20 13:56 - 2014-04-20 13:56 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_netaapl_01009.Wdf
2014-04-20 12:37 - 2014-04-01 02:07 - 00000600 _____ () C:\Users\R0M\AppData\Local\PUTTY.RND
2014-04-18 13:19 - 2013-01-19 13:54 - 00000000 ____D () C:\Users\R0M\Documents\Watermarks
2014-04-17 15:47 - 2014-04-17 15:47 - 00002682 _____ () C:\Users\R0M\Documents\Barracuda Ouverture.wlmp
2014-04-16 17:42 - 2013-08-22 04:17 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-04-16 14:34 - 2014-04-16 14:34 - 00000000 ____D () C:\Users\R0M\AppData\Roaming\Oracle
2014-04-16 14:32 - 2014-04-16 14:32 - 00000000 ____D () C:\ProgramData\Sun
2014-04-16 14:32 - 2014-04-16 14:32 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-16 14:32 - 2014-04-16 14:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-16 14:32 - 2014-04-16 14:32 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-04-16 14:31 - 2014-04-16 14:32 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-04-16 14:31 - 2014-04-16 14:32 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-04-16 14:31 - 2014-04-16 14:32 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-04-16 14:31 - 2014-04-16 14:32 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-04-16 14:31 - 2014-04-16 14:31 - 00000000 ____D () C:\Program Files\Java
2014-04-15 12:56 - 2014-04-15 12:56 - 00000981 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-04-15 12:56 - 2014-04-15 12:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-04-15 12:56 - 2014-04-15 12:56 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-15 12:55 - 2014-04-15 12:55 - 04787368 _____ (Piriform Ltd) C:\Users\R0M\Desktop\ccsetup412.exe
2014-04-11 12:09 - 2013-09-28 15:54 - 00000000 ____D () C:\Users\R0M\AppData\Local\Adobe
 
Some content of TEMP:
====================
C:\Users\R0M\AppData\Local\Temp\AMDCleanupUtility.exe
C:\Users\R0M\AppData\Local\Temp\Cleanup.dll
C:\Users\R0M\AppData\Local\Temp\ExPromo.exe
C:\Users\R0M\AppData\Local\Temp\ffdshow.exe
C:\Users\R0M\AppData\Local\Temp\HPInstaller.exe
C:\Users\R0M\AppData\Local\Temp\MatroskaSplitter.exe
C:\Users\R0M\AppData\Local\Temp\msvcm80.dll
C:\Users\R0M\AppData\Local\Temp\msvcp80.dll
C:\Users\R0M\AppData\Local\Temp\msvcr80.dll
C:\Users\R0M\AppData\Local\Temp\ntdll_dump.dll
C:\Users\R0M\AppData\Local\Temp\Quarantine.exe
C:\Users\R0M\AppData\Local\Temp\raptrpatch.exe
C:\Users\R0M\AppData\Local\Temp\SHSetup.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\WINDOWS\explorer.exe
[2014-04-29 14:40] - [2014-03-04 07:16] - 2088160 ____A (Microsoft Corporation) 119E091B5386379BC5AA598BE9440C75
 
C:\WINDOWS\system32\winlogon.exe
[2014-04-29 15:14] - [2014-02-22 05:21] - 0459264 ____A (Microsoft Corporation) 70C57DC69D4A7D92D2CAC90C3AD16E6F
 
C:\WINDOWS\system32\wininit.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll
[2014-04-29 15:14] - [2014-02-22 10:42] - 1370696 ____A (Microsoft Corporation) 43B0EB86B10506AD564E2005A6156D30
 
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll
[2014-04-29 15:14] - [2014-02-22 05:16] - 0593408 ____A (Microsoft Corporation) 05C0337538BEECC04FC695808EFF201C
 
 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[2014-04-29 15:15] - [2014-02-22 10:08] - 0265048 ___AC (Microsoft Corporation) 085918BF459BCB835CFC535BE7138539
 
 
 
LastRegBack: 2014-05-08 15:30
 
==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:11-05-2014 01
Ran by R0M at 2014-05-11 20:45:09
Running from C:\Users\R0M\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 10.0.937.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{E01D790C-8F50-CECC-4D9C-86BAA0192FE8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Media Foundation Decoders (Version: 1.0.71116.1554 - Advanced Micro Devices, Inc.) Hidden
ANT Drivers Installer x86 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
Copy (Version: 140.0.298.000 - Hewlett-Packard) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
dBpoweramp DSP Effects (HKLM\...\dBpoweramp DSP Effects) (Version: Release 3 - Illustrate)
dBpoweramp Music Converter (HKLM\...\dBpoweramp Music Converter) (Version: Release 13 - Illustrate)
Destinations (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (Version: 140.0.425.000 - Hewlett-Packard) Hidden
DocProc (Version: 140.0.185.000 - Hewlett-Packard) Hidden
Elevated Installer (Version: 3.1.8.0 - Garmin Ltd or its subsidiaries) Hidden
F4200 (Version: 140.0.425.000 - Hewlett-Packard) Hidden
Garmin Express (HKLM\...\{a2c69cba-542a-4a49-af31-b8a49349064d}) (Version: 3.1.8.0 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 3.1.8.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 3.1.8.0 - Garmin Ltd or its subsidiaries) Hidden
GOM Player (HKLM\...\GOM Player) (Version: 2.2.57.5189 - Gretech Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
GPBaseService2 (Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{8C925017-72A8-4C4A-AF21-84901E26638F}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPPhotoGadget (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Image Resizer for Windows (HKLM\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson)
Image Resizer for Windows (Version: 3.0.4802.35565 - Brice Lambson) Hidden
iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
MarketResearch (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Memorex exPressit Label Design Studio (HKLM\...\MVApplication1) (Version:  - )
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MixMeister Pro 6 (HKLM\...\{E39DF79E-B969-47E2-BB64-071A68871C6F}) (Version: 6.1.6.0 - MixMeister Technology LLC)
Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Photo Gallery (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PhotoFiltre 7 (HKCU\...\PhotoFiltre 7) (Version:  - )
QuickPar 0.9 (HKLM\...\QuickPar) (Version: 0.9 - Peter B. Clements)
Roxio Creator Audio (Version: 3.7.0 - Roxio) Hidden
Roxio Creator Copy (Version: 3.7.0 - Roxio) Hidden
Roxio Creator Data (Version: 3.7.0 - Roxio) Hidden
Roxio Creator DE (HKLM\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - Roxio)
Roxio Creator DE (Version: 3.7.0 - Roxio) Hidden
Roxio Creator Tools (Version: 3.7.0 - Roxio) Hidden
Roxio Express Labeler 3 (Version: 3.2.1 - Roxio) Hidden
Roxio Update Manager (Version: 6.0.0 - Roxio) Hidden
Scan (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SolutionCenter (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
Status (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Toolbox (Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (Version: 140.0.297.000 - Hewlett-Packard) Hidden
waterMark V2 (HKLM\...\waterMark V2) (Version:  - )
WebReg (Version: 140.0.297.017 - Hewlett-Packard) Hidden
Winamp (HKLM\...\Winamp) (Version: 5.65  - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Communications Platform (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinRAR 5.00 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
YTD Video Downloader 4.8 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8 - GreenTree Applications SRL)
 
==================== Restore Points  =========================
 
01-05-2014 01:17:39 Garmin Express
06-05-2014 08:57:39 Windows Update
08-05-2014 16:35:01 Installed Microsoft Fix it Solution - a674ed84-5661-4ebf-9279-29fe9d1b3521
 
==================== Hosts content: ==========================
 
2013-08-22 02:13 - 2013-08-22 02:13 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {00BC77BF-3352-4FE8-9617-4F1B27BEC19A} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {0ACFDF2F-6C9B-49F9-93A8-679D983E4D1D} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-04-23] ()
Task: {17233BE9-87E9-40B0-B003-AE9D2B92CBBE} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {247BD142-0549-4E91-84B0-172C25563718} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {2BE65564-89D1-4396-A5CC-D7D9283FC4A1} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {36B2FD06-397E-4E89-B785-CDBC49151EEA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-26] (Google Inc.)
Task: {37745AF9-58AC-47BC-8F6C-C833FBCB233C} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {392EB017-207C-42BF-A061-F3BE721F456C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {3AF7E9CA-BDAE-4A3B-AB74-184F626650BA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-26] (Google Inc.)
Task: {4B0AA147-0492-4616-8D5B-E211BD1DBE54} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {4B7EF56A-8A42-4BD2-BB5C-7C389AC54A37} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {4CFC7F54-8C97-4C45-A53E-0382B63D7C0B} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\WINDOWS\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {5700ACE8-D0AF-4BA7-98B6-1033521A877A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {6E84A59B-1863-4B21-8BD8-C9B20FD15484} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {7C7CF1DA-F461-4850-96B2-ADCA8A67E59C} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {8B5819AE-7B44-478B-A3D3-8846AF160A8F} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {92ED6570-4654-4BFA-9A6C-1084C6939C16} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {93C51AF0-471F-4756-B210-2ECB5E3A8ECC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-04-10] (Microsoft Corporation)
Task: {997C8BBD-710B-4E66-B5BC-CC09575A58D2} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {A312B2F8-A5AB-478A-B5D8-A1B2A5AEC51B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A5C48707-5467-4F23-96B5-A0FCDCBF71C8} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {A5D45ED3-F524-4574-8F39-527F3729D1E2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\WINDOWS\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {C0D0F7C4-419F-41B3-90A2-FE79270B828A} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {C8BEE523-71F4-4C50-80AE-93B36B15B42F} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-28] (Adobe Systems Incorporated)
Task: {CF5A1DDC-D14D-4D59-AD49-A19A645B087B} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DCF55BED-B1DF-4ABF-8D85-6542C7007799} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E4C8774A-2818-45A4-8A6D-11DDF6348886} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {E9F7EB13-D542-481F-841C-8C641F32C988} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {FAB49829-3EE7-4234-BE84-277862F2A57C} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-25 15:05 - 2014-04-23 20:33 - 00065352 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-04-25 15:05 - 2014-04-23 20:33 - 00674632 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
2014-04-25 15:05 - 2014-04-23 20:33 - 00093000 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\libegl.dll
2014-04-25 15:05 - 2014-04-23 20:33 - 04081480 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-04-25 15:05 - 2014-04-23 20:33 - 00390472 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-04-25 15:05 - 2014-04-23 20:33 - 01647432 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
2014-04-28 15:04 - 2014-04-28 15:04 - 16351920 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\Users\R0M\SkyDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== EXE Association (whitelisted) =============
 
 
==================== Disabled items from MSCONFIG ==============
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/11/2014 02:41:33 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 3641
 
Error: (05/11/2014 02:41:33 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledEvent 3641
 
Error: (05/11/2014 02:41:33 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/11/2014 02:41:31 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 1609
 
Error: (05/11/2014 02:41:31 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledEvent 1609
 
Error: (05/11/2014 02:41:31 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/11/2014 00:51:11 PM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: The program backgroundTaskHost.exe version 6.3.9600.16384 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1674
 
Start Time: 01cf6d386e1b9214
 
Termination Time: 4294967295
 
Application Path: C:\WINDOWS\system32\backgroundTaskHost.exe
 
Report Id: 62c85dc7-d92c-11e3-afc3-0021703a930f
 
Faulting package full name: Facebook.Facebook_1.3.0.9_x86__8xx8rvfyw5nnt
 
Faulting package-relative application ID: App
 
Error: (05/11/2014 11:03:14 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: The program backgroundTaskHost.exe version 6.3.9600.16384 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: fe4
 
Start Time: 01cf6d27aa34365a
 
Termination Time: 4294967295
 
Application Path: C:\WINDOWS\system32\backgroundTaskHost.exe
 
Report Id: 9e6f9c9a-d91b-11e3-afc3-0021703a930f
 
Faulting package full name: Facebook.Facebook_1.3.0.9_x86__8xx8rvfyw5nnt
 
Faulting package-relative application ID: App
 
Error: (05/11/2014 05:44:48 AM) (Source: SideBySide) (User: ) (EventID: 33)
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (05/10/2014 09:46:36 PM) (Source: Chrome) (User: NT AUTHORITY) (EventID: 1)
Description: Chrome has encountered a fatal error.
ver=34.0.1847.131;lang=;id=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files\Google\CrashReports\e50cb7a1-6a7e-490c-bb5a-f314ba7ed301.dmp
 
 
System errors:
=============
Error: (05/08/2014 00:41:18 PM) (Source: Service Control Manager) (User: ) (EventID: 7011)
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.
 
Error: (05/08/2014 00:40:48 PM) (Source: Service Control Manager) (User: ) (EventID: 7011)
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.
 
Error: (05/08/2014 00:40:24 PM) (Source: disk) (User: ) (EventID: 11)
Description: The driver detected a controller error on \Device\Harddisk5\DR13.
 
Error: (05/08/2014 00:40:18 PM) (Source: Service Control Manager) (User: ) (EventID: 7011)
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.
 
Error: (05/08/2014 00:40:17 PM) (Source: disk) (User: ) (EventID: 11)
Description: The driver detected a controller error on \Device\Harddisk4\DR12.
 
Error: (05/08/2014 00:40:15 PM) (Source: disk) (User: ) (EventID: 11)
Description: The driver detected a controller error on \Device\Harddisk3\DR11.
 
Error: (05/08/2014 00:39:19 PM) (Source: disk) (User: ) (EventID: 11)
Description: The driver detected a controller error on \Device\Harddisk2\DR10.
 
Error: (05/08/2014 00:07:52 PM) (Source: disk) (User: ) (EventID: 11)
Description: The driver detected a controller error on \Device\Harddisk5\DR5.
 
Error: (05/07/2014 01:02:28 PM) (Source: Service Control Manager) (User: ) (EventID: 7023)
Description: The Interactive Services Detection service terminated with the following error: 
%%1
 
Error: (05/01/2014 00:51:00 PM) (Source: Service Control Manager) (User: ) (EventID: 7034)
Description: The gearsec service terminated unexpectedly.  It has done this 1 time(s).
 
 
Microsoft Office Sessions:
=========================
Error: (05/11/2014 02:41:33 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 3641
 
Error: (05/11/2014 02:41:33 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledEvent 3641
 
Error: (05/11/2014 02:41:33 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/11/2014 02:41:31 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 1609
 
Error: (05/11/2014 02:41:31 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledEvent 1609
 
Error: (05/11/2014 02:41:31 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/11/2014 00:51:11 PM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: backgroundTaskHost.exe6.3.9600.16384167401cf6d386e1b92144294967295C:\WINDOWS\system32\backgroundTaskHost.exe62c85dc7-d92c-11e3-afc3-0021703a930fFacebook.Facebook_1.3.0.9_x86__8xx8rvfyw5nntApp
 
Error: (05/11/2014 11:03:14 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: backgroundTaskHost.exe6.3.9600.16384fe401cf6d27aa34365a4294967295C:\WINDOWS\system32\backgroundTaskHost.exe9e6f9c9a-d91b-11e3-afc3-0021703a930fFacebook.Facebook_1.3.0.9_x86__8xx8rvfyw5nntApp
 
Error: (05/11/2014 05:44:48 AM) (Source: SideBySide) (User: ) (EventID: 33)
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\HP\digital imaging\{8c925017-72a8-4c4a-af21-84901e26638f}\setup\devinstanceeraser40.exe
 
Error: (05/10/2014 09:46:36 PM) (Source: Chrome) (User: NT AUTHORITY) (EventID: 1)
Description: Chrome has encountered a fatal error.
ver=34.0.1847.131;lang=;id=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files\Google\CrashReports\e50cb7a1-6a7e-490c-bb5a-f314ba7ed301.dmp
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-04-30 23:19:40.087
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-04-30 23:19:40.028
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-04-30 23:18:57.050
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-04-30 23:18:56.988
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-04-30 23:18:56.824
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-04-30 23:18:56.761
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-04-30 23:18:56.589
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-04-30 23:18:56.513
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-04-30 23:18:56.332
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-04-30 23:18:56.261
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 46%
Total physical RAM: 3071.18 MB
Available physical RAM: 1647.49 MB
Total Pagefile: 4823.54 MB
Available Pagefile: 2799.61 MB
Total Virtual: 2047.88 MB
Available Virtual: 1870.22 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:901.4 GB) (Free:240.35 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:30 GB) (Free:25.03 GB) NTFS
Drive f: (New Volume) (Fixed) (Total:465.76 GB) (Free:382.12 GB) NTFS
Drive j: (New Volume) (Fixed) (Total:931.51 GB) (Free:709.96 GB) NTFS
Drive l: (Elements) (Fixed) (Total:1863.01 GB) (Free:2.29 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: CF16228A)
Partition 1: (Not Active) - (Size=118 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=30 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=901 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: 11F38B4C)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
 
========================================================
Disk: 6 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: DF761DF1)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
 
========================================================
Disk: 7 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 000DA1F8)
Partition 1: (Not Active) - (Size=-198627557376) - (Type=07 NTFS)
 
==================== End Of Log ============================


#6 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,079 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:07:26 AM

Posted 12 May 2014 - 11:00 AM

Hi Omar Yehia,
 
Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

--------------
 
To recap, in your next reply I would like to see the following. Make sure to copy & paste them unless I ask otherwise:

  • AdwCleaner scan log

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#7 Omar Yehia

Omar Yehia
  • Topic Starter

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Local time:02:26 AM

Posted 12 May 2014 - 04:40 PM

# AdwCleaner v3.208 - Report created 12/05/2014 at 17:39:00
# Updated 11/05/2014 by Xplode
# Operating System : Windows 8.1 Pro  (32 bits)
# Username : R0M - ROMSTER2
# Running from : C:\Users\R0M\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Found : C:\Users\R0M\AppData\Local\Temp\WiseEnhance
Folder Found : C:\Users\R0M\Documents\Optimizer Pro
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\InstallCore
Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17037
 
 
-\\ Google Chrome v34.0.1847.131
 
[ File : C:\Users\R0M\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [2070 octets] - [25/04/2014 18:22:53]
AdwCleaner[R1].txt - [1000 octets] - [27/04/2014 16:43:01]
AdwCleaner[R2].txt - [978 octets] - [28/04/2014 16:22:36]
AdwCleaner[R3].txt - [1282 octets] - [12/05/2014 17:39:00]
AdwCleaner[S0].txt - [2185 octets] - [25/04/2014 18:25:10]
AdwCleaner[S1].txt - [1065 octets] - [27/04/2014 16:44:10]
AdwCleaner[S2].txt - [1190 octets] - [28/04/2014 16:23:15]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [1522 octets] ##########


#8 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,079 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:07:26 AM

Posted 13 May 2014 - 12:19 PM

Hi Omar Yehia,
 
Double click on AdwCleaner.exe to run the tool again.

  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished.
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

--------------
 
We need to run a fix with FRST:

  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter.
  • Copy and paste the script below in the notepad document:​
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] 
2014-04-27 17:22 - 2014-04-27 17:22 - 00000000 ____D () C:\Program Files\Enigma Software Group
  • Save the file to your desktop and name it as fixlist.txt

Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

  • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run.
  • Please copy and paste the log in your next reply.

--------------
 
How is your computer running now? Are there still redirections going on, and how is your printer?

--------------
 
To recap, in your next reply I would like to see the following. Make sure to copy & paste them unless I ask otherwise:

  • AdwCleaner clean log
  • Fixlog.txt
  • How your computer is running

xXToffeeXx~


Edited by xXToffeeXx, 13 May 2014 - 12:19 PM.

~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#9 Omar Yehia

Omar Yehia
  • Topic Starter

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Local time:02:26 AM

Posted 13 May 2014 - 03:40 PM

# AdwCleaner v3.208 - Report created 13/05/2014 at 16:24:38
# Updated 11/05/2014 by Xplode
# Operating System : Windows 8.1 Pro  (32 bits)
# Username : R0M - ROMSTER2
# Running from : C:\Users\R0M\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Users\R0M\AppData\Local\Temp\WiseEnhance
Folder Deleted : C:\Users\R0M\Documents\Optimizer Pro
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17037
 
 
-\\ Google Chrome v34.0.1847.131
 
[ File : C:\Users\R0M\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [2070 octets] - [25/04/2014 18:22:53]
AdwCleaner[R1].txt - [1000 octets] - [27/04/2014 16:43:01]
AdwCleaner[R2].txt - [978 octets] - [28/04/2014 16:22:36]
AdwCleaner[R3].txt - [1602 octets] - [12/05/2014 17:39:00]
AdwCleaner[S0].txt - [2185 octets] - [25/04/2014 18:25:10]
AdwCleaner[S1].txt - [1065 octets] - [27/04/2014 16:44:10]
AdwCleaner[S2].txt - [1190 octets] - [28/04/2014 16:23:15]
AdwCleaner[S3].txt - [1689 octets] - [13/05/2014 16:24:38]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1749 octets] ##########
 
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:11-05-2014 01
Ran by R0M at 2014-05-13 16:38:48 Run:1
Running from C:\Users\R0M\Desktop
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] 
2014-04-27 17:22 - 2014-04-27 17:22 - 00000000 ____D () C:\Program Files\Enigma Software Group
*****************
 
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
esgiguard => Service deleted successfully.
C:\Program Files\Enigma Software Group => Moved successfully.
 
==== End of Fixlog ====


#10 Omar Yehia

Omar Yehia
  • Topic Starter

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Local time:02:26 AM

Posted 13 May 2014 - 03:42 PM

Now i get the following after the redirection:

 

Google Chrome has blocked access to www.javfiler.net. This website has been reported as a phishing website.
Phishing websites are designed to trick you into disclosing your login, password or other sensitive information by disguising themselves as other websites you may trust.


#11 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,079 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:07:26 AM

Posted 14 May 2014 - 12:27 PM

Hi Omar Yehia,

 

Please try the steps here to reset Chrome and see if that makes a difference.

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#12 Omar Yehia

Omar Yehia
  • Topic Starter

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Local time:02:26 AM

Posted 15 May 2014 - 09:00 PM

My system is really slow, Internet Explorer takes forever to surf, same with Chrome, when i am looking at pictures with Image Viewer it takes a minute to scroll, i also get another redirection, still no luck :(

 

 help.jpg


Edited by Omar Yehia, 15 May 2014 - 09:07 PM.


#13 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,079 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:07:26 AM

Posted 16 May 2014 - 10:17 AM

Hi Omar Yehia,
 
Lets see if this makes a difference:
 
Please download Malwarebytes Anti-Malware to your desktop.

  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

--------------

This scan can take a long time, so it is best done overnight or when you do not need the computer
 
I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

--------------

Please re-run FRST from the desktop (like you did before) and press the scan button. It will produce a FRST.txt log located on the desktop, and copy and paste the log in your next reply.
 
--------------
 
To recap, in your next reply I would like to see the following. Make sure to copy & paste them unless I ask otherwise:

  • Malwarebytes log
  • ESET log
  • New FRST log
  • Any ads after these steps?

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#14 Omar Yehia

Omar Yehia
  • Topic Starter

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Local time:02:26 AM

Posted 18 May 2014 - 10:22 AM

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 18-May-14
Scan Time: 11:14:43 AM
Logfile: 
Administrator: Yes
 
Version: 2.00.1.1004
Malware Database: v2014.05.18.03
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled
 
OS: Windows 8.1
CPU: x86
File System: NTFS
User: R0M
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 278895
Time Elapsed: 1 hr, 34 min, 48 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 1
PUP.Optional.WiseEnhance.A, C:\Users\R0M\AppData\Local\Temp\is520188154\189548141_stp\setup_wiseenhance.exe, Quarantined, [bb20eb673645a5916c88201e26dee11f], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#15 Omar Yehia

Omar Yehia
  • Topic Starter

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Local time:02:26 AM

Posted 19 May 2014 - 03:03 PM

ESETSCAN.TXT
 
C:\Users\R0M\AppData\Roaming\rmi\format-factory-3.2.1.exe a variant of Win32/Hao123.A potentially unwanted application deleted - quarantined
C:\Users\R0M\Desktop\ccsetup412.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\R0M\Desktop\spsetup126.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\R0M\Downloads\ashampoo_burning_studio_6_free_6.82_4312.exe Win32/Toolbar.Conduit potentially unwanted application deleted - quarantined
C:\Users\R0M\Downloads\hp-deskjet-f4200-driver-utility.exe Win32/DriverBoss.B potentially unwanted application deleted - quarantined





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users