Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I believe I have a rootkit? How am I sure? Can you guys help on removing it?


  • This topic is locked This topic is locked
26 replies to this topic

#1 jmunoz

jmunoz

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:17 AM

Posted 16 May 2014 - 01:04 PM

I have tried several programs like TDSS killers and it finds 4 files but it doesn't get rid of them. They just re appear. I tried the McAfee tool and it found nothing. I also tried bootkit removal and it also found nothing. I have McAfee Security Center installed as my day to day program but of course it doesn't pick up anything. Right now I am running a sophos scan hopefully it can find something. But if it's not a rootkit what can it be? I am getting the access denied to most of my folders. I have some wierd files lurking that when I try to delete it says Windows may not work correctly. I delete it but then it reappears. A few of the ones I see are $RECYCLEBIN, desktop.ini, System Volume Information, config.msi Thank you so much in advance.

BC AdBot (Login to Remove)

 


#2 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:17 AM

Posted 16 May 2014 - 03:24 PM

Hello and Welcome on board jmunoz :welcome:,

my Name is Machiavelli and I will assist you with your problem.
If you booted into safe mode on your computer then print my instructions!
I'm in the 'Malware Staff Team' and will provide you with advice:

To remove Malware on a computer can be very complicated. Malware (malicious software) is able to hide and so I may not be able to find it so easily. In order to remove Malware from you Computer, you need to follow my instructions carefully. Don't be worried if you don't know what to do. just ask me! Please stay in contact with me until the problem is fixed.

Below are a few tips:
  • Removing Malware is usually very difficult.
    We need to search and analyse a lot of files. As this is done in our free time, please be patient especially if I don't answer every day!
  • Please follow these instructions
    If you don't follow the instructions your computer may crash. If you fix your PC by yourself, this can be very risky!
  • Please stay in contact with me until your problem is resolved
    As Malware may not be totally removed in one session or in one day, please stay in contact with me until the problem is resolved.
  • Please don't run any other tools without consulting with me as this can complicate finding and removing all Malware
    Don't run any tools while I'm fixing your PC. That is counter productive and again, will only complicate finding and removing all Malware!
  • Read my post completely
    If you don't do so, you may make mistakes that could result in your System crashing by your own actions!
 

Could you please post the TDSSKiller Results? A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Then,
Please download FRST (by Farbar) from the link below and save it to your Desktop.
 

Download Mirror #1

If you are unsure whether you have 32-Bit or 64-Bit Windows, see here
  • Disable all anti-virus and anti-malware software to prevent them inhibiting FRST in any way. If you are unsure how to do this, see THIS.
  • Double-click FRST.exe/FRST64.exe (depending on which version you downloaded) to run it. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • When the disclaimer appears, click Yes.
  • Click Scan to start FRST.
  • When FRST finishes scanning, two logs, FRST.txt and Addition.txt will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of both of these logs into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#3 jmunoz

jmunoz
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:17 AM

Posted 16 May 2014 - 06:06 PM

I am having trouble posting the logs from both my laptop, and iPad. It is saying the post is too long. And the txt files are too big to upload. Can I email to you or what other options do I have.

#4 jmunoz

jmunoz
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:17 AM

Posted 16 May 2014 - 06:26 PM


This is the addition.txt I sent you the others via PM because I was having trouble posting them. Sorry about that. Thank you so much for responding. I really appreciate it.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-05-2014
Ran by Juan at 2014-05-16 15:31:01
Running from C:\Users\Juan\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

4500_G510af_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
4500G510af (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
4500G510af_Software_Min (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
AMD Accelerated Video Transcoding (Version: 12.5.100.20808 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{D01E0B82-7D6E-F9AC-9A7D-C6076264F419}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.3.26.0 - AppEx Networks)
AMD VISION Engine Control Center (x32 Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AuthenTec TrueAPI 64-bit (Version: 1.6.0.86 - AuthenTec, Inc.) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5407 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1.5407 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.1.1916 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3119 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.1.3119 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1926 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.1.1926 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.6.4319 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.4.5527 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{F244D07D-1876-4CDD-914D-214E15A8D327}) (Version: 4.2.5.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{16B7BDA1-B967-4D2D-8B27-E12727C28350}) (Version: 2.10.3 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Documentation (HKLM-x32\...\{7DE5085A-3665-40BC-9595-A1A209699137}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Officejet 4500 G510a-f 14.0 Rel. 6 (HKLM\...\{A49C5804-8F24-433C-99B2-9F9F541090C7}) (Version: 14.0 - HP)
HP Postscript Converter (Version: 3.1.3554 - Hewlett-Packard) Hidden
HP Quick Launch (HKLM-x32\...\{609B11CC-8CED-4116-AD8A-A72168894D39}) (Version: 3.0.4 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 7.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\{34C821CA-6B55-44A0-8A9B-2EF471D6019E}) (Version: 6.0.100.244 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{835B275B-F29B-464B-BD4B-097FD55FAB0A}) (Version: 4.6.8.1 - Hewlett-Packard Company)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{B8019B54-F9BE-490A-9619-6D06F18F129F}) (Version: 7.0.32.44 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{69FD2930-C361-47F6-822E-71B021526778}) (Version: 11.50.0015 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.5.1 - Hewlett-Packard Company)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 12.8.957 - McAfee, Inc.)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 Home Premium - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4551.1011 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1011 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1011 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1011 - Microsoft Corporation) Hidden
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.29025 - Realtek Semiconductor Corp.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.4 - Sophos Limited)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
TurboTax 2013 wcaiper (x32 Version: 013.000.1082 - Intuit Inc.) Hidden
TurboTax 2013 WinPerFedFormset (x32 Version: 013.000.1650 - Intuit Inc.) Hidden
TurboTax 2013 WinPerReleaseEngine (x32 Version: 013.000.0437 - Intuit Inc.) Hidden
TurboTax 2013 WinPerTaxSupport (x32 Version: 013.000.0162 - Intuit Inc.) Hidden
TurboTax 2013 wrapper (x32 Version: 013.000.0135 - Intuit Inc.) Hidden
Validity WBF DDK (HKLM\...\{1F91C200-8F0F-4009-A75E-DB6CE151BD4E}) (Version: 4.4.234.0 - Validity Sensors, Inc.)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Restore Points =========================

08-05-2014 04:05:35 Windows Update
13-05-2014 18:30:44 Installed HP Support Solutions Framework

==================== Hosts content: ==========================

2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {05BE8457-5ECE-42E9-B570-DFA72B11D45E} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0D39C485-ABD5-4028-AA71-6A153CFAED39} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Critical Actions Pending => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {1162DC6C-5B0C-4450-84E5-7B6B3CAD84B4} - System32\Tasks\Microsoft Office 15 Sync Maintenance for JMUNOZ-Juan JMunoz => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2013-12-21] (Microsoft Corporation)
Task: {202D3DB9-D71A-4CFC-91DF-F96AB09E20B6} - System32\Tasks\HPCeeScheduleForJuan => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2A9A3B93-C6A7-4C88-A508-5EF925B02532} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-05-15] (Microsoft Corporation)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {33447BE6-1C60-4ACD-8209-C6F8B0333CDC} - \Digital Sites No Task File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)
Task: {3899B2F7-8673-4FF7-B546-113598EB2651} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-07] (CyberLink)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3D40CF59-E87E-4C96-9F54-53E081CB49D9} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {3ECAD8B0-69AD-4735-ACFA-321C8AEA0E05} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-20] (Google Inc.)
Task: {423715A2-0438-4D02-AD89-62324E28CFF9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4AFCAEA9-2931-41DD-A6DE-57764CD1F970} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {542C0FB9-0905-4285-84DB-9C65FF3FC384} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6B4737BC-CF48-4194-9BE4-4EB9F9664B90} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2013-12-21] (Microsoft Corporation)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77560930-4670-4CA0-845E-9CA75AC60EF3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {88CF9A27-A7D7-4F06-A1F6-2391730FAE51} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A1CA1C30-A8B4-49BC-A87D-312903064F8B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {AD38DE5F-351C-4D10-98EE-ED84108A23A8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-11-02] (Microsoft Corporation)
Task: {AD863156-64E8-4C96-99B9-ACD8468BE948} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-24] (Synaptics Incorporated)
Task: {B6C0DF19-8E4A-4C3B-BE92-0817F4540D7C} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {CBD1E982-3C9D-48EE-BB9B-CB58F594B315} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {CDB73403-2CC6-46A0-9E3E-A438ABA14F18} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-20] (Google Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D754CBE4-569B-4F40-9D3A-FBF813A247FD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2012-07-13] (Hewlett-Packard)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F36903ED-B4D7-4B54-8C0E-121125FA50BC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForJuan.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) =============

2012-08-08 10:36 - 2012-08-08 10:36 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-12-21 17:47 - 2013-11-02 01:49 - 00377000 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2013-12-21 17:47 - 2013-11-02 01:48 - 00520872 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2013-12-21 17:47 - 2013-11-02 01:49 - 00618152 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2012-09-06 01:47 - 2012-09-06 01:47 - 00028160 _____ () C:\Windows\system32\valWBFPolicyService.exe
2013-12-21 17:54 - 2013-12-21 17:54 - 08866472 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-08-10 01:36 - 2012-08-10 01:36 - 04073320 _____ () C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
2012-08-08 10:36 - 2012-08-08 10:36 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-04-13 06:13 - 2012-06-07 20:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 11:34 - 2012-06-08 11:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-08-10 01:36 - 2012-08-10 01:36 - 00018792 _____ () C:\Program Files (x86)\HP SimplePass\DownloadManager.dll
2014-05-13 15:52 - 2014-05-07 16:29 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\chrome_elf.dll
2014-05-13 15:52 - 2014-05-07 16:29 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libglesv2.dll
2014-05-13 15:52 - 2014-05-07 16:29 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libegl.dll
2014-05-13 15:52 - 2014-05-07 16:29 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll
2014-05-13 15:52 - 2014-05-07 16:29 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll
2014-05-13 15:52 - 2014-05-07 16:29 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ffmpegsumo.dll
2014-05-13 15:52 - 2014-05-07 16:29 - 13695816 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Juan\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\22236125.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\22236125.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/16/2014 03:30:27 AM) (Source: MsiInstaller) (EventID: 1024) (User: JMUNOZ)
Description: Product: Adobe Reader XI - Update '{AC76BA86-7AD7-0000-2550-7A8C40011007}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (05/15/2014 07:02:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: skydrive.exe, version: 6.3.9600.17055, time stamp: 0x53291a62
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x0000000000000000
Faulting process id: 0x1230
Faulting application start time: 0xskydrive.exe0
Faulting application path: skydrive.exe1
Faulting module path: skydrive.exe2
Report Id: skydrive.exe3
Faulting package full name: skydrive.exe4
Faulting package-relative application ID: skydrive.exe5

Error: (05/15/2014 06:52:42 PM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {0AC8FAA0-CF9C-497A-A530-E031AB2D7C20}

Error: (05/15/2014 06:52:42 PM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {0AC8FAA0-CF9C-497A-A530-E031AB2D7C20}

Error: (05/15/2014 05:47:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1391

Error: (05/15/2014 05:47:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1391

Error: (05/15/2014 05:47:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/15/2014 05:16:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 103140

Error: (05/15/2014 05:16:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 103140

Error: (05/15/2014 05:16:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (05/15/2014 07:35:48 PM) (Source: APXACC) (EventID: 1003) (User: )
Description: The NDIS6 LWF initialization has failed. (0xC0000001)

Error: (05/15/2014 07:35:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AppEx Networks Accelerator LWF service failed to start due to the following error:
%%31

Error: (05/15/2014 07:35:39 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:31:04 PM on ‎5/‎15/‎2014 was unexpected.

Error: (05/15/2014 07:31:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AppEx Networks Accelerator LWF service failed to start due to the following error:
%%31

Error: (05/15/2014 07:31:17 PM) (Source: APXACC) (EventID: 1003) (User: )
Description: The NDIS6 LWF initialization has failed. (0xC0000001)

Error: (05/15/2014 07:19:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AppEx Networks Accelerator LWF service failed to start due to the following error:
%%31

Error: (05/15/2014 07:19:09 PM) (Source: APXACC) (EventID: 1003) (User: )
Description: The NDIS6 LWF initialization has failed. (0xC0000001)

Error: (05/15/2014 07:18:58 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:15:44 PM on ‎5/‎15/‎2014 was unexpected.

Error: (05/15/2014 06:49:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AppEx Networks Accelerator LWF service failed to start due to the following error:
%%31

Error: (05/15/2014 06:49:10 PM) (Source: APXACC) (EventID: 1003) (User: )
Description: The NDIS6 LWF initialization has failed. (0xC0000001)


Microsoft Office Sessions:
=========================
Error: (05/16/2014 03:30:27 AM) (Source: MsiInstaller) (EventID: 1024) (User: JMUNOZ)
Description: Adobe Reader XI{AC76BA86-7AD7-0000-2550-7A8C40011007}1625(NULL)(NULL)(NULL)

Error: (05/15/2014 07:02:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: skydrive.exe6.3.9600.1705553291a62unknown0.0.0.000000000000000000000000000000000123001cf70a930e38b3bC:\Windows\System32\skydrive.exeunknown20603de4-dc9e-11e3-bec1-082e5f7c9a84

Error: (05/15/2014 06:52:42 PM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {0AC8FAA0-CF9C-497A-A530-E031AB2D7C20}

Error: (05/15/2014 06:52:42 PM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {0AC8FAA0-CF9C-497A-A530-E031AB2D7C20}

Error: (05/15/2014 05:47:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1391

Error: (05/15/2014 05:47:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1391

Error: (05/15/2014 05:47:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/15/2014 05:16:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 103140

Error: (05/15/2014 05:16:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 103140

Error: (05/15/2014 05:16:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
Date: 2014-02-21 14:44:09.487
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-02-21 14:44:09.445
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-02-21 14:44:09.290
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-02-21 14:44:09.249
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-02-21 14:44:09.135
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-02-21 14:44:09.093
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-02-21 14:43:48.498
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-02-21 14:43:48.446
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-02-21 14:43:48.385
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-02-21 14:43:48.296
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Percentage of memory in use: 35%
Total physical RAM: 7650.26 MB
Available physical RAM: 4943.98 MB
Total Pagefile: 15330.26 MB
Available Pagefile: 12473.54 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:670.36 GB) (Free:576.17 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:27.16 GB) (Free:2.9 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: A50E1C7D)

Partition: GPT Partition Type.

==================== End Of Log ============================

#5 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:17 AM

Posted 17 May 2014 - 04:35 AM

I don't accept logs via PM. If they are too big for the post then attach the logs.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#6 jmunoz

jmunoz
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:17 AM

Posted 17 May 2014 - 11:49 AM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-05-2014
Ran by Juan (administrator) on JMUNOZ on 16-05-2014 15:27:59
Running from C:\Users\Juan\Downloads
Platform: Windows 8.1 (Update 1) (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
() C:\Windows\System32\valWBFPolicyService.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\MSM\McSmtFwk.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcupdate.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\mcupdmgr.exe
(McAfee, Inc.) C:\Program Files\McAfee\MQS\QcShm.exe
(McAfee, Inc.) C:\Program Files\McAfee\VUL\McVulCtr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-24] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-24] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512 2012-07-31] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-04-22] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-4217489270-1833975609-1330013356-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
HKU\S-1-5-21-4217489270-1833975609-1330013356-1002\...\Run: [Pinger] => "C:\Program Files (x86)\Pinger\Pinger.exe"
HKU\S-1-5-21-4217489270-1833975609-1330013356-1002\...\Run: [DelayShred] => C:\Program Files\McAfee\MQS\ShrCL.exe [128608 2013-07-31] ()
HKU\S-1-5-21-4217489270-1833975609-1330013356-1002\...\RunOnce: [Application Restart #2] - C:\Users\Juan\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Juan\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session
AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x221E539F99C0CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} URL =
SearchScopes: HKLM - {6C37D915-0C33-4DF2-872D-B60FA18F8195} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {6C37D915-0C33-4DF2-872D-B60FA18F8195} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - DefaultScope {0285C277-D86B-496E-A767-B3BA67E0CECD} URL = http://search.yahoo.com/search?fr=mcafee&type=A011US679&p={SearchTerms}
SearchScopes: HKCU - {0285C277-D86B-496E-A767-B3BA67E0CECD} URL = http://search.yahoo.com/search?fr=mcafee&type=A011US679&p={SearchTerms}
SearchScopes: HKCU - {63EA38FB-0183-4614-8CE3-9FB055A7696C} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites0103&cd=2XzuyEtN2Y1L1QzutB0C0DtDyD0A0CyDtDyC0B0DyCzyyC0EtN0D0Tzu0SyByDzytN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=568566898&ir=
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKCU - {6C37D915-0C33-4DF2-872D-B60FA18F8195} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - {FEC299B2-3345-41C3-B7EF-7E4A4EE5578E} URL = http://search.conduit.com/Results.aspx?ctid=CT3300019&SearchSource=45&UM=2&q={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.2.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Juan\AppData\Roaming\Mozilla\Firefox\Profiles\6pw751s8.default
FF SearchEngineOrder.1: Secure Search
FF Homepage: about:home
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=mcafee&type=A111US679&p=
FF SelectedSearchEngine: Secure Search
FF DefaultSearchEngine: Secure Search
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @authentec.com/ffwloplugin - C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll ( HP)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pokki.com/PokkiDownloadHelper - C:\Users\Juan\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF SearchPlugin: C:\Users\Juan\AppData\Roaming\Mozilla\Firefox\Profiles\6pw751s8.default\searchplugins\amazon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF Extension: MySearchDial - C:\Users\Juan\AppData\Roaming\Mozilla\Firefox\Profiles\6pw751s8.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}.xpi [2014-04-19]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-02-25]

Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-20]
CHR Extension: (Google Drive) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-20]
CHR Extension: (YouTube) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-20]
CHR Extension: (Google Search) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-20]
CHR Extension: (Website Logon) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fegekclkdhbnfdcmomlpegkkndgnmfmo [2014-04-20]
CHR Extension: (InternetHelper3.1) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nemfjadlboooiffmcelkafilagddogim [2014-04-20]
CHR Extension: (Google Wallet) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR Extension: (Gmail) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-20]
CHR HKCU\...\Chrome\Extension: [nemfjadlboooiffmcelkafilagddogim] - C:\Users\Juan\AppData\Local\CRE\nemfjadlboooiffmcelkafilagddogim.crx [2013-08-06]
CHR HKLM-x32\...\Chrome\Extension: [fegekclkdhbnfdcmomlpegkkndgnmfmo] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-07-12]
CHR HKLM-x32\...\Chrome\Extension: [nemfjadlboooiffmcelkafilagddogim] - C:\Users\Juan\AppData\Local\CRE\nemfjadlboooiffmcelkafilagddogim.crx [2013-08-06]

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-08] (Advanced Micro Devices, Inc.)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641320 2012-08-10] (HP)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [49464 2014-04-01] (Hewlett-Packard Company)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025712 2014-01-21] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-03-17] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [185792 2014-03-17] (McAfee, Inc.)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-11-02] (Microsoft Corporation)
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28160 2012-09-06] ()
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-12-13] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-03-17] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-12-13] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-03-17] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-03-17] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69344 2014-03-17] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-03-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-03-17] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [422712 2014-01-21] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-01-21] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [345456 2014-03-17] (McAfee, Inc.)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [266896 2012-06-13] (Realtek Semiconductor Corp.)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-12-13] (Microsoft Corporation)
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [28400 2013-01-29] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Development Company, L.P.)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)
S3 MFE_RR; \??\C:\Users\Juan\AppData\Local\Temp\mfe_rr.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-16 15:27 - 2014-05-16 15:28 - 00025515 _____ () C:\Users\Juan\Downloads\FRST.txt
2014-05-16 15:27 - 2014-05-16 15:27 - 02067456 _____ (Farbar) C:\Users\Juan\Downloads\FRST64.exe
2014-05-16 15:27 - 2014-05-16 15:27 - 00000000 ____D () C:\FRST
2014-05-16 15:26 - 2014-05-16 15:26 - 01056768 _____ (Farbar) C:\Users\Juan\Downloads\FRST.exe
2014-05-16 15:26 - 2014-05-16 15:26 - 01056768 _____ (Farbar) C:\Users\Juan\Downloads\FRST (1).exe
2014-05-16 03:35 - 2014-05-16 03:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-05-15 19:32 - 2014-05-01 13:30 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-05-15 19:32 - 2014-05-01 13:30 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-15 19:03 - 2014-05-15 19:03 - 11422832 _____ (Bitdefender LLC) C:\Users\Juan\Downloads\BootkitRemoval_x64.exe
2014-05-15 19:03 - 2014-05-15 19:03 - 07266656 _____ (Bitdefender LLC) C:\Users\Juan\Downloads\BootkitRemoval_x86.exe
2014-05-15 18:55 - 2014-05-15 18:55 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-05-15 18:43 - 2014-05-15 18:43 - 04164448 _____ (Kaspersky Lab ZAO) C:\Users\Juan\Downloads\tdsskiller.exe
2014-05-15 18:20 - 2014-05-15 18:21 - 00000000 ____D () C:\ProgramData\Sophos
2014-05-15 18:20 - 2014-05-15 18:20 - 00003233 _____ () C:\Users\Juan\Desktop\Sophos Virus Removal Tool.lnk
2014-05-15 18:20 - 2014-05-15 18:20 - 00000000 ____D () C:\Users\Juan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
2014-05-15 18:20 - 2014-05-15 18:20 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-05-15 18:15 - 2014-05-15 18:15 - 93437600 _____ (Sophos Limited) C:\Users\Juan\Downloads\Sophos Virus Removal Tool.exe
2014-05-15 03:16 - 2014-05-15 03:17 - 00000296 _____ () C:\WINDOWS\SysWOW64\RootkitRemover_20140515_031655.log
2014-05-15 03:14 - 2014-05-15 03:14 - 00000296 _____ () C:\Users\Juan\Downloads\RootkitRemover_20140515_031403.log
2014-05-15 03:13 - 2014-05-15 03:13 - 00782584 _____ (McAfee, Inc.) C:\Users\Juan\Downloads\rootkitremover.exe
2014-05-14 20:10 - 2014-05-14 20:10 - 00000000 ____D () C:\Users\Juan\AppData\Local\{660D87B4-78BA-4043-8AA7-BE8C71ADA2F7}
2014-05-14 18:39 - 2014-05-14 18:39 - 00000000 ____D () C:\Users\Juan\AppData\Local\{54735999-B501-41A9-9C1E-DC353D4F2519}
2014-05-14 18:01 - 2014-05-14 18:01 - 10062224 _____ () C:\Users\Juan\Downloads\tixati-1.96-1.win32-install.exe
2014-05-13 23:02 - 2014-04-11 03:03 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-05-13 23:02 - 2014-04-11 03:03 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-05-13 23:02 - 2014-04-11 01:25 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-05-13 23:02 - 2014-04-10 23:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-05-13 23:02 - 2014-04-10 22:53 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-05-13 23:02 - 2014-04-10 22:22 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-05-13 23:02 - 2014-04-10 20:54 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-05-13 23:02 - 2014-04-10 20:36 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-05-13 23:02 - 2014-04-10 20:24 - 13288960 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-05-13 23:02 - 2014-04-10 20:06 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-05-13 23:02 - 2014-04-10 20:05 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-13 23:02 - 2014-04-10 20:05 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-05-13 23:02 - 2014-04-10 20:02 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-13 23:02 - 2014-04-10 20:02 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-05-13 23:02 - 2014-04-10 20:01 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-05-13 23:02 - 2014-04-10 20:00 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-05-13 23:02 - 2014-04-10 19:59 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-05-13 23:02 - 2014-04-10 19:57 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-05-13 23:02 - 2014-04-10 19:56 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-05-13 23:02 - 2014-04-10 19:55 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-05-13 23:02 - 2014-04-10 19:53 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-05-13 23:02 - 2014-04-10 19:52 - 03464192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-05-13 23:02 - 2014-04-10 19:46 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-05-13 23:02 - 2014-04-10 19:36 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-05-13 23:02 - 2014-04-10 19:34 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-05-13 23:02 - 2014-04-10 19:29 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-05-13 23:02 - 2014-04-10 19:25 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-05-13 23:02 - 2014-03-23 19:30 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-05-13 23:02 - 2014-03-23 19:30 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-05-13 23:02 - 2014-03-23 19:27 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-05-13 23:02 - 2014-03-13 00:42 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-05-13 23:02 - 2014-03-12 23:51 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-05-13 23:00 - 2014-05-05 21:40 - 23544320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-13 23:00 - 2014-05-05 20:25 - 17382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-05-13 23:00 - 2014-05-05 20:00 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-05-13 23:00 - 2014-05-05 19:10 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-05-13 23:00 - 2014-04-08 15:46 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-05-13 23:00 - 2014-04-08 15:46 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-05-13 23:00 - 2014-04-08 11:54 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-05-13 23:00 - 2014-04-08 11:54 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-05-13 23:00 - 2014-03-27 02:12 - 21225584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-05-13 23:00 - 2014-03-27 00:48 - 18679728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-05-13 19:41 - 2014-05-13 19:41 - 01618724 _____ (Graboid Inc.) C:\Users\Juan\Downloads\GraboidVideoInstaller-5.1.2.0.exe
2014-05-13 19:38 - 2014-05-13 19:38 - 00244008 _____ (Premium Installer ) C:\Users\Juan\Downloads\Player-Chrome.exe
2014-05-13 19:38 - 2014-05-13 19:38 - 00244008 _____ (Premium Installer ) C:\Users\Juan\Downloads\Player-Chrome (1).exe
2014-05-13 15:51 - 2014-05-13 15:51 - 00918672 _____ (Google Inc.) C:\Users\Juan\Downloads\ChromeSetup.exe
2014-05-13 14:27 - 2014-05-13 14:27 - 00000000 ____D () C:\Users\Juan\AppData\Local\Intuit
2014-05-13 13:15 - 2014-05-13 13:16 - 00000000 ___DC () C:\Users\Juan\AppData\Local\MigWiz
2014-05-10 15:03 - 2014-05-10 15:03 - 00000000 __SHD () C:\Users\Juan\AppData\Local\EmieUserList
2014-05-10 15:03 - 2014-05-10 15:03 - 00000000 __SHD () C:\Users\Juan\AppData\Local\EmieSiteList
2014-05-10 14:22 - 2014-05-10 18:54 - 00000000 ____D () C:\Users\Juan\AppData\Local\Windows Live
2014-05-10 14:22 - 2014-05-10 14:22 - 00000000 ____D () C:\Users\Juan\AppData\Local\{8F1B4D05-3AC0-4711-AC4F-E41E74B76B95}
2014-05-01 23:34 - 2014-05-01 23:34 - 00000000 ____D () C:\Users\Juan\AppData\Local\{1CFC8E97-F16B-4DDB-9701-A9CBEE567958}
2014-05-01 15:47 - 2014-05-13 13:26 - 00000000 ____D () C:\Users\Juan\Desktop\TPC 14
2014-04-26 01:34 - 2014-04-26 01:34 - 00000000 ____D () C:\Users\Juan\AppData\Local\Skype
2014-04-24 05:59 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2014-04-24 01:26 - 2014-03-19 20:41 - 02013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-04-24 01:26 - 2014-03-19 20:40 - 01112536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-04-24 01:26 - 2014-03-19 18:29 - 04268544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-04-24 01:26 - 2014-03-11 05:42 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-04-24 01:26 - 2014-03-11 05:35 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-04-24 01:26 - 2014-03-08 13:38 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-04-24 01:26 - 2014-03-08 00:09 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-04-24 01:26 - 2014-03-08 00:03 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-04-24 01:26 - 2014-03-07 23:46 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-04-24 01:26 - 2014-03-07 23:09 - 00958464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-04-24 01:26 - 2014-03-07 22:41 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-04-24 01:26 - 2014-03-06 07:34 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-04-24 01:26 - 2014-03-06 05:53 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-04-24 01:26 - 2014-03-06 05:51 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-04-24 01:26 - 2014-03-06 05:42 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-04-24 01:26 - 2014-03-06 04:13 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-04-24 01:26 - 2014-03-06 03:46 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2014-04-24 01:26 - 2014-03-06 02:19 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-04-24 01:26 - 2014-03-06 01:20 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-04-24 01:26 - 2014-03-06 00:22 - 16875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-04-24 01:26 - 2014-03-05 23:59 - 12732416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-04-24 01:26 - 2014-03-05 23:51 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-04-24 01:26 - 2014-03-05 23:39 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-04-24 01:26 - 2014-03-05 23:23 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-04-24 01:26 - 2014-03-05 23:16 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-04-24 01:26 - 2014-03-05 23:09 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-04-24 01:26 - 2014-03-05 22:42 - 01129472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-04-24 01:26 - 2014-03-05 22:28 - 08653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-04-24 01:26 - 2014-03-05 22:27 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-04-24 01:26 - 2014-03-05 22:21 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-04-24 01:26 - 2014-03-05 22:20 - 06641152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-04-24 01:26 - 2014-03-04 05:25 - 02373784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-04-24 01:26 - 2014-03-04 05:15 - 02519384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-04-24 01:26 - 2014-03-04 04:16 - 02088160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-04-24 01:25 - 2014-03-19 21:19 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-04-24 01:25 - 2014-03-19 20:41 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-04-24 01:25 - 2014-03-19 17:53 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-04-24 01:25 - 2014-03-19 17:48 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-04-24 01:25 - 2014-03-19 16:55 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-04-24 01:25 - 2014-03-19 16:39 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-04-24 01:25 - 2014-03-19 16:36 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2014-04-24 01:25 - 2014-03-19 00:13 - 00836096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-04-24 01:25 - 2014-03-18 22:57 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-04-24 01:25 - 2014-03-18 22:50 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-04-24 01:25 - 2014-03-18 22:31 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-04-24 01:25 - 2014-03-18 22:20 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2014-04-24 01:25 - 2014-03-18 22:08 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-04-24 01:25 - 2014-03-18 21:41 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-04-24 01:25 - 2014-03-18 21:17 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-04-24 01:25 - 2014-03-13 05:35 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-04-24 01:25 - 2014-03-12 06:45 - 00387210 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-04-24 01:25 - 2014-03-11 08:45 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2014-04-24 01:25 - 2014-03-11 08:18 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-04-24 01:25 - 2014-03-11 08:02 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2014-04-24 01:25 - 2014-03-11 07:28 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-04-24 01:25 - 2014-03-11 07:25 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2014-04-24 01:25 - 2014-03-11 07:05 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2014-04-24 01:25 - 2014-03-11 07:03 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-04-24 01:25 - 2014-03-11 07:00 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-04-24 01:25 - 2014-03-11 06:21 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-04-24 01:25 - 2014-03-11 06:02 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-04-24 01:25 - 2014-03-08 13:47 - 00565536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-04-24 01:25 - 2014-03-08 13:47 - 00180056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-04-24 01:25 - 2014-03-08 13:40 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-04-24 01:25 - 2014-03-08 13:35 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-04-24 01:25 - 2014-03-08 13:35 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-04-24 01:25 - 2014-03-08 08:29 - 01339240 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-04-24 01:25 - 2014-03-08 08:29 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-04-24 01:25 - 2014-03-08 04:34 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2014-04-24 01:25 - 2014-03-08 02:34 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-04-24 01:25 - 2014-03-08 02:02 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-04-24 01:25 - 2014-03-08 01:44 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-04-24 01:25 - 2014-03-08 01:33 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-04-24 01:25 - 2014-03-08 01:25 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-04-24 01:25 - 2014-03-08 01:12 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2014-04-24 01:25 - 2014-03-08 00:53 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-04-24 01:25 - 2014-03-08 00:51 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-04-24 01:25 - 2014-03-08 00:47 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2014-04-24 01:25 - 2014-03-08 00:12 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-04-24 01:25 - 2014-03-08 00:04 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-04-24 01:25 - 2014-03-08 00:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-04-24 01:25 - 2014-03-07 23:50 - 01066496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-04-24 01:25 - 2014-03-07 23:48 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-04-24 01:25 - 2014-03-07 23:41 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-04-24 01:25 - 2014-03-07 23:40 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-04-24 01:25 - 2014-03-07 23:37 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-04-24 01:25 - 2014-03-07 23:31 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-04-24 01:25 - 2014-03-07 23:30 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-04-24 01:25 - 2014-03-07 23:25 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-04-24 01:25 - 2014-03-07 23:04 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-04-24 01:25 - 2014-03-07 23:02 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-04-24 01:25 - 2014-03-07 22:58 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-04-24 01:25 - 2014-03-07 22:11 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-04-24 01:25 - 2014-03-06 07:35 - 01466864 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-04-24 01:25 - 2014-03-06 07:34 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-04-24 01:25 - 2014-03-06 05:53 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-04-24 01:25 - 2014-03-06 05:51 - 00488280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-04-24 01:25 - 2014-03-06 05:51 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-04-24 01:25 - 2014-03-06 05:40 - 00492256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-04-24 01:25 - 2014-03-06 05:40 - 00467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-04-24 01:25 - 2014-03-06 05:40 - 00463264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-04-24 01:25 - 2014-03-06 05:40 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-04-24 01:25 - 2014-03-06 05:40 - 00244888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-04-24 01:25 - 2014-03-06 05:39 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-04-24 01:25 - 2014-03-06 04:20 - 01200296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-04-24 01:25 - 2014-03-06 04:19 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-04-24 01:25 - 2014-03-06 04:19 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2014-04-24 01:25 - 2014-03-06 04:13 - 00406912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-04-24 01:25 - 2014-03-06 03:35 - 00406512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-04-24 01:25 - 2014-03-06 03:35 - 00388408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-04-24 01:25 - 2014-03-06 03:35 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-04-24 01:25 - 2014-03-06 03:35 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-04-24 01:25 - 2014-03-06 02:29 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-04-24 01:25 - 2014-03-06 02:24 - 00111616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-04-24 01:25 - 2014-03-06 02:24 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-04-24 01:25 - 2014-03-06 02:24 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-04-24 01:25 - 2014-03-06 02:22 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-04-24 01:25 - 2014-03-06 02:22 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-04-24 01:25 - 2014-03-06 02:22 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-04-24 01:25 - 2014-03-06 02:20 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-04-24 01:25 - 2014-03-06 02:20 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-04-24 01:25 - 2014-03-06 02:20 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-04-24 01:25 - 2014-03-06 02:19 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-04-24 01:25 - 2014-03-06 02:19 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-04-24 01:25 - 2014-03-06 02:19 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-04-24 01:25 - 2014-03-06 02:19 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-04-24 01:25 - 2014-03-06 02:08 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-04-24 01:25 - 2014-03-06 02:08 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-04-24 01:25 - 2014-03-06 01:41 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-04-24 01:25 - 2014-03-06 01:38 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-04-24 01:25 - 2014-03-06 01:37 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-04-24 01:25 - 2014-03-06 01:28 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-04-24 01:25 - 2014-03-06 01:10 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2014-04-24 01:25 - 2014-03-06 01:09 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-04-24 01:25 - 2014-03-06 01:00 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-04-24 01:25 - 2014-03-06 00:47 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-04-24 01:25 - 2014-03-06 00:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-04-24 01:25 - 2014-03-06 00:44 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-04-24 01:25 - 2014-03-06 00:16 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2014-04-24 01:25 - 2014-03-06 00:08 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-04-24 01:25 - 2014-03-06 00:02 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-04-24 01:25 - 2014-03-05 23:57 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-04-24 01:25 - 2014-03-05 23:34 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-04-24 01:25 - 2014-03-05 23:32 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-04-24 01:25 - 2014-03-05 23:31 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-04-24 01:25 - 2014-03-05 23:29 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2014-04-24 01:25 - 2014-03-05 23:27 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2014-04-24 01:25 - 2014-03-05 23:24 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-04-24 01:25 - 2014-03-05 23:23 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-04-24 01:25 - 2014-03-05 23:21 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-04-24 01:25 - 2014-03-05 23:21 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-04-24 01:25 - 2014-03-05 23:16 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-04-24 01:25 - 2014-03-05 23:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-04-24 01:25 - 2014-03-05 23:13 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-04-24 01:25 - 2014-03-05 23:11 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-04-24 01:25 - 2014-03-05 23:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2014-04-24 01:25 - 2014-03-05 23:05 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-04-24 01:25 - 2014-03-05 23:04 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-04-24 01:25 - 2014-03-05 23:04 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2014-04-24 01:25 - 2014-03-05 23:01 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-04-24 01:25 - 2014-03-05 22:54 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-04-24 01:25 - 2014-03-05 22:54 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-04-24 01:25 - 2014-03-05 22:51 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2014-04-24 01:25 - 2014-03-05 22:47 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-04-24 01:25 - 2014-03-05 22:42 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2014-04-24 01:25 - 2014-03-05 22:33 - 00839168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-04-24 01:25 - 2014-03-04 05:15 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-04-24 01:25 - 2014-03-04 05:14 - 00360512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-04-24 01:25 - 2014-03-04 04:10 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-04-24 01:25 - 2014-03-04 00:16 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-04-24 01:25 - 2014-03-04 00:13 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-04-24 01:25 - 2014-03-04 00:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-04-24 01:25 - 2014-03-04 00:00 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-04-24 01:25 - 2014-03-03 23:56 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-04-24 01:25 - 2014-03-03 23:50 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-04-24 01:25 - 2014-03-03 23:42 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-04-24 01:25 - 2014-03-03 23:39 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2014-04-24 01:25 - 2014-03-03 23:32 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2014-04-24 01:25 - 2014-03-03 23:15 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-04-24 01:25 - 2014-03-03 23:05 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2014-04-24 01:25 - 2014-03-03 23:03 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-04-24 01:25 - 2014-03-03 23:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-04-24 01:25 - 2014-03-03 22:54 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-04-24 01:25 - 2014-03-03 22:52 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-04-24 01:25 - 2014-02-06 15:59 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-04-24 01:25 - 2014-02-06 14:26 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-04-24 01:25 - 2013-12-23 16:28 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-04-24 01:25 - 2013-12-23 16:26 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-04-24 01:22 - 2014-02-25 23:29 - 02678784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-04-24 01:11 - 2014-02-22 08:55 - 01435304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2014-04-24 01:11 - 2014-02-22 08:53 - 03394384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-04-24 01:11 - 2014-02-22 08:46 - 01927600 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-04-24 01:11 - 2014-02-22 08:41 - 02142976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-04-24 01:11 - 2014-02-22 05:15 - 04192768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-04-24 01:11 - 2014-02-22 05:08 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\OobeFldr.dll
2014-04-24 01:11 - 2014-02-22 04:44 - 02767360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-04-24 01:11 - 2014-02-22 04:30 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-04-24 01:11 - 2014-02-22 04:17 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-04-24 01:11 - 2014-02-22 04:17 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OobeFldr.dll
2014-04-24 01:11 - 2014-02-22 04:00 - 05784064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-04-24 01:11 - 2014-02-22 03:44 - 02178048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-04-24 01:11 - 2014-02-22 03:36 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-04-24 01:11 - 2014-02-22 03:34 - 11742720 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2014-04-24 01:11 - 2014-02-22 03:33 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-04-24 01:11 - 2014-02-22 03:02 - 08946688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2014-04-24 01:11 - 2014-02-22 03:00 - 02043904 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-04-24 01:11 - 2014-02-22 02:47 - 01192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2014-04-24 01:11 - 2014-02-22 02:39 - 13551104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-04-24 01:11 - 2014-02-22 02:33 - 11745792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-04-24 01:11 - 2014-02-22 02:33 - 01967104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-04-24 01:11 - 2014-02-22 02:23 - 03494912 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2014-04-24 01:11 - 2014-02-22 02:16 - 11776000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2014-04-24 01:11 - 2014-02-22 02:11 - 02262016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-04-24 01:11 - 2014-02-22 02:01 - 13933568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2014-04-24 01:11 - 2014-02-22 01:53 - 12027904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-04-24 01:11 - 2014-02-22 01:49 - 08874496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-04-24 01:11 - 2014-02-22 01:49 - 01400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-04-24 01:11 - 2014-02-22 01:38 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-04-24 01:11 - 2014-02-22 01:35 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-04-24 01:11 - 2014-02-22 01:27 - 01143808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-04-24 01:11 - 2014-02-07 18:08 - 00139600 _____ () C:\WINDOWS\system32\systemsf.ebd
2014-04-24 01:10 - 2014-02-22 09:59 - 01290688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2014-04-24 01:10 - 2014-02-22 09:59 - 00526304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2014-04-24 01:10 - 2014-02-22 09:15 - 01929608 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2014-04-24 01:10 - 2014-02-22 09:00 - 00590168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-04-24 01:10 - 2014-02-22 08:50 - 02588168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-04-24 01:10 - 2014-02-22 08:50 - 00645104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-04-24 01:10 - 2014-02-22 08:48 - 02574240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-04-24 01:10 - 2014-02-22 08:46 - 01445616 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2014-04-24 01:10 - 2014-02-22 08:46 - 01000424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2014-04-24 01:10 - 2014-02-22 08:44 - 00539992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2014-04-24 01:10 - 2014-02-22 08:43 - 01727760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-04-24 01:10 - 2014-02-22 08:41 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-04-24 01:10 - 2014-02-22 08:41 - 01215832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2014-04-24 01:10 - 2014-02-22 08:41 - 00800552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2014-04-24 01:10 - 2014-02-22 08:41 - 00609456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-04-24 01:10 - 2014-02-22 08:40 - 01118552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-04-24 01:10 - 2014-02-22 07:42 - 01017936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2014-04-24 01:10 - 2014-02-22 07:42 - 00422968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2014-04-24 01:10 - 2014-02-22 07:38 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-04-24 01:10 - 2014-02-22 07:38 - 01077944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2014-04-24 01:10 - 2014-02-22 07:25 - 02410496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-04-24 01:10 - 2014-02-22 07:08 - 01474104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-04-24 01:10 - 2014-02-22 07:04 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-04-24 01:10 - 2014-02-22 07:04 - 01206000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-04-24 01:10 - 2014-02-22 07:04 - 01011280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2014-04-24 01:10 - 2014-02-22 07:04 - 00650736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2014-04-24 01:10 - 2014-02-22 05:24 - 02825216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2014-04-24 01:10 - 2014-02-22 03:38 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DfpCommon.dll
2014-04-24 01:10 - 2014-02-22 03:09 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-04-24 01:10 - 2014-02-22 03:06 - 02943488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-04-24 01:10 - 2014-02-22 03:01 - 02648064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-04-24 01:10 - 2014-02-22 02:53 - 00825344 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2014-04-24 01:10 - 2014-02-22 02:52 - 01132032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2014-04-24 01:10 - 2014-02-22 02:40 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-04-24 01:10 - 2014-02-22 02:38 - 00753664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2014-04-24 01:10 - 2014-02-22 02:35 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofTasks.dll
2014-04-24 01:10 - 2014-02-22 02:28 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2014-04-24 01:10 - 2014-02-22 02:26 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2014-04-24 01:10 - 2014-02-22 02:23 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-04-24 01:10 - 2014-02-22 02:23 - 01576960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2014-04-24 01:10 - 2014-02-22 02:23 - 00628224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2014-04-24 01:10 - 2014-02-22 02:21 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-04-24 01:10 - 2014-02-22 02:14 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2014-04-24 01:10 - 2014-02-22 02:13 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2014-04-24 01:10 - 2014-02-22 02:11 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2014-04-24 01:10 - 2014-02-22 02:10 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-04-24 01:10 - 2014-02-22 02:04 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-04-24 01:10 - 2014-02-22 02:00 - 01341440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2014-04-24 01:10 - 2014-02-22 02:00 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2014-04-24 01:10 - 2014-02-22 01:59 - 01621504 _____ (Microsoft Corporation) C:\WINDOWS\system32\RacEngn.dll
2014-04-24 01:10 - 2014-02-22 01:59 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-04-24 01:10 - 2014-02-22 01:59 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2014-04-24 01:10 - 2014-02-22 01:54 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-04-24 01:10 - 2014-02-22 01:47 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-04-24 01:10 - 2014-02-22 01:44 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-04-24 01:10 - 2014-02-22 01:40 - 02368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2014-04-24 01:10 - 2014-02-22 01:39 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2014-04-24 01:10 - 2014-02-22 01:37 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2014-04-24 01:10 - 2014-02-22 01:34 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-04-24 01:10 - 2014-02-22 01:32 - 01789440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-04-24 01:10 - 2014-02-22 01:24 - 02760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-04-24 01:10 - 2014-02-22 01:22 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-04-24 01:10 - 2014-02-22 01:21 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-04-24 01:10 - 2014-02-22 01:06 - 01640960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2014-04-24 01:10 - 2014-02-22 01:04 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-04-24 01:10 - 2014-02-22 01:03 - 01496576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2014-04-24 01:10 - 2014-02-22 01:01 - 00978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-04-24 01:10 - 2014-02-22 01:01 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2014-04-24 01:10 - 2014-02-22 01:00 - 00514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2014-04-24 01:10 - 2014-01-29 01:53 - 01653352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-04-24 01:09 - 2014-02-22 09:59 - 01519520 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-04-24 01:09 - 2014-02-22 09:59 - 00461176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-04-24 01:09 - 2014-02-22 09:59 - 00407536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-04-24 01:09 - 2014-02-22 09:15 - 01206000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2014-04-24 01:09 - 2014-02-22 09:15 - 00531128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2014-04-24 01:09 - 2014-02-22 09:00 - 00249688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2014-04-24 01:09 - 2014-02-22 08:55 - 00388408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-04-24 01:09 - 2014-02-22 08:55 - 00244848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2014-04-24 01:09 - 2014-02-22 08:50 - 00761792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2014-04-24 01:09 - 2014-02-22 08:49 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-04-24 01:09 - 2014-02-22 08:49 - 00280920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-04-24 01:09 - 2014-02-22 08:49 - 00148824 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-04-24 01:09 - 2014-02-22 08:48 - 01791752 ____C (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2014-04-24 01:09 - 2014-02-22 08:46 - 00669896 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2014-04-24 01:09 - 2014-02-22 08:44 - 00424280 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-04-24 01:09 - 2014-02-22 08:44 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-04-24 01:09 - 2014-02-22 08:43 - 01659056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-04-24 01:09 - 2014-02-22 08:43 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-04-24 01:09 - 2014-02-22 08:43 - 01487520 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-04-24 01:09 - 2014-02-22 08:43 - 01356360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-04-24 01:09 - 2014-02-22 08:41 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-04-24 01:09 - 2014-02-22 08:41 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-04-24 01:09 - 2014-02-22 08:41 - 00391008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2014-04-24 01:09 - 2014-02-22 08:41 - 00372360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2014-04-24 01:09 - 2014-02-22 07:52 - 01767440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2014-04-24 01:09 - 2014-02-22 07:51 - 01063976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2014-04-24 01:09 - 2014-02-22 07:42 - 00410568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-04-24 01:09 - 2014-02-22 07:18 - 00477744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-04-24 01:09 - 2014-02-22 07:04 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-04-24 01:09 - 2014-02-22 07:04 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-04-24 01:09 - 2014-02-22 07:04 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2014-04-24 01:09 - 2014-02-22 05:22 - 01163264 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-04-24 01:09 - 2014-02-22 05:14 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-04-24 01:09 - 2014-02-22 05:11 - 00272896 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2014-04-24 01:09 - 2014-02-22 05:07 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2014-04-24 01:09 - 2014-02-22 05:07 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofUtil.dll
2014-04-24 01:09 - 2014-02-22 04:46 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-04-24 01:09 - 2014-02-22 04:46 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-04-24 01:09 - 2014-02-22 04:28 - 02428928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2014-04-24 01:09 - 2014-02-22 04:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\recimg.exe
2014-04-24 01:09 - 2014-02-22 04:16 - 00617472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2014-04-24 01:09 - 2014-02-22 03:57 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-04-24 01:09 - 2014-02-22 03:54 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-04-24 01:09 - 2014-02-22 03:47 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfp.exe
2014-04-24 01:09 - 2014-02-22 03:41 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-04-24 01:09 - 2014-02-22 03:41 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2014-04-24 01:09 - 2014-02-22 03:36 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2014-04-24 01:09 - 2014-02-22 03:25 - 01428480 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2014-04-24 01:09 - 2014-02-22 03:22 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-04-24 01:09 - 2014-02-22 03:18 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2014-04-24 01:09 - 2014-02-22 03:09 - 01224192 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2014-04-24 01:09 - 2014-02-22 03:08 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-04-24 01:09 - 2014-02-22 03:05 - 01757184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-04-24 01:09 - 2014-02-22 03:01 - 01227776 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2014-04-24 01:09 - 2014-02-22 03:01 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2014-04-24 01:09 - 2014-02-22 02:57 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2014-04-24 01:09 - 2014-02-22 02:48 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-04-24 01:09 - 2014-02-22 02:48 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-04-24 01:09 - 2014-02-22 02:46 - 00528896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-04-24 01:09 - 2014-02-22 02:45 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2014-04-24 01:09 - 2014-02-22 02:37 - 02220032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-04-24 01:09 - 2014-02-22 02:36 - 01392640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-04-24 01:09 - 2014-02-22 02:35 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2014-04-24 01:09 - 2014-02-22 02:34 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2014-04-24 01:09 - 2014-02-22 02:33 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2014-04-24 01:09 - 2014-02-22 02:32 - 01162752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2014-04-24 01:09 - 2014-02-22 02:26 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2014-04-24 01:09 - 2014-02-22 02:25 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-04-24 01:09 - 2014-02-22 02:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-04-24 01:09 - 2014-02-22 02:24 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2014-04-24 01:09 - 2014-02-22 02:23 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-04-24 01:09 - 2014-02-22 02:14 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2014-04-24 01:09 - 2014-02-22 02:11 - 02395136 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-04-24 01:09 - 2014-02-22 02:07 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2014-04-24 01:09 - 2014-02-22 02:04 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\perftrack.dll
2014-04-24 01:09 - 2014-02-22 01:59 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-04-24 01:09 - 2014-02-22 01:51 - 01258496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RacEngn.dll
2014-04-24 01:09 - 2014-02-22 01:51 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2014-04-24 01:09 - 2014-02-22 01:51 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2014-04-24 01:09 - 2014-02-22 01:49 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2014-04-24 01:09 - 2014-02-22 01:45 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2014-04-24 01:09 - 2014-02-22 01:42 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2014-04-24 01:09 - 2014-02-22 01:40 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-04-24 01:09 - 2014-02-22 01:37 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2014-04-24 01:09 - 2014-02-22 01:18 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-04-24 01:09 - 2014-02-22 01:17 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-04-24 01:09 - 2014-02-21 21:33 - 00262335 _____ () C:\WINDOWS\system32\dfpinc.dat
2014-04-24 01:09 - 2014-02-02 07:48 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-04-24 01:09 - 2014-02-02 06:33 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-04-24 01:09 - 2014-01-29 00:44 - 01369736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-04-24 01:09 - 2014-01-27 08:38 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-04-24 01:09 - 2014-01-07 18:30 - 00745328 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-04-24 01:09 - 2013-12-10 00:35 - 00530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2014-04-24 01:08 - 2014-02-22 09:59 - 00289752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2014-04-24 01:08 - 2014-02-22 09:59 - 00139464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2014-04-24 01:08 - 2014-02-22 09:59 - 00123448 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-04-24 01:08 - 2014-02-22 09:02 - 00170952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2014-04-24 01:08 - 2014-02-22 09:02 - 00083120 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhost.exe
2014-04-24 01:08 - 2014-02-22 09:00 - 00236888 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-04-24 01:08 - 2014-02-22 09:00 - 00151384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-04-24 01:08 - 2014-02-22 08:59 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-04-24 01:08 - 2014-02-22 08:55 - 00152848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2014-04-24 01:08 - 2014-02-22 08:55 - 00105864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-04-24 01:08 - 2014-02-22 08:50 - 00258784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-04-24 01:08 - 2014-02-22 08:49 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-04-24 01:08 - 2014-02-22 08:49 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-04-24 01:08 - 2014-02-22 08:48 - 00210736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-04-24 01:08 - 2014-02-22 08:44 - 00311640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-04-24 01:08 - 2014-02-22 08:41 - 00324896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-04-24 01:08 - 2014-02-22 07:42 - 00369288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-04-24 01:08 - 2014-02-22 07:42 - 00098072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-04-24 01:08 - 2014-02-22 07:38 - 00506120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2014-04-24 01:08 - 2014-02-22 07:38 - 00336232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-04-24 01:08 - 2014-02-22 07:38 - 00089848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-04-24 01:08 - 2014-02-22 07:25 - 00180240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-04-24 01:08 - 2014-02-22 07:11 - 00490136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2014-04-24 01:08 - 2014-02-22 07:04 - 00317584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2014-04-24 01:08 - 2014-02-22 07:04 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-04-24 01:08 - 2014-02-22 05:20 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2014-04-24 01:08 - 2014-02-22 05:14 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2014-04-24 01:08 - 2014-02-22 05:09 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2014-04-24 01:08 - 2014-02-22 05:07 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\clrhost.dll
2014-04-24 01:08 - 2014-02-22 05:02 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\aelupsvc.dll
2014-04-24 01:08 - 2014-02-22 04:57 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2014-04-24 01:08 - 2014-02-22 04:54 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2014-04-24 01:08 - 2014-02-22 04:41 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\PkgMgr.exe
2014-04-24 01:08 - 2014-02-22 04:34 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmdskmgr.dll
2014-04-24 01:08 - 2014-02-22 04:16 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clrhost.dll
2014-04-24 01:08 - 2014-02-22 04:06 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2014-04-24 01:08 - 2014-02-22 04:05 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2014-04-24 01:08 - 2014-02-22 04:00 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-04-24 01:08 - 2014-02-22 03:58 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-04-24 01:08 - 2014-02-22 03:56 - 02862592 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2014-04-24 01:08 - 2014-02-22 03:56 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\srchadmin.dll
2014-04-24 01:08 - 2014-02-22 03:52 - 02288640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2014-04-24 01:08 - 2014-02-22 03:39 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-04-24 01:08 - 2014-02-22 03:37 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2014-04-24 01:08 - 2014-02-22 03:18 - 00722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe
2014-04-24 01:08 - 2014-02-22 03:17 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2014-04-24 01:08 - 2014-02-22 03:15 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2014-04-24 01:08 - 2014-02-22 03:14 - 02811392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2014-04-24 01:08 - 2014-02-22 03:14 - 02165760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2014-04-24 01:08 - 2014-02-22 03:12 - 00797696 _____ (Microsoft Corporation) C:\WINDOWS\system32\PurchaseWindowsLicense.dll
2014-04-24 01:08 - 2014-02-22 03:09 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2014-04-24 01:08 - 2014-02-22 03:04 - 00935424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2014-04-24 01:08 - 2014-02-22 03:04 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2014-04-24 01:08 - 2014-02-22 03:03 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-04-24 01:08 - 2014-02-22 03:02 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2014-04-24 01:08 - 2014-02-22 03:01 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-04-24 01:08 - 2014-02-22 03:00 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2014-04-24 01:08 - 2014-02-22 02:59 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-04-24 01:08 - 2014-02-22 02:54 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2014-04-24 01:08 - 2014-02-22 02:45 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2014-04-24 01:08 - 2014-02-22 02:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2014-04-24 01:08 - 2014-02-22 02:45 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-04-24 01:08 - 2014-02-22 02:44 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2014-04-24 01:08 - 2014-02-22 02:44 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-04-24 01:08 - 2014-02-22 02:43 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2014-04-24 01:08 - 2014-02-22 02:36 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2014-04-24 01:08 - 2014-02-22 02:34 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2014-04-24 01:08 - 2014-02-22 02:31 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-04-24 01:08 - 2014-02-22 02:28 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2014-04-24 01:08 - 2014-02-22 02:25 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-04-24 01:08 - 2014-02-22 02:25 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2014-04-24 01:08 - 2014-02-22 02:25 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2014-04-24 01:08 - 2014-02-22 02:15 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2014-04-24 01:08 - 2014-02-22 02:12 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2014-04-24 01:08 - 2014-02-22 02:10 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-04-24 01:08 - 2014-02-22 02:09 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2014-04-24 01:08 - 2014-02-22 02:08 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2014-04-24 01:08 - 2014-02-22 02:07 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-04-24 01:08 - 2014-02-22 02:06 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-04-24 01:08 - 2014-02-22 01:54 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2014-04-24 01:08 - 2014-02-22 01:54 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2014-04-24 01:08 - 2014-02-22 01:53 - 00876544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-04-24 01:08 - 2014-02-22 01:52 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-04-24 01:08 - 2014-02-22 01:52 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-04-24 01:08 - 2014-02-22 01:48 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-04-24 01:08 - 2014-02-22 01:47 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2014-04-24 01:08 - 2014-02-22 01:47 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-04-24 01:08 - 2014-02-22 01:45 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-04-24 01:08 - 2014-02-22 01:43 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2014-04-24 01:08 - 2014-02-22 01:43 - 00469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2014-04-24 01:08 - 2014-02-22 01:43 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-04-24 01:08 - 2014-02-22 01:43 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2014-04-24 01:08 - 2014-02-22 01:42 - 00943104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2014-04-24 01:08 - 2014-02-22 01:42 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-04-24 01:08 - 2014-02-22 01:38 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-04-24 01:08 - 2014-02-22 01:36 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2014-04-24 01:08 - 2014-02-22 01:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-04-24 01:08 - 2014-02-22 01:33 - 00609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2014-04-24 01:08 - 2014-02-22 01:29 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2014-04-24 01:08 - 2014-02-22 01:24 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2014-04-24 01:08 - 2014-02-22 01:22 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-04-24 01:08 - 2014-02-22 01:21 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmIndexer.dll
2014-04-24 01:08 - 2014-01-31 02:55 - 03596800 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2014-04-24 01:08 - 2014-01-31 02:35 - 03085824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2014-04-24 01:08 - 2014-01-31 02:10 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2014-04-24 01:08 - 2014-01-31 01:18 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-04-24 01:08 - 2014-01-29 01:52 - 00551256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2014-04-24 01:08 - 2014-01-28 17:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2014-04-24 01:08 - 2014-01-28 17:17 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2014-04-24 01:08 - 2014-01-27 10:04 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-04-24 01:08 - 2014-01-17 10:24 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2014-04-24 01:08 - 2014-01-17 10:04 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2014-04-24 01:08 - 2014-01-07 17:33 - 00552632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-04-24 01:08 - 2013-12-04 08:16 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-04-24 01:08 - 2013-12-04 06:53 - 00473600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-04-24 01:08 - 2013-11-10 16:41 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2014-04-24 01:07 - 2014-02-22 09:59 - 00209160 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2014-04-24 01:07 - 2014-02-22 09:15 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\system32\powrprof.dll
2014-04-24 01:07 - 2014-02-22 09:15 - 00188464 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2014-04-24 01:07 - 2014-02-22 09:15 - 00071888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2014-04-24 01:07 - 2014-02-22 09:02 - 00080048 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostex.exe
2014-04-24 01:07 - 2014-02-22 09:00 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2014-04-24 01:07 - 2014-02-22 08:55 - 00131168 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-04-24 01:07 - 2014-02-22 08:50 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\RestoreOptIn.exe
2014-04-24 01:07 - 2014-02-22 08:50 - 00043408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2014-04-24 01:07 - 2014-02-22 08:50 - 00032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserAccountBroker.exe
2014-04-24 01:07 - 2014-02-22 08:49 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-04-24 01:07 - 2014-02-22 08:49 - 00079192 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2014-04-24 01:07 - 2014-02-22 08:44 - 00924504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2014-04-24 01:07 - 2014-02-22 08:43 - 00142576 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2014-04-24 01:07 - 2014-02-22 08:43 - 00094560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2014-04-24 01:07 - 2014-02-22 07:52 - 00251504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powrprof.dll
2014-04-24 01:07 - 2014-02-22 07:51 - 00140456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2014-04-24 01:07 - 2014-02-22 07:42 - 00232896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2014-04-24 01:07 - 2014-02-22 07:42 - 00137344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2014-04-24 01:07 - 2014-02-22 07:18 - 00089848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RestoreOptIn.exe
2014-04-24 01:07 - 2014-02-22 07:18 - 00041320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2014-04-24 01:07 - 2014-02-22 07:18 - 00029912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserAccountBroker.exe
2014-04-24 01:07 - 2014-02-22 07:08 - 00079496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2014-04-24 01:07 - 2014-02-22 05:20 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-power-events.dll
2014-04-24 01:07 - 2014-02-22 05:14 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2014-04-24 01:07 - 2014-02-22 05:06 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-04-24 01:07 - 2014-02-22 04:50 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsutil.exe
2014-04-24 01:07 - 2014-02-22 04:47 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2014-04-24 01:07 - 2014-02-22 04:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2014-04-24 01:07 - 2014-02-22 04:22 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-04-24 01:07 - 2014-02-22 04:17 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2014-04-24 01:07 - 2014-02-22 04:16 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2014-04-24 01:07 - 2014-02-22 04:15 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imm32.dll
2014-04-24 01:07 - 2014-02-22 04:05 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2014-04-24 01:07 - 2014-02-22 04:03 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-04-24 01:07 - 2014-02-22 04:02 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContent.dll
2014-04-24 01:07 - 2014-02-22 04:01 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fsutil.exe
2014-04-24 01:07 - 2014-02-22 03:59 - 01283584 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2014-04-24 01:07 - 2014-02-22 03:56 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2014-04-24 01:07 - 2014-02-22 03:52 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2014-04-24 01:07 - 2014-02-22 03:51 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2014-04-24 01:07 - 2014-02-22 03:41 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\netid.dll
2014-04-24 01:07 - 2014-02-22 03:33 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2014-04-24 01:07 - 2014-02-22 03:31 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-04-24 01:07 - 2014-02-22 03:30 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cleanmgr.exe
2014-04-24 01:07 - 2014-02-22 03:28 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-04-24 01:07 - 2014-02-22 03:27 - 00397824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2014-04-24 01:07 - 2014-02-22 03:17 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-04-24 01:07 - 2014-02-22 03:16 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srchadmin.dll
2014-04-24 01:07 - 2014-02-22 03:14 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2014-04-24 01:07 - 2014-02-22 03:13 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2014-04-24 01:07 - 2014-02-22 03:13 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2014-04-24 01:07 - 2014-02-22 02:55 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-04-24 01:07 - 2014-02-22 02:54 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-04-24 01:07 - 2014-02-22 02:49 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2014-04-24 01:07 - 2014-02-22 02:40 - 02537472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2014-04-24 01:07 - 2014-02-22 02:36 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2014-04-24 01:07 - 2014-02-22 02:36 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WLanConn.dll
2014-04-24 01:07 - 2014-02-22 02:25 - 00399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2014-04-24 01:07 - 2014-02-22 02:22 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2014-04-24 01:07 - 2014-02-22 02:18 - 00619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2014-04-24 01:07 - 2014-02-22 02:07 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2014-04-24 01:07 - 2014-02-22 02:02 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2014-04-24 01:07 - 2014-02-22 02:02 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-04-24 01:07 - 2014-02-22 01:55 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2014-04-24 01:07 - 2014-02-22 01:54 - 00194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2014-04-24 01:07 - 2014-02-22 01:54 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2014-04-24 01:07 - 2014-02-22 01:48 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2014-04-24 01:07 - 2014-02-22 01:47 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AltTab.dll
2014-04-24 01:07 - 2014-02-22 01:46 - 03312128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2014-04-24 01:07 - 2014-02-22 01:44 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2014-04-24 01:07 - 2014-02-22 01:44 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-04-24 01:07 - 2014-02-22 01:40 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2014-04-24 01:07 - 2014-02-22 01:38 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2014-04-24 01:07 - 2014-02-22 01:31 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-04-24 01:07 - 2014-02-22 00:54 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2014-04-24 01:07 - 2014-01-31 02:15 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2014-04-24 01:07 - 2014-01-31 02:08 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2014-04-24 01:07 - 2014-01-31 02:04 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2014-04-24 01:07 - 2014-01-27 12:53 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2014-04-24 01:07 - 2013-12-04 08:54 - 00660480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-04-24 01:07 - 2013-11-07 21:04 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-04-24 01:06 - 2014-02-22 09:58 - 00036200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2014-04-24 01:06 - 2014-02-22 08:59 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2014-04-24 01:06 - 2014-02-22 08:55 - 00162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2014-04-24 01:06 - 2014-02-22 08:50 - 00054816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-04-24 01:06 - 2014-02-22 08:49 - 00189784 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2014-04-24 01:06 - 2014-02-22 08:41 - 00028416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-04-24 01:06 - 2014-02-22 07:41 - 00033056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2014-04-24 01:06 - 2014-02-22 05:17 - 00902144 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2014-04-24 01:06 - 2014-02-22 05:17 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2014-04-24 01:06 - 2014-02-22 05:17 - 00874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2014-04-24 01:06 - 2014-02-22 05:14 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys
2014-04-24 01:06 - 2014-02-22 05:07 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2014-04-24 01:06 - 2014-02-22 05:03 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2014-04-24 01:06 - 2014-02-22 05:03 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2014-04-24 01:06 - 2014-02-22 05:01 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\spcompat.dll
2014-04-24 01:06 - 2014-02-22 04:59 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgrade.exe
2014-04-24 01:06 - 2014-02-22 04:57 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-04-24 01:06 - 2014-02-22 04:47 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2014-04-24 01:06 - 2014-02-22 04:45 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2014-04-24 01:06 - 2014-02-22 04:45 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhevents.dll
2014-04-24 01:06 - 2014-02-22 04:42 - 00038680 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2014-04-24 01:06 - 2014-02-22 04:37 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\diskpart.exe
2014-04-24 01:06 - 2014-02-22 04:32 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2014-04-24 01:06 - 2014-02-22 04:25 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-04-24 01:06 - 2014-02-22 04:25 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2014-04-24 01:06 - 2014-02-22 04:24 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2014-04-24 01:06 - 2014-02-22 04:24 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2014-04-24 01:06 - 2014-02-22 04:24 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2014-04-24 01:06 - 2014-02-22 04:22 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-04-24 01:06 - 2014-02-22 04:16 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2014-04-24 01:06 - 2014-02-22 04:14 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cleanmgr.exe
2014-04-24 01:06 - 2014-02-22 04:11 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2014-04-24 01:06 - 2014-02-22 04:02 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2014-04-24 01:06 - 2014-02-22 03:59 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2014-04-24 01:06 - 2014-02-22 03:58 - 00610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2014-04-24 01:06 - 2014-02-22 03:58 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAConn.dll
2014-04-24 01:06 - 2014-02-22 03:57 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2014-04-24 01:06 - 2014-02-22 03:56 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-04-24 01:06 - 2014-02-22 03:53 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PkgMgr.exe
2014-04-24 01:06 - 2014-02-22 03:47 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmdskmgr.dll
2014-04-24 01:06 - 2014-02-22 03:47 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2014-04-24 01:06 - 2014-02-22 03:47 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-04-24 01:06 - 2014-02-22 03:46 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2014-04-24 01:06 - 2014-02-22 03:40 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-04-24 01:06 - 2014-02-22 03:36 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-04-24 01:06 - 2014-02-22 03:34 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeResults.exe
2014-04-24 01:06 - 2014-02-22 03:25 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2014-04-24 01:06 - 2014-02-22 03:21 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-04-24 01:06 - 2014-02-22 03:21 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2014-04-24 01:06 - 2014-02-22 03:20 - 01152512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2014-04-24 01:06 - 2014-02-22 03:16 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2014-04-24 01:06 - 2014-02-22 03:13 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-04-24 01:06 - 2014-02-22 03:12 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwizeng.dll
2014-04-24 01:06 - 2014-02-22 03:09 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-24 01:06 - 2014-02-22 03:04 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netid.dll
2014-04-24 01:06 - 2014-02-22 02:56 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2014-04-24 01:06 - 2014-02-22 02:53 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-04-24 01:06 - 2014-02-22 02:52 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2014-04-24 01:06 - 2014-02-22 02:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2014-04-24 01:06 - 2014-02-22 02:45 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2014-04-24 01:06 - 2014-02-22 02:44 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\korwbrkr.dll
2014-04-24 01:06 - 2014-02-22 02:43 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-04-24 01:06 - 2014-02-22 02:30 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2014-04-24 01:06 - 2014-02-22 02:29 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-04-24 01:06 - 2014-02-22 02:29 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2014-04-24 01:06 - 2014-02-22 02:27 - 00484864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-04-24 01:06 - 2014-02-22 02:25 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbrand.dll
2014-04-24 01:06 - 2014-02-22 02:23 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2014-04-24 01:06 - 2014-02-22 02:19 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-04-24 01:06 - 2014-02-22 02:19 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-04-24 01:06 - 2014-02-22 02:06 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2014-04-24 01:06 - 2014-02-22 02:04 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\slpts.dll
2014-04-24 01:06 - 2014-02-22 01:59 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-04-24 01:06 - 2014-02-22 01:55 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\energytask.dll
2014-04-24 01:06 - 2014-02-22 01:55 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slpts.dll
2014-04-24 01:06 - 2014-02-22 01:51 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2014-04-24 01:06 - 2014-02-22 01:48 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2014-04-24 01:06 - 2014-02-22 01:47 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2014-04-24 01:06 - 2014-02-22 01:45 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2014-04-24 01:06 - 2014-02-22 01:44 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\provsvc.dll
2014-04-24 01:06 - 2014-02-22 01:44 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2014-04-24 01:06 - 2014-02-22 01:43 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2014-04-24 01:06 - 2014-02-22 01:43 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Renewal.dll
2014-04-24 01:06 - 2014-02-22 01:39 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2014-04-24 01:06 - 2014-02-22 01:39 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provsvc.dll
2014-04-24 01:06 - 2014-02-22 01:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2014-04-24 01:06 - 2014-02-22 01:30 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2014-04-24 01:06 - 2014-02-22 01:20 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2014-04-24 01:06 - 2014-02-22 01:19 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2014-04-24 01:06 - 2014-02-22 01:17 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2014-04-24 01:06 - 2014-01-31 23:00 - 00002255 _____ () C:\WINDOWS\SysWOW64\WimBootCompress.ini
2014-04-24 01:06 - 2014-01-31 23:00 - 00002255 _____ () C:\WINDOWS\system32\WimBootCompress.ini
2014-04-24 01:06 - 2014-01-31 04:59 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-04-24 01:06 - 2014-01-31 04:11 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-04-24 01:06 - 2014-01-31 02:19 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2014-04-24 01:06 - 2014-01-31 01:24 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-04-24 01:06 - 2014-01-29 01:40 - 00994136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2014-04-24 01:06 - 2014-01-28 17:18 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2014-04-24 01:06 - 2014-01-21 23:21 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2014-04-24 01:06 - 2014-01-21 22:50 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2014-04-24 01:06 - 2013-12-04 07:19 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-04-24 01:06 - 2013-11-27 02:10 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2014-04-24 01:06 - 2013-11-27 01:56 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2014-04-24 01:05 - 2014-02-22 05:17 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\f3ahvoas.dll
2014-04-24 01:05 - 2014-02-22 05:08 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2014-04-24 01:05 - 2014-02-22 05:04 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2014-04-24 01:05 - 2014-02-22 05:00 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2014-04-24 01:05 - 2014-02-22 04:50 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionQueue.dll
2014-04-24 01:05 - 2014-02-22 04:47 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsdyn.dll
2014-04-24 01:05 - 2014-02-22 04:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2014-04-24 01:05 - 2014-02-22 04:24 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SSShim.dll
2014-04-24 01:05 - 2014-02-22 04:24 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-session-winsta-l1-1-0.dll
2014-04-24 01:05 - 2014-02-22 04:17 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-04-24 01:05 - 2014-02-22 04:16 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2014-04-24 01:05 - 2014-02-22 04:13 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2014-04-24 01:05 - 2014-02-22 04:09 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2014-04-24 01:05 - 2014-02-22 04:08 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2014-04-24 01:05 - 2014-02-22 04:07 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\scavengeui.dll
2014-04-24 01:05 - 2014-02-22 04:05 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2014-04-24 01:05 - 2014-02-22 04:05 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentHost.dll
2014-04-24 01:05 - 2014-02-22 04:04 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfrgui.exe
2014-04-24 01:05 - 2014-02-22 04:01 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-04-24 01:05 - 2014-02-22 03:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-04-24 01:05 - 2014-02-22 03:55 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll
2014-04-24 01:05 - 2014-02-22 03:55 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrTasks.exe
2014-04-24 01:05 - 2014-02-22 03:50 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\diskpart.exe
2014-04-24 01:05 - 2014-02-22 03:47 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2014-04-24 01:05 - 2014-02-22 03:41 - 02566656 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2014-04-24 01:05 - 2014-02-22 03:38 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-04-24 01:05 - 2014-02-22 03:35 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2014-04-24 01:05 - 2014-02-22 03:32 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2014-04-24 01:05 - 2014-02-22 03:29 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-04-24 01:05 - 2014-02-22 03:21 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dfrgui.exe
2014-04-24 01:05 - 2014-02-22 03:18 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-04-24 01:05 - 2014-02-22 03:17 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2014-04-24 01:05 - 2014-02-22 03:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2014-04-24 01:05 - 2014-02-22 03:09 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2014-04-24 01:05 - 2014-02-22 02:54 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2014-04-24 01:05 - 2014-02-22 02:48 - 01136128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2014-04-24 01:05 - 2014-02-22 02:48 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2014-04-24 01:05 - 2014-02-22 02:46 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2014-04-24 01:05 - 2014-02-22 02:41 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-04-24 01:05 - 2014-02-22 02:39 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2014-04-24 01:05 - 2014-02-22 02:37 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-04-24 01:05 - 2014-02-22 02:28 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2014-04-24 01:05 - 2014-02-22 02:26 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2014-04-24 01:05 - 2014-02-22 02:26 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.exe
2014-04-24 01:05 - 2014-02-22 02:23 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2014-04-24 01:05 - 2014-02-22 02:22 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsku.dll
2014-04-24 01:05 - 2014-02-22 02:16 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxshared.dll
2014-04-24 01:05 - 2014-02-22 02:09 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-24 01:05 - 2014-02-22 02:02 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2014-04-24 01:05 - 2014-02-22 01:58 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-04-24 01:05 - 2014-02-22 01:55 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConfigureExpandedStorage.dll
2014-04-24 01:05 - 2014-02-22 01:55 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msshooks.dll
2014-04-24 01:05 - 2014-02-22 01:54 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AepRoam.dll
2014-04-24 01:05 - 2014-02-22 01:49 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2014-04-24 01:05 - 2014-02-22 01:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2014-04-24 01:05 - 2014-02-22 01:48 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msshooks.dll
2014-04-24 01:05 - 2014-02-22 01:45 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2014-04-24 01:05 - 2014-02-22 01:40 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2014-04-24 01:05 - 2014-02-22 01:35 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2014-04-24 01:05 - 2014-02-22 01:33 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2014-04-24 01:05 - 2014-02-22 01:24 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2014-04-24 01:05 - 2014-02-22 01:17 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2014-04-24 01:05 - 2013-11-07 20:47 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-04-24 01:04 - 2014-02-22 05:17 - 00008192 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-1.dll
2014-04-24 01:04 - 2014-02-22 05:17 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-session-winsta-l1-1-0.dll
2014-04-24 01:04 - 2014-02-22 05:17 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-0.dll
2014-04-24 01:04 - 2014-02-22 05:17 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-kernel32-package-l1-1-1.dll
2014-04-24 01:04 - 2014-02-22 05:08 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncui.dll
2014-04-24 01:04 - 2014-02-22 05:08 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\shimeng.dll
2014-04-24 01:04 - 2014-02-22 05:08 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2014-04-24 01:04 - 2014-02-22 05:08 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2014-04-24 01:04 - 2014-02-22 05:00 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2014-04-24 01:04 - 2014-02-22 04:48 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ocsetapi.dll
2014-04-24 01:04 - 2014-02-22 04:39 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsvcctl.dll
2014-04-24 01:04 - 2014-02-22 04:25 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\f3ahvoas.dll
2014-04-24 01:04 - 2014-02-22 04:25 - 00008192 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-private-l1-1-1.dll
2014-04-24 01:04 - 2014-02-22 04:25 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-private-l1-1-0.dll
2014-04-24 01:04 - 2014-02-22 04:24 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-networking-wcmapi-l1-1-0.dll
2014-04-24 01:04 - 2014-02-22 04:24 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-kernel32-package-l1-1-1.dll
2014-04-24 01:04 - 2014-02-22 04:16 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-04-24 01:04 - 2014-02-22 04:08 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2014-04-24 01:04 - 2014-02-22 04:07 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2014-04-24 01:04 - 2014-02-22 04:07 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-04-24 01:04 - 2014-02-22 03:59 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ocsetapi.dll
2014-04-24 01:04 - 2014-02-22 03:35 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitagent.exe
2014-04-24 01:04 - 2014-02-22 03:27 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-04-24 01:04 - 2014-02-22 03:03 - 02544128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2014-04-24 01:04 - 2014-02-22 02:59 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2014-04-24 01:04 - 2014-02-22 02:54 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2014-04-24 01:04 - 2014-02-22 02:53 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2014-04-24 01:04 - 2014-02-22 02:51 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2014-04-24 01:04 - 2014-02-22 02:27 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2014-04-24 01:04 - 2014-02-22 02:19 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\korwbrkr.dll
2014-04-24 01:04 - 2014-02-22 01:57 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-04-24 01:04 - 2014-02-22 01:55 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2014-04-24 01:04 - 2014-02-22 01:48 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2014-04-24 01:04 - 2014-02-22 01:39 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2014-04-24 01:04 - 2014-02-22 01:22 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2014-04-24 01:04 - 2014-02-22 01:20 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2014-04-24 01:04 - 2014-02-21 21:43 - 00002440 ___RS () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk
2014-04-24 01:04 - 2014-02-21 21:37 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-04-24 01:04 - 2014-02-21 21:37 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-04-24 01:04 - 2014-02-21 21:37 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-04-24 01:04 - 2014-02-21 21:37 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-04-24 01:04 - 2014-02-07 18:08 - 00100197 _____ () C:\WINDOWS\SysWOW64\RacRules.xml
2014-04-24 01:04 - 2014-02-07 18:08 - 00100197 _____ () C:\WINDOWS\system32\RacRules.xml
2014-04-24 01:04 - 2014-01-31 23:00 - 00011109 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-04-24 01:04 - 2014-01-31 23:00 - 00011109 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-04-24 01:04 - 2014-01-31 23:00 - 00007762 _____ () C:\WINDOWS\SysWOW64\connectedsearch-suggestions.searchconnector-ms
2014-04-24 01:04 - 2014-01-31 23:00 - 00007762 _____ () C:\WINDOWS\system32\connectedsearch-suggestions.searchconnector-ms
2014-04-24 01:04 - 2014-01-31 23:00 - 00007130 _____ () C:\WINDOWS\SysWOW64\connectedsearch-zeroinput.searchconnector-ms
2014-04-24 01:04 - 2014-01-31 23:00 - 00007130 _____ () C:\WINDOWS\system32\connectedsearch-zeroinput.searchconnector-ms
2014-04-24 01:04 - 2014-01-27 10:54 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-04-24 01:04 - 2014-01-27 04:45 - 00050053 _____ () C:\WINDOWS\system32\srms.dat
2014-04-24 01:04 - 2013-11-27 02:47 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\finger.exe
2014-04-24 01:04 - 2013-11-27 02:20 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\finger.exe
2014-04-20 00:23 - 2014-05-16 03:28 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-20 00:23 - 2014-04-20 00:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-20 00:21 - 2014-05-16 14:31 - 00000908 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-20 00:21 - 2014-05-16 03:28 - 00000904 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-20 00:21 - 2014-05-08 23:26 - 00003880 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-20 00:21 - 2014-05-08 23:26 - 00003644 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-19 23:50 - 2014-04-19 23:58 - 00000000 ____D () C:\AdwCleaner

==================== One Month Modified Files and Folders =======

2014-05-16 15:28 - 2014-05-16 15:27 - 00025515 _____ () C:\Users\Juan\Downloads\FRST.txt
2014-05-16 15:28 - 2013-05-15 15:09 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4217489270-1833975609-1330013356-1002
2014-05-16 15:27 - 2014-05-16 15:27 - 02067456 _____ (Farbar) C:\Users\Juan\Downloads\FRST64.exe
2014-05-16 15:27 - 2014-05-16 15:27 - 00000000 ____D () C:\FRST
2014-05-16 15:26 - 2014-05-16 15:26 - 01056768 _____ (Farbar) C:\Users\Juan\Downloads\FRST.exe
2014-05-16 15:26 - 2014-05-16 15:26 - 01056768 _____ (Farbar) C:\Users\Juan\Downloads\FRST (1).exe
2014-05-16 15:21 - 2013-05-15 15:00 - 00003914 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4F39CF32-1D48-4F11-B7F8-658B2FDE4B33}
2014-05-16 15:16 - 2014-03-10 00:55 - 00000000 ____D () C:\Users\Juan\Desktop\South Park The Stick of Truth
2014-05-16 15:01 - 2013-05-16 22:14 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-05-16 15:00 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-05-16 14:31 - 2014-04-20 00:21 - 00000908 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-16 13:52 - 2013-12-13 15:37 - 01339135 _____ () C:\WINDOWS\WindowsUpdate.log
2014-05-16 03:35 - 2014-05-16 03:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-05-16 03:29 - 2013-05-20 00:15 - 00000000 __RDO () C:\Users\Juan\SkyDrive
2014-05-16 03:28 - 2014-04-20 00:23 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-16 03:28 - 2014-04-20 00:21 - 00000904 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-15 19:40 - 2013-11-14 00:28 - 00956476 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-15 19:35 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-05-15 19:33 - 2013-05-15 15:01 - 00000000 ___RD () C:\Users\Juan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 19:33 - 2013-05-15 15:01 - 00000000 ___RD () C:\Users\Juan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 19:28 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-05-15 19:28 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-15 19:28 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-15 19:28 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-05-15 19:28 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-05-15 19:28 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-15 19:28 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-15 19:24 - 2013-08-16 13:04 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-05-15 19:23 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-05-15 19:23 - 2013-05-17 08:14 - 93223848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-05-15 19:18 - 2013-12-13 15:22 - 00000000 ____D () C:\Users\Juan
2014-05-15 19:03 - 2014-05-15 19:03 - 11422832 _____ (Bitdefender LLC) C:\Users\Juan\Downloads\BootkitRemoval_x64.exe
2014-05-15 19:03 - 2014-05-15 19:03 - 07266656 _____ (Bitdefender LLC) C:\Users\Juan\Downloads\BootkitRemoval_x86.exe
2014-05-15 18:55 - 2014-05-15 18:55 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-05-15 18:49 - 2014-02-25 23:18 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-05-15 18:49 - 2013-08-22 07:44 - 00492736 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-05-15 18:48 - 2013-11-14 00:20 - 00025408 _____ () C:\WINDOWS\PFRO.log
2014-05-15 18:48 - 2013-08-22 06:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-05-15 18:43 - 2014-05-15 18:43 - 04164448 _____ (Kaspersky Lab ZAO) C:\Users\Juan\Downloads\tdsskiller.exe
2014-05-15 18:21 - 2014-05-15 18:20 - 00000000 ____D () C:\ProgramData\Sophos
2014-05-15 18:20 - 2014-05-15 18:20 - 00003233 _____ () C:\Users\Juan\Desktop\Sophos Virus Removal Tool.lnk
2014-05-15 18:20 - 2014-05-15 18:20 - 00000000 ____D () C:\Users\Juan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
2014-05-15 18:20 - 2014-05-15 18:20 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-05-15 18:15 - 2014-05-15 18:15 - 93437600 _____ (Sophos Limited) C:\Users\Juan\Downloads\Sophos Virus Removal Tool.exe
2014-05-15 03:17 - 2014-05-15 03:16 - 00000296 _____ () C:\WINDOWS\SysWOW64\RootkitRemover_20140515_031655.log
2014-05-15 03:14 - 2014-05-15 03:14 - 00000296 _____ () C:\Users\Juan\Downloads\RootkitRemover_20140515_031403.log
2014-05-15 03:13 - 2014-05-15 03:13 - 00782584 _____ (McAfee, Inc.) C:\Users\Juan\Downloads\rootkitremover.exe
2014-05-14 20:10 - 2014-05-14 20:10 - 00000000 ____D () C:\Users\Juan\AppData\Local\{660D87B4-78BA-4043-8AA7-BE8C71ADA2F7}
2014-05-14 18:39 - 2014-05-14 18:39 - 00000000 ____D () C:\Users\Juan\AppData\Local\{54735999-B501-41A9-9C1E-DC353D4F2519}
2014-05-14 18:07 - 2013-08-16 18:43 - 00003154 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForJuan
2014-05-14 18:07 - 2013-08-16 18:43 - 00000342 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForJuan.job
2014-05-14 18:01 - 2014-05-14 18:01 - 10062224 _____ () C:\Users\Juan\Downloads\tixati-1.96-1.win32-install.exe
2014-05-14 09:53 - 2013-05-16 22:07 - 00004962 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for JMUNOZ-Juan JMunoz
2014-05-14 09:16 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-05-13 19:41 - 2014-05-13 19:41 - 01618724 _____ (Graboid Inc.) C:\Users\Juan\Downloads\GraboidVideoInstaller-5.1.2.0.exe
2014-05-13 19:38 - 2014-05-13 19:38 - 00244008 _____ (Premium Installer ) C:\Users\Juan\Downloads\Player-Chrome.exe
2014-05-13 19:38 - 2014-05-13 19:38 - 00244008 _____ (Premium Installer ) C:\Users\Juan\Downloads\Player-Chrome (1).exe
2014-05-13 15:51 - 2014-05-13 15:51 - 00918672 _____ (Google Inc.) C:\Users\Juan\Downloads\ChromeSetup.exe
2014-05-13 14:29 - 2013-05-15 15:13 - 00000000 ____D () C:\Users\Juan\AppData\Local\Google
2014-05-13 14:29 - 2013-05-15 15:13 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-13 14:27 - 2014-05-13 14:27 - 00000000 ____D () C:\Users\Juan\AppData\Local\Intuit
2014-05-13 14:21 - 2014-02-13 16:00 - 00000000 ____D () C:\ProgramData\Skype
2014-05-13 14:20 - 2014-02-13 16:01 - 00000000 ____D () C:\Users\Juan\AppData\Roaming\Skype
2014-05-13 14:20 - 2013-05-27 12:11 - 00000000 ____D () C:\Program Files (x86)\Safari
2014-05-13 14:19 - 2013-06-22 23:36 - 00000000 ____D () C:\Users\Juan\AppData\Local\pinger.com
2014-05-13 14:17 - 2013-12-02 10:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-13 14:10 - 2014-02-25 22:21 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-05-13 14:09 - 2013-05-15 17:05 - 00000000 ____D () C:\Users\Juan\AppData\Roaming\Apple Computer
2014-05-13 14:09 - 2013-05-15 17:03 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-05-13 13:27 - 2014-02-12 01:20 - 00000000 ____D () C:\Users\Juan\Desktop\CSS Content Addon (Dec2013)
2014-05-13 13:26 - 2014-05-01 15:47 - 00000000 ____D () C:\Users\Juan\Desktop\TPC 14
2014-05-13 13:16 - 2014-05-13 13:15 - 00000000 ___DC () C:\Users\Juan\AppData\Local\MigWiz
2014-05-13 13:06 - 2013-05-15 14:58 - 00000000 ____D () C:\Users\Juan\AppData\Local\Packages
2014-05-13 11:01 - 2013-05-16 22:14 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-05-10 18:54 - 2014-05-10 14:22 - 00000000 ____D () C:\Users\Juan\AppData\Local\Windows Live
2014-05-10 15:03 - 2014-05-10 15:03 - 00000000 __SHD () C:\Users\Juan\AppData\Local\EmieUserList
2014-05-10 15:03 - 2014-05-10 15:03 - 00000000 __SHD () C:\Users\Juan\AppData\Local\EmieSiteList
2014-05-10 14:46 - 2013-08-22 07:46 - 00306688 _____ () C:\WINDOWS\setupact.log
2014-05-10 14:22 - 2014-05-10 14:22 - 00000000 ____D () C:\Users\Juan\AppData\Local\{8F1B4D05-3AC0-4711-AC4F-E41E74B76B95}
2014-05-10 00:41 - 2013-05-17 19:17 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-05-08 23:26 - 2014-04-20 00:21 - 00003880 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 23:26 - 2014-04-20 00:21 - 00003644 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-05 21:40 - 2014-05-13 23:00 - 23544320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-05 20:25 - 2014-05-13 23:00 - 17382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-05-05 20:00 - 2014-05-13 23:00 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-05-05 19:10 - 2014-05-13 23:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-05-03 01:33 - 2013-05-17 19:17 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-05-01 23:34 - 2014-05-01 23:34 - 00000000 ____D () C:\Users\Juan\AppData\Local\{1CFC8E97-F16B-4DDB-9701-A9CBEE567958}
2014-05-01 23:19 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-05-01 15:48 - 2013-05-27 12:09 - 00989184 ___SH () C:\Users\Juan\Downloads\Thumbs.db
2014-05-01 13:30 - 2014-05-15 19:32 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-05-01 13:30 - 2014-05-15 19:32 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-28 19:21 - 2013-08-17 16:32 - 00047104 ___SH () C:\Users\Juan\Thumbs.db
2014-04-27 13:41 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\inetsrv
2014-04-27 13:41 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\zh-HK
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\uk-UA
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\tr-TR
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\th-TH
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sl-SI
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sk-SK
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\ro-RO
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\lv-LV
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\lt-LT
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\hr-HR
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\he-IL
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\et-EE
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\bg-BG
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\ar-SA
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2014-04-27 13:40 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2014-04-27 13:40 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-04-27 13:40 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-04-27 13:40 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-04-27 13:40 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-04-27 13:40 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\servicing
2014-04-27 13:39 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-04-27 13:39 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-04-26 01:34 - 2014-04-26 01:34 - 00000000 ____D () C:\Users\Juan\AppData\Local\Skype
2014-04-20 00:23 - 2014-04-20 00:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-20 00:00 - 2013-05-16 22:03 - 00000000 ____D () C:\Users\Juan\AppData\Local\Pokki
2014-04-19 23:58 - 2014-04-19 23:50 - 00000000 ____D () C:\AdwCleaner

Some content of TEMP:
====================
C:\Users\Juan\AppData\Local\Temp\25553uninstall.exe
C:\Users\Juan\AppData\Local\Temp\BackupSetup.exe
C:\Users\Juan\AppData\Local\Temp\BitLord_Installer.exe
C:\Users\Juan\AppData\Local\Temp\nsaA9A9.exe
C:\Users\Juan\AppData\Local\Temp\nsc5CCC.exe
C:\Users\Juan\AppData\Local\Temp\nse3A.exe
C:\Users\Juan\AppData\Local\Temp\nsi7DD.exe
C:\Users\Juan\AppData\Local\Temp\nsiA3CC.exe
C:\Users\Juan\AppData\Local\Temp\nsm1328.exe
C:\Users\Juan\AppData\Local\Temp\nssB022.exe
C:\Users\Juan\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Juan\AppData\Local\Temp\Quarantine.exe
C:\Users\Juan\AppData\Local\Temp\Setup.X86.en-US_O365HomePremRetail_0bfaa6ff-6fbf-4c75-9306-328d9a0e8c94_TX_PR_ (2).exe
C:\Users\Juan\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\Juan\AppData\Local\Temp\SPSetup.exe
C:\Users\Juan\AppData\Local\Temp\Sqlite3.dll
C:\Users\Juan\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-15 19:46

==================== End Of Log ============================

#7 jmunoz

jmunoz
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:17 AM

Posted 17 May 2014 - 11:56 AM

Is it ok if I copy the log in sections because the file is too big to attach?

#8 jmunoz

jmunoz
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:17 AM

Posted 17 May 2014 - 12:09 PM

I ran another TDSS Killer scan, I guess on the others I had changed the parameters and that makes the logs longer. So you can disregard the above post. Thanks, sorry about that. 

 

10:04:16.0251 0x0d90  TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10
10:04:16.0251 0x0d90  UEFI system
10:04:28.0400 0x0d90  ============================================================
10:04:28.0400 0x0d90  Current date / time: 2014/05/17 10:04:28.0400
10:04:28.0400 0x0d90  SystemInfo:
10:04:28.0400 0x0d90  
10:04:28.0400 0x0d90  OS Version: 6.3.9600 ServicePack: 0.0
10:04:28.0400 0x0d90  Product type: Workstation
10:04:28.0400 0x0d90  ComputerName: JMUNOZ
10:04:28.0400 0x0d90  UserName: Juan
10:04:28.0400 0x0d90  Windows directory: C:\WINDOWS
10:04:28.0400 0x0d90  System windows directory: C:\WINDOWS
10:04:28.0400 0x0d90  Running under WOW64
10:04:28.0400 0x0d90  Processor architecture: Intel x64
10:04:28.0400 0x0d90  Number of processors: 4
10:04:28.0400 0x0d90  Page size: 0x1000
10:04:28.0400 0x0d90  Boot type: Normal boot
10:04:28.0400 0x0d90  ============================================================
10:04:28.0819 0x0d90  KLMD registered as C:\WINDOWS\system32\drivers\62429783.sys
10:04:28.0976 0x0d90  System UUID: {2BABAF26-234A-1851-35D4-22069F75F2D9}
10:04:29.0601 0x0d90  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:04:29.0616 0x0d90  ============================================================
10:04:29.0616 0x0d90  \Device\Harddisk0\DR0:
10:04:29.0616 0x0d90  GPT partitions:
10:04:29.0616 0x0d90  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {E05FF9A6-74EC-419D-8E9D-EEFD9264E6C4}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
10:04:29.0616 0x0d90  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {CF14CBD0-5E07-4E5E-A70A-624F0E8F5DFA}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x82000
10:04:29.0616 0x0d90  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {EFD29F3D-C9D6-4CE6-83DA-799702084F09}, Name: Microsoft reserved partition, StartLBA 0x14A800, BlocksNum 0x40000
10:04:29.0616 0x0d90  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {2CE386DF-F443-4B21-BD05-72A13B2AF5B1}, Name: Basic data partition, StartLBA 0x18A800, BlocksNum 0x53CB9800
10:04:29.0616 0x0d90  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {092F72BD-6443-47A8-BB6B-31E01EEBA699}, Name: , StartLBA 0x53E44000, BlocksNum 0xAF000
10:04:29.0616 0x0d90  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {EB557184-E808-4265-B871-019BA4F80E26}, Name: Basic data partition, StartLBA 0x53EF3000, BlocksNum 0x3653000
10:04:29.0616 0x0d90  MBR partitions:
10:04:29.0616 0x0d90  ============================================================
10:04:29.0632 0x0d90  C: <-> \Device\Harddisk0\DR0\Partition4
10:04:29.0773 0x0d90  D: <-> \Device\Harddisk0\DR0\Partition6
10:04:29.0773 0x0d90  ============================================================
10:04:29.0773 0x0d90  Initialize success
10:04:29.0773 0x0d90  ============================================================
10:04:51.0355 0x0430  ============================================================
10:04:51.0355 0x0430  Scan started
10:04:51.0355 0x0430  Mode: Manual; 
10:04:51.0355 0x0430  ============================================================
10:04:51.0355 0x0430  KSN ping started
10:04:53.0951 0x0430  KSN ping finished: true
10:04:55.0123 0x0430  ================ Scan system memory ========================
10:04:55.0123 0x0430  System memory - ok
10:04:55.0123 0x0430  ================ Scan services =============================
10:04:55.0326 0x0430  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
10:04:55.0342 0x0430  1394ohci - ok
10:04:55.0373 0x0430  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
10:04:55.0373 0x0430  3ware - ok
10:04:55.0404 0x0430  [ C4C5D1AB35D1F931928056D61A1C4616, E4EBEFDA6E89A61C16F2CADC908F2242907695232236B2A771A409D48EAF39DC ] Accelerometer   C:\WINDOWS\system32\DRIVERS\Accelerometer.sys
10:04:55.0404 0x0430  Accelerometer - ok
10:04:55.0467 0x0430  [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
10:04:55.0482 0x0430  ACPI - ok
10:04:55.0514 0x0430  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
10:04:55.0514 0x0430  acpiex - ok
10:04:55.0529 0x0430  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
10:04:55.0545 0x0430  acpipagr - ok
10:04:55.0576 0x0430  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
10:04:55.0576 0x0430  AcpiPmi - ok
10:04:55.0607 0x0430  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
10:04:55.0607 0x0430  acpitime - ok
10:04:55.0685 0x0430  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:04:55.0685 0x0430  AdobeARMservice - ok
10:04:55.0795 0x0430  [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:04:55.0811 0x0430  AdobeFlashPlayerUpdateSvc - ok
10:04:55.0873 0x0430  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
10:04:55.0889 0x0430  ADP80XX - ok
10:04:55.0936 0x0430  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
10:04:55.0936 0x0430  AeLookupSvc - ok
10:04:55.0982 0x0430  [ 239268BAB58EAE9A3FF4E08334C00451, 13F927730DF9BAEDB3A7AB6F7238270A20E4CDEB3D5324A1C471DF2209F3D239 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
10:04:55.0998 0x0430  AFD - ok
10:04:56.0030 0x0430  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
10:04:56.0030 0x0430  agp440 - ok
10:04:56.0076 0x0430  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
10:04:56.0076 0x0430  ahcache - ok
10:04:56.0107 0x0430  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\WINDOWS\System32\alg.exe
10:04:56.0123 0x0430  ALG - ok
10:04:56.0155 0x0430  [ FED8F396537A5E4FA58E6C8BA8070081, 0A14B143BB8C0AE0AA56A2197DFC5F7BDC43F0693F3A66E69C04043737AD11C1 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
10:04:56.0170 0x0430  AMD External Events Utility - ok
10:04:56.0217 0x0430  AMD FUEL Service - ok
10:04:56.0233 0x0430  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
10:04:56.0233 0x0430  AmdK8 - ok
10:04:56.0732 0x0430  [ EB3F3FDC7D0EC927A4AB31F9F6235A7C, B10087C9C277065926884FA8D18A300C54B8FFDCE08A31EF4828AF2AC2685791 ] amdkmdag        C:\WINDOWS\system32\DRIVERS\atikmdag.sys
10:04:57.0061 0x0430  amdkmdag - ok
10:04:57.0139 0x0430  [ 160159231941801A458FEF8A73D494AC, E014C68232D5FA2216AD36B2BF0D3F51C821B8D0E7513F2F33DD2591F945E5C4 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
10:04:57.0154 0x0430  amdkmdap - ok
10:04:57.0186 0x0430  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
10:04:57.0201 0x0430  AmdPPM - ok
10:04:57.0217 0x0430  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
10:04:57.0232 0x0430  amdsata - ok
10:04:57.0248 0x0430  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
10:04:57.0264 0x0430  amdsbs - ok
10:04:57.0264 0x0430  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
10:04:57.0264 0x0430  amdxata - ok
10:04:57.0295 0x0430  [ A2EFE3869B976296E097DEF368280F95, 121CD4A16146A9DF59D6E415181F48CA0D1DCD4D2B6BC4CBDABC2F3D296E28C6 ] amd_sata        C:\WINDOWS\system32\drivers\amd_sata.sys
10:04:57.0295 0x0430  amd_sata - ok
10:04:57.0342 0x0430  [ 625396421C29FB305C6C6235D01130B8, 3FAF8D3B530F1B74B2C9B0ED3377836746CE2D0A4008E1BC454095671AC9E1AF ] amd_xata        C:\WINDOWS\system32\drivers\amd_xata.sys
10:04:57.0342 0x0430  amd_xata - ok
10:04:57.0389 0x0430  [ 9DCB42905F1EBF9CEC57EE5DF0BDA965, 4C888AAD0DDE01565FD7FBB6B70A500158CF2E4CECF9ADD4AFD302A993587269 ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
10:04:57.0389 0x0430  AppHostSvc - ok
10:04:57.0420 0x0430  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
10:04:57.0420 0x0430  AppID - ok
10:04:57.0467 0x0430  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
10:04:57.0467 0x0430  AppIDSvc - ok
10:04:57.0498 0x0430  [ 8D6F535461F6CFF75A8ADDF83024C904, F2A97EC4A6284F28B685A3CE2D450F61E75EE8692D718A6AA352D5734BBBAD7B ] Appinfo         C:\WINDOWS\System32\appinfo.dll
10:04:57.0514 0x0430  Appinfo - ok
10:04:57.0607 0x0430  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:04:57.0607 0x0430  Apple Mobile Device - ok
10:04:57.0686 0x0430  [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
10:04:57.0701 0x0430  AppReadiness - ok
10:04:57.0780 0x0430  [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
10:04:57.0811 0x0430  AppXSvc - ok
10:04:57.0842 0x0430  [ 44695679881DEB85CAD7C249B151066E, A44413ACA911DDB5757DE9F9ECC3968979C47617CF9DF81B24E7ECDE7E0D54BC ] APXACC          C:\WINDOWS\system32\DRIVERS\appexDrv.sys
10:04:57.0842 0x0430  APXACC - ok
10:04:57.0889 0x0430  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
10:04:57.0889 0x0430  arcsas - ok
10:04:58.0030 0x0430  [ AA2E8C6B8D7EA7BAF04C988801927F48, 4B82043F1B9C67CDCDC71102F7AEE05EEA8F9775A5CB33AE80F4DCDB42521C40 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:04:58.0030 0x0430  aspnet_state - ok
10:04:58.0061 0x0430  [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:04:58.0061 0x0430  AsyncMac - ok
10:04:58.0077 0x0430  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
10:04:58.0077 0x0430  atapi - ok
10:04:58.0248 0x0430  [ 2C7676F892E88FD190F08D98048C7C6C, 44C13C103F61DA4D1A3823D37344F8C9465A611A9560808CE928925FB69604F7 ] athr            C:\WINDOWS\system32\DRIVERS\athw8x.sys
10:04:58.0405 0x0430  athr - ok
10:04:58.0467 0x0430  [ 506907D2E7F3A5B67DBD39C00A788B7C, 618C91FB9F49C69F88A993F164D7E9E4B7CAD0F34DCF77CF0C6F259A28448171 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdW86.sys
10:04:58.0467 0x0430  AtiHDAudioService - ok
10:04:58.0499 0x0430  [ F83D49F4B10E813A1F9AC8B92F16592D, E7B2F508D33861A9826F2C7B2087F14F6937C9B8F660D6363F737BAC60BD4578 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
10:04:58.0514 0x0430  AudioEndpointBuilder - ok
10:04:58.0561 0x0430  [ 9A71BD2E4B8EB550D0022AFDF8616014, 34D595684624114F23265CE8031ADC9E03AD374A5AFEEBB794AC57796A3CDA2F ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
10:04:58.0592 0x0430  Audiosrv - ok
10:04:58.0655 0x0430  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
10:04:58.0655 0x0430  AxInstSV - ok
10:04:58.0702 0x0430  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
10:04:58.0717 0x0430  b06bdrv - ok
10:04:58.0733 0x0430  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
10:04:58.0733 0x0430  BasicDisplay - ok
10:04:58.0780 0x0430  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
10:04:58.0780 0x0430  BasicRender - ok
10:04:58.0795 0x0430  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
10:04:58.0795 0x0430  bcmfn2 - ok
10:04:58.0842 0x0430  [ 5BD3A2351BEFCAC8757626271F8EFA89, 6508673210129CF7EFCA93EC7874208FAD361E37814EB4FE9E0EC034E73D5F16 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
10:04:58.0842 0x0430  BDESVC - ok
10:04:58.0874 0x0430  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
10:04:58.0874 0x0430  Beep - ok
10:04:58.0936 0x0430  [ BBE15881FE11BE37112F8320C41DAFB9, 5CE92563628812FF6E00556D8E2DAD6ADCAAF0F4C3B90123F1D98ED6E3BB6DAD ] BFE             C:\WINDOWS\System32\bfe.dll
10:04:58.0967 0x0430  BFE - ok
10:04:59.0030 0x0430  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\WINDOWS\System32\qmgr.dll
10:04:59.0061 0x0430  BITS - ok
10:04:59.0108 0x0430  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:04:59.0123 0x0430  Bonjour Service - ok
10:04:59.0139 0x0430  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
10:04:59.0155 0x0430  bowser - ok
10:04:59.0186 0x0430  [ F2559A492AF8D653D1F47ADABA4C3E97, 77347915FB433023769699DFC9511F54E69C7FC7AB75F57FDC1A58E64A7126DE ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
10:04:59.0202 0x0430  BrokerInfrastructure - ok
10:04:59.0233 0x0430  [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] Browser         C:\WINDOWS\System32\browser.dll
10:04:59.0248 0x0430  Browser - ok
10:04:59.0280 0x0430  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
10:04:59.0280 0x0430  BthAvrcpTg - ok
10:04:59.0295 0x0430  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
10:04:59.0295 0x0430  BthHFEnum - ok
10:04:59.0327 0x0430  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
10:04:59.0327 0x0430  bthhfhid - ok
10:04:59.0342 0x0430  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
10:04:59.0342 0x0430  BTHMODEM - ok
10:04:59.0405 0x0430  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\WINDOWS\system32\bthserv.dll
10:04:59.0405 0x0430  bthserv - ok
10:04:59.0436 0x0430  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
10:04:59.0436 0x0430  cdfs - ok
10:04:59.0467 0x0430  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
10:04:59.0467 0x0430  cdrom - ok
10:04:59.0498 0x0430  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
10:04:59.0498 0x0430  CertPropSvc - ok
10:04:59.0530 0x0430  [ 0C48BDA498B0109F21729A556F1B21FF, 81392C6D585D5BA048E4D9616CAE316B334687456394BEF847FBD04D3F5E3F88 ] cfwids          C:\WINDOWS\system32\drivers\cfwids.sys
10:04:59.0530 0x0430  cfwids - ok
10:04:59.0561 0x0430  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
10:04:59.0561 0x0430  circlass - ok
10:04:59.0608 0x0430  [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
10:04:59.0623 0x0430  CLFS - ok
10:04:59.0670 0x0430  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
10:04:59.0670 0x0430  CLVirtualDrive - ok
10:04:59.0702 0x0430  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
10:04:59.0702 0x0430  CmBatt - ok
10:04:59.0749 0x0430  [ 4627C1FBF2802425A408A2D2AF28CF85, 8B91C1BE1104BE93C0D689A20315FD106D89A076267493319B104EE73A90CDCB ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
10:04:59.0764 0x0430  CNG - ok
10:04:59.0796 0x0430  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
10:04:59.0796 0x0430  CompositeBus - ok
10:04:59.0796 0x0430  COMSysApp - ok
10:04:59.0827 0x0430  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
10:04:59.0827 0x0430  condrv - ok
10:04:59.0858 0x0430  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
10:04:59.0874 0x0430  CryptSvc - ok
10:04:59.0890 0x0430  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
10:04:59.0890 0x0430  dam - ok
10:04:59.0952 0x0430  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
10:04:59.0983 0x0430  DcomLaunch - ok
10:05:00.0030 0x0430  [ 78089FCDE082FD4FA471C30A7C2DC736, C4816D7125C39290C3B0B1F580CEE8BB7FFC004F727EA9E9767671D3EDB946AE ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
10:05:00.0046 0x0430  defragsvc - ok
10:05:00.0093 0x0430  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll
10:05:00.0109 0x0430  DeviceAssociationService - ok
10:05:00.0143 0x0430  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
10:05:00.0143 0x0430  DeviceInstall - ok
10:05:00.0158 0x0430  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
10:05:00.0176 0x0430  Dfsc - ok
10:05:00.0214 0x0430  [ 8B107F55FD61654A6C9F1B819AEC5FC4, 773B1B9D3583F17B7C89BDE1EC4487ABB0AE039DF4583F8746460425443DA291 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
10:05:00.0214 0x0430  Dhcp - ok
10:05:00.0261 0x0430  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
10:05:00.0261 0x0430  disk - ok
10:05:00.0292 0x0430  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
10:05:00.0292 0x0430  dmvsc - ok
10:05:00.0339 0x0430  [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
10:05:00.0339 0x0430  Dnscache - ok
10:05:00.0402 0x0430  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
10:05:00.0417 0x0430  dot3svc - ok
10:05:00.0464 0x0430  [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4            C:\WINDOWS\system32\DRIVERS\Dot4.sys
10:05:00.0464 0x0430  dot4 - ok
10:05:00.0480 0x0430  [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print       C:\WINDOWS\System32\drivers\Dot4Prt.sys
10:05:00.0480 0x0430  Dot4Print - ok
10:05:00.0496 0x0430  [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb         C:\WINDOWS\system32\DRIVERS\dot4usb.sys
10:05:00.0496 0x0430  dot4usb - ok
10:05:00.0511 0x0430  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\WINDOWS\system32\dps.dll
10:05:00.0527 0x0430  DPS - ok
10:05:00.0542 0x0430  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
10:05:00.0542 0x0430  drmkaud - ok
10:05:00.0589 0x0430  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
10:05:00.0589 0x0430  DsmSvc - ok
10:05:00.0667 0x0430  [ C7D252742946DD395670649742FBD73D, 333CC984CF318D36EA8C5867077A1732A214445EB6B7CF7AC2E8F1C8259CD9C7 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
10:05:00.0699 0x0430  DXGKrnl - ok
10:05:00.0746 0x0430  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
10:05:00.0761 0x0430  Eaphost - ok
10:05:00.0933 0x0430  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
10:05:01.0011 0x0430  ebdrv - ok
10:05:01.0058 0x0430  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\WINDOWS\System32\lsass.exe
10:05:01.0058 0x0430  EFS - ok
10:05:01.0105 0x0430  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
10:05:01.0105 0x0430  EhStorClass - ok
10:05:01.0136 0x0430  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
10:05:01.0136 0x0430  EhStorTcgDrv - ok
10:05:01.0152 0x0430  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
10:05:01.0152 0x0430  ErrDev - ok
10:05:01.0199 0x0430  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\WINDOWS\system32\es.dll
10:05:01.0214 0x0430  EventSystem - ok
10:05:01.0230 0x0430  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
10:05:01.0246 0x0430  exfat - ok
10:05:01.0261 0x0430  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
10:05:01.0261 0x0430  fastfat - ok
10:05:01.0308 0x0430  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\WINDOWS\system32\fxssvc.exe
10:05:01.0339 0x0430  Fax - ok
10:05:01.0355 0x0430  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
10:05:01.0355 0x0430  fdc - ok
10:05:01.0386 0x0430  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
10:05:01.0386 0x0430  fdPHost - ok
10:05:01.0417 0x0430  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
10:05:01.0417 0x0430  FDResPub - ok
10:05:01.0433 0x0430  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
10:05:01.0433 0x0430  fhsvc - ok
10:05:01.0480 0x0430  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
10:05:01.0480 0x0430  FileInfo - ok
10:05:01.0511 0x0430  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
10:05:01.0511 0x0430  Filetrace - ok
10:05:01.0542 0x0430  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
10:05:01.0542 0x0430  flpydisk - ok
10:05:01.0589 0x0430  [ 46D1DF775FFF14585218BBE16E5B2C9A, F39EF615B18CEC7BA3F68C7639B636C06812AD9DBEDE90EB7B2C04C64396FC9E ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
10:05:01.0589 0x0430  FltMgr - ok
10:05:01.0683 0x0430  [ 183CA7699474FDE235853967D1DA4D9B, 8FBD5997F1E39AFFD8C4322520DF4D2227279B5149017D825C188D7411BA99AF ] FontCache       C:\WINDOWS\system32\FntCache.dll
10:05:01.0714 0x0430  FontCache - ok
10:05:01.0777 0x0430  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:05:01.0777 0x0430  FontCache3.0.0.0 - ok
10:05:01.0887 0x0430  [ 5CAD1CAB9AE958339E9B2FFCC74ADC20, FB1139BAAFE41CCA6084DA420E8AF6E0FA77593144F6322A115162EA71003616 ] FPLService      C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
10:05:01.0933 0x0430  FPLService - ok
10:05:01.0980 0x0430  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
10:05:01.0980 0x0430  FsDepends - ok
10:05:02.0012 0x0430  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:05:02.0012 0x0430  Fs_Rec - ok
10:05:02.0058 0x0430  [ B2BD017231836DA9F63F41E3A075D73E, 31B1DD677FE8B4F90B8AB5A131DA0105439AC2D91BC0CEDC972D2D87E595A686 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
10:05:02.0074 0x0430  fvevol - ok
10:05:02.0105 0x0430  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
10:05:02.0105 0x0430  FxPPM - ok
10:05:02.0121 0x0430  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
10:05:02.0121 0x0430  gagp30kx - ok
10:05:02.0152 0x0430  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
10:05:02.0168 0x0430  GEARAspiWDM - ok
10:05:02.0199 0x0430  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
10:05:02.0199 0x0430  gencounter - ok
10:05:02.0230 0x0430  [ EF3AE7773394DF49CE74AF78A1C8D23D, CB12FF004C460A89F12AFF2467512B479A07CA10D4280CD4E624A5A9CDAB9C1B ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
10:05:02.0230 0x0430  GPIOClx0101 - ok
10:05:02.0324 0x0430  [ 58C11DCCC6241CC13861A559E31A69F0, 78B38BBC362C9209B06849CC79301EC595AFCE3E2BDE402A0B1F2725D3EDEFA3 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
10:05:02.0355 0x0430  gpsvc - ok
10:05:02.0418 0x0430  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:05:02.0418 0x0430  gupdate - ok
10:05:02.0433 0x0430  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:05:02.0433 0x0430  gupdatem - ok
10:05:02.0465 0x0430  [ 03909BDBFF0DCACCABF2B2D4ADEE44DC, 42E631B23BB004F5C2128BAD334C21AB20FAD08AFED9E8191AE9373531BC73DD ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
10:05:02.0480 0x0430  HDAudBus - ok
10:05:02.0496 0x0430  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
10:05:02.0496 0x0430  HidBatt - ok
10:05:02.0527 0x0430  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
10:05:02.0527 0x0430  HidBth - ok
10:05:02.0558 0x0430  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
10:05:02.0558 0x0430  hidi2c - ok
10:05:02.0574 0x0430  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
10:05:02.0574 0x0430  HidIr - ok
10:05:02.0621 0x0430  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\WINDOWS\system32\hidserv.dll
10:05:02.0621 0x0430  hidserv - ok
10:05:02.0652 0x0430  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
10:05:02.0652 0x0430  HidUsb - ok
10:05:02.0699 0x0430  [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK      C:\WINDOWS\system32\drivers\HipShieldK.sys
10:05:02.0699 0x0430  HipShieldK - ok
10:05:02.0746 0x0430  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
10:05:02.0746 0x0430  hkmsvc - ok
10:05:02.0777 0x0430  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
10:05:02.0793 0x0430  HomeGroupListener - ok
10:05:02.0840 0x0430  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
10:05:02.0840 0x0430  HomeGroupProvider - ok
10:05:02.0949 0x0430  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
10:05:02.0949 0x0430  HomeNetSvc - ok
10:05:03.0012 0x0430  [ 6515296E8F9D81BB6C4588C4878A9AC1, 4102FCA9CC6CDAA52E68F030034C6C15DF036D5E9B6E0A8007B72655A3D1E3DD ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
10:05:03.0012 0x0430  HP Support Assistant Service - ok
10:05:03.0043 0x0430  [ EF4BE0BB23BB14879050884E688F5178, C914FEB0627D17097968A9B66325305757E7A859A8F11FE69CA0F7F69E38CA2A ] hpdskflt        C:\WINDOWS\system32\DRIVERS\hpdskflt.sys
10:05:03.0043 0x0430  hpdskflt - ok
10:05:03.0137 0x0430  [ 0D0213498683414DDE29B1686A4C08D5, E9B64406C04B6E55CBD17E7C47B023CEA11FEE07B791154129D6F4F29D15AB7F ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
10:05:03.0137 0x0430  hpqcxs08 - ok
10:05:03.0152 0x0430  [ EE281DD6843F3F697C1AD7933EEB1E9B, 1ECE31C2150B92DDC1DCBBCECFE3E979F2C60B3F106280E3167BEC0269BF7A41 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
10:05:03.0168 0x0430  hpqddsvc - ok
10:05:03.0230 0x0430  [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
10:05:03.0262 0x0430  hpqwmiex - ok
10:05:03.0293 0x0430  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
10:05:03.0293 0x0430  HpSAMD - ok
10:05:03.0308 0x0430  [ 13B51E53073E4555E226871C7FCEF0E8, 04713F4C8D629E81388D5438CF94781A71007A81E223D90D893FF898E4BDA6B7 ] hpsrv           C:\WINDOWS\system32\Hpservice.exe
10:05:03.0324 0x0430  hpsrv - ok
10:05:03.0387 0x0430  [ 8313DC0085E8D05ED6662E90C6918443, AB2CC970833BF38376E8DC82E495384D0B7B30750567843DD645693919D1477B ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
10:05:03.0387 0x0430  HPSupportSolutionsFrameworkService - ok
10:05:03.0418 0x0430  [ F50912B0A861ED396F6062E79C37A4A7, 9B53EA5A03BB664EF5343B766C760BB8A96697ED4F2A0C81A4F58C443B4BC329 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
10:05:03.0418 0x0430  HPWMISVC - ok
10:05:03.0480 0x0430  [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
10:05:03.0512 0x0430  HTTP - ok
10:05:03.0559 0x0430  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
10:05:03.0559 0x0430  hwpolicy - ok
10:05:03.0590 0x0430  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
10:05:03.0590 0x0430  hyperkbd - ok
10:05:03.0605 0x0430  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
10:05:03.0605 0x0430  HyperVideo - ok
10:05:03.0637 0x0430  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
10:05:03.0637 0x0430  i8042prt - ok
10:05:03.0652 0x0430  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
10:05:03.0652 0x0430  iaLPSSi_GPIO - ok
10:05:03.0683 0x0430  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
10:05:03.0683 0x0430  iaLPSSi_I2C - ok
10:05:03.0730 0x0430  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
10:05:03.0746 0x0430  iaStorAV - ok
10:05:03.0777 0x0430  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
10:05:03.0793 0x0430  iaStorV - ok
10:05:03.0793 0x0430  IEEtwCollectorService - ok
10:05:03.0871 0x0430  [ CFE7F0267B0C3077042FF291949B5546, 7B8C432632D0210119BFF57D4994F2B8F75307A9D6867353AF93BBA3F561595B ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
10:05:03.0902 0x0430  IKEEXT - ok
10:05:03.0949 0x0430  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
10:05:03.0949 0x0430  intelide - ok
10:05:03.0980 0x0430  [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
10:05:03.0980 0x0430  intelpep - ok
10:05:04.0012 0x0430  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
10:05:04.0012 0x0430  intelppm - ok
10:05:04.0074 0x0430  [ 0895CDD7F1542FFCC5BBB560EC78BC16, 383D9FFE7FB313EA201DE877F3D48B5116FFA261EDEF5D0D0FE79F14E9682D25 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
10:05:04.0074 0x0430  IntuitUpdateServiceV4 - ok
10:05:04.0105 0x0430  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:05:04.0105 0x0430  IpFilterDriver - ok
10:05:04.0168 0x0430  [ DFC4050D58565ADBEE793A8D4AEBDAE6, 89B900408F030CD45753A11D6AE6CBAB87E8B0E3F8401402D2D8713C045BF488 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
10:05:04.0199 0x0430  iphlpsvc - ok
10:05:04.0230 0x0430  [ FD9C9E9E3F0ED51502C7E8C066BE26B9, 290E74380F1543DD22C9F3821513B3E2FB42E995724238D8779CBBCB4FC386C8 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
10:05:04.0230 0x0430  IPMIDRV - ok
10:05:04.0277 0x0430  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
10:05:04.0277 0x0430  IPNAT - ok
10:05:04.0324 0x0430  [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
10:05:04.0340 0x0430  iPod Service - ok
10:05:04.0434 0x0430  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
10:05:04.0434 0x0430  IRENUM - ok
10:05:04.0527 0x0430  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
10:05:04.0527 0x0430  isapnp - ok
10:05:04.0668 0x0430  [ 034D4BD9DC67C64F3A4C8A049B5173BF, C68AF5A5AD4092AA1C871BD38473AEF84EC3ECF4D06FBEB5F6C09972EF1B8A81 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
10:05:04.0683 0x0430  iScsiPrt - ok
10:05:04.0715 0x0430  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
10:05:04.0715 0x0430  kbdclass - ok
10:05:04.0746 0x0430  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
10:05:04.0746 0x0430  kbdhid - ok
10:05:04.0762 0x0430  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
10:05:04.0762 0x0430  kdnic - ok
10:05:04.0793 0x0430  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\WINDOWS\system32\lsass.exe
10:05:04.0793 0x0430  KeyIso - ok
10:05:04.0840 0x0430  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
10:05:04.0840 0x0430  KSecDD - ok
10:05:04.0887 0x0430  [ F88CC88F4A6D8476F1664E805CA18CC2, 2C61EE5EEA4FD45AA3FA927CC16E34EF90BD44324EAB14198AF65C3A27617991 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
10:05:04.0887 0x0430  KSecPkg - ok
10:05:04.0918 0x0430  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
10:05:04.0918 0x0430  ksthunk - ok
10:05:04.0981 0x0430  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
10:05:04.0996 0x0430  KtmRm - ok
10:05:05.0043 0x0430  [ 27B58E16CF895AC1F1A97C04814C2239, D4336155331DDBF91952CDC6C446C68FF524F979099BA8D9B3A578758F97B2BE ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
10:05:05.0043 0x0430  LanmanServer - ok
10:05:05.0075 0x0430  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
10:05:05.0090 0x0430  LanmanWorkstation - ok
10:05:05.0137 0x0430  [ EE289BD147FDFF95EF1B9BD65D3B974A, EFD9D0F6C73E7D2D52DBE2E2A8D3009BFB6AB24776A100CA528A8365002C6105 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
10:05:05.0153 0x0430  lfsvc - ok
10:05:05.0184 0x0430  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
10:05:05.0184 0x0430  lltdio - ok
10:05:05.0231 0x0430  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
10:05:05.0231 0x0430  lltdsvc - ok
10:05:05.0262 0x0430  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
10:05:05.0262 0x0430  lmhosts - ok
10:05:05.0309 0x0430  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
10:05:05.0309 0x0430  LSI_SAS - ok
10:05:05.0325 0x0430  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
10:05:05.0325 0x0430  LSI_SAS2 - ok
10:05:05.0340 0x0430  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
10:05:05.0356 0x0430  LSI_SAS3 - ok
10:05:05.0372 0x0430  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
10:05:05.0372 0x0430  LSI_SSS - ok
10:05:05.0434 0x0430  [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM             C:\WINDOWS\System32\lsm.dll
10:05:05.0450 0x0430  LSM - ok
10:05:05.0496 0x0430  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
10:05:05.0496 0x0430  luafv - ok
10:05:05.0528 0x0430  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
10:05:05.0528 0x0430  McAfee SiteAdvisor Service - ok
10:05:05.0590 0x0430  [ 96E7AA538AB0EDECCAB3862BA4B66232, 8AF460093B4DC1FD81C4508A57B6A80A7FB2E1818A3405506B8DB5B521615FB6 ] McAPExe         C:\Program Files\McAfee\MSC\McAPExe.exe
10:05:05.0590 0x0430  McAPExe - ok
10:05:05.0606 0x0430  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
10:05:05.0621 0x0430  McMPFSvc - ok
10:05:05.0637 0x0430  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McNaiAnn        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
10:05:05.0653 0x0430  McNaiAnn - ok
10:05:05.0715 0x0430  [ 63D93A440E7AC015D85B9A3DA0C1BBAF, 849A13E91B041DEC2A47F5BE65ADBA6CAC8AF01675D0D8E13730724B54B4DD15 ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
10:05:05.0731 0x0430  McODS - ok
10:05:05.0762 0x0430  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] mcpltsvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
10:05:05.0778 0x0430  mcpltsvc - ok
10:05:05.0793 0x0430  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McProxy         C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
10:05:05.0793 0x0430  McProxy - ok
10:05:05.0840 0x0430  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
10:05:05.0840 0x0430  megasas - ok
10:05:05.0887 0x0430  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
10:05:05.0903 0x0430  megasr - ok
10:05:05.0950 0x0430  [ 4800829B6DA07ED8818EBC3AB4ECB2AF, B75BC9838B4A4CEB65AFE246B01FD545DC7AACA192AC0F7B4E7A0F5DF6A454E3 ] mfeapfk         C:\WINDOWS\system32\drivers\mfeapfk.sys
10:05:05.0950 0x0430  mfeapfk - ok
10:05:05.0981 0x0430  [ 001EF965C2869723E5929255E7F4BDB0, E9F6DC7842DAE743881F7DC9AE9CDBF2DBD1DD48A387AF92E32AA13CAEFCBEF6 ] mfeavfk         C:\WINDOWS\system32\drivers\mfeavfk.sys
10:05:05.0996 0x0430  mfeavfk - ok
10:05:06.0075 0x0430  [ E85AC33B3E5D81BF750AC8FFBE7FD46F, 5F62E2732B234176A94E8E3F34A125935FC8D52F608CB4F38FE0DE3E7B25E3D5 ] mfecore         C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
10:05:06.0106 0x0430  mfecore - ok
10:05:06.0137 0x0430  [ C43A22B878D5B92D9A5D748BD808F171, 989DBFF36CBC33320C46A60FB592156568914B0D76DBD0DB7C6E37B83ECAF90D ] mfeelamk        C:\WINDOWS\system32\drivers\mfeelamk.sys
10:05:06.0137 0x0430  mfeelamk - ok
10:05:06.0184 0x0430  [ A769FABF6F9B5E72450F9E161C83D495, 3601A1242885B778B81AB2ABA95F6EAA026427A3F8072427A0A4DF7B93CF4CE1 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
10:05:06.0184 0x0430  mfefire - ok
10:05:06.0215 0x0430  [ F153129E35F2D1C893A099368B55E530, 08D5F93CF2A6994700D1F29239BF7F5B4EA48793211E24601B1FE4A8BC96F092 ] mfefirek        C:\WINDOWS\system32\drivers\mfefirek.sys
10:05:06.0231 0x0430  mfefirek - ok
10:05:06.0309 0x0430  [ 63835C12B7B9E1B8EA1D195E9A2A786A, C25CFAE33178AE0CB84F078113F328308FB107D574A27653323F909B41B41C01 ] mfehidk         C:\WINDOWS\system32\drivers\mfehidk.sys
10:05:06.0325 0x0430  mfehidk - ok
10:05:06.0387 0x0430  [ 9BBE68D37302E191788058ECA974B870, 9D1034097328A4E83479594DD2AFA857B58D758C227F952FDCED7DEEF23B8D5D ] mfencbdc        C:\WINDOWS\system32\DRIVERS\mfencbdc.sys
10:05:06.0403 0x0430  mfencbdc - ok
10:05:06.0418 0x0430  [ 5A0A092F04A83505799F857371E4A3FF, 1BD7726CB3CDFA7B5C225B695B07AC143B7BE2A3DBD596B30DB2816D407A6C9E ] mfencrk         C:\WINDOWS\system32\DRIVERS\mfencrk.sys
10:05:06.0418 0x0430  mfencrk - ok
10:05:06.0465 0x0430  [ FAB7B6D571B810B73F5BB286AB439687, D1898B16E9FCABFF1BC937427B18B1083018B4F5DED6A04A2967352FF5857218 ] mfevtp          C:\WINDOWS\system32\mfevtps.exe
10:05:06.0465 0x0430  mfevtp - ok
10:05:06.0496 0x0430  [ 57CC9413361359476B844339417F1CFF, 87093104871F8B6A6336404F0C497A6B5473AA0E770C54ABF233428FB151FD4C ] mfewfpk         C:\WINDOWS\system32\drivers\mfewfpk.sys
10:05:06.0512 0x0430  mfewfpk - ok
10:05:06.0606 0x0430  MFE_RR - ok
10:05:06.0637 0x0430  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\WINDOWS\system32\mmcss.dll
10:05:06.0637 0x0430  MMCSS - ok
10:05:06.0684 0x0430  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
10:05:06.0700 0x0430  Modem - ok
10:05:06.0715 0x0430  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
10:05:06.0715 0x0430  monitor - ok
10:05:06.0731 0x0430  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
10:05:06.0731 0x0430  mouclass - ok
10:05:06.0762 0x0430  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
10:05:06.0778 0x0430  mouhid - ok
10:05:06.0794 0x0430  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
10:05:06.0794 0x0430  mountmgr - ok
10:05:06.0809 0x0430  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
10:05:06.0809 0x0430  mpsdrv - ok
10:05:06.0872 0x0430  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
10:05:06.0903 0x0430  MpsSvc - ok
10:05:06.0934 0x0430  [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
10:05:06.0934 0x0430  MRxDAV - ok
10:05:06.0997 0x0430  [ C997E6A37BA8915224B3FB5024A34F69, 43E1B83072DF9E878151D276DDB6EB7B3801D72494C43E9B9ABECA4B2DCFD606 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:05:06.0997 0x0430  mrxsmb - ok
10:05:07.0044 0x0430  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
10:05:07.0044 0x0430  mrxsmb10 - ok
10:05:07.0091 0x0430  [ AAF56E4E84D35411B4E446C445732DFE, 7AC41CAA0842AE4DA4EEF976202C58D7923DAA367F0D7E800D432323D5E7DE1A ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
10:05:07.0091 0x0430  mrxsmb20 - ok
10:05:07.0122 0x0430  [ 4E888019078AC363076A5433E89AA4F8, 3DEBDA290230B3E83F956C902C960E39463B7EFE86439199521356762769FD91 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
10:05:07.0122 0x0430  MsBridge - ok
10:05:07.0153 0x0430  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
10:05:07.0169 0x0430  MSDTC - ok
10:05:07.0200 0x0430  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
10:05:07.0200 0x0430  Msfs - ok
10:05:07.0231 0x0430  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
10:05:07.0231 0x0430  msgpiowin32 - ok
10:05:07.0247 0x0430  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
10:05:07.0247 0x0430  mshidkmdf - ok
10:05:07.0262 0x0430  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
10:05:07.0262 0x0430  mshidumdf - ok
10:05:07.0294 0x0430  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
10:05:07.0294 0x0430  msisadrv - ok
10:05:07.0341 0x0430  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
10:05:07.0341 0x0430  MSiSCSI - ok
10:05:07.0356 0x0430  msiserver - ok
10:05:07.0372 0x0430  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:05:07.0372 0x0430  MSKSSRV - ok
10:05:07.0419 0x0430  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
10:05:07.0419 0x0430  MsLldp - ok
10:05:07.0434 0x0430  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:05:07.0434 0x0430  MSPCLOCK - ok
10:05:07.0450 0x0430  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
10:05:07.0450 0x0430  MSPQM - ok
10:05:07.0497 0x0430  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
10:05:07.0497 0x0430  MsRPC - ok
10:05:07.0528 0x0430  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
10:05:07.0528 0x0430  mssmbios - ok
10:05:07.0544 0x0430  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
10:05:07.0544 0x0430  MSTEE - ok
10:05:07.0559 0x0430  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
10:05:07.0559 0x0430  MTConfig - ok
10:05:07.0575 0x0430  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
10:05:07.0575 0x0430  Mup - ok
10:05:07.0591 0x0430  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
10:05:07.0591 0x0430  mvumis - ok
10:05:07.0669 0x0430  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\WINDOWS\system32\qagentRT.dll
10:05:07.0684 0x0430  napagent - ok
10:05:07.0716 0x0430  [ 647C7652FA19F98CADF2BFDA2164BFEC, 711A4A06309393922A70D7FBE5684938CD634F5DED158D847BFADDD5ACF9E44C ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
10:05:07.0731 0x0430  NativeWifiP - ok
10:05:07.0762 0x0430  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
10:05:07.0778 0x0430  NcaSvc - ok
10:05:07.0809 0x0430  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
10:05:07.0809 0x0430  NcbService - ok
10:05:07.0825 0x0430  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
10:05:07.0825 0x0430  NcdAutoSetup - ok
10:05:07.0887 0x0430  [ F21B77B4D74092A543807D3CEB711A88, 5C3C17A10E990070FAB317C0C5333DE768E408CAF43EC4FA9D18116C6EE3B3DC ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
10:05:07.0919 0x0430  NDIS - ok
10:05:07.0966 0x0430  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
10:05:07.0966 0x0430  NdisCap - ok
10:05:07.0981 0x0430  [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
10:05:07.0981 0x0430  NdisImPlatform - ok
10:05:08.0013 0x0430  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:05:08.0013 0x0430  NdisTapi - ok
10:05:08.0044 0x0430  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:05:08.0044 0x0430  Ndisuio - ok
10:05:08.0059 0x0430  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
10:05:08.0059 0x0430  NdisVirtualBus - ok
10:05:08.0091 0x0430  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:05:08.0091 0x0430  NdisWan - ok
10:05:08.0106 0x0430  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:05:08.0106 0x0430  NdisWanLegacy - ok
10:05:08.0138 0x0430  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
10:05:08.0138 0x0430  NDProxy - ok
10:05:08.0153 0x0430  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
10:05:08.0153 0x0430  Ndu - ok
10:05:08.0184 0x0430  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
10:05:08.0200 0x0430  Net Driver HPZ12 - ok
10:05:08.0216 0x0430  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\WINDOWS\system32\DRIVERS\netaapl64.sys
10:05:08.0216 0x0430  Netaapl - ok
10:05:08.0247 0x0430  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
10:05:08.0247 0x0430  NetBIOS - ok
10:05:08.0262 0x0430  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
10:05:08.0262 0x0430  NetBT - ok
10:05:08.0294 0x0430  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\WINDOWS\system32\lsass.exe
10:05:08.0294 0x0430  Netlogon - ok
10:05:08.0341 0x0430  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\WINDOWS\System32\netman.dll
10:05:08.0341 0x0430  Netman - ok
10:05:08.0403 0x0430  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
10:05:08.0419 0x0430  netprofm - ok
10:05:08.0544 0x0430  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:05:08.0544 0x0430  NetTcpPortSharing - ok
10:05:08.0575 0x0430  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys
10:05:08.0575 0x0430  netvsc - ok
10:05:08.0622 0x0430  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
10:05:08.0637 0x0430  NlaSvc - ok
10:05:08.0669 0x0430  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
10:05:08.0669 0x0430  Npfs - ok
10:05:08.0700 0x0430  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
10:05:08.0700 0x0430  npsvctrig - ok
10:05:08.0731 0x0430  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\WINDOWS\system32\nsisvc.dll
10:05:08.0731 0x0430  nsi - ok
10:05:08.0747 0x0430  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
10:05:08.0747 0x0430  nsiproxy - ok
10:05:08.0857 0x0430  [ 1C80517BE6836A812F6A9B99B8321351, 7DBED4633820E201C9C242D961EF6F25BA2B1D5593BA60F707CC71A4014C2D4B ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
10:05:08.0919 0x0430  Ntfs - ok
10:05:08.0951 0x0430  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
10:05:08.0951 0x0430  Null - ok
10:05:08.0982 0x0430  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
10:05:08.0997 0x0430  nvraid - ok
10:05:09.0013 0x0430  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
10:05:09.0013 0x0430  nvstor - ok
10:05:09.0044 0x0430  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
10:05:09.0044 0x0430  nv_agp - ok
10:05:09.0185 0x0430  [ 25FFB1C1E5BD27B9757EACF40B2B0F7B, 41B4236F580B4653C65E3F16DD3FF91E924716FDD2DCBA89A5F416563C5F0076 ] OfficeSvc       C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
10:05:09.0232 0x0430  OfficeSvc - ok
10:05:09.0294 0x0430  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:05:09.0294 0x0430  ose - ok
10:05:09.0341 0x0430  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
10:05:09.0357 0x0430  p2pimsvc - ok
10:05:09.0404 0x0430  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
10:05:09.0419 0x0430  p2psvc - ok
10:05:09.0435 0x0430  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
10:05:09.0450 0x0430  Parport - ok
10:05:09.0482 0x0430  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
10:05:09.0482 0x0430  partmgr - ok
10:05:09.0513 0x0430  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
10:05:09.0529 0x0430  PcaSvc - ok
10:05:09.0575 0x0430  [ 275AFE3FA35E8D78BE97695DF49817C6, 447CEBB16285AE073B4251D2DA71399306EF2DCB7F56286ABE2F0BD6C83EB489 ] pci             C:\WINDOWS\system32\drivers\pci.sys
10:05:09.0575 0x0430  pci - ok
10:05:09.0607 0x0430  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
10:05:09.0607 0x0430  pciide - ok
10:05:09.0622 0x0430  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
10:05:09.0622 0x0430  pcmcia - ok
10:05:09.0669 0x0430  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
10:05:09.0669 0x0430  pcw - ok
10:05:09.0701 0x0430  [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
10:05:09.0701 0x0430  pdc - ok
10:05:09.0763 0x0430  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
10:05:09.0779 0x0430  PEAUTH - ok
10:05:09.0873 0x0430  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
10:05:09.0873 0x0430  PerfHost - ok
10:05:09.0998 0x0430  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\WINDOWS\system32\pla.dll
10:05:10.0045 0x0430  pla - ok
10:05:10.0076 0x0430  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
10:05:10.0076 0x0430  PlugPlay - ok
10:05:10.0123 0x0430  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
10:05:10.0123 0x0430  Pml Driver HPZ12 - ok
10:05:10.0170 0x0430  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
10:05:10.0170 0x0430  PNRPAutoReg - ok
10:05:10.0201 0x0430  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
10:05:10.0216 0x0430  PNRPsvc - ok
10:05:10.0263 0x0430  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
10:05:10.0279 0x0430  PolicyAgent - ok
10:05:10.0326 0x0430  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\WINDOWS\system32\umpo.dll
10:05:10.0326 0x0430  Power - ok
10:05:10.0357 0x0430  [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:05:10.0373 0x0430  PptpMiniport - ok
10:05:10.0545 0x0430  [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
10:05:10.0623 0x0430  PrintNotify - ok
10:05:10.0685 0x0430  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
10:05:10.0685 0x0430  Processor - ok
10:05:10.0717 0x0430  [ B2A890D96C05E33FDD2BF3F3D4D0DF92, 3A29E17424429A5654D906E420D938148F09F57457356EFA72DA003B73F2D81E ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
10:05:10.0732 0x0430  ProfSvc - ok
10:05:10.0763 0x0430  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
10:05:10.0779 0x0430  Psched - ok
10:05:10.0826 0x0430  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\WINDOWS\system32\qwave.dll
10:05:10.0841 0x0430  QWAVE - ok
10:05:10.0857 0x0430  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
10:05:10.0857 0x0430  QWAVEdrv - ok
10:05:10.0888 0x0430  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:05:10.0888 0x0430  RasAcd - ok
10:05:10.0935 0x0430  [ 55FE43112F61836D0581D615C72AA113, 35665E09BD74BD078A0BC49BF98102B5F3679A3FA2AC25FB629D448652D9938F ] RasAgileVpn     C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
10:05:10.0935 0x0430  RasAgileVpn - ok
10:05:10.0967 0x0430  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
10:05:10.0967 0x0430  RasAuto - ok
10:05:10.0982 0x0430  [ BBB6272B7F46C4640A8CDB8A70C3450F, 4266C3ABD0D1D0219F715EA0F155744F7C1E3A7B722BE863831B57AE785419A2 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:05:10.0998 0x0430  Rasl2tp - ok
10:05:11.0045 0x0430  [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan          C:\WINDOWS\System32\rasmans.dll
10:05:11.0060 0x0430  RasMan - ok
10:05:11.0092 0x0430  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:05:11.0092 0x0430  RasPppoe - ok
10:05:11.0107 0x0430  [ 2B0F1677CDD08967005F34488559BC6F, FFF168EBD171C0B85A448AD1A04F66534E889AE1DC128F68EA3F35D5996C8D39 ] RasSstp         C:\WINDOWS\system32\DRIVERS\rassstp.sys
10:05:11.0123 0x0430  RasSstp - ok
10:05:11.0154 0x0430  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:05:11.0170 0x0430  rdbss - ok
10:05:11.0201 0x0430  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
10:05:11.0201 0x0430  rdpbus - ok
10:05:11.0232 0x0430  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
10:05:11.0232 0x0430  RDPDR - ok
10:05:11.0263 0x0430  [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
10:05:11.0263 0x0430  RdpVideoMiniport - ok
10:05:11.0310 0x0430  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
10:05:11.0326 0x0430  rdyboost - ok
10:05:11.0404 0x0430  [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
10:05:11.0435 0x0430  ReFS - ok
10:05:11.0467 0x0430  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
10:05:11.0482 0x0430  RemoteAccess - ok
10:05:11.0529 0x0430  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
10:05:11.0545 0x0430  RemoteRegistry - ok
10:05:11.0576 0x0430  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
10:05:11.0576 0x0430  RpcEptMapper - ok
10:05:11.0623 0x0430  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\WINDOWS\system32\locator.exe
10:05:11.0623 0x0430  RpcLocator - ok
10:05:11.0685 0x0430  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
10:05:11.0716 0x0430  RpcSs - ok
10:05:11.0748 0x0430  [ A1D5FFEFDBEB3881EC3D74CC7136847F, B3D278267EF17CC6F2FAF92D3FE67734FB9689EDDFA2A78F620300409DA5D0BB ] RSP2STOR        C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys
10:05:11.0764 0x0430  RSP2STOR - ok
10:05:11.0811 0x0430  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
10:05:11.0811 0x0430  rspndr - ok
10:05:11.0858 0x0430  [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
10:05:11.0873 0x0430  RTL8168 - ok
10:05:11.0905 0x0430  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
10:05:11.0905 0x0430  s3cap - ok
10:05:11.0951 0x0430  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\WINDOWS\system32\lsass.exe
10:05:11.0951 0x0430  SamSs - ok
10:05:11.0998 0x0430  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
10:05:12.0014 0x0430  sbp2port - ok
10:05:12.0076 0x0430  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
10:05:12.0076 0x0430  SCardSvr - ok
10:05:12.0108 0x0430  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
10:05:12.0123 0x0430  ScDeviceEnum - ok
10:05:12.0170 0x0430  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
10:05:12.0170 0x0430  scfilter - ok
10:05:12.0248 0x0430  [ A95838FFFAEAA7500263D491575F7E0C, FEB79ECAE6D9AB0C29D9AFE12F60502A8357B3A382C0FACF4C6DA4852B6ECFA4 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
10:05:12.0279 0x0430  Schedule - ok
10:05:12.0342 0x0430  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
10:05:12.0342 0x0430  SCPolicySvc - ok
10:05:12.0389 0x0430  [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
10:05:12.0389 0x0430  sdbus - ok
10:05:12.0436 0x0430  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
10:05:12.0436 0x0430  sdstor - ok
10:05:12.0467 0x0430  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
10:05:12.0467 0x0430  secdrv - ok
10:05:12.0514 0x0430  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\WINDOWS\system32\seclogon.dll
10:05:12.0514 0x0430  seclogon - ok
10:05:12.0529 0x0430  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\WINDOWS\System32\sens.dll
10:05:12.0545 0x0430  SENS - ok
10:05:12.0561 0x0430  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
10:05:12.0576 0x0430  SensrSvc - ok
10:05:12.0608 0x0430  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
10:05:12.0608 0x0430  SerCx - ok
10:05:12.0654 0x0430  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
10:05:12.0654 0x0430  SerCx2 - ok
10:05:12.0670 0x0430  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
10:05:12.0670 0x0430  Serenum - ok
10:05:12.0686 0x0430  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
10:05:12.0686 0x0430  Serial - ok
10:05:12.0701 0x0430  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
10:05:12.0717 0x0430  sermouse - ok
10:05:12.0811 0x0430  [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
10:05:12.0811 0x0430  SessionEnv - ok
10:05:12.0826 0x0430  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
10:05:12.0826 0x0430  sfloppy - ok
10:05:12.0873 0x0430  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
10:05:12.0889 0x0430  SharedAccess - ok
10:05:12.0967 0x0430  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:05:12.0983 0x0430  ShellHWDetection - ok
10:05:13.0030 0x0430  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
10:05:13.0030 0x0430  SiSRaid2 - ok
10:05:13.0045 0x0430  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
10:05:13.0045 0x0430  SiSRaid4 - ok
10:05:13.0076 0x0430  [ 4C9BAAB29C340D628BA89B05C2FF24D8, 016A9AB72A423C36373E6DB00B7C7F97B76461F8039FCBFC5CA16C2D3BB0C68F ] SmbDrv          C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys
10:05:13.0076 0x0430  SmbDrv - ok
10:05:13.0123 0x0430  [ 19555D03CB179BED8B8AAA239A36BDA4, 7B975821D52ABE077496B3CFC010B33D478CD2C36E6A74D8F72D2BF582B8C84A ] SmbDrvI         C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys
10:05:13.0123 0x0430  SmbDrvI - ok
10:05:13.0170 0x0430  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\WINDOWS\System32\smphost.dll
10:05:13.0170 0x0430  smphost - ok
10:05:13.0201 0x0430  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
10:05:13.0201 0x0430  SNMPTRAP - ok
10:05:13.0264 0x0430  [ 87765EF43C33BE342F4ACB0E3FBF89A6, 3C1DDED7F96F796702F1BC73D5CEE5251DD16011AA349FE4EE1D9C002E0171C6 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
10:05:13.0279 0x0430  spaceport - ok
10:05:13.0311 0x0430  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
10:05:13.0311 0x0430  SpbCx - ok
10:05:13.0373 0x0430  [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] Spooler         C:\WINDOWS\System32\spoolsv.exe
10:05:13.0404 0x0430  Spooler - ok
10:05:13.0670 0x0430  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
10:05:13.0858 0x0430  sppsvc - ok
10:05:13.0921 0x0430  [ 2B78788A1485F9B99A578A299DF42C02, A87183A9B13585C9E850437A45237105D39D7F3212ADB079D6AB430B67A59643 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
10:05:13.0936 0x0430  srv - ok
10:05:13.0999 0x0430  [ E62EAEF0BAC9DD61BF22D4A7F2F18571, 910D85FDDBAF0E003A0CA0C23D27615F1B7D6145FB9E3A1661E93498196B303A ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
10:05:14.0014 0x0430  srv2 - ok
10:05:14.0046 0x0430  [ 466BDC0006103F2547D308DD3CD64398, 334E0729B369C7F7CBB9878F423B53E05476D1288A8ECEB18240318ABF2370C1 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
10:05:14.0061 0x0430  srvnet - ok
10:05:14.0108 0x0430  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
10:05:14.0124 0x0430  SSDPSRV - ok
10:05:14.0155 0x0430  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
10:05:14.0171 0x0430  SstpSvc - ok
10:05:14.0264 0x0430  [ 97F839E8AEC48EE271509BF4BC764C24, 7B9B791E987ADC8991C128CD52CB253F295E41DF502BF8933DF388994E84560D ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
10:05:14.0280 0x0430  STacSV - ok
10:05:14.0311 0x0430  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
10:05:14.0311 0x0430  stexstor - ok
10:05:14.0358 0x0430  [ 7E89F65EB250463EE8665CFE19566FC3, 45849BAFA62E72A97103C5F02962D346D3F79DE9DB07297D1073FF355A506D9C ] STHDA           C:\WINDOWS\system32\DRIVERS\stwrt64.sys
10:05:14.0374 0x0430  STHDA - ok
10:05:14.0436 0x0430  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
10:05:14.0467 0x0430  stisvc - ok
10:05:14.0499 0x0430  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
10:05:14.0499 0x0430  storahci - ok
10:05:14.0514 0x0430  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
10:05:14.0514 0x0430  storflt - ok
10:05:14.0546 0x0430  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
10:05:14.0546 0x0430  stornvme - ok
10:05:14.0592 0x0430  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
10:05:14.0592 0x0430  StorSvc - ok
10:05:14.0608 0x0430  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
10:05:14.0608 0x0430  storvsc - ok
10:05:14.0655 0x0430  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\WINDOWS\system32\svsvc.dll
10:05:14.0655 0x0430  svsvc - ok
10:05:14.0686 0x0430  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
10:05:14.0686 0x0430  swenum - ok
10:05:14.0780 0x0430  [ E3C92D60F6AD7763961D1E7628002844, A33EED7CB3EE0EF4890AAD095F989FCA7F44CA1055E03D3892AB543DEE74C9B6 ] swprv           C:\WINDOWS\System32\swprv.dll
10:05:14.0811 0x0430  swprv - ok
10:05:14.0858 0x0430  [ 3F45C3FE208CA5E68832B65C597A35A6, EACE9AAFC01C2BA52F4DA129AEF7BFA3CF7F10146E4F4330CD344BFC39DC959C ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
10:05:14.0874 0x0430  SynTP - ok
10:05:14.0952 0x0430  [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain         C:\WINDOWS\system32\sysmain.dll
10:05:14.0983 0x0430  SysMain - ok
10:05:15.0030 0x0430  [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
10:05:15.0046 0x0430  SystemEventsBroker - ok
10:05:15.0092 0x0430  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
10:05:15.0092 0x0430  TabletInputService - ok
10:05:15.0108 0x0430  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
10:05:15.0124 0x0430  TapiSrv - ok
10:05:15.0249 0x0430  [ FEEFE783D87C9063CDAC6DBDCF95F533, EBD00EEE90AC657823A88190BBBED6DA47AF597510C201F3392F4325069D2669 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
10:05:15.0342 0x0430  Tcpip - ok
10:05:15.0436 0x0430  [ FEEFE783D87C9063CDAC6DBDCF95F533, EBD00EEE90AC657823A88190BBBED6DA47AF597510C201F3392F4325069D2669 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:05:15.0514 0x0430  TCPIP6 - ok
10:05:15.0561 0x0430  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
10:05:15.0561 0x0430  tcpipreg - ok
10:05:15.0592 0x0430  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
10:05:15.0608 0x0430  tdx - ok
10:05:15.0624 0x0430  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
10:05:15.0624 0x0430  terminpt - ok
10:05:15.0702 0x0430  [ 2C77831737491F4D684D315B95C62883, 90A2574A281F19646CFCDA5FDF40063220058290D2D5523AD91B7E709EC36D3D ] TermService     C:\WINDOWS\System32\termsrv.dll
10:05:15.0733 0x0430  TermService - ok
10:05:15.0765 0x0430  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\WINDOWS\system32\themeservice.dll
10:05:15.0765 0x0430  Themes - ok
10:05:15.0812 0x0430  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
10:05:15.0812 0x0430  THREADORDER - ok
10:05:15.0843 0x0430  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
10:05:15.0843 0x0430  TimeBroker - ok
10:05:15.0890 0x0430  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
10:05:15.0890 0x0430  TPM - ok
10:05:15.0937 0x0430  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
10:05:15.0952 0x0430  TrkWks - ok
10:05:16.0015 0x0430  [ 00629A30B9A95D3CC07E09C12F293BD1, CCB0EA347804CC7EDCDFBCA0AEAFF90310C7272D9F0AF7BC54D3F9D344AD4FCA ] TrueService     C:\Program Files\Common Files\AuthenTec\TrueService.exe
10:05:16.0015 0x0430  TrueService - ok
10:05:16.0077 0x0430  [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
10:05:16.0077 0x0430  TrustedInstaller - ok
10:05:16.0093 0x0430  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
10:05:16.0093 0x0430  TsUsbFlt - ok
10:05:16.0109 0x0430  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
10:05:16.0124 0x0430  TsUsbGD - ok
10:05:16.0155 0x0430  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
10:05:16.0171 0x0430  tunnel - ok
10:05:16.0187 0x0430  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
10:05:16.0187 0x0430  uagp35 - ok
10:05:16.0218 0x0430  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
10:05:16.0218 0x0430  UASPStor - ok
10:05:16.0265 0x0430  [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
10:05:16.0280 0x0430  UCX01000 - ok
10:05:16.0327 0x0430  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
10:05:16.0327 0x0430  udfs - ok
10:05:16.0358 0x0430  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
10:05:16.0358 0x0430  UEFI - ok
10:05:16.0390 0x0430  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
10:05:16.0405 0x0430  UI0Detect - ok
10:05:16.0421 0x0430  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
10:05:16.0421 0x0430  uliagpkx - ok
10:05:16.0437 0x0430  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
10:05:16.0452 0x0430  umbus - ok
10:05:16.0468 0x0430  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
10:05:16.0468 0x0430  UmPass - ok
10:05:16.0515 0x0430  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
10:05:16.0530 0x0430  UmRdpService - ok
10:05:16.0562 0x0430  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\WINDOWS\System32\upnphost.dll
10:05:16.0577 0x0430  upnphost - ok
10:05:16.0624 0x0430  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
10:05:16.0624 0x0430  USBAAPL64 - ok
10:05:16.0671 0x0430  [ 433ECDE01A52691FA7ACA51C10C09B70, B896296A3F8EF2AF3AC5F0091B9848156608586F1E10A95D70700BAB51E8062A ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
10:05:16.0671 0x0430  usbccgp - ok
10:05:16.0687 0x0430  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
10:05:16.0702 0x0430  usbcir - ok
10:05:16.0734 0x0430  [ 5477D6E27C7D266EF8C152B9A25ADE5E, FEE81677D284A78A0C0FB60F887A952CFC759AE78B01206D73F59FE33612C519 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
10:05:16.0734 0x0430  usbehci - ok
10:05:16.0765 0x0430  [ 4875DC63E548812C75D4FDEF84970C89, 6A29306BAB6F95F0384E16533A9588A654A6E3CFC35D55A4CEB2B14EF34EEE19 ] usbfilter       C:\WINDOWS\system32\DRIVERS\usbfilter.sys
10:05:16.0765 0x0430  usbfilter - ok
10:05:16.0812 0x0430  [ DF56C2C04EFA328D7A66B69007130266, 719316EB25A8C7B82C7941D1C5B964CC4EDA4A997732F481526DE7356F6FC0D8 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
10:05:16.0827 0x0430  usbhub - ok
10:05:16.0858 0x0430  [ CFC52C49BEFE4D70D87FFA900EAB9777, 09A2F5D8AB07C3AE3F2B092F4DD7AE5838736CDC263016F188B442B32EC928F8 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
10:05:16.0874 0x0430  USBHUB3 - ok
10:05:16.0890 0x0430  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
10:05:16.0890 0x0430  usbohci - ok
10:05:16.0937 0x0430  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
10:05:16.0937 0x0430  usbprint - ok
10:05:16.0968 0x0430  [ F04D164C4168701A4E7835607722E5F1, 6F743CF2CF73945B4A4B1C4402744BC2FE1624F1346C194493AD2F7110F9EB35 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:05:16.0968 0x0430  usbscan - ok
10:05:17.0030 0x0430  [ EA23453240137F6773174E0D93F61A69, 579AD09FB428C2BB8B4055128620A7AADD1B606C1EA44B87A01D69A84232A5D9 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
10:05:17.0030 0x0430  USBSTOR - ok
10:05:17.0077 0x0430  [ BA4FA655E0FC577DB7436FC963932CE4, 3336FDECD4AEC6B316D4C0803E22A12719EBEDD1A9427C0DF5D3B263BE600EE6 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
10:05:17.0093 0x0430  usbuhci - ok
10:05:17.0155 0x0430  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
10:05:17.0171 0x0430  usbvideo - ok
10:05:17.0218 0x0430  [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
10:05:17.0234 0x0430  USBXHCI - ok
10:05:17.0265 0x0430  [ 49F2693BC3D821FA13AD6E7D5C5FEAFF, E0E109CAB6B19C77A870C5A0D8A99769F5B99C19C2E35A0615D91F87B25229A3 ] valWBFPolicyService C:\Windows\system32\valWBFPolicyService.exe
10:05:17.0265 0x0430  valWBFPolicyService - ok
10:05:17.0296 0x0430  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
10:05:17.0312 0x0430  VaultSvc - ok
10:05:17.0327 0x0430  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
10:05:17.0327 0x0430  vdrvroot - ok
10:05:17.0452 0x0430  [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds             C:\WINDOWS\System32\vds.exe
10:05:17.0515 0x0430  vds - ok
10:05:17.0562 0x0430  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
10:05:17.0577 0x0430  VerifierExt - ok
10:05:17.0655 0x0430  [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
10:05:17.0671 0x0430  vhdmp - ok
10:05:17.0702 0x0430  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
10:05:17.0718 0x0430  viaide - ok
10:05:17.0749 0x0430  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
10:05:17.0749 0x0430  vmbus - ok
10:05:17.0812 0x0430  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
10:05:17.0828 0x0430  VMBusHID - ok
10:05:17.0921 0x0430  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
10:05:17.0937 0x0430  vmicguestinterface - ok
10:05:17.0968 0x0430  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
10:05:17.0999 0x0430  vmicheartbeat - ok
10:05:18.0031 0x0430  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
10:05:18.0062 0x0430  vmickvpexchange - ok
10:05:18.0093 0x0430  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
10:05:18.0124 0x0430  vmicrdv - ok
10:05:18.0156 0x0430  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
10:05:18.0171 0x0430  vmicshutdown - ok
10:05:18.0218 0x0430  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
10:05:18.0234 0x0430  vmictimesync - ok
10:05:18.0265 0x0430  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
10:05:18.0296 0x0430  vmicvss - ok
10:05:18.0343 0x0430  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
10:05:18.0343 0x0430  volmgr - ok
10:05:18.0390 0x0430  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
10:05:18.0406 0x0430  volmgrx - ok
10:05:18.0453 0x0430  [ 3595FBDF25F8BA6256072D103937D7D6, 547AA103804790E31F6E5658923627945948B48F36354EEA2FC0FE09098F9FD5 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
10:05:18.0468 0x0430  volsnap - ok
10:05:18.0515 0x0430  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
10:05:18.0515 0x0430  vpci - ok
10:05:18.0593 0x0430  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
10:05:18.0609 0x0430  vsmraid - ok
10:05:18.0734 0x0430  [ 4957B27219515B93A508B91068B87BF5, 5B6B37A57FC8F4FC8B119C013338292550C63AB5295A596D382D8DCF26D751A2 ] VSS             C:\WINDOWS\system32\vssvc.exe
10:05:18.0796 0x0430  VSS - ok
10:05:18.0843 0x0430  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
10:05:18.0859 0x0430  VSTXRAID - ok
10:05:18.0890 0x0430  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
10:05:18.0906 0x0430  vwifibus - ok
10:05:18.0937 0x0430  [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
10:05:18.0937 0x0430  vwififlt - ok
10:05:18.0968 0x0430  [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
10:05:18.0984 0x0430  vwifimp - ok
10:05:19.0031 0x0430  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\WINDOWS\system32\w32time.dll
10:05:19.0062 0x0430  W32Time - ok
10:05:19.0140 0x0430  [ 8E553C859C83784DEC08B10AFC3EAC92, 41D8DBA1500DBD3AC9783169ACF545805EF05069F12866238992A30794369254 ] w3logsvc        C:\WINDOWS\system32\inetsrv\w3logsvc.dll
10:05:19.0140 0x0430  w3logsvc - ok
10:05:19.0171 0x0430  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
10:05:19.0171 0x0430  WacomPen - ok
10:05:19.0203 0x0430  [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:05:19.0203 0x0430  Wanarp - ok
10:05:19.0218 0x0430  [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:05:19.0234 0x0430  Wanarpv6 - ok
10:05:19.0296 0x0430  [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] WAS             C:\WINDOWS\system32\inetsrv\iisw3adm.dll
10:05:19.0328 0x0430  WAS - ok
10:05:19.0437 0x0430  [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
10:05:19.0515 0x0430  wbengine - ok
10:05:19.0578 0x0430  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
10:05:19.0593 0x0430  WbioSrvc - ok
10:05:19.0656 0x0430  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
10:05:19.0687 0x0430  Wcmsvc - ok
10:05:19.0749 0x0430  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
10:05:19.0766 0x0430  wcncsvc - ok
10:05:19.0797 0x0430  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
10:05:19.0812 0x0430  WcsPlugInService - ok
10:05:19.0859 0x0430  [ F5D4FA3E1F4879C361FFF3855259D2C2, 48C60FE4AAB011E2250157506FF0624031BFA346F8F2F8C6DFDF6F3CAA4F3F42 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
10:05:19.0859 0x0430  WdBoot - ok
10:05:19.0922 0x0430  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
10:05:19.0969 0x0430  Wdf01000 - ok
10:05:20.0016 0x0430  [ 019CC610AD95FF47EAD7C08B7A683B96, BB9D42F8ED90ECA2E7B8C906E06A1EA859FAD9BD1B3492BB1E28C0D00004812A ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
10:05:20.0031 0x0430  WdFilter - ok
10:05:20.0078 0x0430  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
10:05:20.0094 0x0430  WdiServiceHost - ok
10:05:20.0109 0x0430  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
10:05:20.0109 0x0430  WdiSystemHost - ok
10:05:20.0156 0x0430  [ 6CC1BB8F6851A262E2E824F0E92D5EEF, 45A88A984179BBA38C1F4434C4D6C2823C1FE6AFBE8CB0F656DAE0092D1D5611 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
10:05:20.0172 0x0430  WdNisDrv - ok
10:05:20.0219 0x0430  WdNisSvc - ok
10:05:20.0266 0x0430  [ 6588A957873326361AB1CAC4E76F8394, BE17880CEDCAE5ED3B983443E3777842646A3E48B661422A717656E11F6DBA94 ] WebClient       C:\WINDOWS\System32\webclnt.dll
10:05:20.0281 0x0430  WebClient - ok
10:05:20.0328 0x0430  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
10:05:20.0344 0x0430  Wecsvc - ok
10:05:20.0359 0x0430  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
10:05:20.0375 0x0430  WEPHOSTSVC - ok
10:05:20.0422 0x0430  [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
10:05:20.0422 0x0430  wercplsupport - ok
10:05:20.0484 0x0430  [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
10:05:20.0484 0x0430  WerSvc - ok
10:05:20.0531 0x0430  [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
10:05:20.0531 0x0430  WFPLWFS - ok
10:05:20.0594 0x0430  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
10:05:20.0609 0x0430  WiaRpc - ok
10:05:20.0641 0x0430  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
10:05:20.0641 0x0430  WIMMount - ok
10:05:20.0656 0x0430  WinDefend - ok
10:05:20.0750 0x0430  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
10:05:20.0797 0x0430  WinHttpAutoProxySvc - ok
10:05:20.0860 0x0430  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
10:05:20.0875 0x0430  Winmgmt - ok
10:05:21.0063 0x0430  [ C8D6344BDE2691A196E61C0D3372EAB7, FF8EB79D8A7E298343C22B83276FF68293D08A9DA438BB22600BEFC4CA93A91D ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
10:05:21.0188 0x0430  WinRM - ok
10:05:21.0266 0x0430  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\WINDOWS\System32\drivers\WinUSB.sys
10:05:21.0266 0x0430  WinUsb - ok
10:05:21.0313 0x0430  [ DAF801153E8F33E13AB278332250D78A, 0F277DA63E8A058A474994CF3A8345DEA967B78E54F4F97FEC995499A1D541A0 ] WirelessButtonDriver C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys
10:05:21.0313 0x0430  WirelessButtonDriver - ok
10:05:21.0438 0x0430  [ 5A917027826D759CC3238C7D3CEC3438, A8FFA28B6D8A314692AA08788FC9E2E0F03D8AD1FCD662826ABA71DB39C3605A ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
10:05:21.0500 0x0430  WlanSvc - ok
10:05:21.0641 0x0430  [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
10:05:21.0719 0x0430  wlidsvc - ok
10:05:21.0782 0x0430  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
10:05:21.0782 0x0430  WmiAcpi - ok
10:05:21.0828 0x0430  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
10:05:21.0844 0x0430  wmiApSrv - ok
10:05:21.0891 0x0430  WMPNetworkSvc - ok
10:05:21.0922 0x0430  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
10:05:21.0938 0x0430  Wof - ok
10:05:22.0063 0x0430  [ 65C65F3BD784158C456E721DDC9F0EA2, CBD3ADFD960456BD4B9557BF691E12D31153499549F5D3D08258BD62013952ED ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
10:05:22.0157 0x0430  workfolderssvc - ok
10:05:22.0203 0x0430  [ C1F564F324685C088ECAB1933576CF91, 022F0EC160352AB73AF7DA557D1A5798964231B82C556F22F4163E8B3E4088B2 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
10:05:22.0203 0x0430  wpcfltr - ok
10:05:22.0250 0x0430  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
10:05:22.0250 0x0430  WPCSvc - ok
10:05:22.0282 0x0430  [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
10:05:22.0282 0x0430  WPDBusEnum - ok
10:05:22.0329 0x0430  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
10:05:22.0329 0x0430  WpdUpFltr - ok
10:05:22.0360 0x0430  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
10:05:22.0360 0x0430  ws2ifsl - ok
10:05:22.0407 0x0430  [ 515583507D3828E827FF6352C9ACCEFA, D0C42020FA787804DA26FE07D67C8880FE027A230BD9EB6A706862D89181F2BE ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
10:05:22.0407 0x0430  wscsvc - ok
10:05:22.0438 0x0430  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
10:05:22.0438 0x0430  WSDPrintDevice - ok
10:05:22.0469 0x0430  [ D38297814FB6E33655342D869996E617, 3701892EEF87D1BF0E73322B90678802B6EA4AFA9CBF6111F39611C79DBA96C7 ] WSDScan         C:\WINDOWS\System32\drivers\WSDScan.sys
10:05:22.0469 0x0430  WSDScan - ok
10:05:22.0485 0x0430  WSearch - ok
10:05:22.0735 0x0430  [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService       C:\WINDOWS\System32\WSService.dll
10:05:22.0877 0x0430  WSService - ok
10:05:23.0111 0x0430  [ 7E609FBF50774CC5A239420FE34EBB9C, 69B643B11717D51BC5D3F1CDE47D4C9E198AB8D9160C852DBE9B940E40AD8A57 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
10:05:23.0283 0x0430  wuauserv - ok
10:05:23.0330 0x0430  [ 2FEAE33E9B2B56104596E1BA444405A9, 0A142F50E06F6224B9CB36B3CE62BE0B36DE8B8DB9F9E05D287DFB884CC7826E ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
10:05:23.0330 0x0430  WudfPf - ok
10:05:23.0361 0x0430  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
10:05:23.0377 0x0430  WUDFRd - ok
10:05:23.0392 0x0430  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFSensorLP    C:\WINDOWS\System32\drivers\WUDFRd.sys
10:05:23.0408 0x0430  WUDFSensorLP - ok
10:05:23.0455 0x0430  [ BB73CBC65AABC4EA0A5C6A1474A0A743, D644B3C6A7202CADDADB3B68FE1B2A7C76B023FE58F667EED4D538C1F4A65D64 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
10:05:23.0455 0x0430  wudfsvc - ok
10:05:23.0486 0x0430  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
10:05:23.0502 0x0430  WUDFWpdFs - ok
10:05:23.0517 0x0430  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
10:05:23.0533 0x0430  WUDFWpdMtp - ok
10:05:23.0580 0x0430  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
10:05:23.0611 0x0430  WwanSvc - ok
10:05:23.0658 0x0430  ================ Scan global ===============================
10:05:23.0705 0x0430  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
10:05:23.0752 0x0430  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll
10:05:23.0794 0x0430  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
10:05:23.0841 0x0430  [ B4B610BBCB002EC478C6FD80CF915697, CE22B87A7C7C0D325CE66FB97E7318B4A41EE0BD14D902A410126A1EBBEAA6FB ] C:\WINDOWS\system32\services.exe
10:05:23.0857 0x0430  [ Global ] - ok
10:05:23.0857 0x0430  ================ Scan MBR ==================================
10:05:23.0888 0x0430  [ A78C646DB8D284B9C54ED366B2CA860E ] \Device\Harddisk0\DR0
10:05:24.0013 0x0430  \Device\Harddisk0\DR0 - ok
10:05:24.0013 0x0430  ================ Scan VBR ==================================
10:05:24.0029 0x0430  [ 935907C0FBEED6BC086B11ED3E616AAF ] \Device\Harddisk0\DR0\Partition1
10:05:24.0044 0x0430  \Device\Harddisk0\DR0\Partition1 - ok
10:05:24.0060 0x0430  [ 087B69BF37D640A260284D999149A379 ] \Device\Harddisk0\DR0\Partition2
10:05:24.0091 0x0430  \Device\Harddisk0\DR0\Partition2 - ok
10:05:24.0091 0x0430  [ 131DC1E5AF18F03F55A4A6E2D92FF589 ] \Device\Harddisk0\DR0\Partition3
10:05:24.0091 0x0430  \Device\Harddisk0\DR0\Partition3 - ok
10:05:24.0107 0x0430  [ 354ADD307CD48B428E050DA17485DF54 ] \Device\Harddisk0\DR0\Partition4
10:05:24.0107 0x0430  \Device\Harddisk0\DR0\Partition4 - ok
10:05:24.0138 0x0430  [ 4389AAE8CBE4D87FEE8CB9978E45FD54 ] \Device\Harddisk0\DR0\Partition5
10:05:24.0169 0x0430  \Device\Harddisk0\DR0\Partition5 - ok
10:05:24.0185 0x0430  [ FA56388A4E417194DEF8D38BA1414002 ] \Device\Harddisk0\DR0\Partition6
10:05:24.0200 0x0430  \Device\Harddisk0\DR0\Partition6 - ok
10:05:24.0200 0x0430  Waiting for KSN requests completion. In queue: 125
10:05:25.0216 0x0430  Waiting for KSN requests completion. In queue: 125
10:05:26.0216 0x0430  Waiting for KSN requests completion. In queue: 125
10:05:27.0263 0x0430  AV detected via SS2: McAfee Anti-Virus and Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x51000 ( enabled : updated )
10:05:27.0263 0x0430  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )
10:05:27.0263 0x0430  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x51010 ( enabled )
10:05:29.0864 0x0430  ============================================================
10:05:29.0864 0x0430  Scan finished
10:05:29.0864 0x0430  ============================================================
10:05:29.0880 0x1e7c  Detected object count: 0
10:05:29.0880 0x1e7c  Actual detected object count: 0


#9 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:17 AM

Posted 17 May 2014 - 01:52 PM

Step 1: Adwarecleaner

Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

Download Mirror #1
  • Right-click on AdwCleaner.exe and select Run as administrator. (If you have Windows XP the just run it)
  • Click Scan and let the scan run.
  • When it finishes, click Clean, following the on screen prompts
  • After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.
Note: The log can also be found in here: C:\AdwCleaner\

Step 2: Malwarebytes

Please download Malwarebytes Anti-Malware to your desktop Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings.JPG

Go back to the Dashboard and select Scan Now

MBAMScan.JPG

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot.JPG

MBAMLog.JPG

On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop
Attach/Post that log

Step 3: Junkware Removal Tool

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 4: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#10 jmunoz

jmunoz
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:17 AM

Posted 17 May 2014 - 06:33 PM

This is the log from ADW Cleaner.

 

# AdwCleaner v3.208 - Report created 17/05/2014 at 16:27:38
# Updated 11/05/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Juan - JMUNOZ
# Running from : C:\Users\Juan\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Users\Juan\AppData\Local\Pokki
Folder Deleted : C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nemfjadlboooiffmcelkafilagddogim
File Deleted : C:\Users\Juan\AppData\Roaming\Mozilla\Firefox\Profiles\6pw751s8.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}.xpi
File Deleted : C:\Users\Juan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook.lnk
File Deleted : C:\Users\Juan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Youtube.lnk
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Google\Chrome\Extensions\nemfjadlboooiffmcelkafilagddogim
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\nemfjadlboooiffmcelkafilagddogim
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Websteroids_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Websteroids_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebsteroidsService_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebsteroidsService_RASMANCS
Key Deleted : HKCU\Software\Pokki
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17037
 
 
-\\ Mozilla Firefox v
 
[ File : C:\Users\Juan\AppData\Roaming\Mozilla\Firefox\Profiles\6pw751s8.default\prefs.js ]
 
 
-\\ Google Chrome v34.0.1847.137
 
[ File : C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Extension] : nemfjadlboooiffmcelkafilagddogim
 
*************************
 
AdwCleaner[R0].txt - [13336 octets] - [19/04/2014 23:50:21]
AdwCleaner[R1].txt - [2206 octets] - [17/05/2014 16:26:07]
AdwCleaner[S0].txt - [11897 octets] - [19/04/2014 23:52:14]
AdwCleaner[S1].txt - [2118 octets] - [17/05/2014 16:27:38]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2178 octets] ##########


#11 jmunoz

jmunoz
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:17 AM

Posted 18 May 2014 - 02:57 AM

This is the Malwarebytes log. I was never given the option for the extended log. It just showed me the following. 

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 5/17/2014
Scan Time: 6:36:57 PM
Logfile: mb.txt
Administrator: Yes
 
Version: 2.00.1.1004
Malware Database: v2014.05.17.13
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Juan
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 285902
Time Elapsed: 1 hr, 59 min, 0 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 1
PUP.Optional.Conduit.A, C:\Users\Juan\AppData\Local\Temp\CT3319597, Quarantined, [49b7a65ae31d966a5d94b0c1cf337090], 
 
Files: 33
Adware.Agent, C:\ProgramData\InstallMate\{D1671F5F-2B93-4D38-AFD3-63B10A843DA9}\Custom.dll, Quarantined, [09f7a65ab8486a96911274da5aa7f40c], 
PUP.Optional.MultiPlug.A, C:\ProgramData\siaife! sAvie\51e871db93dab.dll, Quarantined, [af517a86f30dde226beb1cea08f9718f], 
PUP.Optional.Verti, C:\MediaPlayerClassic_RocketFuelInstaller.exe, Quarantined, [c53b4fb10ff1ed1311a500252fd23cc4], 
PUP.Optional.OptimumInstaller.A, C:\$Recycle.Bin\S-1-5-21-4217489270-1833975609-1330013356-1002\$RAK8YYZ.exe, Quarantined, [40c0a9570cf4be421343113c33ce1ce4], 
PUP.Optional.BundleInstaller.A, C:\$Recycle.Bin\S-1-5-21-4217489270-1833975609-1330013356-1002\$RB0VM61.exe, Quarantined, [8779e61af20e56aaa0849d415aa9a35d], 
PUP.Optional.OptimumInstaller.A, C:\$Recycle.Bin\S-1-5-21-4217489270-1833975609-1330013356-1002\$RZ2S1ZK.exe, Quarantined, [e917a25ed12fa65a0b4b2e1f19e823dd], 
PUP.Optional.OptimumInstaller.A, C:\$Recycle.Bin\S-1-5-21-4217489270-1833975609-1330013356-1002\$RPGUF50.exe, Quarantined, [1ce4a55bb84843bdc4921b321ee336ca], 
PUP.Optional.OptimumInstaller.A, C:\$Recycle.Bin\S-1-5-21-4217489270-1833975609-1330013356-1002\$RRIZWU7.exe, Quarantined, [0cf44eb251afa15f0c4a311cab56c33d], 
PUP.Optional.OptimumInstaller.A, C:\$Recycle.Bin\S-1-5-21-4217489270-1833975609-1330013356-1002\$RD7YL2M.exe, Quarantined, [718f738d49b78977b2a4391446bb7a86], 
PUP.Optional.ShopAtHome.A, C:\$Recycle.Bin\S-1-5-21-4217489270-1833975609-1330013356-1002\$RO7R70D.exe, Quarantined, [9f6130d0837dee12aea8c699837ef808], 
PUP.Optional.OptimumInstaller.A, C:\$Recycle.Bin\S-1-5-21-4217489270-1833975609-1330013356-1002\$RS3IN3W.exe, Quarantined, [a957936da957966ab1a54eff3bc6c63a], 
PUP.Optional.AirInstaller, C:\$Recycle.Bin\S-1-5-21-4217489270-1833975609-1330013356-1002\$R1NK2ZI\Setup.exe, Quarantined, [a85847b953ad857b951432d9d42dd22e], 
PUP.Optional.ExpressFiles.A, C:\$Recycle.Bin\S-1-5-21-4217489270-1833975609-1330013356-1002\$R1NK2ZI\Touchcopy_12_Activation_Code_Serial_Free_downloader_us_99481.exe, Quarantined, [5ba520e0f40c5da3df703cece0209769], 
PUP.Optional.ZombieAlert.A, C:\Windows\SysWOW64\Websteroids.B324755F3F87.dll, Quarantined, [fb05db2507f9cc344aa31e1d9a6ac937], 
PUP.Optional.Conduit, C:\Users\Juan\AppData\Local\Temp\BitLord_Installer.exe, Quarantined, [5ca4e81853ad7c846ba2463014f06b95], 
PUP.Optional.SearchProtect.A, C:\Users\Juan\AppData\Local\Temp\nsaA9A9.exe, Quarantined, [a0608878f60a5ca444bdeb3ebe43b14f], 
PUP.Optional.SearchProtect.A, C:\Users\Juan\AppData\Local\Temp\nsc5CCC.exe, Quarantined, [9e620cf4b44cab55df2272b7719014ec], 
PUP.Optional.SearchProtect.A, C:\Users\Juan\AppData\Local\Temp\nse3A.exe, Quarantined, [58a82dd328d80000b948e5445ca5b54b], 
PUP.Optional.SearchProtect.A, C:\Users\Juan\AppData\Local\Temp\nsi7DD.exe, Quarantined, [e8183ec2a25ef7097c85ea3f748d12ee], 
PUP.Optional.SearchProtect.A, C:\Users\Juan\AppData\Local\Temp\nsiA3CC.exe, Quarantined, [bb45718f9868a55ba35e191060a17a86], 
PUP.Optional.SearchProtect.A, C:\Users\Juan\AppData\Local\Temp\nsm1328.exe, Quarantined, [768ac04005fbce326a97bb6e53ae7f81], 
PUP.Optional.SearchProtect.A, C:\Users\Juan\AppData\Local\Temp\nssB022.exe, Quarantined, [23dd25dbbc4416eaff0262c7ce3339c7], 
PUP.Optional.Conduit.A, C:\Users\Juan\AppData\Local\Temp\SPSetup.exe, Quarantined, [e020e020bd438080b73a77a6867bef11], 
PUP.Optional.FindRight.A, C:\Users\Juan\AppData\Local\Temp\is1242154493\207637949_stp\FindRightSetup.exe, Quarantined, [de22946caf51bd43186b0d16d92bc937], 
PUP.Optional.RegCleanPro, C:\Users\Juan\AppData\Local\Temp\is1242154493\207637950_stp\rcpsetup_adppi14_adppi14.exe, Quarantined, [d32df20ed32daf515a30ec488080ea16], 
PUP.Optional.Installcore, C:\Users\Juan\AppData\Local\Temp\is357113909\257006708_stp\HomePageDLL.dll, Quarantined, [a35dd42cfe0231cfc8e8ca5aaa5a5da3], 
PUP.Optional.MySpeedDial.A, C:\Users\Juan\AppData\Local\Temp\is357113909\257006736_stp\Mysearchdial.exe, Quarantined, [1ee2fa067b852dd3e4a5ef325ca8a25e], 
PUP.Optional.RightSurf.A, C:\Users\Juan\AppData\Local\Temp\is357113909\257006753_stp\RightSurfSetup.exe, Quarantined, [817f4bb550b02cd430a5db45ee166f91], 
PUP.Optional.RegCleanPro, C:\Users\Juan\AppData\Local\Temp\is357113909\257006770_stp\rcpsetup_adppi14_adppi14.exe, Quarantined, [cc341ce4946c01ffcac088acf20e916f], 
PUP.Optional.Conduit.A, C:\Users\Juan\AppData\Local\Temp\nsc48AB\SpSetup.exe, Quarantined, [4bb5cd33817fb34d01f01ffe46bb16ea], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsg29E0.exe, Quarantined, [12eef40c6d9355abe120e6438180f60a], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsh5D94.exe, Quarantined, [5fa1dc2423dd5ca4956cf039e41d7789], 
PUP.Optional.Conduit.A, C:\Users\Juan\AppData\Local\Temp\CT3319597\ddt.csf, Quarantined, [49b7a65ae31d966a5d94b0c1cf337090], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#12 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:17 AM

Posted 18 May 2014 - 04:51 AM

Logs from Step 3 and 4 are missing.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#13 jmunoz

jmunoz
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:17 AM

Posted 18 May 2014 - 10:04 AM

This log is from Junkware Removal 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by Juan on Sun 05/18/2014 at  1:00:57.63
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{63EA38FB-0183-4614-8CE3-9FB055A7696C}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6C37D915-0C33-4DF2-872D-B60FA18F8195}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{FEC299B2-3345-41C3-B7EF-7E4A4EE5578E}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{6C37D915-0C33-4DF2-872D-B60FA18F8195}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Empty Folder] C:\Users\Juan\appdata\local\{13041A6D-C7DB-4F6F-A658-0CE99376BD12}
Successfully deleted: [Empty Folder] C:\Users\Juan\appdata\local\{1CFC8E97-F16B-4DDB-9701-A9CBEE567958}
Successfully deleted: [Empty Folder] C:\Users\Juan\appdata\local\{3F78400D-1415-4E30-86C3-2B515A634952}
Successfully deleted: [Empty Folder] C:\Users\Juan\appdata\local\{54735999-B501-41A9-9C1E-DC353D4F2519}
Successfully deleted: [Empty Folder] C:\Users\Juan\appdata\local\{58913665-4FC1-432B-9618-012334C83F79}
Successfully deleted: [Empty Folder] C:\Users\Juan\appdata\local\{660D87B4-78BA-4043-8AA7-BE8C71ADA2F7}
Successfully deleted: [Empty Folder] C:\Users\Juan\appdata\local\{8F1B4D05-3AC0-4711-AC4F-E41E74B76B95}
Successfully deleted: [Empty Folder] C:\Users\Juan\appdata\local\{CD46505B-A604-43FF-B4E4-7F3C096EF1D9}
Successfully deleted: [Empty Folder] C:\Users\Juan\appdata\local\{F6418A1C-7311-4E40-8D9A-32B5DD821CC1}
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 05/18/2014 at  1:22:40.98
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#14 jmunoz

jmunoz
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:17 AM

Posted 18 May 2014 - 10:11 AM

This log is from FRST. 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by Juan (administrator) on JMUNOZ on 18-05-2014 08:07:30
Running from C:\Users\Juan\Downloads
Platform: Windows 8.1 (Update 1) (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
() C:\Windows\System32\valWBFPolicyService.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Juan\Downloads\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-24] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-24] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512 2012-07-31] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-05-13] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-4217489270-1833975609-1330013356-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
HKU\S-1-5-21-4217489270-1833975609-1330013356-1002\...\Run: [Pinger] => "C:\Program Files (x86)\Pinger\Pinger.exe"
HKU\S-1-5-21-4217489270-1833975609-1330013356-1002\...\RunOnce: [Application Restart #2] - C:\Users\Juan\AppData\Local\Pokki\Engine\pokki.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Juan\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session
AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x221E539F99C0CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} URL = 
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - {0285C277-D86B-496E-A767-B3BA67E0CECD} URL = http://search.yahoo.com/search?fr=mcafee&type=A011US679&p={SearchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.2.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF ProfilePath: C:\Users\Juan\AppData\Roaming\Mozilla\Firefox\Profiles\6pw751s8.default
FF SearchEngineOrder.1: Secure Search
FF Homepage: about:home
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=mcafee&type=A111US679&p=
FF SelectedSearchEngine: Secure Search
FF DefaultSearchEngine: Secure Search
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @authentec.com/ffwloplugin - C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll ( HP)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pokki.com/PokkiDownloadHelper - C:\Users\Juan\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF SearchPlugin: C:\Users\Juan\AppData\Roaming\Mozilla\Firefox\Profiles\6pw751s8.default\searchplugins\amazon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-02-25]
 
Chrome: 
=======
CHR HomePage: 
CHR Extension: (Google Docs) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-20]
CHR Extension: (Google Drive) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-20]
CHR Extension: (YouTube) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-20]
CHR Extension: (Google Search) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-20]
CHR Extension: (Website Logon) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fegekclkdhbnfdcmomlpegkkndgnmfmo [2014-04-20]
CHR Extension: (Google Wallet) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR Extension: (Gmail) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-20]
CHR HKLM-x32\...\Chrome\Extension: [fegekclkdhbnfdcmomlpegkkndgnmfmo] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-07-12]
 
==================== Services (Whitelisted) =================
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-08] (Advanced Micro Devices, Inc.)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641320 2012-08-10] (HP)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [49464 2014-04-01] (Hewlett-Packard Company)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025712 2014-01-21] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-03-17] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [185792 2014-03-17] (McAfee, Inc.)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-11-02] (Microsoft Corporation)
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28160 2012-09-06] ()
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-12-13] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-03-17] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-12-13] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-03-17] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-03-17] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69344 2014-03-17] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-03-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-03-17] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [422712 2014-01-21] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-01-21] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [345456 2014-03-17] (McAfee, Inc.)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [266896 2012-06-13] (Realtek Semiconductor Corp.)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-12-13] (Microsoft Corporation)
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [28400 2013-01-29] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Development Company, L.P.)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)
S3 MFE_RR; \??\C:\Users\Juan\AppData\Local\Temp\mfe_rr.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-05-18 08:07 - 2014-05-18 08:07 - 02067456 _____ (Farbar) C:\Users\Juan\Downloads\FRST64 (1).exe
2014-05-18 01:22 - 2014-05-18 01:22 - 00002151 _____ () C:\Users\Juan\Desktop\JRT.txt
2014-05-18 00:59 - 2014-05-18 00:59 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-05-18 00:58 - 2014-05-18 00:58 - 01016261 _____ (Thisisu) C:\Users\Juan\Desktop\JRT.exe
2014-05-18 00:54 - 2014-05-18 00:54 - 00005837 _____ () C:\mb.txt
2014-05-18 00:53 - 2014-05-18 00:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-05-17 16:36 - 2014-05-18 00:46 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-05-17 16:36 - 2014-05-17 16:36 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-17 16:36 - 2014-05-17 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-17 16:36 - 2014-05-17 16:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-17 16:36 - 2014-05-17 16:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-17 16:36 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-05-17 16:36 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-05-17 16:36 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-05-17 16:34 - 2014-05-17 16:34 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Juan\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-17 16:26 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-05-17 16:25 - 2014-05-17 16:25 - 01325827 _____ () C:\Users\Juan\Desktop\AdwCleaner.exe
2014-05-16 15:31 - 2014-05-16 15:34 - 00038508 _____ () C:\Users\Juan\Downloads\Addition.txt
2014-05-16 15:27 - 2014-05-18 08:07 - 00023455 _____ () C:\Users\Juan\Downloads\FRST.txt
2014-05-16 15:27 - 2014-05-18 08:07 - 00000000 ____D () C:\FRST
2014-05-16 15:27 - 2014-05-16 15:27 - 02067456 _____ (Farbar) C:\Users\Juan\Downloads\FRST64.exe
2014-05-16 15:26 - 2014-05-16 15:26 - 01056768 _____ (Farbar) C:\Users\Juan\Downloads\FRST.exe
2014-05-16 15:26 - 2014-05-16 15:26 - 01056768 _____ (Farbar) C:\Users\Juan\Downloads\FRST (1).exe
2014-05-15 19:32 - 2014-05-01 13:30 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-05-15 19:32 - 2014-05-01 13:30 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-15 19:03 - 2014-05-15 19:03 - 11422832 _____ (Bitdefender LLC) C:\Users\Juan\Downloads\BootkitRemoval_x64.exe
2014-05-15 19:03 - 2014-05-15 19:03 - 07266656 _____ (Bitdefender LLC) C:\Users\Juan\Downloads\BootkitRemoval_x86.exe
2014-05-15 18:55 - 2014-05-15 18:55 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-05-15 18:43 - 2014-05-15 18:43 - 04164448 _____ (Kaspersky Lab ZAO) C:\Users\Juan\Downloads\tdsskiller.exe
2014-05-15 18:20 - 2014-05-15 18:21 - 00000000 ____D () C:\ProgramData\Sophos
2014-05-15 18:20 - 2014-05-15 18:20 - 00003233 _____ () C:\Users\Juan\Desktop\Sophos Virus Removal Tool.lnk
2014-05-15 18:20 - 2014-05-15 18:20 - 00000000 ____D () C:\Users\Juan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
2014-05-15 18:20 - 2014-05-15 18:20 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-05-15 18:15 - 2014-05-15 18:15 - 93437600 _____ (Sophos Limited) C:\Users\Juan\Downloads\Sophos Virus Removal Tool.exe
2014-05-15 03:16 - 2014-05-15 03:17 - 00000296 _____ () C:\WINDOWS\SysWOW64\RootkitRemover_20140515_031655.log
2014-05-15 03:14 - 2014-05-15 03:14 - 00000296 _____ () C:\Users\Juan\Downloads\RootkitRemover_20140515_031403.log
2014-05-15 03:13 - 2014-05-15 03:13 - 00782584 _____ (McAfee, Inc.) C:\Users\Juan\Downloads\rootkitremover.exe
2014-05-14 18:01 - 2014-05-14 18:01 - 10062224 _____ () C:\Users\Juan\Downloads\tixati-1.96-1.win32-install.exe
2014-05-13 23:02 - 2014-04-11 03:03 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-05-13 23:02 - 2014-04-11 03:03 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-05-13 23:02 - 2014-04-11 01:25 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-05-13 23:02 - 2014-04-10 23:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-05-13 23:02 - 2014-04-10 22:53 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-05-13 23:02 - 2014-04-10 22:22 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-05-13 23:02 - 2014-04-10 20:54 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-05-13 23:02 - 2014-04-10 20:36 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-05-13 23:02 - 2014-04-10 20:24 - 13288960 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-05-13 23:02 - 2014-04-10 20:06 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-05-13 23:02 - 2014-04-10 20:05 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-13 23:02 - 2014-04-10 20:05 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-05-13 23:02 - 2014-04-10 20:02 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-13 23:02 - 2014-04-10 20:02 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-05-13 23:02 - 2014-04-10 20:01 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-05-13 23:02 - 2014-04-10 20:00 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-05-13 23:02 - 2014-04-10 19:59 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-05-13 23:02 - 2014-04-10 19:57 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-05-13 23:02 - 2014-04-10 19:56 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-05-13 23:02 - 2014-04-10 19:55 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-05-13 23:02 - 2014-04-10 19:53 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-05-13 23:02 - 2014-04-10 19:52 - 03464192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-05-13 23:02 - 2014-04-10 19:46 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-05-13 23:02 - 2014-04-10 19:36 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-05-13 23:02 - 2014-04-10 19:34 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-05-13 23:02 - 2014-04-10 19:29 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-05-13 23:02 - 2014-04-10 19:25 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-05-13 23:02 - 2014-03-23 19:30 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-05-13 23:02 - 2014-03-23 19:30 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-05-13 23:02 - 2014-03-23 19:27 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-05-13 23:02 - 2014-03-13 00:42 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-05-13 23:02 - 2014-03-12 23:51 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-05-13 23:00 - 2014-05-05 21:40 - 23544320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-13 23:00 - 2014-05-05 20:25 - 17382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-05-13 23:00 - 2014-05-05 20:00 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-05-13 23:00 - 2014-05-05 19:10 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-05-13 23:00 - 2014-04-08 15:46 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-05-13 23:00 - 2014-04-08 15:46 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-05-13 23:00 - 2014-04-08 11:54 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-05-13 23:00 - 2014-04-08 11:54 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-05-13 23:00 - 2014-03-27 02:12 - 21225584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-05-13 23:00 - 2014-03-27 00:48 - 18679728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-05-13 19:41 - 2014-05-13 19:41 - 01618724 _____ (Graboid Inc.) C:\Users\Juan\Downloads\GraboidVideoInstaller-5.1.2.0.exe
2014-05-13 19:38 - 2014-05-13 19:38 - 00244008 _____ (Premium Installer ) C:\Users\Juan\Downloads\Player-Chrome (1).exe
2014-05-13 15:51 - 2014-05-13 15:51 - 00918672 _____ (Google Inc.) C:\Users\Juan\Downloads\ChromeSetup.exe
2014-05-13 14:27 - 2014-05-13 14:27 - 00000000 ____D () C:\Users\Juan\AppData\Local\Intuit
2014-05-13 13:15 - 2014-05-13 13:16 - 00000000 ___DC () C:\Users\Juan\AppData\Local\MigWiz
2014-05-10 15:03 - 2014-05-10 15:03 - 00000000 __SHD () C:\Users\Juan\AppData\Local\EmieUserList
2014-05-10 15:03 - 2014-05-10 15:03 - 00000000 __SHD () C:\Users\Juan\AppData\Local\EmieSiteList
2014-05-10 14:22 - 2014-05-10 18:54 - 00000000 ____D () C:\Users\Juan\AppData\Local\Windows Live
2014-05-01 15:47 - 2014-05-13 13:26 - 00000000 ____D () C:\Users\Juan\Desktop\TPC 14
2014-04-26 01:34 - 2014-04-26 01:34 - 00000000 ____D () C:\Users\Juan\AppData\Local\Skype
2014-04-24 05:59 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2014-04-24 01:26 - 2014-03-19 20:41 - 02013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-04-24 01:26 - 2014-03-19 20:40 - 01112536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-04-24 01:26 - 2014-03-19 18:29 - 04268544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-04-24 01:26 - 2014-03-11 05:42 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-04-24 01:26 - 2014-03-11 05:35 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-04-24 01:26 - 2014-03-08 13:38 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-04-24 01:26 - 2014-03-08 00:09 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-04-24 01:26 - 2014-03-08 00:03 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-04-24 01:26 - 2014-03-07 23:46 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-04-24 01:26 - 2014-03-07 23:09 - 00958464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-04-24 01:26 - 2014-03-07 22:41 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-04-24 01:26 - 2014-03-06 07:34 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-04-24 01:26 - 2014-03-06 05:53 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-04-24 01:26 - 2014-03-06 05:51 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-04-24 01:26 - 2014-03-06 05:42 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-04-24 01:26 - 2014-03-06 04:13 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-04-24 01:26 - 2014-03-06 03:46 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2014-04-24 01:26 - 2014-03-06 02:19 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-04-24 01:26 - 2014-03-06 01:20 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-04-24 01:26 - 2014-03-06 00:22 - 16875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-04-24 01:26 - 2014-03-05 23:59 - 12732416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-04-24 01:26 - 2014-03-05 23:51 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-04-24 01:26 - 2014-03-05 23:39 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-04-24 01:26 - 2014-03-05 23:23 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-04-24 01:26 - 2014-03-05 23:16 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-04-24 01:26 - 2014-03-05 23:09 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-04-24 01:26 - 2014-03-05 22:42 - 01129472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-04-24 01:26 - 2014-03-05 22:28 - 08653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-04-24 01:26 - 2014-03-05 22:27 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-04-24 01:26 - 2014-03-05 22:21 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-04-24 01:26 - 2014-03-05 22:20 - 06641152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-04-24 01:26 - 2014-03-04 05:25 - 02373784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-04-24 01:26 - 2014-03-04 05:15 - 02519384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-04-24 01:26 - 2014-03-04 04:16 - 02088160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-04-24 01:25 - 2014-03-19 21:19 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-04-24 01:25 - 2014-03-19 20:41 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-04-24 01:25 - 2014-03-19 17:53 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-04-24 01:25 - 2014-03-19 17:48 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-04-24 01:25 - 2014-03-19 16:55 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-04-24 01:25 - 2014-03-19 16:39 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-04-24 01:25 - 2014-03-19 16:36 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2014-04-24 01:25 - 2014-03-19 00:13 - 00836096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-04-24 01:25 - 2014-03-18 22:57 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-04-24 01:25 - 2014-03-18 22:50 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-04-24 01:25 - 2014-03-18 22:31 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-04-24 01:25 - 2014-03-18 22:20 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2014-04-24 01:25 - 2014-03-18 22:08 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-04-24 01:25 - 2014-03-18 21:41 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-04-24 01:25 - 2014-03-18 21:17 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-04-24 01:25 - 2014-03-13 05:35 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-04-24 01:25 - 2014-03-12 06:45 - 00387210 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-04-24 01:25 - 2014-03-11 08:45 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2014-04-24 01:25 - 2014-03-11 08:18 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-04-24 01:25 - 2014-03-11 08:02 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2014-04-24 01:25 - 2014-03-11 07:28 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-04-24 01:25 - 2014-03-11 07:25 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2014-04-24 01:25 - 2014-03-11 07:05 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2014-04-24 01:25 - 2014-03-11 07:03 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-04-24 01:25 - 2014-03-11 07:00 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-04-24 01:25 - 2014-03-11 06:21 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-04-24 01:25 - 2014-03-11 06:02 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-04-24 01:25 - 2014-03-08 13:47 - 00565536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-04-24 01:25 - 2014-03-08 13:47 - 00180056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-04-24 01:25 - 2014-03-08 13:40 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-04-24 01:25 - 2014-03-08 13:35 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-04-24 01:25 - 2014-03-08 13:35 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-04-24 01:25 - 2014-03-08 08:29 - 01339240 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-04-24 01:25 - 2014-03-08 08:29 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-04-24 01:25 - 2014-03-08 04:34 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2014-04-24 01:25 - 2014-03-08 02:34 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-04-24 01:25 - 2014-03-08 02:02 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-04-24 01:25 - 2014-03-08 01:44 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-04-24 01:25 - 2014-03-08 01:33 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-04-24 01:25 - 2014-03-08 01:25 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-04-24 01:25 - 2014-03-08 01:12 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2014-04-24 01:25 - 2014-03-08 00:53 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-04-24 01:25 - 2014-03-08 00:51 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-04-24 01:25 - 2014-03-08 00:47 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2014-04-24 01:25 - 2014-03-08 00:12 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-04-24 01:25 - 2014-03-08 00:04 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-04-24 01:25 - 2014-03-08 00:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-04-24 01:25 - 2014-03-07 23:50 - 01066496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-04-24 01:25 - 2014-03-07 23:48 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-04-24 01:25 - 2014-03-07 23:41 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-04-24 01:25 - 2014-03-07 23:40 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-04-24 01:25 - 2014-03-07 23:37 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-04-24 01:25 - 2014-03-07 23:31 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-04-24 01:25 - 2014-03-07 23:30 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-04-24 01:25 - 2014-03-07 23:25 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-04-24 01:25 - 2014-03-07 23:04 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-04-24 01:25 - 2014-03-07 23:02 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-04-24 01:25 - 2014-03-07 22:58 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-04-24 01:25 - 2014-03-07 22:11 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-04-24 01:25 - 2014-03-06 07:35 - 01466864 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-04-24 01:25 - 2014-03-06 07:34 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-04-24 01:25 - 2014-03-06 05:53 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-04-24 01:25 - 2014-03-06 05:51 - 00488280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-04-24 01:25 - 2014-03-06 05:51 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-04-24 01:25 - 2014-03-06 05:40 - 00492256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-04-24 01:25 - 2014-03-06 05:40 - 00467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-04-24 01:25 - 2014-03-06 05:40 - 00463264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-04-24 01:25 - 2014-03-06 05:40 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-04-24 01:25 - 2014-03-06 05:40 - 00244888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-04-24 01:25 - 2014-03-06 05:39 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-04-24 01:25 - 2014-03-06 04:20 - 01200296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-04-24 01:25 - 2014-03-06 04:19 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-04-24 01:25 - 2014-03-06 04:19 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2014-04-24 01:25 - 2014-03-06 04:13 - 00406912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-04-24 01:25 - 2014-03-06 03:35 - 00406512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-04-24 01:25 - 2014-03-06 03:35 - 00388408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-04-24 01:25 - 2014-03-06 03:35 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-04-24 01:25 - 2014-03-06 03:35 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-04-24 01:25 - 2014-03-06 02:29 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-04-24 01:25 - 2014-03-06 02:24 - 00111616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-04-24 01:25 - 2014-03-06 02:24 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-04-24 01:25 - 2014-03-06 02:24 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-04-24 01:25 - 2014-03-06 02:22 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-04-24 01:25 - 2014-03-06 02:22 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-04-24 01:25 - 2014-03-06 02:22 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-04-24 01:25 - 2014-03-06 02:20 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-04-24 01:25 - 2014-03-06 02:20 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-04-24 01:25 - 2014-03-06 02:20 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-04-24 01:25 - 2014-03-06 02:19 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-04-24 01:25 - 2014-03-06 02:19 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-04-24 01:25 - 2014-03-06 02:19 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-04-24 01:25 - 2014-03-06 02:19 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-04-24 01:25 - 2014-03-06 02:08 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-04-24 01:25 - 2014-03-06 02:08 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-04-24 01:25 - 2014-03-06 01:41 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-04-24 01:25 - 2014-03-06 01:38 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-04-24 01:25 - 2014-03-06 01:37 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-04-24 01:25 - 2014-03-06 01:28 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-04-24 01:25 - 2014-03-06 01:10 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2014-04-24 01:25 - 2014-03-06 01:09 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-04-24 01:25 - 2014-03-06 01:00 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-04-24 01:25 - 2014-03-06 00:47 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-04-24 01:25 - 2014-03-06 00:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-04-24 01:25 - 2014-03-06 00:44 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-04-24 01:25 - 2014-03-06 00:16 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2014-04-24 01:25 - 2014-03-06 00:08 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-04-24 01:25 - 2014-03-06 00:02 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-04-24 01:25 - 2014-03-05 23:57 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-04-24 01:25 - 2014-03-05 23:34 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-04-24 01:25 - 2014-03-05 23:32 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-04-24 01:25 - 2014-03-05 23:31 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-04-24 01:25 - 2014-03-05 23:29 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2014-04-24 01:25 - 2014-03-05 23:27 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2014-04-24 01:25 - 2014-03-05 23:24 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-04-24 01:25 - 2014-03-05 23:23 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-04-24 01:25 - 2014-03-05 23:21 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-04-24 01:25 - 2014-03-05 23:21 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-04-24 01:25 - 2014-03-05 23:16 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-04-24 01:25 - 2014-03-05 23:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-04-24 01:25 - 2014-03-05 23:13 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-04-24 01:25 - 2014-03-05 23:11 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-04-24 01:25 - 2014-03-05 23:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2014-04-24 01:25 - 2014-03-05 23:05 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-04-24 01:25 - 2014-03-05 23:04 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-04-24 01:25 - 2014-03-05 23:04 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2014-04-24 01:25 - 2014-03-05 23:01 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-04-24 01:25 - 2014-03-05 22:54 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-04-24 01:25 - 2014-03-05 22:54 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-04-24 01:25 - 2014-03-05 22:51 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2014-04-24 01:25 - 2014-03-05 22:47 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-04-24 01:25 - 2014-03-05 22:42 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2014-04-24 01:25 - 2014-03-05 22:33 - 00839168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-04-24 01:25 - 2014-03-04 05:15 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-04-24 01:25 - 2014-03-04 05:14 - 00360512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-04-24 01:25 - 2014-03-04 04:10 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-04-24 01:25 - 2014-03-04 00:16 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-04-24 01:25 - 2014-03-04 00:13 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-04-24 01:25 - 2014-03-04 00:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-04-24 01:25 - 2014-03-04 00:00 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-04-24 01:25 - 2014-03-03 23:56 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-04-24 01:25 - 2014-03-03 23:50 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-04-24 01:25 - 2014-03-03 23:42 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-04-24 01:25 - 2014-03-03 23:39 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2014-04-24 01:25 - 2014-03-03 23:32 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2014-04-24 01:25 - 2014-03-03 23:15 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-04-24 01:25 - 2014-03-03 23:05 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2014-04-24 01:25 - 2014-03-03 23:03 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-04-24 01:25 - 2014-03-03 23:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-04-24 01:25 - 2014-03-03 22:54 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-04-24 01:25 - 2014-03-03 22:52 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-04-24 01:25 - 2014-02-06 15:59 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-04-24 01:25 - 2014-02-06 14:26 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-04-24 01:25 - 2013-12-23 16:28 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-04-24 01:25 - 2013-12-23 16:26 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-04-24 01:22 - 2014-02-25 23:29 - 02678784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-04-24 01:11 - 2014-02-22 08:55 - 01435304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2014-04-24 01:11 - 2014-02-22 08:53 - 03394384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-04-24 01:11 - 2014-02-22 08:46 - 01927600 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-04-24 01:11 - 2014-02-22 08:41 - 02142976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-04-24 01:11 - 2014-02-22 05:15 - 04192768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-04-24 01:11 - 2014-02-22 05:08 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\OobeFldr.dll
2014-04-24 01:11 - 2014-02-22 04:44 - 02767360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-04-24 01:11 - 2014-02-22 04:30 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-04-24 01:11 - 2014-02-22 04:17 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-04-24 01:11 - 2014-02-22 04:17 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OobeFldr.dll
2014-04-24 01:11 - 2014-02-22 04:00 - 05784064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-04-24 01:11 - 2014-02-22 03:44 - 02178048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-04-24 01:11 - 2014-02-22 03:36 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-04-24 01:11 - 2014-02-22 03:34 - 11742720 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2014-04-24 01:11 - 2014-02-22 03:33 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-04-24 01:11 - 2014-02-22 03:02 - 08946688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2014-04-24 01:11 - 2014-02-22 03:00 - 02043904 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-04-24 01:11 - 2014-02-22 02:47 - 01192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2014-04-24 01:11 - 2014-02-22 02:39 - 13551104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-04-24 01:11 - 2014-02-22 02:33 - 11745792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-04-24 01:11 - 2014-02-22 02:33 - 01967104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-04-24 01:11 - 2014-02-22 02:23 - 03494912 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2014-04-24 01:11 - 2014-02-22 02:16 - 11776000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2014-04-24 01:11 - 2014-02-22 02:11 - 02262016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-04-24 01:11 - 2014-02-22 02:01 - 13933568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2014-04-24 01:11 - 2014-02-22 01:53 - 12027904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-04-24 01:11 - 2014-02-22 01:49 - 08874496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-04-24 01:11 - 2014-02-22 01:49 - 01400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-04-24 01:11 - 2014-02-22 01:38 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-04-24 01:11 - 2014-02-22 01:35 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-04-24 01:11 - 2014-02-22 01:27 - 01143808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-04-24 01:11 - 2014-02-07 18:08 - 00139600 _____ () C:\WINDOWS\system32\systemsf.ebd
2014-04-24 01:10 - 2014-02-22 09:59 - 01290688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2014-04-24 01:10 - 2014-02-22 09:59 - 00526304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2014-04-24 01:10 - 2014-02-22 09:15 - 01929608 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2014-04-24 01:10 - 2014-02-22 09:00 - 00590168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-04-24 01:10 - 2014-02-22 08:50 - 02588168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-04-24 01:10 - 2014-02-22 08:50 - 00645104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-04-24 01:10 - 2014-02-22 08:48 - 02574240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-04-24 01:10 - 2014-02-22 08:46 - 01445616 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2014-04-24 01:10 - 2014-02-22 08:46 - 01000424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2014-04-24 01:10 - 2014-02-22 08:44 - 00539992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2014-04-24 01:10 - 2014-02-22 08:43 - 01727760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-04-24 01:10 - 2014-02-22 08:41 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-04-24 01:10 - 2014-02-22 08:41 - 01215832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2014-04-24 01:10 - 2014-02-22 08:41 - 00800552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2014-04-24 01:10 - 2014-02-22 08:41 - 00609456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-04-24 01:10 - 2014-02-22 08:40 - 01118552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-04-24 01:10 - 2014-02-22 07:42 - 01017936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2014-04-24 01:10 - 2014-02-22 07:42 - 00422968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2014-04-24 01:10 - 2014-02-22 07:38 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-04-24 01:10 - 2014-02-22 07:38 - 01077944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2014-04-24 01:10 - 2014-02-22 07:25 - 02410496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-04-24 01:10 - 2014-02-22 07:08 - 01474104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-04-24 01:10 - 2014-02-22 07:04 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-04-24 01:10 - 2014-02-22 07:04 - 01206000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-04-24 01:10 - 2014-02-22 07:04 - 01011280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2014-04-24 01:10 - 2014-02-22 07:04 - 00650736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2014-04-24 01:10 - 2014-02-22 05:24 - 02825216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2014-04-24 01:10 - 2014-02-22 03:38 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DfpCommon.dll
2014-04-24 01:10 - 2014-02-22 03:09 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-04-24 01:10 - 2014-02-22 03:06 - 02943488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-04-24 01:10 - 2014-02-22 03:01 - 02648064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-04-24 01:10 - 2014-02-22 02:53 - 00825344 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2014-04-24 01:10 - 2014-02-22 02:52 - 01132032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2014-04-24 01:10 - 2014-02-22 02:40 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-04-24 01:10 - 2014-02-22 02:38 - 00753664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2014-04-24 01:10 - 2014-02-22 02:35 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofTasks.dll
2014-04-24 01:10 - 2014-02-22 02:28 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2014-04-24 01:10 - 2014-02-22 02:26 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2014-04-24 01:10 - 2014-02-22 02:23 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-04-24 01:10 - 2014-02-22 02:23 - 01576960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2014-04-24 01:10 - 2014-02-22 02:23 - 00628224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2014-04-24 01:10 - 2014-02-22 02:21 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-04-24 01:10 - 2014-02-22 02:14 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2014-04-24 01:10 - 2014-02-22 02:13 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2014-04-24 01:10 - 2014-02-22 02:11 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2014-04-24 01:10 - 2014-02-22 02:10 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-04-24 01:10 - 2014-02-22 02:04 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-04-24 01:10 - 2014-02-22 02:00 - 01341440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2014-04-24 01:10 - 2014-02-22 02:00 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2014-04-24 01:10 - 2014-02-22 01:59 - 01621504 _____ (Microsoft Corporation) C:\WINDOWS\system32\RacEngn.dll
2014-04-24 01:10 - 2014-02-22 01:59 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-04-24 01:10 - 2014-02-22 01:59 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2014-04-24 01:10 - 2014-02-22 01:54 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-04-24 01:10 - 2014-02-22 01:47 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-04-24 01:10 - 2014-02-22 01:44 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-04-24 01:10 - 2014-02-22 01:40 - 02368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2014-04-24 01:10 - 2014-02-22 01:39 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2014-04-24 01:10 - 2014-02-22 01:37 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2014-04-24 01:10 - 2014-02-22 01:34 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-04-24 01:10 - 2014-02-22 01:32 - 01789440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-04-24 01:10 - 2014-02-22 01:24 - 02760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-04-24 01:10 - 2014-02-22 01:22 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-04-24 01:10 - 2014-02-22 01:21 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-04-24 01:10 - 2014-02-22 01:06 - 01640960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2014-04-24 01:10 - 2014-02-22 01:04 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-04-24 01:10 - 2014-02-22 01:03 - 01496576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2014-04-24 01:10 - 2014-02-22 01:01 - 00978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-04-24 01:10 - 2014-02-22 01:01 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2014-04-24 01:10 - 2014-02-22 01:00 - 00514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2014-04-24 01:10 - 2014-01-29 01:53 - 01653352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-04-24 01:09 - 2014-02-22 09:59 - 01519520 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-04-24 01:09 - 2014-02-22 09:59 - 00461176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-04-24 01:09 - 2014-02-22 09:59 - 00407536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-04-24 01:09 - 2014-02-22 09:15 - 01206000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2014-04-24 01:09 - 2014-02-22 09:15 - 00531128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2014-04-24 01:09 - 2014-02-22 09:00 - 00249688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2014-04-24 01:09 - 2014-02-22 08:55 - 00388408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-04-24 01:09 - 2014-02-22 08:55 - 00244848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2014-04-24 01:09 - 2014-02-22 08:50 - 00761792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2014-04-24 01:09 - 2014-02-22 08:49 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-04-24 01:09 - 2014-02-22 08:49 - 00280920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-04-24 01:09 - 2014-02-22 08:49 - 00148824 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-04-24 01:09 - 2014-02-22 08:48 - 01791752 ____C (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2014-04-24 01:09 - 2014-02-22 08:46 - 00669896 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2014-04-24 01:09 - 2014-02-22 08:44 - 00424280 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-04-24 01:09 - 2014-02-22 08:44 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-04-24 01:09 - 2014-02-22 08:43 - 01659056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-04-24 01:09 - 2014-02-22 08:43 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-04-24 01:09 - 2014-02-22 08:43 - 01487520 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-04-24 01:09 - 2014-02-22 08:43 - 01356360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-04-24 01:09 - 2014-02-22 08:41 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-04-24 01:09 - 2014-02-22 08:41 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-04-24 01:09 - 2014-02-22 08:41 - 00391008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2014-04-24 01:09 - 2014-02-22 08:41 - 00372360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2014-04-24 01:09 - 2014-02-22 07:52 - 01767440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2014-04-24 01:09 - 2014-02-22 07:51 - 01063976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2014-04-24 01:09 - 2014-02-22 07:42 - 00410568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-04-24 01:09 - 2014-02-22 07:18 - 00477744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-04-24 01:09 - 2014-02-22 07:04 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-04-24 01:09 - 2014-02-22 07:04 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-04-24 01:09 - 2014-02-22 07:04 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2014-04-24 01:09 - 2014-02-22 05:22 - 01163264 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-04-24 01:09 - 2014-02-22 05:14 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-04-24 01:09 - 2014-02-22 05:11 - 00272896 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2014-04-24 01:09 - 2014-02-22 05:07 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2014-04-24 01:09 - 2014-02-22 05:07 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofUtil.dll
2014-04-24 01:09 - 2014-02-22 04:46 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-04-24 01:09 - 2014-02-22 04:46 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-04-24 01:09 - 2014-02-22 04:28 - 02428928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2014-04-24 01:09 - 2014-02-22 04:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\recimg.exe
2014-04-24 01:09 - 2014-02-22 04:16 - 00617472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2014-04-24 01:09 - 2014-02-22 03:57 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-04-24 01:09 - 2014-02-22 03:54 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-04-24 01:09 - 2014-02-22 03:47 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfp.exe
2014-04-24 01:09 - 2014-02-22 03:41 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-04-24 01:09 - 2014-02-22 03:41 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2014-04-24 01:09 - 2014-02-22 03:36 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2014-04-24 01:09 - 2014-02-22 03:25 - 01428480 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2014-04-24 01:09 - 2014-02-22 03:22 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-04-24 01:09 - 2014-02-22 03:18 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2014-04-24 01:09 - 2014-02-22 03:09 - 01224192 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2014-04-24 01:09 - 2014-02-22 03:08 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-04-24 01:09 - 2014-02-22 03:05 - 01757184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-04-24 01:09 - 2014-02-22 03:01 - 01227776 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2014-04-24 01:09 - 2014-02-22 03:01 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2014-04-24 01:09 - 2014-02-22 02:57 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2014-04-24 01:09 - 2014-02-22 02:48 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-04-24 01:09 - 2014-02-22 02:48 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-04-24 01:09 - 2014-02-22 02:46 - 00528896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-04-24 01:09 - 2014-02-22 02:45 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2014-04-24 01:09 - 2014-02-22 02:37 - 02220032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-04-24 01:09 - 2014-02-22 02:36 - 01392640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-04-24 01:09 - 2014-02-22 02:35 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2014-04-24 01:09 - 2014-02-22 02:34 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2014-04-24 01:09 - 2014-02-22 02:33 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2014-04-24 01:09 - 2014-02-22 02:32 - 01162752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2014-04-24 01:09 - 2014-02-22 02:26 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2014-04-24 01:09 - 2014-02-22 02:25 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-04-24 01:09 - 2014-02-22 02:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-04-24 01:09 - 2014-02-22 02:24 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2014-04-24 01:09 - 2014-02-22 02:23 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-04-24 01:09 - 2014-02-22 02:14 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2014-04-24 01:09 - 2014-02-22 02:11 - 02395136 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-04-24 01:09 - 2014-02-22 02:07 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2014-04-24 01:09 - 2014-02-22 02:04 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\perftrack.dll
2014-04-24 01:09 - 2014-02-22 01:59 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-04-24 01:09 - 2014-02-22 01:51 - 01258496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RacEngn.dll
2014-04-24 01:09 - 2014-02-22 01:51 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2014-04-24 01:09 - 2014-02-22 01:51 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2014-04-24 01:09 - 2014-02-22 01:49 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2014-04-24 01:09 - 2014-02-22 01:45 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2014-04-24 01:09 - 2014-02-22 01:42 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2014-04-24 01:09 - 2014-02-22 01:40 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-04-24 01:09 - 2014-02-22 01:37 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2014-04-24 01:09 - 2014-02-22 01:18 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-04-24 01:09 - 2014-02-22 01:17 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-04-24 01:09 - 2014-02-21 21:33 - 00262335 _____ () C:\WINDOWS\system32\dfpinc.dat
2014-04-24 01:09 - 2014-02-02 07:48 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-04-24 01:09 - 2014-02-02 06:33 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-04-24 01:09 - 2014-01-29 00:44 - 01369736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-04-24 01:09 - 2014-01-27 08:38 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-04-24 01:09 - 2014-01-07 18:30 - 00745328 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-04-24 01:09 - 2013-12-10 00:35 - 00530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2014-04-24 01:08 - 2014-02-22 09:59 - 00289752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2014-04-24 01:08 - 2014-02-22 09:59 - 00139464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2014-04-24 01:08 - 2014-02-22 09:59 - 00123448 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-04-24 01:08 - 2014-02-22 09:02 - 00170952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2014-04-24 01:08 - 2014-02-22 09:02 - 00083120 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhost.exe
2014-04-24 01:08 - 2014-02-22 09:00 - 00236888 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-04-24 01:08 - 2014-02-22 09:00 - 00151384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-04-24 01:08 - 2014-02-22 08:59 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-04-24 01:08 - 2014-02-22 08:55 - 00152848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2014-04-24 01:08 - 2014-02-22 08:55 - 00105864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-04-24 01:08 - 2014-02-22 08:50 - 00258784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-04-24 01:08 - 2014-02-22 08:49 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-04-24 01:08 - 2014-02-22 08:49 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-04-24 01:08 - 2014-02-22 08:48 - 00210736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-04-24 01:08 - 2014-02-22 08:44 - 00311640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-04-24 01:08 - 2014-02-22 08:41 - 00324896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-04-24 01:08 - 2014-02-22 07:42 - 00369288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-04-24 01:08 - 2014-02-22 07:42 - 00098072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-04-24 01:08 - 2014-02-22 07:38 - 00506120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2014-04-24 01:08 - 2014-02-22 07:38 - 00336232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-04-24 01:08 - 2014-02-22 07:38 - 00089848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-04-24 01:08 - 2014-02-22 07:25 - 00180240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-04-24 01:08 - 2014-02-22 07:11 - 00490136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2014-04-24 01:08 - 2014-02-22 07:04 - 00317584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2014-04-24 01:08 - 2014-02-22 07:04 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-04-24 01:08 - 2014-02-22 05:20 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2014-04-24 01:08 - 2014-02-22 05:14 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2014-04-24 01:08 - 2014-02-22 05:09 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2014-04-24 01:08 - 2014-02-22 05:07 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\clrhost.dll
2014-04-24 01:08 - 2014-02-22 05:02 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\aelupsvc.dll
2014-04-24 01:08 - 2014-02-22 04:57 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2014-04-24 01:08 - 2014-02-22 04:54 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2014-04-24 01:08 - 2014-02-22 04:41 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\PkgMgr.exe
2014-04-24 01:08 - 2014-02-22 04:34 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmdskmgr.dll
2014-04-24 01:08 - 2014-02-22 04:16 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clrhost.dll
2014-04-24 01:08 - 2014-02-22 04:06 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2014-04-24 01:08 - 2014-02-22 04:05 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2014-04-24 01:08 - 2014-02-22 04:00 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-04-24 01:08 - 2014-02-22 03:58 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-04-24 01:08 - 2014-02-22 03:56 - 02862592 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2014-04-24 01:08 - 2014-02-22 03:56 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\srchadmin.dll
2014-04-24 01:08 - 2014-02-22 03:52 - 02288640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2014-04-24 01:08 - 2014-02-22 03:39 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-04-24 01:08 - 2014-02-22 03:37 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2014-04-24 01:08 - 2014-02-22 03:18 - 00722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe
2014-04-24 01:08 - 2014-02-22 03:17 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2014-04-24 01:08 - 2014-02-22 03:15 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2014-04-24 01:08 - 2014-02-22 03:14 - 02811392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2014-04-24 01:08 - 2014-02-22 03:14 - 02165760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2014-04-24 01:08 - 2014-02-22 03:12 - 00797696 _____ (Microsoft Corporation) C:\WINDOWS\system32\PurchaseWindowsLicense.dll
2014-04-24 01:08 - 2014-02-22 03:09 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2014-04-24 01:08 - 2014-02-22 03:04 - 00935424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2014-04-24 01:08 - 2014-02-22 03:04 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2014-04-24 01:08 - 2014-02-22 03:03 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-04-24 01:08 - 2014-02-22 03:02 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2014-04-24 01:08 - 2014-02-22 03:01 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-04-24 01:08 - 2014-02-22 03:00 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2014-04-24 01:08 - 2014-02-22 02:59 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-04-24 01:08 - 2014-02-22 02:54 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2014-04-24 01:08 - 2014-02-22 02:45 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2014-04-24 01:08 - 2014-02-22 02:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2014-04-24 01:08 - 2014-02-22 02:45 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-04-24 01:08 - 2014-02-22 02:44 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2014-04-24 01:08 - 2014-02-22 02:44 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-04-24 01:08 - 2014-02-22 02:43 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2014-04-24 01:08 - 2014-02-22 02:36 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2014-04-24 01:08 - 2014-02-22 02:34 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2014-04-24 01:08 - 2014-02-22 02:31 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-04-24 01:08 - 2014-02-22 02:28 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2014-04-24 01:08 - 2014-02-22 02:25 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-04-24 01:08 - 2014-02-22 02:25 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2014-04-24 01:08 - 2014-02-22 02:25 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2014-04-24 01:08 - 2014-02-22 02:15 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2014-04-24 01:08 - 2014-02-22 02:12 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2014-04-24 01:08 - 2014-02-22 02:10 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-04-24 01:08 - 2014-02-22 02:09 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2014-04-24 01:08 - 2014-02-22 02:08 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2014-04-24 01:08 - 2014-02-22 02:07 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-04-24 01:08 - 2014-02-22 02:06 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-04-24 01:08 - 2014-02-22 01:54 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2014-04-24 01:08 - 2014-02-22 01:54 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2014-04-24 01:08 - 2014-02-22 01:53 - 00876544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-04-24 01:08 - 2014-02-22 01:52 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-04-24 01:08 - 2014-02-22 01:52 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-04-24 01:08 - 2014-02-22 01:48 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-04-24 01:08 - 2014-02-22 01:47 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2014-04-24 01:08 - 2014-02-22 01:47 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-04-24 01:08 - 2014-02-22 01:45 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-04-24 01:08 - 2014-02-22 01:43 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2014-04-24 01:08 - 2014-02-22 01:43 - 00469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2014-04-24 01:08 - 2014-02-22 01:43 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-04-24 01:08 - 2014-02-22 01:43 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2014-04-24 01:08 - 2014-02-22 01:42 - 00943104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2014-04-24 01:08 - 2014-02-22 01:42 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-04-24 01:08 - 2014-02-22 01:38 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-04-24 01:08 - 2014-02-22 01:36 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2014-04-24 01:08 - 2014-02-22 01:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-04-24 01:08 - 2014-02-22 01:33 - 00609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2014-04-24 01:08 - 2014-02-22 01:29 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2014-04-24 01:08 - 2014-02-22 01:24 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2014-04-24 01:08 - 2014-02-22 01:22 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-04-24 01:08 - 2014-02-22 01:21 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmIndexer.dll
2014-04-24 01:08 - 2014-01-31 02:55 - 03596800 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2014-04-24 01:08 - 2014-01-31 02:35 - 03085824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2014-04-24 01:08 - 2014-01-31 02:10 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2014-04-24 01:08 - 2014-01-31 01:18 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-04-24 01:08 - 2014-01-29 01:52 - 00551256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2014-04-24 01:08 - 2014-01-28 17:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2014-04-24 01:08 - 2014-01-28 17:17 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2014-04-24 01:08 - 2014-01-27 10:04 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-04-24 01:08 - 2014-01-17 10:24 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2014-04-24 01:08 - 2014-01-17 10:04 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2014-04-24 01:08 - 2014-01-07 17:33 - 00552632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-04-24 01:08 - 2013-12-04 08:16 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-04-24 01:08 - 2013-12-04 06:53 - 00473600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-04-24 01:08 - 2013-11-10 16:41 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2014-04-24 01:07 - 2014-02-22 09:59 - 00209160 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2014-04-24 01:07 - 2014-02-22 09:15 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\system32\powrprof.dll
2014-04-24 01:07 - 2014-02-22 09:15 - 00188464 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2014-04-24 01:07 - 2014-02-22 09:15 - 00071888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2014-04-24 01:07 - 2014-02-22 09:02 - 00080048 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostex.exe
2014-04-24 01:07 - 2014-02-22 09:00 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2014-04-24 01:07 - 2014-02-22 08:55 - 00131168 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-04-24 01:07 - 2014-02-22 08:50 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\RestoreOptIn.exe
2014-04-24 01:07 - 2014-02-22 08:50 - 00043408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2014-04-24 01:07 - 2014-02-22 08:50 - 00032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserAccountBroker.exe
2014-04-24 01:07 - 2014-02-22 08:49 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-04-24 01:07 - 2014-02-22 08:49 - 00079192 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2014-04-24 01:07 - 2014-02-22 08:44 - 00924504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2014-04-24 01:07 - 2014-02-22 08:43 - 00142576 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2014-04-24 01:07 - 2014-02-22 08:43 - 00094560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2014-04-24 01:07 - 2014-02-22 07:52 - 00251504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powrprof.dll
2014-04-24 01:07 - 2014-02-22 07:51 - 00140456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2014-04-24 01:07 - 2014-02-22 07:42 - 00232896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2014-04-24 01:07 - 2014-02-22 07:42 - 00137344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2014-04-24 01:07 - 2014-02-22 07:18 - 00089848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RestoreOptIn.exe
2014-04-24 01:07 - 2014-02-22 07:18 - 00041320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2014-04-24 01:07 - 2014-02-22 07:18 - 00029912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserAccountBroker.exe
2014-04-24 01:07 - 2014-02-22 07:08 - 00079496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2014-04-24 01:07 - 2014-02-22 05:20 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-power-events.dll
2014-04-24 01:07 - 2014-02-22 05:14 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2014-04-24 01:07 - 2014-02-22 05:06 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-04-24 01:07 - 2014-02-22 04:50 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsutil.exe
2014-04-24 01:07 - 2014-02-22 04:47 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2014-04-24 01:07 - 2014-02-22 04:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2014-04-24 01:07 - 2014-02-22 04:22 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-04-24 01:07 - 2014-02-22 04:17 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2014-04-24 01:07 - 2014-02-22 04:16 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2014-04-24 01:07 - 2014-02-22 04:15 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imm32.dll
2014-04-24 01:07 - 2014-02-22 04:05 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2014-04-24 01:07 - 2014-02-22 04:03 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-04-24 01:07 - 2014-02-22 04:02 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContent.dll
2014-04-24 01:07 - 2014-02-22 04:01 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fsutil.exe
2014-04-24 01:07 - 2014-02-22 03:59 - 01283584 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2014-04-24 01:07 - 2014-02-22 03:56 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2014-04-24 01:07 - 2014-02-22 03:52 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2014-04-24 01:07 - 2014-02-22 03:51 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2014-04-24 01:07 - 2014-02-22 03:41 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\netid.dll
2014-04-24 01:07 - 2014-02-22 03:33 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2014-04-24 01:07 - 2014-02-22 03:31 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-04-24 01:07 - 2014-02-22 03:30 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cleanmgr.exe
2014-04-24 01:07 - 2014-02-22 03:28 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-04-24 01:07 - 2014-02-22 03:27 - 00397824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2014-04-24 01:07 - 2014-02-22 03:17 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-04-24 01:07 - 2014-02-22 03:16 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srchadmin.dll
2014-04-24 01:07 - 2014-02-22 03:14 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2014-04-24 01:07 - 2014-02-22 03:13 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2014-04-24 01:07 - 2014-02-22 03:13 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2014-04-24 01:07 - 2014-02-22 02:55 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-04-24 01:07 - 2014-02-22 02:54 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-04-24 01:07 - 2014-02-22 02:49 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2014-04-24 01:07 - 2014-02-22 02:40 - 02537472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2014-04-24 01:07 - 2014-02-22 02:36 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2014-04-24 01:07 - 2014-02-22 02:36 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WLanConn.dll
2014-04-24 01:07 - 2014-02-22 02:25 - 00399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2014-04-24 01:07 - 2014-02-22 02:22 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2014-04-24 01:07 - 2014-02-22 02:18 - 00619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2014-04-24 01:07 - 2014-02-22 02:07 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2014-04-24 01:07 - 2014-02-22 02:02 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2014-04-24 01:07 - 2014-02-22 02:02 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-04-24 01:07 - 2014-02-22 01:55 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2014-04-24 01:07 - 2014-02-22 01:54 - 00194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2014-04-24 01:07 - 2014-02-22 01:54 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2014-04-24 01:07 - 2014-02-22 01:48 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2014-04-24 01:07 - 2014-02-22 01:47 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AltTab.dll
2014-04-24 01:07 - 2014-02-22 01:46 - 03312128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2014-04-24 01:07 - 2014-02-22 01:44 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2014-04-24 01:07 - 2014-02-22 01:44 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-04-24 01:07 - 2014-02-22 01:40 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2014-04-24 01:07 - 2014-02-22 01:38 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2014-04-24 01:07 - 2014-02-22 01:31 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-04-24 01:07 - 2014-02-22 00:54 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2014-04-24 01:07 - 2014-01-31 02:15 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2014-04-24 01:07 - 2014-01-31 02:08 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2014-04-24 01:07 - 2014-01-31 02:04 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2014-04-24 01:07 - 2014-01-27 12:53 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2014-04-24 01:07 - 2013-12-04 08:54 - 00660480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-04-24 01:07 - 2013-11-07 21:04 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-04-24 01:06 - 2014-02-22 09:58 - 00036200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2014-04-24 01:06 - 2014-02-22 08:59 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2014-04-24 01:06 - 2014-02-22 08:55 - 00162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2014-04-24 01:06 - 2014-02-22 08:50 - 00054816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-04-24 01:06 - 2014-02-22 08:49 - 00189784 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2014-04-24 01:06 - 2014-02-22 08:41 - 00028416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-04-24 01:06 - 2014-02-22 07:41 - 00033056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2014-04-24 01:06 - 2014-02-22 05:17 - 00902144 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2014-04-24 01:06 - 2014-02-22 05:17 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2014-04-24 01:06 - 2014-02-22 05:17 - 00874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2014-04-24 01:06 - 2014-02-22 05:14 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys
2014-04-24 01:06 - 2014-02-22 05:07 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2014-04-24 01:06 - 2014-02-22 05:03 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2014-04-24 01:06 - 2014-02-22 05:03 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2014-04-24 01:06 - 2014-02-22 05:01 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\spcompat.dll
2014-04-24 01:06 - 2014-02-22 04:59 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgrade.exe
2014-04-24 01:06 - 2014-02-22 04:57 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-04-24 01:06 - 2014-02-22 04:47 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2014-04-24 01:06 - 2014-02-22 04:45 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2014-04-24 01:06 - 2014-02-22 04:45 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhevents.dll
2014-04-24 01:06 - 2014-02-22 04:42 - 00038680 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2014-04-24 01:06 - 2014-02-22 04:37 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\diskpart.exe
2014-04-24 01:06 - 2014-02-22 04:32 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2014-04-24 01:06 - 2014-02-22 04:25 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-04-24 01:06 - 2014-02-22 04:25 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2014-04-24 01:06 - 2014-02-22 04:24 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2014-04-24 01:06 - 2014-02-22 04:24 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2014-04-24 01:06 - 2014-02-22 04:24 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2014-04-24 01:06 - 2014-02-22 04:22 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-04-24 01:06 - 2014-02-22 04:16 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2014-04-24 01:06 - 2014-02-22 04:14 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cleanmgr.exe
2014-04-24 01:06 - 2014-02-22 04:11 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2014-04-24 01:06 - 2014-02-22 04:02 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2014-04-24 01:06 - 2014-02-22 03:59 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2014-04-24 01:06 - 2014-02-22 03:58 - 00610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2014-04-24 01:06 - 2014-02-22 03:58 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAConn.dll
2014-04-24 01:06 - 2014-02-22 03:57 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2014-04-24 01:06 - 2014-02-22 03:56 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-04-24 01:06 - 2014-02-22 03:53 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PkgMgr.exe
2014-04-24 01:06 - 2014-02-22 03:47 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmdskmgr.dll
2014-04-24 01:06 - 2014-02-22 03:47 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2014-04-24 01:06 - 2014-02-22 03:47 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-04-24 01:06 - 2014-02-22 03:46 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2014-04-24 01:06 - 2014-02-22 03:40 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-04-24 01:06 - 2014-02-22 03:36 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-04-24 01:06 - 2014-02-22 03:34 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeResults.exe
2014-04-24 01:06 - 2014-02-22 03:25 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2014-04-24 01:06 - 2014-02-22 03:21 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-04-24 01:06 - 2014-02-22 03:21 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2014-04-24 01:06 - 2014-02-22 03:20 - 01152512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2014-04-24 01:06 - 2014-02-22 03:16 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2014-04-24 01:06 - 2014-02-22 03:13 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-04-24 01:06 - 2014-02-22 03:12 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwizeng.dll
2014-04-24 01:06 - 2014-02-22 03:09 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-24 01:06 - 2014-02-22 03:04 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netid.dll
2014-04-24 01:06 - 2014-02-22 02:56 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2014-04-24 01:06 - 2014-02-22 02:53 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-04-24 01:06 - 2014-02-22 02:52 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2014-04-24 01:06 - 2014-02-22 02:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2014-04-24 01:06 - 2014-02-22 02:45 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2014-04-24 01:06 - 2014-02-22 02:44 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\korwbrkr.dll
2014-04-24 01:06 - 2014-02-22 02:43 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-04-24 01:06 - 2014-02-22 02:30 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2014-04-24 01:06 - 2014-02-22 02:29 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-04-24 01:06 - 2014-02-22 02:29 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2014-04-24 01:06 - 2014-02-22 02:27 - 00484864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-04-24 01:06 - 2014-02-22 02:25 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbrand.dll
2014-04-24 01:06 - 2014-02-22 02:23 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2014-04-24 01:06 - 2014-02-22 02:19 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-04-24 01:06 - 2014-02-22 02:19 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-04-24 01:06 - 2014-02-22 02:06 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2014-04-24 01:06 - 2014-02-22 02:04 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\slpts.dll
2014-04-24 01:06 - 2014-02-22 01:59 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-04-24 01:06 - 2014-02-22 01:55 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\energytask.dll
2014-04-24 01:06 - 2014-02-22 01:55 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slpts.dll
2014-04-24 01:06 - 2014-02-22 01:51 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2014-04-24 01:06 - 2014-02-22 01:48 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2014-04-24 01:06 - 2014-02-22 01:47 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2014-04-24 01:06 - 2014-02-22 01:45 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2014-04-24 01:06 - 2014-02-22 01:44 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\provsvc.dll
2014-04-24 01:06 - 2014-02-22 01:44 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2014-04-24 01:06 - 2014-02-22 01:43 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2014-04-24 01:06 - 2014-02-22 01:43 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Renewal.dll
2014-04-24 01:06 - 2014-02-22 01:39 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2014-04-24 01:06 - 2014-02-22 01:39 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provsvc.dll
2014-04-24 01:06 - 2014-02-22 01:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2014-04-24 01:06 - 2014-02-22 01:30 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2014-04-24 01:06 - 2014-02-22 01:20 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2014-04-24 01:06 - 2014-02-22 01:19 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2014-04-24 01:06 - 2014-02-22 01:17 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2014-04-24 01:06 - 2014-01-31 23:00 - 00002255 _____ () C:\WINDOWS\SysWOW64\WimBootCompress.ini
2014-04-24 01:06 - 2014-01-31 23:00 - 00002255 _____ () C:\WINDOWS\system32\WimBootCompress.ini
2014-04-24 01:06 - 2014-01-31 04:59 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-04-24 01:06 - 2014-01-31 04:11 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-04-24 01:06 - 2014-01-31 02:19 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2014-04-24 01:06 - 2014-01-31 01:24 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-04-24 01:06 - 2014-01-29 01:40 - 00994136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2014-04-24 01:06 - 2014-01-28 17:18 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2014-04-24 01:06 - 2014-01-21 23:21 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2014-04-24 01:06 - 2014-01-21 22:50 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2014-04-24 01:06 - 2013-12-04 07:19 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-04-24 01:06 - 2013-11-27 02:10 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2014-04-24 01:06 - 2013-11-27 01:56 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2014-04-24 01:05 - 2014-02-22 05:17 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\f3ahvoas.dll
2014-04-24 01:05 - 2014-02-22 05:08 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2014-04-24 01:05 - 2014-02-22 05:04 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2014-04-24 01:05 - 2014-02-22 05:00 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2014-04-24 01:05 - 2014-02-22 04:50 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionQueue.dll
2014-04-24 01:05 - 2014-02-22 04:47 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsdyn.dll
2014-04-24 01:05 - 2014-02-22 04:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2014-04-24 01:05 - 2014-02-22 04:24 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SSShim.dll
2014-04-24 01:05 - 2014-02-22 04:24 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-session-winsta-l1-1-0.dll
2014-04-24 01:05 - 2014-02-22 04:17 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-04-24 01:05 - 2014-02-22 04:16 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2014-04-24 01:05 - 2014-02-22 04:13 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2014-04-24 01:05 - 2014-02-22 04:09 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2014-04-24 01:05 - 2014-02-22 04:08 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2014-04-24 01:05 - 2014-02-22 04:07 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\scavengeui.dll
2014-04-24 01:05 - 2014-02-22 04:05 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2014-04-24 01:05 - 2014-02-22 04:05 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentHost.dll
2014-04-24 01:05 - 2014-02-22 04:04 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfrgui.exe
2014-04-24 01:05 - 2014-02-22 04:01 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-04-24 01:05 - 2014-02-22 03:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-04-24 01:05 - 2014-02-22 03:55 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll
2014-04-24 01:05 - 2014-02-22 03:55 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrTasks.exe
2014-04-24 01:05 - 2014-02-22 03:50 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\diskpart.exe
2014-04-24 01:05 - 2014-02-22 03:47 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2014-04-24 01:05 - 2014-02-22 03:41 - 02566656 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2014-04-24 01:05 - 2014-02-22 03:38 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-04-24 01:05 - 2014-02-22 03:35 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2014-04-24 01:05 - 2014-02-22 03:32 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2014-04-24 01:05 - 2014-02-22 03:29 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-04-24 01:05 - 2014-02-22 03:21 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dfrgui.exe
2014-04-24 01:05 - 2014-02-22 03:18 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-04-24 01:05 - 2014-02-22 03:17 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2014-04-24 01:05 - 2014-02-22 03:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2014-04-24 01:05 - 2014-02-22 03:09 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2014-04-24 01:05 - 2014-02-22 02:54 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2014-04-24 01:05 - 2014-02-22 02:48 - 01136128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2014-04-24 01:05 - 2014-02-22 02:48 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2014-04-24 01:05 - 2014-02-22 02:46 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2014-04-24 01:05 - 2014-02-22 02:41 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-04-24 01:05 - 2014-02-22 02:39 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2014-04-24 01:05 - 2014-02-22 02:37 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-04-24 01:05 - 2014-02-22 02:28 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2014-04-24 01:05 - 2014-02-22 02:26 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2014-04-24 01:05 - 2014-02-22 02:26 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.exe
2014-04-24 01:05 - 2014-02-22 02:23 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2014-04-24 01:05 - 2014-02-22 02:22 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsku.dll
2014-04-24 01:05 - 2014-02-22 02:16 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxshared.dll
2014-04-24 01:05 - 2014-02-22 02:09 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-24 01:05 - 2014-02-22 02:02 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2014-04-24 01:05 - 2014-02-22 01:58 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-04-24 01:05 - 2014-02-22 01:55 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConfigureExpandedStorage.dll
2014-04-24 01:05 - 2014-02-22 01:55 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msshooks.dll
2014-04-24 01:05 - 2014-02-22 01:54 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AepRoam.dll
2014-04-24 01:05 - 2014-02-22 01:49 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2014-04-24 01:05 - 2014-02-22 01:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2014-04-24 01:05 - 2014-02-22 01:48 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msshooks.dll
2014-04-24 01:05 - 2014-02-22 01:45 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2014-04-24 01:05 - 2014-02-22 01:40 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2014-04-24 01:05 - 2014-02-22 01:35 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2014-04-24 01:05 - 2014-02-22 01:33 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2014-04-24 01:05 - 2014-02-22 01:24 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2014-04-24 01:05 - 2014-02-22 01:17 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2014-04-24 01:05 - 2013-11-07 20:47 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-04-24 01:04 - 2014-02-22 05:17 - 00008192 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-1.dll
2014-04-24 01:04 - 2014-02-22 05:17 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-session-winsta-l1-1-0.dll
2014-04-24 01:04 - 2014-02-22 05:17 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-0.dll
2014-04-24 01:04 - 2014-02-22 05:17 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-kernel32-package-l1-1-1.dll
2014-04-24 01:04 - 2014-02-22 05:08 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncui.dll
2014-04-24 01:04 - 2014-02-22 05:08 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\shimeng.dll
2014-04-24 01:04 - 2014-02-22 05:08 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2014-04-24 01:04 - 2014-02-22 05:08 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2014-04-24 01:04 - 2014-02-22 05:00 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2014-04-24 01:04 - 2014-02-22 04:48 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ocsetapi.dll
2014-04-24 01:04 - 2014-02-22 04:39 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsvcctl.dll
2014-04-24 01:04 - 2014-02-22 04:25 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\f3ahvoas.dll
2014-04-24 01:04 - 2014-02-22 04:25 - 00008192 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-private-l1-1-1.dll
2014-04-24 01:04 - 2014-02-22 04:25 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-private-l1-1-0.dll
2014-04-24 01:04 - 2014-02-22 04:24 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-networking-wcmapi-l1-1-0.dll
2014-04-24 01:04 - 2014-02-22 04:24 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-kernel32-package-l1-1-1.dll
2014-04-24 01:04 - 2014-02-22 04:16 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-04-24 01:04 - 2014-02-22 04:08 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2014-04-24 01:04 - 2014-02-22 04:07 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2014-04-24 01:04 - 2014-02-22 04:07 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-04-24 01:04 - 2014-02-22 03:59 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ocsetapi.dll
2014-04-24 01:04 - 2014-02-22 03:35 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitagent.exe
2014-04-24 01:04 - 2014-02-22 03:27 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-04-24 01:04 - 2014-02-22 03:03 - 02544128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2014-04-24 01:04 - 2014-02-22 02:59 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2014-04-24 01:04 - 2014-02-22 02:54 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2014-04-24 01:04 - 2014-02-22 02:53 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2014-04-24 01:04 - 2014-02-22 02:51 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2014-04-24 01:04 - 2014-02-22 02:27 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2014-04-24 01:04 - 2014-02-22 02:19 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\korwbrkr.dll
2014-04-24 01:04 - 2014-02-22 01:57 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-04-24 01:04 - 2014-02-22 01:55 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2014-04-24 01:04 - 2014-02-22 01:48 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2014-04-24 01:04 - 2014-02-22 01:39 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2014-04-24 01:04 - 2014-02-22 01:22 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2014-04-24 01:04 - 2014-02-22 01:20 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2014-04-24 01:04 - 2014-02-21 21:43 - 00002440 ___RS () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk
2014-04-24 01:04 - 2014-02-21 21:37 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-04-24 01:04 - 2014-02-21 21:37 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-04-24 01:04 - 2014-02-21 21:37 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-04-24 01:04 - 2014-02-21 21:37 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-04-24 01:04 - 2014-02-07 18:08 - 00100197 _____ () C:\WINDOWS\SysWOW64\RacRules.xml
2014-04-24 01:04 - 2014-02-07 18:08 - 00100197 _____ () C:\WINDOWS\system32\RacRules.xml
2014-04-24 01:04 - 2014-01-31 23:00 - 00011109 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-04-24 01:04 - 2014-01-31 23:00 - 00011109 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-04-24 01:04 - 2014-01-31 23:00 - 00007762 _____ () C:\WINDOWS\SysWOW64\connectedsearch-suggestions.searchconnector-ms
2014-04-24 01:04 - 2014-01-31 23:00 - 00007762 _____ () C:\WINDOWS\system32\connectedsearch-suggestions.searchconnector-ms
2014-04-24 01:04 - 2014-01-31 23:00 - 00007130 _____ () C:\WINDOWS\SysWOW64\connectedsearch-zeroinput.searchconnector-ms
2014-04-24 01:04 - 2014-01-31 23:00 - 00007130 _____ () C:\WINDOWS\system32\connectedsearch-zeroinput.searchconnector-ms
2014-04-24 01:04 - 2014-01-27 10:54 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-04-24 01:04 - 2014-01-27 04:45 - 00050053 _____ () C:\WINDOWS\system32\srms.dat
2014-04-24 01:04 - 2013-11-27 02:47 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\finger.exe
2014-04-24 01:04 - 2013-11-27 02:20 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\finger.exe
2014-04-20 00:23 - 2014-05-17 18:40 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-20 00:23 - 2014-04-20 00:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-20 00:21 - 2014-05-18 03:31 - 00000908 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-20 00:21 - 2014-05-17 18:39 - 00000904 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-20 00:21 - 2014-05-08 23:26 - 00003880 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-20 00:21 - 2014-05-08 23:26 - 00003644 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-19 23:50 - 2014-05-17 16:28 - 00000000 ____D () C:\AdwCleaner
 
==================== One Month Modified Files and Folders =======
 
2014-05-18 08:08 - 2014-05-16 15:27 - 00023455 _____ () C:\Users\Juan\Downloads\FRST.txt
2014-05-18 08:07 - 2014-05-18 08:07 - 02067456 _____ (Farbar) C:\Users\Juan\Downloads\FRST64 (1).exe
2014-05-18 08:07 - 2014-05-16 15:27 - 00000000 ____D () C:\FRST
2014-05-18 08:03 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-05-18 03:31 - 2014-04-20 00:21 - 00000908 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-18 03:01 - 2013-05-16 22:14 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-05-18 01:22 - 2014-05-18 01:22 - 00002151 _____ () C:\Users\Juan\Desktop\JRT.txt
2014-05-18 01:22 - 2013-05-15 15:09 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4217489270-1833975609-1330013356-1002
2014-05-18 00:59 - 2014-05-18 00:59 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-05-18 00:58 - 2014-05-18 00:58 - 01016261 _____ (Thisisu) C:\Users\Juan\Desktop\JRT.exe
2014-05-18 00:54 - 2014-05-18 00:54 - 00005837 _____ () C:\mb.txt
2014-05-18 00:53 - 2014-05-18 00:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-05-18 00:46 - 2014-05-17 16:36 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-05-17 18:51 - 2013-05-16 22:07 - 00004960 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for JMUNOZ-Juan JMunoz
2014-05-17 18:44 - 2013-11-14 00:28 - 00956476 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-17 18:42 - 2013-06-07 00:48 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-17 18:40 - 2014-04-20 00:23 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-17 18:39 - 2014-04-20 00:21 - 00000904 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-17 18:39 - 2013-05-20 00:15 - 00000000 __RDO () C:\Users\Juan\SkyDrive
2014-05-17 18:38 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-05-17 18:37 - 2013-11-14 00:20 - 00034880 _____ () C:\WINDOWS\PFRO.log
2014-05-17 18:37 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-05-17 18:37 - 2013-08-22 06:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-05-17 18:37 - 2013-07-18 15:53 - 00000000 ____D () C:\ProgramData\siaife! sAvie
2014-05-17 18:15 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-05-17 17:26 - 2013-05-15 15:00 - 00003914 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4F39CF32-1D48-4F11-B7F8-658B2FDE4B33}
2014-05-17 16:36 - 2014-05-17 16:36 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-17 16:36 - 2014-05-17 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-17 16:36 - 2014-05-17 16:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-17 16:36 - 2014-05-17 16:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-17 16:34 - 2014-05-17 16:34 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Juan\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-17 16:28 - 2014-04-19 23:50 - 00000000 ____D () C:\AdwCleaner
2014-05-17 16:28 - 2013-12-13 15:37 - 01396944 _____ () C:\WINDOWS\WindowsUpdate.log
2014-05-17 16:25 - 2014-05-17 16:25 - 01325827 _____ () C:\Users\Juan\Desktop\AdwCleaner.exe
2014-05-17 16:25 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-05-17 10:08 - 2013-05-17 19:17 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-05-17 10:08 - 2013-05-17 19:17 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-05-16 15:34 - 2014-05-16 15:31 - 00038508 _____ () C:\Users\Juan\Downloads\Addition.txt
2014-05-16 15:27 - 2014-05-16 15:27 - 02067456 _____ (Farbar) C:\Users\Juan\Downloads\FRST64.exe
2014-05-16 15:26 - 2014-05-16 15:26 - 01056768 _____ (Farbar) C:\Users\Juan\Downloads\FRST.exe
2014-05-16 15:26 - 2014-05-16 15:26 - 01056768 _____ (Farbar) C:\Users\Juan\Downloads\FRST (1).exe
2014-05-16 15:16 - 2014-03-10 00:55 - 00000000 ____D () C:\Users\Juan\Desktop\South Park The Stick of Truth
2014-05-15 19:33 - 2013-05-15 15:01 - 00000000 ___RD () C:\Users\Juan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 19:33 - 2013-05-15 15:01 - 00000000 ___RD () C:\Users\Juan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 19:28 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-05-15 19:28 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-15 19:28 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-15 19:28 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-05-15 19:28 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-05-15 19:28 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-15 19:28 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-15 19:24 - 2013-08-16 13:04 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-05-15 19:23 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-05-15 19:23 - 2013-05-17 08:14 - 93223848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-05-15 19:18 - 2013-12-13 15:22 - 00000000 ____D () C:\Users\Juan
2014-05-15 19:03 - 2014-05-15 19:03 - 11422832 _____ (Bitdefender LLC) C:\Users\Juan\Downloads\BootkitRemoval_x64.exe
2014-05-15 19:03 - 2014-05-15 19:03 - 07266656 _____ (Bitdefender LLC) C:\Users\Juan\Downloads\BootkitRemoval_x86.exe
2014-05-15 18:55 - 2014-05-15 18:55 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-05-15 18:49 - 2014-02-25 23:18 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-05-15 18:49 - 2013-08-22 07:44 - 00492736 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-05-15 18:43 - 2014-05-15 18:43 - 04164448 _____ (Kaspersky Lab ZAO) C:\Users\Juan\Downloads\tdsskiller.exe
2014-05-15 18:21 - 2014-05-15 18:20 - 00000000 ____D () C:\ProgramData\Sophos
2014-05-15 18:20 - 2014-05-15 18:20 - 00003233 _____ () C:\Users\Juan\Desktop\Sophos Virus Removal Tool.lnk
2014-05-15 18:20 - 2014-05-15 18:20 - 00000000 ____D () C:\Users\Juan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
2014-05-15 18:20 - 2014-05-15 18:20 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-05-15 18:15 - 2014-05-15 18:15 - 93437600 _____ (Sophos Limited) C:\Users\Juan\Downloads\Sophos Virus Removal Tool.exe
2014-05-15 03:17 - 2014-05-15 03:16 - 00000296 _____ () C:\WINDOWS\SysWOW64\RootkitRemover_20140515_031655.log
2014-05-15 03:14 - 2014-05-15 03:14 - 00000296 _____ () C:\Users\Juan\Downloads\RootkitRemover_20140515_031403.log
2014-05-15 03:13 - 2014-05-15 03:13 - 00782584 _____ (McAfee, Inc.) C:\Users\Juan\Downloads\rootkitremover.exe
2014-05-14 18:07 - 2013-08-16 18:43 - 00003154 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForJuan
2014-05-14 18:07 - 2013-08-16 18:43 - 00000342 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForJuan.job
2014-05-14 18:01 - 2014-05-14 18:01 - 10062224 _____ () C:\Users\Juan\Downloads\tixati-1.96-1.win32-install.exe
2014-05-13 19:41 - 2014-05-13 19:41 - 01618724 _____ (Graboid Inc.) C:\Users\Juan\Downloads\GraboidVideoInstaller-5.1.2.0.exe
2014-05-13 19:38 - 2014-05-13 19:38 - 00244008 _____ (Premium Installer ) C:\Users\Juan\Downloads\Player-Chrome (1).exe
2014-05-13 15:51 - 2014-05-13 15:51 - 00918672 _____ (Google Inc.) C:\Users\Juan\Downloads\ChromeSetup.exe
2014-05-13 14:29 - 2013-05-15 15:13 - 00000000 ____D () C:\Users\Juan\AppData\Local\Google
2014-05-13 14:29 - 2013-05-15 15:13 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-13 14:27 - 2014-05-13 14:27 - 00000000 ____D () C:\Users\Juan\AppData\Local\Intuit
2014-05-13 14:21 - 2014-02-13 16:00 - 00000000 ____D () C:\ProgramData\Skype
2014-05-13 14:20 - 2014-02-13 16:01 - 00000000 ____D () C:\Users\Juan\AppData\Roaming\Skype
2014-05-13 14:20 - 2013-05-27 12:11 - 00000000 ____D () C:\Program Files (x86)\Safari
2014-05-13 14:19 - 2013-06-22 23:36 - 00000000 ____D () C:\Users\Juan\AppData\Local\pinger.com
2014-05-13 14:17 - 2013-12-02 10:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-13 14:10 - 2014-02-25 22:21 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-05-13 14:09 - 2013-05-15 17:05 - 00000000 ____D () C:\Users\Juan\AppData\Roaming\Apple Computer
2014-05-13 14:09 - 2013-05-15 17:03 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-05-13 13:27 - 2014-02-12 01:20 - 00000000 ____D () C:\Users\Juan\Desktop\CSS Content Addon (Dec2013)
2014-05-13 13:26 - 2014-05-01 15:47 - 00000000 ____D () C:\Users\Juan\Desktop\TPC 14
2014-05-13 13:16 - 2014-05-13 13:15 - 00000000 ___DC () C:\Users\Juan\AppData\Local\MigWiz
2014-05-13 13:06 - 2013-05-15 14:58 - 00000000 ____D () C:\Users\Juan\AppData\Local\Packages
2014-05-13 11:01 - 2013-05-16 22:14 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-05-10 18:54 - 2014-05-10 14:22 - 00000000 ____D () C:\Users\Juan\AppData\Local\Windows Live
2014-05-10 15:03 - 2014-05-10 15:03 - 00000000 __SHD () C:\Users\Juan\AppData\Local\EmieUserList
2014-05-10 15:03 - 2014-05-10 15:03 - 00000000 __SHD () C:\Users\Juan\AppData\Local\EmieSiteList
2014-05-10 14:46 - 2013-08-22 07:46 - 00306688 _____ () C:\WINDOWS\setupact.log
2014-05-08 23:26 - 2014-04-20 00:21 - 00003880 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 23:26 - 2014-04-20 00:21 - 00003644 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-05 21:40 - 2014-05-13 23:00 - 23544320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-05 20:25 - 2014-05-13 23:00 - 17382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-05-05 20:00 - 2014-05-13 23:00 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-05-05 19:10 - 2014-05-13 23:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-05-01 15:48 - 2013-05-27 12:09 - 00989184 ___SH () C:\Users\Juan\Downloads\Thumbs.db
2014-05-01 13:30 - 2014-05-15 19:32 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-05-01 13:30 - 2014-05-15 19:32 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-28 19:21 - 2013-08-17 16:32 - 00047104 ___SH () C:\Users\Juan\Thumbs.db
2014-04-27 13:41 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\inetsrv
2014-04-27 13:41 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\zh-HK
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\uk-UA
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\tr-TR
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\th-TH
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sl-SI
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sk-SK
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\ro-RO
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\lv-LV
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\lt-LT
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\hr-HR
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\he-IL
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\et-EE
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\bg-BG
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\ar-SA
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-04-27 13:40 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2014-04-27 13:40 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2014-04-27 13:40 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-04-27 13:40 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-04-27 13:40 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-04-27 13:40 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-04-27 13:40 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\servicing
2014-04-27 13:39 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-04-27 13:39 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-04-26 01:34 - 2014-04-26 01:34 - 00000000 ____D () C:\Users\Juan\AppData\Local\Skype
2014-04-20 00:23 - 2014-04-20 00:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
 
Some content of TEMP:
====================
C:\Users\Juan\AppData\Local\Temp\25553uninstall.exe
C:\Users\Juan\AppData\Local\Temp\BackupSetup.exe
C:\Users\Juan\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Juan\AppData\Local\Temp\Quarantine.exe
C:\Users\Juan\AppData\Local\Temp\Setup.X86.en-US_O365HomePremRetail_0bfaa6ff-6fbf-4c75-9306-328d9a0e8c94_TX_PR_ (2).exe
C:\Users\Juan\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\Juan\AppData\Local\Temp\Sqlite3.dll
C:\Users\Juan\AppData\Local\Temp\vcredist_x64.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-05-17 16:52
 
==================== End Of Log ============================


#15 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:17 AM

Posted 18 May 2014 - 10:44 AM

Hey,

Running from C:\Users\Juan\Downloads

Please save all tools on the Desktop.

Tell me how the computer is running after you performed the steps below.

Step 1: FRST Fix
  • Please download the attached fixlist.txt file and save it to the same location as FRST

    Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply
Step 2: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.
Step 3: ESET

Please disable your AntiVirus before doing these steps!
  • If you have Win Vista / Win 7 / Win 8 please start IE as Administrator!
  • This will only work for Internet Explorer or FireFox
  • Please download ESET Online Scanner from here
  • How to do this?
    • Visit this website here
    • You will see a screen like this:

      e922iil8.png
      • Click Run ESET Online Scanner

        4e3svhbd.png
      • A Window will open (see above) - please click on the link
      • A window will pop up - please download the file to your Desktop
      • When the download has finished please run the program (for Win Vista/ Win7 / Win 8 User please run it as Administrator)

        p35jbmyy.png
      • Tick the box next to YES, I accept the Terms of Use then click on: Start
      • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install. If your firewall asks whether you want to allow installation, say yes.

        p3b9meru.png
      • Make sure that the option Remove found threats is NOT checked.
      • Make sure that the option Scan archives is checked.
      • Now click on Advanced Settings and select the following:
        • Scan for potentially unwanted applications
        • Scan for potentially unsafe applications
        • Enable Anti-Stealth Technology
      • Then click on Start
      • virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
      • When completed the Online Scan will begin automatically. The scan may take several hours.
      • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
      • After the scan is finished please click on Finish
    • Use notepad to open the logfile located at C:\Program Files (x86)\ESET\ESET Online Scanner\log.txt
    • Copy and paste that log as a reply to this topic.

Attached Files


~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users