Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PureLeadsSvc infection, maybe more


  • This topic is locked This topic is locked
10 replies to this topic

#1 Mubarraz470

Mubarraz470

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Seattle
  • Local time:11:20 PM

Posted 25 May 2014 - 10:17 PM

Hi, I'm working on a good friend's laptop. I'm attaching the computer specs as output by Speccy tool so you know what's on it. I'll post the dds log here and attach the "attach.txt" as well per your instructions. I know the log says Kaspersky is outdated, I wouldn't allow the computer on my home network until I could isolate it. They are fully updated now and am running a full scan.

 

Thanks!!!

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17037
Run by Braden at 19:55:17 on 2014-05-25
Microsoft Windows 8.1  6.3.9600.0.1252.1.1033.18.8104.6390 [GMT -7:00]
.
AV: Kaspersky Internet Security *Enabled/Outdated* {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Kaspersky Internet Security *Enabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security *Enabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
.
============== Running Processes ===============
.
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\dwm.exe
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe
C:\windows\system32\DptfParticipantProcessorService.exe
C:\windows\system32\DptfPolicyConfigTDPService.exe
C:\windows\system32\DptfPolicyCriticalService.exe
C:\windows\system32\DptfPolicyLpmService.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
C:\windows\system32\dashost.exe
C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
C:\windows\SysWOW64\NLSSRV32.EXE
C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe
C:\Program Files (x86)\PureLeads\plsapp.exe
C:\Program Files\CyberLink\Shared files\RichVideo64.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe
C:\Program Files (x86)\PureLeads\PureLeadsSvc.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\taskhostex.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\windows\Explorer.EXE
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\windows\system32\SearchIndexer.exe
C:\Windows\System32\skydrive.exe
C:\windows\system32\SearchProtocolHost.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\System32\igfxtray.exe
C:\windows\system32\igfxsrvc.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
C:\Windows\RTFTrack.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
C:\Program Files (x86)\PureLeads\PureLeadsTray.exe
C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe
C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\PureLeads\PureLeads.Service.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Lenovo Yoga PhoneCompanion\adb.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\SettingSyncHost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.yahoo.com/?type=599486&fr=spigot-yhp-ie
mWinlogon: Userinit = userinit.exe
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
mRun: [Yoga Picks] C:\Program Files (x86)\Lenovo\Yoga Picks\Yoga Picks.exe -s
mRun: [PureLeads Tray] "C:\Program Files (x86)\PureLeads\PureLeadsTray.exe"
mRun: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\ISCTSY~1.LNK - C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
LSP: C:\windows\System32\plsapp.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{4004CF6E-043D-4673-B187-7F81C81F167B} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{4004CF6E-043D-4673-B187-7F81C81F167B}\0786F667965647E616D6 : DHCPNameServer = 192.168.0.1 205.171.2.65
TCP: Interfaces\{4004CF6E-043D-4673-B187-7F81C81F167B}\44F616E6560234162696E6 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{E46DCEF6-438B-4F5E-B920-4EE1875CBBBC} : DHCPNameServer = 150.201.1.3
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages =  ""
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg_Dolby] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
x64-Run: [IgfxTray] "C:\windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\windows\System32\igfxpers.exe"
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [DptfPolicyLpmServiceHelper] C:\windows\System32\DptfPolicyLpmServiceHelper.exe
x64-Run: [RtsFT] RTFTrack.exe
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
x64-Run: [Yoga PhoneCompanion] C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe
x64-Run: [AutoStartTransition] C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe AutoRun
x64-Run: [Energy Manager] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
x64-Run: [Lenovo Utility] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\windows\System32\drivers\iaStorA.sys [2013-8-7 644968]
R0 intelpep;Intel® Power Engine Plug-in Driver;C:\windows\System32\drivers\intelpep.sys [2014-4-26 39768]
R0 Wof;Windows Overlay File System Filter Driver;C:\windows\System32\drivers\wof.sys [2014-5-2 157016]
R1 ahcache;Application Compatibility Cache;C:\windows\System32\drivers\ahcache.sys [2013-8-22 76800]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\windows\System32\drivers\klim6.sys [2014-3-26 30304]
R1 klpd;klpd;C:\windows\System32\drivers\klpd.sys [2013-4-12 15456]
R1 klwfp;klwfp;C:\windows\System32\drivers\klwfp.sys [2014-3-26 65120]
R1 kneps;kneps;C:\windows\System32\drivers\kneps.sys [2014-3-26 178272]
R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [2014-3-26 214512]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-8-26 1137016]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-8-26 1157496]
R2 DACoreService;Dragon Assistant Core;C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe [2014-3-20 432528]
R2 DptfParticipantProcessorService;Intel® Dynamic Platform and Thermal Framework Processor Participant Service Application;C:\windows\System32\DptfParticipantProcessorService.exe [2014-3-20 115632]
R2 DptfPolicyConfigTDPService;Intel® Dynamic Platform and Thermal Framework Config TDP Service Application;C:\windows\System32\DptfPolicyConfigTDPService.exe [2014-3-20 116656]
R2 DptfPolicyCriticalService;Intel® Dynamic Platform and Thermal Framework Critical Service Application;C:\windows\System32\DptfPolicyCriticalService.exe [2014-3-20 148688]
R2 DptfPolicyLpmService;Intel® Dynamic Platform and Thermal Framework Low Power Mode Service Application;C:\windows\System32\DptfPolicyLpmService.exe [2014-3-20 124880]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-8-7 15720]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-5-11 733696]
R2 Intel® Wireless Bluetooth® 4.0 Radio Management;Intel® Wireless Bluetooth® 4.0 Radio Management;C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [2013-9-18 157128]
R2 ISCTAgent;Intel® Smart Connect Technology Agent;C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [2013-8-1 198120]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2014-3-20 169432]
R2 LsvUIService;LsvUIService;C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [2014-3-20 70416]
R2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8;C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [2013-6-28 230408]
R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\NLSSRV32.EXE [2013-6-28 69640]
R2 PGService;PGService;C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [2014-1-7 163624]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service;C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe [2014-3-20 249872]
R2 plsapp;plsapp;C:\Program Files (x86)\PureLeads\plsapp.exe [2014-1-23 3690784]
R2 PlsvcV1;PlsvcV1;C:\Program Files (x86)\PureLeads\PureLeadsSvc.exe [2014-1-23 91936]
R2 PlsvcV2;PlsvcV2;C:\Program Files (x86)\PureLeads\PureLeads.Service.exe [2014-1-23 24352]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2014-3-20 390632]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-3-20 288472]
R2 VeriFaceSrv;VeriFaceSrv;C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [2014-3-20 68368]
R2 ymc;ymc;C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [2014-3-20 34576]
R2 YogaPicks.AppService;YogaPicks.AppService;C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe [2014-3-20 19440]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\System32\drivers\AcpiVpc.sys [2013-2-17 35600]
R3 btmhsf;btmhsf;C:\windows\System32\drivers\btmhsf.sys [2013-9-5 1390904]
R3 DptfDevPch;DptfDevPch;C:\windows\System32\drivers\DptfDevPch.sys [2014-3-20 114680]
R3 DptfDevProc;DptfDevProc;C:\windows\System32\drivers\DptfDevProc.sys [2014-3-20 287160]
R3 DptfManager;DptfManager;C:\windows\System32\drivers\DptfManager.sys [2014-3-20 494272]
R3 ibtusb;Intel® Wireless Bluetooth® 4.0 + HS Adapter;C:\windows\System32\drivers\ibtusb.sys [2013-9-18 118728]
R3 ikbevent;Intel Upper keyboard Class Filter Driver;C:\windows\System32\drivers\ikbevent.sys [2013-8-1 21408]
R3 imsevent;Intel Upper Mouse Class Filter Driver;C:\windows\System32\drivers\imsevent.sys [2013-8-1 21920]
R3 INETMON;INETMON;C:\windows\System32\drivers\INETMON.sys [2014-3-20 29088]
R3 ISCT;Intel® Smart Connect Technology Device Driver;C:\windows\System32\drivers\ISCTD64.sys [2013-8-1 46568]
R3 iwdbus;IWD Bus Enumerator;C:\windows\System32\drivers\iwdbus.sys [2013-8-22 26008]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\windows\System32\drivers\klkbdflt.sys [2014-3-26 29280]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\windows\System32\drivers\klmouflt.sys [2014-3-26 29280]
R3 NcbService;Network Connection Broker;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\windows\System32\drivers\NdisVirtualBus.sys [2013-8-22 16384]
R3 NETwNb64;@oem15.inf,___ %NIC_Service_DispName_WINB_64%;___ Intel® Wireless Adapter Driver for Windows 8.1 - 64 Bit;C:\windows\System32\drivers\NETwbw02.sys [2013-9-19 3589600]
R3 rtsuvc;Lenovo EasyCamera;C:\windows\System32\drivers\rtsuvc.sys [2014-3-20 8247640]
R3 SensorsHIDClassDriver;UMDF Reflector service for SensorsHIDClassDriver;C:\windows\System32\drivers\WUDFRd.sys [2013-8-22 230912]
R3 SensorsServiceDriver;UMDF Reflector service for SensorsServiceDriver;C:\windows\System32\drivers\WUDFRd.sys [2013-8-22 230912]
R3 SmbDrvI;SmbDrvI;C:\windows\System32\drivers\Smb_driver_Intel.sys [2014-3-20 34544]
S0 klelam;klelam;C:\windows\System32\drivers\klelam.sys [2014-3-26 29792]
S3 ADP80XX;ADP80XX;C:\windows\System32\drivers\adp80xx.sys [2013-8-22 782176]
S3 AppReadiness;App Readiness;C:\windows\System32\svchost.exe -k AppReadiness [2013-8-22 37768]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\windows\System32\svchost.exe -k wsappx [2013-8-22 37768]
S3 bcmfn2;bcmfn2 Service;C:\windows\System32\drivers\bcmfn2.sys [2013-8-21 17624]
S3 BthLEEnum;Bluetooth Low Energy Driver;C:\windows\System32\drivers\BthLEEnum.sys [2014-5-2 226304]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\System32\drivers\btmaux.sys [2013-7-22 140600]
S3 ffusb2audio;Focusrite USB 2.0 Audio Driver;C:\windows\System32\drivers\ffusb2audio.sys [2014-4-24 127280]
S3 iaLPSSi_GPIO;Intel® Serial IO GPIO Controller Driver;C:\windows\System32\drivers\iaLPSSi_GPIO.sys [2013-8-21 24568]
S3 iaLPSSi_I2C;Intel® Serial IO I2C Controller Driver;C:\windows\System32\drivers\iaLPSSi_I2C.sys [2013-8-21 99320]
S3 iaStorAV;Intel® SATA RAID Controller Windows;C:\windows\System32\drivers\iaStorAV.sys [2013-8-22 651248]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-5-2 111616]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\windows\System32\drivers\intelaud.sys [2013-8-22 39320]
S3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2014-3-20 449528]
S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-5-11 822232]
S3 lfsvc;Windows Location Framework Service;C:\windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
S3 LSI_SAS3;LSI_SAS3;C:\windows\System32\drivers\lsi_sas3.sys [2013-8-21 81760]
S3 netvsc;netvsc;C:\windows\System32\drivers\netvsc63.sys [2013-8-22 87040]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;C:\windows\System32\drivers\NETwew02.sys [2013-8-21 4649440]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2014-1-23 178760]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service;C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe [2014-3-20 328720]
S3 ReFS;ReFS;C:\windows\System32\drivers\refs.sys [2014-5-2 924504]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
S3 SerCx2;Serial UART Support Library;C:\windows\System32\drivers\SerCx2.sys [2014-4-26 146776]
S3 smphost;Microsoft Storage Spaces SMP;C:\windows\System32\svchost.exe -k smphost [2013-8-22 37768]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\windows\System32\drivers\stornvme.sys [2014-4-26 57176]
S3 UEFI;Microsoft UEFI Driver;C:\windows\System32\drivers\uefi.sys [2013-8-22 26976]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\windows\System32\drivers\WdNisDrv.sys [2014-5-15 123224]
S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2014-5-15 347880]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\windows\System32\svchost.exe -k WepHostSvcGroup [2013-8-22 37768]
S3 workfolderssvc;Work Folders;C:\windows\System32\svchost.exe -k LocalService [2013-8-22 37768]
S3 wsvd;wsvd;C:\windows\System32\drivers\wsvd.sys [2014-3-20 102376]
.
=============== Created Last 30 ================
.
2014-05-25 08:21:07    --------    d-----w-    C:\FRST
2014-05-19 05:01:53    261808    ----a-w-    C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10239.bin
2014-05-16 08:20:32    76976    ----a-w-    C:\Users\Braden\AppData\Roaming\LoJackSetup.exe
2014-05-15 18:45:34    190976    ----a-w-    C:\windows\System32\storewuauth.dll
2014-05-14 05:22:34    --------    d-----w-    C:\Users\Braden\AppData\Local\Diagnostics
2014-05-12 15:18:39    81920    ----a-w-    C:\windows\System32\Spool\prtprocs\x64\LMACJL4C.DLL
2014-05-12 15:18:26    --------    d-----w-    C:\Program Files\Lexmark
2014-05-09 01:39:00    110176    ----a-w-    C:\windows\System32\klfphc.dll
2014-05-09 01:38:36    --------    d-----w-    C:\ProgramData\Kaspersky Lab
2014-05-09 01:38:36    --------    d-----w-    C:\Program Files (x86)\Kaspersky Lab
2014-05-09 01:38:34    115296    ----a-w-    C:\windows\System32\drivers\klflt.sys
2014-05-09 01:34:05    941720    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\NisBackup\gapaengine.dll
2014-05-09 01:34:05    1031560    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{01C3054C-A6CB-4AEF-8BA3-9B34326CB006}\gapaengine.dll
2014-05-09 01:33:48    10651704    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C4DF5E81-B5C5-4BDC-83F5-F7232E49D584}\mpengine.dll
2014-05-09 01:33:34    270496    ------w-    C:\windows\System32\MpSigStub.exe
2014-05-09 01:29:29    --------    d-----w-    C:\Users\Braden\AppData\Roaming\KeePass
2014-05-09 01:24:46    --------    d-----w-    C:\Program Files (x86)\KeePass Password Safe 2
2014-05-09 00:49:24    --------    d-----w-    C:\Program Files\CCleaner
2014-05-09 00:05:45    --------    d-----w-    C:\Users\Braden\AppData\Local\Programs
2014-05-08 23:56:07    388096    ----a-r-    C:\Users\Braden\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-05-08 23:56:07    --------    d-----w-    C:\Program Files (x86)\Trend Micro
2014-05-03 01:03:38    --------    d-sh--w-    C:\Users\Braden\AppData\Local\EmieUserList
2014-05-03 01:03:38    --------    d-sh--w-    C:\Users\Braden\AppData\Local\EmieSiteList
2014-05-03 00:56:53    --------    d-----w-    C:\Program Files (x86)\Microsoft SQL Server
2014-05-03 00:56:31    --------    d-----w-    C:\windows\PCHEALTH
2014-05-03 00:56:31    --------    d-----w-    C:\Program Files\Microsoft SQL Server
2014-05-03 00:52:51    --------    d-----w-    C:\Program Files\Microsoft Analysis Services
2014-05-03 00:52:51    --------    d-----w-    C:\Program Files (x86)\Microsoft Analysis Services
2014-05-03 00:52:48    --------    d-----w-    C:\Users\Braden\AppData\Local\Microsoft Help
2014-05-03 00:46:57    --------    d-----w-    C:\Users\Braden\AppData\Roaming\e-academy Inc
2014-05-02 23:21:45    2724864    ----a-w-    C:\windows\SysWow64\mshtml.tlb
2014-05-02 23:21:44    2724864    ----a-w-    C:\windows\System32\mshtml.tlb
2014-05-02 08:04:41    84992    ----a-w-    C:\windows\System32\drivers\en-US\ntfs.sys.mui
2014-05-02 07:57:59    2141912    ----a-w-    C:\windows\System32\d3d11.dll
2014-05-02 07:56:40    811696    ----a-w-    C:\Program Files (x86)\Internet Explorer\iexplore.exe
2014-05-02 07:56:40    809648    ----a-w-    C:\Program Files\Internet Explorer\iexplore.exe
2014-05-02 07:56:39    2678784    ----a-w-    C:\windows\System32\SettingsHandlers.dll
2014-05-02 07:53:59    832512    ----a-w-    C:\windows\SysWow64\ActionCenter.dll
2014-05-02 07:52:59    59392    ----a-w-    C:\windows\System32\ConfigureExpandedStorage.dll
2014-05-02 07:18:09    233912    ----a-w-    C:\windows\System32\mfps.dll
2014-05-02 07:18:05    51200    ----a-w-    C:\windows\SysWow64\ieetwproxystub.dll
2014-05-02 07:18:05    48640    ----a-w-    C:\windows\System32\ieetwproxystub.dll
2014-05-02 07:18:05    4096    ----a-w-    C:\windows\System32\ieetwcollectorres.dll
2014-05-02 07:18:05    111616    ----a-w-    C:\windows\System32\ieetwcollector.exe
2014-05-02 07:18:04    66048    ----a-w-    C:\windows\System32\iesetup.dll
2014-05-02 07:18:04    139264    ----a-w-    C:\windows\System32\ieUnatt.exe
2014-05-02 07:18:04    112128    ----a-w-    C:\windows\SysWow64\ieUnatt.exe
2014-04-27 21:07:44    --------    d-----w-    C:\Users\Braden\AppData\Local\CrashDumps
2014-04-26 22:30:47    139776    ----a-w-    C:\windows\System32\poqexec.exe
2014-04-26 22:30:47    124416    ----a-w-    C:\windows\SysWow64\poqexec.exe
2014-04-26 22:09:22    --------    d-----w-    C:\windows\System32\MRT
2014-04-26 22:06:18    23492992    ----a-w-    C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2014-04-26 22:06:18    22808656    ----a-w-    C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2014-04-26 19:23:39    883184    ----a-w-    C:\windows\SysWow64\mfasfsrcsnk.dll
2014-04-26 19:21:45    39768    -c--a-w-    C:\windows\System32\drivers\intelpep.sys
2014-04-26 19:21:45    146776    ----a-w-    C:\windows\System32\drivers\SerCx2.sys
2014-04-26 19:21:44    86872    ----a-w-    C:\windows\System32\drivers\pdc.sys
2014-04-26 19:18:09    393216    ----a-w-    C:\windows\System32\WMPhoto.dll
2014-04-26 19:18:09    348160    ----a-w-    C:\windows\SysWow64\WMPhoto.dll
2014-04-26 19:17:49    570880    ----a-w-    C:\windows\System32\msdrm.dll
2014-04-26 19:17:49    444928    ----a-w-    C:\windows\SysWow64\msdrm.dll
2014-04-26 19:17:40    75360    ----a-w-    C:\windows\System32\imagehlp.dll
2014-04-26 19:17:40    70680    ----a-w-    C:\windows\SysWow64\imagehlp.dll
2014-04-26 19:17:40    2152448    ----a-w-    C:\windows\System32\msxml3.dll
2014-04-26 19:17:40    18944    ----a-w-    C:\windows\System32\pcaui.exe
2014-04-26 19:17:40    17408    ----a-w-    C:\windows\SysWow64\pcaui.exe
2014-04-26 19:17:40    1317376    ----a-w-    C:\windows\SysWow64\msxml3.dll
2014-04-26 19:17:01    4604416    ----a-w-    C:\windows\System32\d2d1.dll
2014-04-26 19:17:01    3936256    ----a-w-    C:\windows\SysWow64\d2d1.dll
2014-04-26 19:17:00    2397184    ----a-w-    C:\windows\System32\d3d10warp.dll
2014-04-26 19:17:00    2071552    ----a-w-    C:\windows\SysWow64\d3d10warp.dll
2014-04-26 19:16:57    6353960    ----a-w-    C:\windows\System32\sppsvc.exe
2014-04-26 19:16:56    764864    ----a-w-    C:\windows\System32\mfmpeg2srcsnk.dll
2014-04-26 19:16:56    669352    ----a-w-    C:\windows\SysWow64\mfmpeg2srcsnk.dll
2014-04-26 19:16:56    4175360    ----a-w-    C:\windows\System32\dbgeng.dll
2014-04-26 19:16:56    2873344    ----a-w-    C:\windows\SysWow64\dbgeng.dll
2014-04-26 19:16:56    1486848    ----a-w-    C:\windows\System32\dbghelp.dll
2014-04-26 19:16:55    447488    ----a-w-    C:\windows\System32\sppcomapi.dll
2014-04-26 19:16:55    249856    ----a-w-    C:\windows\System32\rdpencom.dll
2014-04-26 19:16:55    208896    ----a-w-    C:\windows\SysWow64\rdpencom.dll
2014-04-26 19:16:55    1238016    ----a-w-    C:\windows\SysWow64\dbghelp.dll
2014-04-26 19:16:54    84480    ----a-w-    C:\windows\System32\WSCollect.exe
2014-04-26 19:15:47    1943536    ----a-w-    C:\windows\System32\crypt32.dll
2014-04-26 19:15:47    1581968    ----a-w-    C:\windows\SysWow64\crypt32.dll
.
==================== Find3M  ====================
.
2014-05-01 20:30:26    693240    ----a-w-    C:\windows\SysWow64\FlashPlayerApp.exe
2014-05-01 20:30:26    105464    ----a-w-    C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-18 09:14:19    2441216    ----a-w-    C:\windows\apppatch\AcGenral.dll
2014-04-11 10:03:36    555736    ----a-w-    C:\windows\System32\twinapi.appcore.dll
2014-04-11 08:25:54    419928    ----a-w-    C:\windows\SysWow64\twinapi.appcore.dll
2014-04-11 05:53:36    79872    ----a-w-    C:\windows\System32\WSReset.exe
2014-04-11 03:54:45    201728    ----a-w-    C:\windows\System32\ubpm.dll
2014-04-11 03:36:33    11792384    ----a-w-    C:\windows\SysWow64\twinui.dll
2014-04-11 03:24:51    13288960    ----a-w-    C:\windows\System32\twinui.dll
2014-04-11 03:06:13    31232    ----a-w-    C:\windows\SysWow64\wuapp.exe
2014-04-11 03:05:40    123904    ----a-w-    C:\windows\SysWow64\wuwebv.dll
2014-04-11 03:05:20    189952    ----a-w-    C:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-11 03:02:49    35328    ----a-w-    C:\windows\System32\wuapp.exe
2014-04-11 03:02:08    249344    ----a-w-    C:\windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-11 03:01:46    137728    ----a-w-    C:\windows\System32\wuwebv.dll
2014-04-11 03:00:47    80896    ----a-w-    C:\windows\SysWow64\wudriver.dll
2014-04-11 02:56:32    381440    ----a-w-    C:\windows\System32\WUSettingsProvider.dll
2014-04-11 02:55:36    93696    ----a-w-    C:\windows\System32\wudriver.dll
2014-04-11 02:46:04    1705472    ----a-w-    C:\windows\System32\wucltux.dll
2014-04-11 02:36:22    828928    ----a-w-    C:\windows\SysWow64\twinui.appcore.dll
2014-04-11 02:34:19    754688    ----a-w-    C:\windows\SysWow64\WSShared.dll
2014-04-11 02:29:16    1054208    ----a-w-    C:\windows\System32\twinui.appcore.dll
2014-04-11 02:25:45    921088    ----a-w-    C:\windows\System32\WSShared.dll
2014-04-08 22:46:35    86688    ----a-w-    C:\windows\System32\mrt_map.dll
2014-04-08 22:46:35    28320    ----a-w-    C:\windows\System32\mrt100.dll
2014-04-08 18:54:55    80032    ----a-w-    C:\windows\SysWow64\mrt_map.dll
2014-04-08 18:54:55    26784    ----a-w-    C:\windows\SysWow64\mrt100.dll
2014-03-26 18:00:02    65120    ----a-w-    C:\windows\System32\drivers\klwfp.sys
2014-03-26 18:00:02    178272    ----a-w-    C:\windows\System32\drivers\kneps.sys
2014-03-26 18:00:00    458336    ----a-w-    C:\windows\System32\drivers\kl1.sys
2014-03-26 18:00:00    30304    ----a-w-    C:\windows\System32\drivers\klim6.sys
2014-03-26 18:00:00    29792    ----a-w-    C:\windows\System32\drivers\klelam.sys
2014-03-26 18:00:00    29280    ----a-w-    C:\windows\System32\drivers\klmouflt.sys
2014-03-26 18:00:00    29280    ----a-w-    C:\windows\System32\drivers\klkbdflt.sys
2014-03-24 02:30:57    257880    ----a-w-    C:\windows\System32\drivers\WdFilter.sys
2014-03-24 02:30:57    123224    ----a-w-    C:\windows\System32\drivers\WdNisDrv.sys
2014-03-24 02:27:03    35856    ----a-w-    C:\windows\System32\drivers\WdBoot.sys
2014-03-20 15:48:07    75760    ----a-w-    C:\windows\System32\drivers\UMDF\LenovoVhid.dll
2014-03-20 15:48:07    35600    ----a-w-    C:\windows\System32\drivers\AcpiVpc.sys
2014-03-20 15:37:34    83    ----a-w-    C:\windows\System32\IHV_Install.bat
2014-03-20 03:41:24    2013016    ----a-w-    C:\windows\System32\drivers\ntfs.sys
2014-03-20 03:41:20    376152    ----a-w-    C:\windows\System32\drivers\clfs.sys
2014-03-20 03:40:33    1112536    ----a-w-    C:\windows\System32\KernelBase.dll
2014-03-20 01:29:27    4268544    ----a-w-    C:\windows\System32\SyncEngine.dll
2014-03-20 00:53:21    950784    ----a-w-    C:\windows\System32\ReAgent.dll
2014-03-20 00:48:30    201216    ----a-w-    C:\windows\System32\ReInfo.dll
2014-03-19 23:39:38    800256    ----a-w-    C:\windows\SysWow64\ReAgent.dll
2014-03-19 23:36:36    172544    ----a-w-    C:\windows\SysWow64\ReInfo.dll
2014-03-19 07:13:45    836096    ----a-w-    C:\windows\SysWow64\KernelBase.dll
2014-03-19 05:57:41    621568    ----a-w-    C:\windows\System32\MDMAgent.exe
2014-03-19 05:50:30    79360    ----a-w-    C:\windows\System32\w32tm.exe
2014-03-19 05:31:29    1656832    ----a-w-    C:\windows\System32\GdiPlus.dll
2014-03-19 05:20:42    70656    ----a-w-    C:\windows\SysWow64\w32tm.exe
2014-03-19 05:08:11    1351168    ----a-w-    C:\windows\SysWow64\GdiPlus.dll
2014-03-19 04:41:59    721408    ----a-w-    C:\windows\System32\SkyDriveTelemetry.dll
2014-03-19 04:21:25    418816    ----a-w-    C:\windows\System32\wbem\MDMSettingsProv.dll
2014-03-19 04:17:44    872448    ----a-w-    C:\windows\System32\SkyDrive.exe
2014-03-13 12:35:24    157016    ----a-w-    C:\windows\System32\drivers\wof.sys
2014-03-13 07:42:24    308224    ----a-w-    C:\windows\System32\wusa.exe
2014-03-13 06:51:36    305152    ----a-w-    C:\windows\SysWow64\wusa.exe
2014-03-13 06:08:05    442880    ----a-w-    C:\windows\apppatch\AcSpecfc.dll
2014-03-11 15:45:44    99328    ----a-w-    C:\windows\System32\BdeHdCfgLib.dll
2014-03-11 15:18:33    1015808    ----a-w-    C:\windows\System32\aclui.dll
2014-03-11 15:02:25    794112    ----a-w-    C:\windows\System32\fvewiz.dll
2014-03-11 14:28:41    887296    ----a-w-    C:\windows\SysWow64\aclui.dll
2014-03-11 14:25:32    100352    ----a-w-    C:\windows\System32\BitLockerDeviceEncryption.exe
2014-03-11 14:05:16    210944    ----a-w-    C:\windows\System32\fveapibase.dll
2014-03-11 14:03:17    339456    ----a-w-    C:\windows\System32\bdesvc.dll
2014-03-11 14:00:28    720896    ----a-w-    C:\windows\System32\fveapi.dll
2014-03-11 13:21:37    918528    ----a-w-    C:\windows\System32\MrmCoreR.dll
2014-03-11 13:02:13    629760    ----a-w-    C:\windows\SysWow64\MrmCoreR.dll
2014-03-11 12:42:54    2641920    ----a-w-    C:\windows\System32\authui.dll
2014-03-11 12:35:11    2317824    ----a-w-    C:\windows\SysWow64\authui.dll
2014-03-08 20:47:48    180056    ----a-w-    C:\windows\System32\drivers\ksecpkg.sys
2014-03-08 20:47:17    565536    ----a-w-    C:\windows\System32\drivers\cng.sys
2014-03-08 20:40:16    136024    ----a-w-    C:\windows\System32\drivers\wfplwfs.sys
2014-03-08 20:38:31    1542768    ----a-w-    C:\windows\System32\ole32.dll
2014-03-08 20:35:45    467800    -c--a-w-    C:\windows\System32\drivers\USBHUB3.SYS
2014-03-08 20:35:45    337752    ----a-w-    C:\windows\System32\drivers\Classpnp.sys
2014-03-08 15:29:39    356848    ----a-w-    C:\windows\System32\dcomp.dll
2014-03-08 15:29:39    1339240    ----a-w-    C:\windows\System32\gdi32.dll
2014-03-08 11:34:53    1095488    ----a-w-    C:\windows\SysWow64\ole32.dll
2014-03-08 09:34:24    731648    ----a-w-    C:\windows\System32\adtschema.dll
2014-03-08 09:02:24    83968    ----a-w-    C:\windows\System32\sxproxy.dll
2014-03-08 08:44:42    731648    ----a-w-    C:\windows\SysWow64\adtschema.dll
2014-03-08 08:33:33    271872    ----a-w-    C:\windows\System32\spp.dll
2014-03-08 08:25:39    40448    ----a-w-    C:\windows\System32\SetNetworkLocation.dll
2014-03-08 08:12:05    33792    ----a-w-    C:\windows\SysWow64\sxproxy.dll
2014-03-08 07:53:52    1843712    ----a-w-    C:\windows\System32\Display.dll
2014-03-08 07:51:14    334848    ----a-w-    C:\windows\System32\MDEServer.exe
2014-03-08 07:47:39    222720    ----a-w-    C:\windows\SysWow64\spp.dll
2014-03-08 07:12:40    1816576    ----a-w-    C:\windows\SysWow64\Display.dll
2014-03-08 07:09:34    1411584    ----a-w-    C:\windows\System32\lsasrv.dll
2014-03-08 07:04:41    160768    ----a-w-    C:\windows\System32\AppxAllUserStore.dll
2014-03-08 07:03:07    939520    ----a-w-    C:\windows\System32\kerberos.dll
2014-03-08 07:01:57    827392    ----a-w-    C:\windows\System32\BFE.DLL
2014-03-08 06:50:54    1066496    ----a-w-    C:\windows\SysWow64\gdi32.dll
2014-03-08 06:48:17    252928    ----a-w-    C:\windows\System32\AppXDeploymentClient.dll
2014-03-08 06:46:58    1063424    ----a-w-    C:\windows\System32\IKEEXT.DLL
2014-03-08 06:41:34    412672    ----a-w-    C:\windows\System32\FWPUCLNT.DLL
.
============= FINISH: 19:55:31.62 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,926 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:20 AM

Posted 29 May 2014 - 08:38 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).
  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the correct version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.

Let me know what problem persists.

#3 Mubarraz470

Mubarraz470
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Seattle
  • Local time:11:20 PM

Posted 30 May 2014 - 04:05 AM

I have to apologize. Thank you for the response, but the customer (my friend) has chosen to work with Lenovo to reset the laptop back to factory. It's only 5 weeks old. Frankly, I think it's too late, I'm betting this nasty bugger (it's NOT PureLeadsSvc, it's a botnet I've encountered before) has already damaged the hidden factorty partition(s) that hold the virgin OS + drivers. I'll be making the call this weekend so hopefully I can find some interesting information and I will definitely share what I encounter, if anything.

 

Please keep the thread open for a few days so I can post, but for now consider case closed and I apologize for any time wasted.

 

Mubarraz...



#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,926 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:20 AM

Posted 30 May 2014 - 07:22 AM

Post a Farbar log is you can.

#5 Mubarraz470

Mubarraz470
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Seattle
  • Local time:11:20 PM

Posted 31 May 2014 - 12:18 AM

I did get a FarBar scan in, but only in safe mode.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014
Ran by Braden (administrator) on LENOVO-PC on 25-05-2014 01:21:19
Running from C:\Users\Braden\Documents\SetiCleanup
Platform: Windows 8.1 (Update 1) (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Safe Mode (minimal)

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\HelpPane.exe
(Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
(Sysinternals - www.sysinternals.com) C:\Users\Braden\Desktop\ProcessExplorer\procexp.exe
(Sysinternals - www.sysinternals.com) C:\Users\Braden\AppData\Local\Temp\procexp64.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13656792 2013-10-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1353432 2013-09-26] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\windows\system32\DptfPolicyLpmServiceHelper.exe [111976 2013-08-03] (Intel Corporation)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2013-07-19] (Realtek semiconductor)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7818040 2013-09-19] (Motorola Solutions, Inc.)
HKLM\...\Run: [Yoga PhoneCompanion] => C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe [844304 2014-03-20] (Lenovo)
HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2014-03-20] ()
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [59923440 2014-03-20] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-03-20] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [Yoga Picks] => C:\Program Files (x86)\Lenovo\Yoga Picks\Yoga Picks.exe [119280 2014-01-06] (Lenovo)
HKLM-x32\...\Run: [PureLeads Tray] => C:\Program Files (x86)\PureLeads\PureLeadsTray.exe [83232 2014-01-23] (PureLeads)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2099200 2014-04-13] (Dominik Reichl)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com/?type=599486&fr=spigot-yhp-ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://home.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://home.lenovo.com
SearchScopes: HKLM - DefaultScope {9820ACB6-42A4-48F2-888B-B5E2C8383F61} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {9820ACB6-42A4-48F2-888B-B5E2C8383F61} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
SearchScopes: HKLM-x32 - DefaultScope {9820ACB6-42A4-48F2-888B-B5E2C8383F61} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {9820ACB6-42A4-48F2-888B-B5E2C8383F61} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
SearchScopes: HKCU - DefaultScope {E016655F-10B0-431A-8609-85357EABD8FA} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=599486&p={searchTerms}
SearchScopes: HKCU - {9820ACB6-42A4-48F2-888B-B5E2C8383F61} URL =
SearchScopes: HKCU - {E016655F-10B0-431A-8609-85357EABD8FA} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=599486&p={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\windows\SysWOW64\plsapp.dll [354592] (Sendori)
Winsock: Catalog9 02 C:\windows\SysWOW64\plsapp.dll [354592] (Sendori)
Winsock: Catalog9 03 C:\windows\SysWOW64\plsapp.dll [354592] (Sendori)
Winsock: Catalog9 04 C:\windows\SysWOW64\plsapp.dll [354592] (Sendori)
Winsock: Catalog9 16 C:\windows\SysWOW64\plsapp.dll [354592] (Sendori)
Winsock: Catalog9-x64 01 C:\windows\system32\plsapp64.dll [439296] (Sendori)
Winsock: Catalog9-x64 02 C:\windows\system32\plsapp64.dll [439296] (Sendori)
Winsock: Catalog9-x64 03 C:\windows\system32\plsapp64.dll [439296] (Sendori)
Winsock: Catalog9-x64 04 C:\windows\system32\plsapp64.dll [439296] (Sendori)
Winsock: Catalog9-x64 16 C:\windows\system32\plsapp64.dll [439296] (Sendori)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Users\Braden\Downloads\VLC\npvlc.dll (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-05-08]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-05-08]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-05-08]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-05-08]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-05-08]

Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Braden\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-27]
CHR Extension: (Google Drive) - C:\Users\Braden\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-27]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Braden\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (Kaspersky Protection) - C:\Users\Braden\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa [2014-05-08]
CHR Extension: (YouTube) - C:\Users\Braden\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-27]
CHR Extension: (Google Search) - C:\Users\Braden\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-27]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Braden\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-05-08]
CHR Extension: (AdBlock) - C:\Users\Braden\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-28]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Braden\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-04-27]
CHR Extension: (Google Wallet) - C:\Users\Braden\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-27]
CHR Extension: (Gmail) - C:\Users\Braden\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-27]
CHR Extension: (Anti-Banner) - C:\Users\Braden\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-05-08]
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [2014-05-08]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2014-03-26]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2014-03-26]

==================== Services (Whitelisted) =================

S2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2014-03-26] (Kaspersky Lab ZAO)
S2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe [432528 2013-05-02] (Nuance Communications, Inc.)
S2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [115632 2013-08-03] (Intel Corporation)
S2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116656 2013-08-03] (Intel Corporation)
S2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148688 2013-08-03] (Intel Corporation)
S2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [124880 2013-08-03] (Intel Corporation)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
S2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
S2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] ()
S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-08-09] (Intel Corporation)
S2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2014-03-20] (Lenovo)
S2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-06-28] (Nitro PDF Software)
S2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [163624 2014-01-07] (PointGrab LTD)
S2 PhoneCompanionPusher; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe [249872 2014-03-20] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe [328720 2014-03-20] (Lenovo)
S2 plsapp; C:\Program Files (x86)\PureLeads\plsapp.exe [3690784 2014-01-23] (Sendori)
S2 PlsvcV1; C:\Program Files (x86)\PureLeads\PureLeadsSvc.exe [91936 2014-01-23] (PureLeads)
S2 PlsvcV2; C:\Program Files (x86)\PureLeads\PureLeads.Service.exe [24352 2014-01-23] (sendori)
S2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [288472 2013-09-13] (Realtek Semiconductor)
S2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-03-20] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
S2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [34576 2014-03-20] (Lenovo)
S2 YogaPicks.AppService; C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe [19440 2014-01-06] ()

==================== Drivers (Whitelisted) ====================

R0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
S3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [114680 2013-08-03] (Intel Corporation)
S3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [287160 2013-08-03] (Intel Corporation)
S3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494272 2013-08-03] (Intel Corporation)
S3 ffusb2audio; C:\Windows\system32\DRIVERS\ffusb2audio.sys [127280 2013-09-25] (Focusrite Audio Engineering Limited.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
R0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
S3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [118728 2013-09-18] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-01] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-01] ()
S3 INETMON; C:\windows\System32\Drivers\INETMON.sys [29088 2013-08-01] ()
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-10] (Microsoft Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-01] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-03-26] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-03-26] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [115296 2014-03-26] (Kaspersky Lab ZAO)
S1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-03-26] (Kaspersky Lab ZAO)
S1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-03-26] (Kaspersky Lab ZAO)
S3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-03-26] (Kaspersky Lab ZAO)
S3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2014-03-26] (Kaspersky Lab ZAO)
S1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
S1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [65120 2014-03-26] (Kaspersky Lab ZAO)
S1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-03-26] (Kaspersky Lab ZAO)
R0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-09] (Intel Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-19] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation)
S3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8247640 2013-07-19] (Realtek Semiconductor Corp.)
S3 SensorsHIDClassDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
S3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-25] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-29] (Synaptics Incorporated)
R0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

========================== Drivers MD5 =======================

C:\Windows\System32\drivers\1394ohci.sys E1832BD9FD7E0FC2DC9FA5935DE3E8C1
C:\Windows\System32\drivers\3ware.sys AD508A1A46EC21B740AB31C28EFDFDB1
C:\Windows\System32\drivers\ACPI.sys 9539F7917B4B6D92C90F0FAA6B86C605
C:\Windows\System32\Drivers\acpiex.sys AC8279D229398BCF05C3154ADCA86813
C:\Windows\System32\drivers\acpipagr.sys A8970D9BF23CD309E0403978A1B58F3F
C:\Windows\System32\drivers\acpipmi.sys 111A89C99C5B4F1A7BCE5F643DD86F65
C:\Windows\System32\drivers\acpitime.sys 5758387D68A20AE7D3245011B07E36E7
C:\Windows\System32\drivers\AcpiVpc.sys AF7A18603B0B82DFA5B420456FAF2201
C:\Windows\System32\drivers\ADP80XX.SYS 7C1FDF1B48298CBA7CE4BDD4978951AD
C:\Windows\system32\drivers\afd.sys 239268BAB58EAE9A3FF4E08334C00451
C:\Windows\System32\drivers\agp440.sys 7DFAEBA9AD62D20102B576D5CAC45EC8
C:\Windows\System32\DRIVERS\ahcache.sys 8E8E34B7BA059050EED827410D0697A2
C:\Windows\System32\drivers\amdk8.sys 7589DE749DB6F71A68489DCE04158729
C:\Windows\System32\drivers\amdppm.sys B46D2D89AFF8A9490FA8C98C7A5616E3
C:\Windows\System32\drivers\amdsata.sys D2BF2F94A47D332814910FD47C6BBCD2
C:\Windows\System32\drivers\amdsbs.sys A8E04943C7BBA7219AA50400272C3C6E
C:\Windows\System32\drivers\amdxata.sys CEA5F4F27CFC08E3A44D576811B35F50
C:\Windows\system32\drivers\appid.sys 04951A9A937CBE28A2D3FEEA360B6D1F
C:\Windows\System32\drivers\arcsas.sys 65045784366F7EC5FB4E71BCF923187B
C:\Windows\System32\drivers\atapi.sys 74B14192CF79A72F7536B27CB8814FBD
C:\Windows\system32\DRIVERS\ax88772.sys 943B743BEA5AE4EEA43250FFCC99C522
C:\Windows\System32\drivers\bxvbda.sys A4A73F631FE2AA2826FBE4A399B04DEF
C:\Windows\System32\drivers\BasicDisplay.sys 8CC7F7E4AFCBA605921B137ED7992C68
C:\Windows\System32\drivers\BasicRender.sys 38A82F4EE8C416A6744B6D30381ED768
C:\Windows\System32\drivers\bcmfn2.sys C1ABB0F7E3BEA48A0417BDF6FF14AB21
C:\Windows\System32\Drivers\Beep.sys EC19013E4CF87609534165DF897274D6
C:\Windows\System32\DRIVERS\bowser.sys 6B4FFFDDC618FCF64473CAA86E305697
C:\Windows\System32\drivers\BthAvrcpTg.sys A8F23D453A424FF4DE04989C4727ECC7
C:\Windows\System32\drivers\BthEnum.sys 131F1C8573E7BFB41C54FBF5309CCD94
C:\Windows\System32\drivers\bthhfenum.sys 746B9F94214915AECDE4B7FEA5FF9664
C:\Windows\System32\drivers\BthHFHid.sys 71FE2A48E4C93DDB9798C024880B6C07
C:\Windows\System32\drivers\BthLEEnum.sys D30C67473A2E229662D21F27EAA9AAA5
C:\Windows\System32\drivers\bthmodem.sys 07E33226AD218A2A162662A05CAFB52F
C:\Windows\system32\DRIVERS\bthpan.sys 3AFE71D80EDF5D4DE0C5731352905669
C:\Windows\System32\Drivers\BTHport.sys AB8CD3914AD779C15B27DDD9F53F7434
C:\Windows\System32\Drivers\BTHUSB.sys 23E75BED9076F856B36F5F934BBD5795
C:\Windows\system32\DRIVERS\btmaux.sys 4428C299BE7B9841ECFA82044B69FA6A
C:\Windows\system32\DRIVERS\btmhsf.sys 7B31A8A9DC95B3634D896FD0F2814F19
C:\Windows\System32\DRIVERS\cdfs.sys 2FA6510E33F7DEFEC03658B74101A9B9
C:\Windows\System32\drivers\cdrom.sys C6796EA22B513E3457514D92DCDB1A3D
C:\Windows\System32\drivers\circlass.sys BE9936EDD3267FAAFF94A7835867F00B
C:\Windows\System32\drivers\CLFS.sys 179A41249055D5F039F1B6703F3B6D2B
C:\Windows\System32\drivers\CmBatt.sys EF6EF85DADC3184A10D8F2F7159973CB
C:\Windows\System32\Drivers\cng.sys 4627C1FBF2802425A408A2D2AF28CF85
C:\Windows\System32\drivers\CompositeBus.sys 03AAED827C36F35D70900558B8274905
C:\Windows\System32\drivers\condrv.sys A1FF7DFBFBE164CF92603C651D304DD2
C:\Windows\System32\drivers\dam.sys 315BA4BC19316D72B2E037534E048B93
C:\Windows\System32\Drivers\dfsc.sys A03F362C5557E238CBFA914689C77248
C:\Windows\System32\drivers\disk.sys 4D40C9B33F738797CF50E77CB7C53E85
C:\Windows\System32\drivers\dmvsc.sys EB70A894708D1BC176AFD690FF06085F
C:\Windows\system32\DRIVERS\DptfDevPch.sys E87CD3E4F9AC0A2C181990CB781DD4BA
C:\Windows\system32\DRIVERS\DptfDevProc.sys 1C3C798B4150F7A047853838EBE2A95B
C:\Windows\system32\DRIVERS\DptfManager.sys 133C04EDB13A8A7740FFA3D7DD397C80
C:\Windows\system32\drivers\drmkaud.sys DDC11A202207C0400CBE07315B8FDE5E
C:\Windows\System32\drivers\dxgkrnl.sys C7D252742946DD395670649742FBD73D
C:\Windows\system32\DRIVERS\e1i63x64.sys FA988D76745C917CDFE20031C06DE860
C:\Windows\System32\drivers\evbda.sys 114BCFDF367FF37C3F1B0A96AF542E4D
C:\Windows\System32\drivers\EhStorClass.sys 43531A5993380CC5113242C29D265FD9
C:\Windows\System32\drivers\EhStorTcgDrv.sys 6F8E738A9505A388B1157FDDE7B3101B
C:\Windows\System32\drivers\errdev.sys DFFFAE1442BA4076E18EED5E406FA0D3
C:\Windows\System32\Drivers\exfat.sys 7729D294A555C7AEB281ED8E4D0E01E4
C:\Windows\System32\Drivers\fastfat.sys 7C4E0D5900B2A1D11EDD626D6DDB937B
C:\Windows\System32\drivers\fdc.sys 5D8402613E778B3BD45E687A8372710B
C:\Windows\system32\DRIVERS\ffusb2audio.sys 2E1FBB0769DF4C56B527A4000820A8D0
C:\Windows\System32\drivers\fileinfo.sys BCFD8B149B3ADF92D0DB1E909CAF0265
C:\Windows\System32\drivers\filetrace.sys A1A66C4FDAFD6B0289523232AFB7D8AF
C:\Windows\System32\drivers\flpydisk.sys BE743083CF7063C486A4398E3AEFE59A
C:\Windows\System32\drivers\fltmgr.sys 46D1DF775FFF14585218BBE16E5B2C9A
C:\Windows\System32\drivers\FsDepends.sys 35005534E600E993A90B036E4E599F2B
C:\Windows\System32\Drivers\Fs_Rec.sys 09F460AFEDCA03F3BF6E07D1CCC9AC42
C:\Windows\System32\DRIVERS\fvevol.sys B2BD017231836DA9F63F41E3A075D73E
C:\Windows\System32\drivers\fxppm.sys 9591D0B9351ED489EAFD9D1CE52A8015
C:\Windows\System32\drivers\gagp30kx.sys FC3EF65EE20D39F8749C2218DBA681CA
C:\Windows\System32\drivers\vmgencounter.sys 0BF5CAD281E25F1418E5B8875DC5ADD1
C:\Windows\System32\Drivers\msgpioclx.sys EF3AE7773394DF49CE74AF78A1C8D23D
C:\Windows\system32\drivers\HdAudio.sys 56F69F7C25FB67C970997D7066DBC593
C:\Windows\System32\drivers\HDAudBus.sys 03909BDBFF0DCACCABF2B2D4ADEE44DC
C:\Windows\System32\drivers\HidBatt.sys 10A70BC1871CD955D85CD88372724906
C:\Windows\System32\drivers\hidbth.sys 1EA1B4FABB8CC348E73CA90DBA22E104
C:\Windows\System32\drivers\hidi2c.sys C241A8BAFBBFC90176EA0F5240EACC17
C:\Windows\System32\drivers\hidir.sys 9BDDEE26255421017E161CCB9D5EDA95
C:\Windows\System32\drivers\hidusb.sys 8DB8EAB9D0C6A5DF0BDCADEA239220B4
C:\Windows\System32\drivers\HpSAMD.sys A6AACEA4C785789BDA5912AD1FEDA80D
C:\Windows\System32\drivers\HTTP.sys 9DDCA7F18983C5410DEFF79F819DF93C
C:\Windows\System32\drivers\hwpolicy.sys 90656C0B3864804B090434EFC582404F
C:\Windows\System32\drivers\hyperkbd.sys 6D6F9E3BF0484967E52F7E846BFF1CA1
C:\Windows\system32\DRIVERS\HyperVideo.sys 907C870F8C31F8DDD6F090857B46AB25
C:\Windows\System32\drivers\i8042prt.sys 84CFC5EFA97D0C965EDE1D56F116A541
C:\Windows\System32\drivers\iaLPSSi_GPIO.sys 5D90E32E36CE5D4C535D17CE08AEAF05
C:\Windows\System32\drivers\iaLPSSi_I2C.sys DD05E7E80F52ADE9AEB292819920F32C
C:\Windows\System32\drivers\iaStorA.sys 57CD95DEB3529181BCC931DD2DFB2341
C:\Windows\System32\drivers\iaStorAV.sys 08BFE413B0B4AA8DFA4B5684CE06D3DC
C:\Windows\System32\drivers\iaStorV.sys A2200C3033FA4EF249FC096A7A7D02A2
C:\Windows\system32\DRIVERS\ibtusb.sys CAAC69A001E1A5878D2F050F57F93DA4
C:\Windows\system32\DRIVERS\igdkmd64.sys A874EC416801B152BD64916E1B5C107E
C:\Windows\system32\DRIVERS\ikbevent.sys 39F3C7E218CE9118106D166F09AE1352
C:\Windows\system32\DRIVERS\imsevent.sys 404906005D768E48BF16218B420249C7
C:\windows\System32\Drivers\INETMON.sys 3F2BB021CB280880F8C1B7A6FEF9B447
C:\Windows\system32\drivers\intelaud.sys DB65573521AB51941F4FA799D0968136
C:\Windows\system32\drivers\RTKVHD64.sys 4C60B08DFC8E2543075FF13C9E68DD55
C:\Windows\system32\DRIVERS\IntcDAud.sys D6A22510D795928E8840619900D672B4
C:\Windows\System32\drivers\intelide.sys 4E448FCFFD00E8D657CD9E48D3E47157
C:\Windows\System32\drivers\intelpep.sys 139CFCDCD36B1B1782FD8C0014AC9B0E
C:\Windows\System32\drivers\intelppm.sys 47E74A8E53C7C24DCE38311E1451C1D9
C:\Windows\System32\DRIVERS\ipfltdrv.sys 9DB76D7F9E4E53EFE5DD8C53DE837514
C:\Windows\System32\drivers\IPMIDrv.sys FD9C9E9E3F0ED51502C7E8C066BE26B9
C:\Windows\System32\drivers\ipnat.sys B7342B3C58E91107F6E946A93D9D4EFD
C:\Windows\System32\drivers\irenum.sys AE44C526AB5F8A487D941CEB57B10C97
C:\Windows\System32\drivers\isapnp.sys 8AFEEA3955AA43616A60F133B1D25F21
C:\Windows\System32\drivers\msiscsi.sys 034D4BD9DC67C64F3A4C8A049B5173BF
C:\Windows\System32\drivers\ISCTD64.sys 4EE2423C38F43D37F8497A672FD10BDC
C:\Windows\System32\drivers\iwdbus.sys 2C04ACF9070282AC9AA837C52CA3C128
C:\Windows\System32\drivers\kbdclass.sys 8BE92376799B6B44D543E8D07CDCF885
C:\Windows\System32\drivers\kbdhid.sys FB6E47E569D4872ABEB506BE03A45FBA
C:\Windows\system32\DRIVERS\kdnic.sys 813871C7D402A05F2E3A7075F9584A05
C:\Windows\System32\DRIVERS\kl1.sys 795EC29BA21F1D948FD6FD740C00B599
C:\Windows\System32\DRIVERS\klelam.sys 2248A9F2B7704271C72E306001C7FBE0
C:\Windows\System32\DRIVERS\klif.sys E8D6C80D4E11383CEE269F9C27E6464C
C:\Windows\system32\DRIVERS\klim6.sys B6822DEFE601629F19E0A2D7F0D623F2
C:\Windows\system32\DRIVERS\klkbdflt.sys B45DEC5BD71885E833DF3D837CE7C606
C:\Windows\system32\DRIVERS\klmouflt.sys 8849D8F6259D3494E8C5C9482EE40A08
C:\Windows\system32\DRIVERS\klpd.sys 8C0EC95AD65A0DE3D6C040591D02BF02
C:\Windows\system32\DRIVERS\klwfp.sys EAAF7E0936CC5474F433B684A2C68CF2
C:\Windows\system32\DRIVERS\kneps.sys 91BC1C5B00275A4D7FD669EFF0DDEB2A
C:\Windows\System32\Drivers\ksecdd.sys ADDECBCC777665BD113BED437E602AB0
C:\Windows\System32\Drivers\ksecpkg.sys F88CC88F4A6D8476F1664E805CA18CC2
C:\Windows\system32\drivers\ksthunk.sys 11AFB527AA370B1DAFD5C36F35F6D45F
C:\Windows\system32\DRIVERS\lltdio.sys C09010B3680860131631F53E8FE7BAD8
C:\Windows\System32\drivers\lsi_sas.sys C755AE4635457AA2A11F79C0DF857ABC
C:\Windows\System32\drivers\lsi_sas2.sys ADAC09CBE7A2040B7F68B5E5C9A75141
C:\Windows\System32\drivers\lsi_sas3.sys 04D1274BB9BBCCF12BD12374002AA191
C:\Windows\System32\drivers\lsi_sss.sys 327469EEF3833D0C584B7E88A76AEC0C
C:\Windows\system32\drivers\luafv.sys DDEE191AB32DFC22C6465002ECDF5EE4
C:\Windows\System32\drivers\megasas.sys EB5C03A070F30D64A6DF80E53B22F53F
C:\Windows\System32\drivers\megasr.sys F6F13533196DE7A582D422B0241E4363
C:\Windows\system32\DRIVERS\TeeDriverx64.sys 18B9AD128EC84E8D16A83F70CF36594F
C:\Windows\System32\drivers\modem.sys 8B38C44F69259987C95135C9627E2378
C:\Windows\System32\drivers\monitor.sys 601589000CC90F0DF8DA2CC254A3CCC9
C:\Windows\System32\drivers\mouclass.sys CEAC6D40FE887CE8406C2393CF97DE06
C:\Windows\System32\drivers\mouhid.sys 02D98BF804084E9A0D69D1C69B02CCA9
C:\Windows\System32\drivers\mountmgr.sys 515549560D481138E6E21AF7C6998E56
C:\Windows\System32\drivers\mpsdrv.sys F170510BE94CF45E3C6274578F6204B2
C:\Windows\system32\drivers\mrxdav.sys 1D55DADC22D21883A2F80297F5A5AE48
C:\Windows\System32\DRIVERS\mrxsmb.sys C997E6A37BA8915224B3FB5024A34F69
C:\Windows\System32\DRIVERS\mrxsmb10.sys 3E28B99198B514DFEB152EACF913025E
C:\Windows\System32\DRIVERS\mrxsmb20.sys AAF56E4E84D35411B4E446C445732DFE
C:\Windows\system32\DRIVERS\bridge.sys 4E888019078AC363076A5433E89AA4F8
C:\Windows\System32\Drivers\Msfs.sys D13329FBF8345B28AB30F44CC247DC08
C:\Windows\System32\drivers\msgpiowin32.sys C6B474E46F9E543B875981ED3FFE6ADD
C:\Windows\System32\drivers\mshidkmdf.sys 65C92EB9D08DB5C69F28C7FFD4E84E31
C:\Windows\System32\drivers\mshidumdf.sys 52299F086AC2DAFD100DD5DC4A8614BA
C:\Windows\System32\drivers\msisadrv.sys 36D92AF3343C3A3E57FEF11C449AEA4C
C:\Windows\system32\drivers\MSKSSRV.sys A9BBBD2BAE6142253B9195E949AC2E8D
C:\Windows\system32\DRIVERS\mslldp.sys 375E44168F2DFB91A68B8A3F619C5A7C
C:\Windows\system32\drivers\MSPCLOCK.sys 7B2128EB875DCBC006E6A913211006D6
C:\Windows\system32\drivers\MSPQM.sys 1E88171579B218115C7A772F8DE04BD8
C:\Windows\System32\Drivers\MsRPC.sys BBE2A455053E63BECBF42C2F9B21FAE0
C:\Windows\System32\drivers\mssmbios.sys 8D6B7D515C5CBCDB75B928A0B73C3C5E
C:\Windows\system32\drivers\MSTEE.sys 115019AE01E0EB9C048530D2928AB4A2
C:\Windows\System32\drivers\MTConfig.sys 96D604A35070360F0DD4A7A8AF410B5E
C:\Windows\System32\Drivers\mup.sys 619CA29326B82372621DB2C0964D8365
C:\Windows\System32\drivers\mvumis.sys B8C35C94DCB2DFEAF03BB42131F2F77F
C:\Windows\system32\DRIVERS\nwifi.sys 647C7652FA19F98CADF2BFDA2164BFEC
C:\Windows\System32\drivers\ndis.sys F21B77B4D74092A543807D3CEB711A88
C:\Windows\system32\DRIVERS\ndiscap.sys C6BB12BC35D1637CA17AE16D3A4725EB
C:\Windows\system32\DRIVERS\NdisImPlatform.sys 9F1DA20E943BE7AA4ED5F3E1EBA78B37
C:\Windows\system32\DRIVERS\ndistapi.sys 9423421E735BD5394351E0C47C76BB92
C:\Windows\system32\DRIVERS\ndisuio.sys B832B35055BA2B7B4181861FF94D8E59
C:\Windows\System32\drivers\NdisVirtualBus.sys 1F58E48EF75F34C35D8E93A0DC535CFE
C:\Windows\system32\DRIVERS\ndiswan.sys DEC29080202D4F9F17F55E18BCFCC41A
C:\Windows\system32\DRIVERS\ndiswan.sys DEC29080202D4F9F17F55E18BCFCC41A
C:\Windows\System32\Drivers\NDProxy.sys A5BD69A8812FA79D1A487691DD3FB244
C:\Windows\System32\drivers\Ndu.sys 5A072F0B90C29C5233D78BE33EF5ED78
C:\Windows\System32\DRIVERS\netbios.sys A83D67D347A684F10B7D3019C8A6380C
C:\Windows\System32\DRIVERS\netbt.sys 0217532E19A748F0E5D569307363D5FD
C:\Windows\system32\DRIVERS\netvsc63.sys 70414DB660BFBB7BD58FCE8EA4364E1B
C:\Windows\system32\DRIVERS\NETwbw02.sys 31D3E4959C410A7DEC2109CA8BF369AD
C:\Windows\system32\DRIVERS\NETwew02.sys B636B4A8E59A73033B766EA7FD7C3B81
C:\Windows\System32\Drivers\Npfs.sys 8F44A2F57C9F1A19AC9C6288C10FB351
C:\Windows\System32\drivers\npsvctrig.sys CBDB4F0871C88DF930FC0E8588CA67FC
C:\Windows\System32\drivers\nsiproxy.sys E490B459978CB87779E84C761D22B827
C:\Windows\System32\Drivers\Ntfs.sys 1C80517BE6836A812F6A9B99B8321351
C:\Windows\System32\Drivers\Null.sys EF1B290FC9F0E47CC0B537292BEE5904
C:\Windows\System32\drivers\nvraid.sys BC6B5942AFF25EBAF62DE43C3807EDF8
C:\Windows\System32\drivers\nvstor.sys 1F43ABFFAC3D6CA356851D517392966E
C:\Windows\System32\drivers\nv_agp.sys 6934A936A7369DFE37B7DBA93F5E5E49
C:\Windows\System32\drivers\parport.sys 764B1121867B2D9B31C491668AC72B2B
C:\Windows\System32\drivers\partmgr.sys EF0C1749C9A8CEE9A457473D433CC00F
C:\Windows\System32\drivers\pci.sys 275AFE3FA35E8D78BE97695DF49817C6
C:\Windows\System32\drivers\pciide.sys 346E38FCC6859A727DD28AFAD1F0AFF4
C:\Windows\System32\drivers\pcmcia.sys 4D3BDCC1C7B40C9D7B6AD990E6DEC397
C:\Windows\System32\drivers\pcw.sys BF28771D1436C88BE1D297D3098B0F7D
C:\Windows\System32\drivers\pdc.sys B9D968D8E2B0F9C6301CEB39CFC9B9E4
C:\Windows\System32\drivers\peauth.sys 0ECEE590F2E2EF969FB74A6FC583A1E6
C:\Windows\System32\drivers\processr.sys ECD373F9571C745894367CC2635EA44F
C:\Windows\system32\DRIVERS\pacer.sys 8528BB05E4D4E25945F78B00B2555FB7
C:\Windows\system32\drivers\qwavedrv.sys 3FB466684609A4329858CF2EBD62E0FD
C:\Windows\System32\DRIVERS\rasacd.sys 2C56F0EE27E4EF70CA4B4983D3638905
C:\Windows\system32\DRIVERS\raspppoe.sys 5247F308C4103CDC4FE12AE1D235800A
C:\Windows\System32\DRIVERS\rdbss.sys A1A5E79C0D1352AFDC08328A623DA051
C:\Windows\System32\drivers\rdpbus.sys 6B21EBF892CD8CACB71669B35AB5DE32
C:\Windows\System32\drivers\rdpdr.sys 680C1DAE268B6FB67FA21B389A8B79EF
C:\Windows\System32\drivers\rdpvideominiport.sys 858776908AF838E3790F3261B799CDA6
C:\Windows\System32\drivers\rdyboost.sys A26AEC49F318FEE141DDDB2C5F99B3E6
C:\Windows\System32\Drivers\ReFS.sys E515A287C8FAE901EB8FB42F168E14F2
C:\Windows\System32\drivers\rfcomm.sys 0527EF6E23B9FAB37DDCBC479C6CFA28
C:\Windows\system32\DRIVERS\rspndr.sys 2D05A5508F4685412F2B89E8C2189ABC
C:\Windows\system32\DRIVERS\rtsuvc.sys 993E6A15FD3EAFC280B8EBB396FA31B2
C:\Windows\System32\drivers\vms3cap.sys 1A063730F221B2746FF00457AE17E4F0
C:\Windows\System32\drivers\sbp2port.sys C624A1B32211C3166EDB3F4AB02A30B7
C:\Windows\System32\DRIVERS\scfilter.sys ABD0237B15DBD2B4695F4B7D734A58F7
C:\Windows\System32\drivers\sdbus.sys FDEC5799BA499D18AFA3A540538866E7
C:\Windows\System32\drivers\sdstor.sys 0B1E929D11A8E358106955603FAC65E8
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\WUDFRd.sys 19240C13F526125554B5370566F21A0A
C:\Windows\system32\DRIVERS\WUDFRd.sys 19240C13F526125554B5370566F21A0A
C:\Windows\System32\drivers\SerCx.sys DB2FF24CE0BDD15FE75870AFE312BA89
C:\Windows\System32\drivers\SerCx2.sys 0044B31F93946D5D41982314381FE431
C:\Windows\System32\drivers\serenum.sys 3CD600C089C1251BEEB4CD4CD5164F9E
C:\Windows\System32\drivers\serial.sys D864381BC9C725FAB01D94C060660166
C:\Windows\System32\drivers\sermouse.sys 0BD2B65DCE756FDE95A2E5CCCBF7705D
C:\Windows\System32\drivers\sfloppy.sys 472B7A5AC181C050888DB454663DD764
C:\Windows\System32\drivers\SiSRaid2.sys 2F518D13DD6F3053837FE606F1A2EA1F
C:\Windows\System32\drivers\sisraid4.sys 1AC9A200A9C49C4508F04AAFFCA34A3F
C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys 7F7580EB77F2F95ED67C8046C69D1242
C:\Windows\System32\drivers\spaceport.sys 87765EF43C33BE342F4ACB0E3FBF89A6
C:\Windows\System32\drivers\SpbCx.sys F337BE11071818FC3F5DC2940B6BDE34
C:\Windows\System32\DRIVERS\srv.sys 2B78788A1485F9B99A578A299DF42C02
C:\Windows\System32\DRIVERS\srv2.sys E62EAEF0BAC9DD61BF22D4A7F2F18571
C:\Windows\System32\DRIVERS\srvnet.sys 466BDC0006103F2547D308DD3CD64398
C:\Windows\System32\drivers\stexstor.sys 366DEA74BBA65B362BCCFC6FC2ADFD8B
C:\Windows\System32\drivers\storahci.sys 0ED2E318ABB68C1A35A8B8038BDB4C90
C:\Windows\System32\DRIVERS\vmstorfl.sys 7A08CEE1535F5A448215634C5EA74E50
C:\Windows\System32\drivers\stornvme.sys 6B06E2D11E604BE2B1A406C4CB3B90DE
C:\Windows\System32\drivers\storvsc.sys 548759755BC73DAD663250239D7E0B9F
C:\Windows\System32\drivers\swenum.sys 84E0F5D41C138C5CC975137A2A98F6D3
C:\Windows\system32\DRIVERS\SynTP.sys F3FD427B1C036E060047B920887ACAE8
C:\Windows\System32\drivers\tcpip.sys FEEFE783D87C9063CDAC6DBDCF95F533
C:\Windows\system32\DRIVERS\tcpip.sys FEEFE783D87C9063CDAC6DBDCF95F533
C:\Windows\System32\drivers\tcpipreg.sys 41CF802064F72E55F50CA0A221FD36D4
C:\Windows\system32\DRIVERS\tdx.sys FFF28F9F6823EB1756C60F1649560BBF
C:\Windows\System32\drivers\terminpt.sys 232D185D2337F141311D0CF1983E1431
C:\Windows\system32\drivers\tpm.sys 82F909359600D3603FE852DB7F135626
C:\Windows\System32\drivers\tsusbflt.sys BF8F54CA37E9C9D6582C31C5761F8C93
C:\Windows\System32\drivers\TsUsbGD.sys E0088068DCE2EE82897027DDB8E05254
C:\Windows\system32\DRIVERS\tunnel.sys C8E0E78B5D284C2FF59BDFFDAF997242
C:\Windows\System32\drivers\uagp35.sys F6EEAD052943B5A3104C1405BB856C54
C:\Windows\System32\drivers\uaspstor.sys FE6067B1FD4E63650C667B33D080565B
C:\Windows\System32\drivers\ucx01000.sys B034A41891A36457B994307DFA772293
C:\Windows\System32\DRIVERS\udfs.sys 1EC649F112896FAE33250F0B97AC5D0B
C:\Windows\System32\drivers\UEFI.sys 9578691F297E1B1F519970FE6D47CB21
C:\Windows\System32\drivers\uliagpkx.sys 5EAB5117DDB24FC4D39E6FFFCF1837B9
C:\Windows\System32\drivers\umbus.sys DA34C39A18E60E7C3FA0630566408034
C:\Windows\System32\drivers\umpass.sys AE8294875E5446E359B1E8035D40C05E
C:\Windows\system32\drivers\usbaudio.sys DF355EB0199198728027962DCFCDE5FB
C:\Windows\System32\drivers\usbccgp.sys 433ECDE01A52691FA7ACA51C10C09B70
C:\Windows\System32\drivers\usbcir.sys B3D6457D841A0CAEF4C52D88621715F2
C:\Windows\System32\drivers\usbehci.sys 5477D6E27C7D266EF8C152B9A25ADE5E
C:\Windows\System32\drivers\usbhub.sys DF56C2C04EFA328D7A66B69007130266
C:\Windows\System32\drivers\UsbHub3.sys CFC52C49BEFE4D70D87FFA900EAB9777
C:\Windows\System32\drivers\usbohci.sys 3019097FB6C985EF24C058090FF3BDBD
C:\Windows\System32\drivers\usbprint.sys 4D655E3B684BE9B0F7FFD8A2935C348C
C:\Windows\system32\DRIVERS\usbscan.sys F04D164C4168701A4E7835607722E5F1
C:\Windows\System32\drivers\USBSTOR.SYS EA23453240137F6773174E0D93F61A69
C:\Windows\System32\drivers\usbuhci.sys BA4FA655E0FC577DB7436FC963932CE4
C:\Windows\System32\Drivers\usbvideo.sys 18F744E8CCEB2670040EBAF7AD77B8C6
C:\Windows\System32\drivers\USBXHCI.SYS 48430B0313FC1CFE3D2400553F1A93CD
C:\Windows\System32\drivers\vdrvroot.sys FEB26E3B8345A7E8D62F945C4AE86562
C:\Windows\System32\drivers\VerifierExt.sys A026EDEAA5EECAE0B08E2748B616D4BD
C:\Windows\System32\drivers\vhdmp.sys 52E483A3701A5A61A75A06993720347D
C:\Windows\System32\drivers\viaide.sys 06D38968028E9AB19DE9B618C7B6D199
C:\Windows\System32\drivers\vmbus.sys C6305BDFC4F7CE51F72BB072C03D4ACE
C:\Windows\System32\drivers\VMBusHID.sys DA40BEA0A863CE768C940CA9723BF81F
C:\Windows\System32\drivers\volmgr.sys 55D7D963DE85162F1C49721E502F9744
C:\Windows\System32\drivers\volmgrx.sys CCB9E901F7254BF96D28EB1B0E5329B7
C:\Windows\System32\drivers\volsnap.sys 3595FBDF25F8BA6256072D103937D7D6
C:\Windows\System32\drivers\vpci.sys 01355C98B5C3ED1EC446743CDA848FCE
C:\Windows\System32\drivers\vsmraid.sys 4539F45F9F4C9757A86A56C949421E07
C:\Windows\System32\drivers\vstxraid.sys 0849B7260F26FE05EA56DED0672E2F4B
C:\Windows\System32\drivers\vwifibus.sys BE970C369E43B509C1EDA2B8FA7CECB0
C:\Windows\system32\DRIVERS\vwififlt.sys 6B26AD573CCDD5209DF4397438B76354
C:\Windows\system32\DRIVERS\vwifimp.sys 0B48E0DFB44EE475F4FD8A8EE599AF30
C:\Windows\System32\drivers\wacompen.sys 0910AB9ED404C1434E2D0376C2AD5D8B
C:\Windows\system32\drivers\WdBoot.sys F5D4FA3E1F4879C361FFF3855259D2C2
C:\Windows\System32\drivers\Wdf01000.sys CB6C63FF8342B467E2EF76E98D5B934D
C:\Windows\system32\drivers\WdFilter.sys 019CC610AD95FF47EAD7C08B7A683B96
C:\Windows\System32\Drivers\WdNisDrv.sys 6CC1BB8F6851A262E2E824F0E92D5EEF
C:\Windows\System32\DRIVERS\wfplwfs.sys BFBE1C5F57FE7A885673A1962D5532B7
C:\Windows\System32\drivers\wimmount.sys 867BCC69ED9C31C501465EB0E8BA9DFA
C:\Windows\System32\drivers\wmiacpi.sys 2834D9D3B4F554A39C72F00EA3F0E128
C:\Windows\System32\Drivers\Wof.sys 7FC5667DF73D4B04AA457CC3A4180E09
C:\Windows\System32\DRIVERS\wpcfltr.sys C1F564F324685C088ECAB1933576CF91
C:\Windows\System32\drivers\WpdUpFltr.sys 9F2904B55F6CECCD1A8D986B5CE2609A
C:\Windows\system32\drivers\ws2ifsl.sys AE072B0339D0A18E455DC21666CAD572
C:\Windows\system32\DRIVERS\wsvd.sys 72B4E9DF6456C43C42A1419B09486045
C:\Windows\System32\drivers\WudfPf.sys 2FEAE33E9B2B56104596E1BA444405A9
C:\Windows\System32\drivers\WUDFRd.sys 19240C13F526125554B5370566F21A0A
C:\Windows\System32\drivers\WUDFRd.sys 19240C13F526125554B5370566F21A0A
C:\Windows\system32\DRIVERS\WUDFRd.sys 19240C13F526125554B5370566F21A0A

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-25 01:21 - 2014-05-25 01:21 - 00000000 ____D () C:\FRST
2014-05-24 23:35 - 2014-05-25 01:21 - 00000000 ____D () C:\Users\Braden\Documents\SetiCleanup
2014-05-22 23:06 - 2014-05-22 23:06 - 00000000 ____D () C:\Users\Braden\Desktop\ProcessExplorer
2014-05-22 23:03 - 2014-05-22 23:03 - 01243655 _____ () C:\Users\Braden\Desktop\ProcessExplorer.zip
2014-05-16 01:20 - 2014-05-16 01:20 - 00076976 _____ () C:\Users\Braden\AppData\Roaming\LoJackSetup.exe
2014-05-15 19:25 - 2014-04-08 15:46 - 00086688 _____ (Microsoft Corporation) C:\windows\system32\mrt_map.dll
2014-05-15 19:25 - 2014-04-08 15:46 - 00028320 _____ (Microsoft Corporation) C:\windows\system32\mrt100.dll
2014-05-15 19:25 - 2014-04-08 11:54 - 00080032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mrt_map.dll
2014-05-15 19:25 - 2014-04-08 11:54 - 00026784 _____ (Microsoft Corporation) C:\windows\SysWOW64\mrt100.dll
2014-05-15 19:25 - 2014-03-23 19:30 - 00257880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys
2014-05-15 19:25 - 2014-03-23 19:30 - 00123224 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdNisDrv.sys
2014-05-15 19:25 - 2014-03-23 19:27 - 00035856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys
2014-05-15 19:25 - 2014-03-13 00:42 - 00308224 _____ (Microsoft Corporation) C:\windows\system32\wusa.exe
2014-05-15 19:25 - 2014-03-12 23:51 - 00305152 _____ (Microsoft Corporation) C:\windows\SysWOW64\wusa.exe
2014-05-15 11:45 - 2014-05-05 21:40 - 23544320 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-15 11:45 - 2014-05-05 20:25 - 17382912 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-15 11:45 - 2014-05-05 20:00 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-15 11:45 - 2014-05-05 19:10 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-05-15 11:45 - 2014-04-11 03:03 - 00555736 _____ (Microsoft Corporation) C:\windows\system32\twinapi.appcore.dll
2014-05-15 11:45 - 2014-04-11 03:03 - 00054776 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-05-15 11:45 - 2014-04-11 01:25 - 00419928 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinapi.appcore.dll
2014-05-15 11:45 - 2014-04-10 23:04 - 00056320 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2014-05-15 11:45 - 2014-04-10 22:53 - 00079872 _____ (Microsoft Corporation) C:\windows\system32\WSReset.exe
2014-05-15 11:45 - 2014-04-10 22:22 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2014-05-15 11:45 - 2014-04-10 20:54 - 00201728 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2014-05-15 11:45 - 2014-04-10 20:36 - 11792384 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2014-05-15 11:45 - 2014-04-10 20:24 - 13288960 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2014-05-15 11:45 - 2014-04-10 20:06 - 00031232 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2014-05-15 11:45 - 2014-04-10 20:05 - 00189952 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-15 11:45 - 2014-04-10 20:05 - 00123904 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2014-05-15 11:45 - 2014-04-10 20:02 - 00249344 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-15 11:45 - 2014-04-10 20:02 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-05-15 11:45 - 2014-04-10 20:01 - 00137728 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-05-15 11:45 - 2014-04-10 20:00 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-05-15 11:45 - 2014-04-10 19:59 - 00666624 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-05-15 11:45 - 2014-04-10 19:57 - 00190976 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2014-05-15 11:45 - 2014-04-10 19:56 - 00381440 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2014-05-15 11:45 - 2014-04-10 19:55 - 00093696 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-05-15 11:45 - 2014-04-10 19:53 - 00827392 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-05-15 11:45 - 2014-04-10 19:52 - 03464192 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-05-15 11:45 - 2014-04-10 19:46 - 01705472 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-05-15 11:45 - 2014-04-10 19:36 - 00828928 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.appcore.dll
2014-05-15 11:45 - 2014-04-10 19:34 - 00754688 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-05-15 11:45 - 2014-04-10 19:29 - 01054208 _____ (Microsoft Corporation) C:\windows\system32\twinui.appcore.dll
2014-05-15 11:45 - 2014-04-10 19:25 - 00921088 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-05-15 11:45 - 2014-03-27 02:12 - 21225584 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-05-15 11:45 - 2014-03-27 00:48 - 18679728 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-05-12 08:20 - 2014-05-12 08:20 - 00000069 _____ () C:\ProgramData\lmabscan.log
2014-05-12 08:18 - 2014-05-12 08:18 - 00000000 ____D () C:\Program Files\Lexmark
2014-05-10 23:02 - 2014-05-15 11:37 - 00004964 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for LENOVO-PC-Braden Lenovo-PC
2014-05-10 05:10 - 2014-05-10 05:10 - 01257126 _____ () C:\Users\Braden\Downloads\Kristol_on_Pornography.zip
2014-05-08 19:13 - 2014-05-08 19:13 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Braden\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-08 18:39 - 2014-05-08 18:39 - 00002357 _____ () C:\Users\Braden\Desktop\Safe Money.lnk
2014-05-08 18:39 - 2014-05-08 18:39 - 00001352 _____ () C:\Users\Braden\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security.lnk
2014-05-08 18:39 - 2014-05-08 18:39 - 00001151 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2014-05-08 18:39 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\windows\system32\klfphc.dll
2014-05-08 18:38 - 2014-05-24 22:48 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-05-08 18:38 - 2014-05-08 18:38 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-05-08 18:38 - 2014-03-26 11:00 - 00625760 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klif.sys
2014-05-08 18:38 - 2014-03-26 11:00 - 00115296 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klflt.sys
2014-05-08 18:35 - 2014-05-08 18:36 - 00484160 _____ () C:\windows\system32\FNTCACHE.DAT
2014-05-08 18:33 - 2014-01-19 00:38 - 00270496 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-05-08 18:29 - 2014-05-09 01:46 - 00000000 ____D () C:\Users\Braden\AppData\Roaming\KeePass
2014-05-08 18:24 - 2014-05-08 18:24 - 00001140 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2014-05-08 18:24 - 2014-05-08 18:24 - 00001128 _____ () C:\Users\Braden\Desktop\KeePass 2.lnk
2014-05-08 18:24 - 2014-05-08 18:24 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2
2014-05-08 18:19 - 2014-05-08 18:22 - 240197440 _____ (Kaspersky Lab) C:\Users\Braden\Downloads\kis14.0.0.4651abcdefEN_5874.exe
2014-05-08 17:54 - 2014-05-08 17:54 - 02545000 _____ (Dominik Reichl ) C:\Users\Braden\Downloads\KeePass-2.26-Setup.exe
2014-05-08 17:49 - 2014-05-08 17:49 - 00002774 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-05-08 17:49 - 2014-05-08 17:49 - 00000845 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-05-08 17:49 - 2014-05-08 17:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-05-08 17:49 - 2014-05-08 17:49 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-08 17:48 - 2014-05-08 17:51 - 230094896 _____ (Emsisoft GmbH ) C:\Users\Braden\Downloads\EmsisoftAntiMalwareSetup.exe
2014-05-08 17:43 - 2014-05-08 17:43 - 04745984 _____ (Piriform Ltd) C:\Users\Braden\Downloads\ccsetup413.exe
2014-05-08 16:56 - 2014-05-08 16:56 - 00002973 _____ () C:\Users\Braden\Desktop\HiJackThis.lnk
2014-05-08 16:56 - 2014-05-08 16:56 - 00000000 ____D () C:\Users\Braden\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-05-08 16:56 - 2014-05-08 16:56 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2014-05-07 16:17 - 2014-05-07 16:17 - 04304384 _____ () C:\Users\Braden\Downloads\2014_102_9.ppt
2014-05-04 03:02 - 2014-05-04 03:02 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-05-04 03:02 - 2014-05-04 03:02 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-05-02 18:03 - 2014-05-02 18:03 - 00000000 __SHD () C:\Users\Braden\AppData\Local\EmieUserList
2014-05-02 18:03 - 2014-05-02 18:03 - 00000000 __SHD () C:\Users\Braden\AppData\Local\EmieSiteList
2014-05-02 17:57 - 2014-05-17 15:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-05-02 17:57 - 2014-05-02 17:57 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-02 17:56 - 2014-05-02 17:56 - 00000000 ____D () C:\windows\PCHEALTH
2014-05-02 17:56 - 2014-05-02 17:56 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-05-02 17:56 - 2014-05-02 17:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-02 17:56 - 2014-05-02 17:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-05-02 17:52 - 2014-05-17 15:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-02 17:52 - 2014-05-02 17:56 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-05-02 17:52 - 2014-05-02 17:52 - 00000000 __RHD () C:\MSOCache
2014-05-02 17:52 - 2014-05-02 17:52 - 00000000 ____D () C:\Users\Braden\AppData\Local\Microsoft Help
2014-05-02 17:52 - 2014-05-02 17:52 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-05-02 17:52 - 2014-05-02 17:52 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-05-02 17:49 - 2014-05-02 17:51 - 00000000 ____D () C:\Users\Braden\Downloads\Microsoft_Office_Professional_Plus_2013_with_SP1_64-bit_(English)_X19-39668
2014-05-02 17:47 - 2014-05-02 17:49 - 00003119 _____ () C:\Users\Braden\Downloads\SecureDownloadManager.log
2014-05-02 17:47 - 2014-05-02 17:47 - 00000183 _____ () C:\Users\Braden\Downloads\100290475831.sdx
2014-05-02 17:46 - 2014-05-02 17:46 - 00000000 ____D () C:\Users\Braden\AppData\Roaming\e-academy Inc
2014-05-02 17:45 - 2014-05-02 17:46 - 00775168 _____ () C:\Users\Braden\Downloads\SDM_EN.msi
2014-05-02 16:21 - 2014-05-02 16:21 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-02 16:21 - 2014-05-02 16:21 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-02 11:57 - 2014-05-02 11:57 - 00199792 _____ () C:\Users\Braden\Downloads\Retail License Lottery Results (1).xlsx
2014-05-02 11:55 - 2014-05-02 11:55 - 00199792 _____ () C:\Users\Braden\Downloads\Retail License Lottery Results.xlsx
2014-05-02 00:58 - 2014-03-19 21:19 - 01291200 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-05-02 00:58 - 2014-03-19 20:41 - 02013016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-05-02 00:58 - 2014-03-19 20:41 - 00376152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\clfs.sys
2014-05-02 00:58 - 2014-03-19 20:40 - 01112536 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-05-02 00:58 - 2014-03-19 18:29 - 04268544 _____ (Microsoft Corporation) C:\windows\system32\SyncEngine.dll
2014-05-02 00:58 - 2014-03-19 16:55 - 01036288 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-05-02 00:58 - 2014-03-19 00:13 - 00836096 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-05-02 00:58 - 2014-03-11 05:42 - 02641920 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-05-02 00:58 - 2014-03-06 07:34 - 02331000 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2014-05-02 00:58 - 2014-03-06 05:51 - 01557848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2014-05-02 00:58 - 2014-03-06 05:42 - 07425368 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-05-02 00:58 - 2014-03-06 02:19 - 00040960 _____ (Microsoft Corporation) C:\windows\system32\Windows.Shell.Search.UriHandler.dll
2014-05-02 00:58 - 2014-03-06 01:20 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-05-02 00:58 - 2014-03-06 00:22 - 16875520 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll
2014-05-02 00:58 - 2014-03-05 23:59 - 12732416 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll
2014-05-02 00:58 - 2014-03-05 23:51 - 02900992 _____ (Microsoft Corporation) C:\windows\system32\msftedit.dll
2014-05-02 00:58 - 2014-03-05 22:28 - 08653824 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Search.dll
2014-05-02 00:58 - 2014-03-05 22:27 - 05833728 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Search.dll
2014-05-02 00:58 - 2014-03-05 22:20 - 06641152 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-05-02 00:58 - 2014-03-04 05:25 - 02373784 _____ (Microsoft Corporation) C:\windows\explorer.exe
2014-05-02 00:58 - 2014-03-04 05:15 - 02519384 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-05-02 00:57 - 2014-03-19 17:53 - 00950784 _____ (Microsoft Corporation) C:\windows\system32\ReAgent.dll
2014-05-02 00:57 - 2014-03-19 17:48 - 00201216 _____ (Microsoft Corporation) C:\windows\system32\ReInfo.dll
2014-05-02 00:57 - 2014-03-19 16:39 - 00800256 _____ (Microsoft Corporation) C:\windows\SysWOW64\ReAgent.dll
2014-05-02 00:57 - 2014-03-19 16:36 - 00172544 _____ (Microsoft Corporation) C:\windows\SysWOW64\ReInfo.dll
2014-05-02 00:57 - 2014-03-18 22:57 - 00621568 _____ (Microsoft Corporation) C:\windows\system32\MDMAgent.exe
2014-05-02 00:57 - 2014-03-18 22:50 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\w32tm.exe
2014-05-02 00:57 - 2014-03-18 22:31 - 01656832 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2014-05-02 00:57 - 2014-03-18 22:20 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\w32tm.exe
2014-05-02 00:57 - 2014-03-18 22:08 - 01351168 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2014-05-02 00:57 - 2014-03-18 21:41 - 00721408 _____ (Microsoft Corporation) C:\windows\system32\SkyDriveTelemetry.dll
2014-05-02 00:57 - 2014-03-18 21:17 - 00872448 _____ (Microsoft Corporation) C:\windows\system32\SkyDrive.exe
2014-05-02 00:57 - 2014-03-13 05:35 - 00157016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wof.sys
2014-05-02 00:57 - 2014-03-12 06:45 - 00387210 _____ () C:\windows\system32\ApnDatabase.xml
2014-05-02 00:57 - 2014-03-11 08:45 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\BdeHdCfgLib.dll
2014-05-02 00:57 - 2014-03-11 08:18 - 01015808 _____ (Microsoft Corporation) C:\windows\system32\aclui.dll
2014-05-02 00:57 - 2014-03-11 08:02 - 00794112 _____ (Microsoft Corporation) C:\windows\system32\fvewiz.dll
2014-05-02 00:57 - 2014-03-11 07:28 - 00887296 _____ (Microsoft Corporation) C:\windows\SysWOW64\aclui.dll
2014-05-02 00:57 - 2014-03-11 07:25 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\BitLockerDeviceEncryption.exe
2014-05-02 00:57 - 2014-03-11 07:05 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\fveapibase.dll
2014-05-02 00:57 - 2014-03-11 07:03 - 00339456 _____ (Microsoft Corporation) C:\windows\system32\bdesvc.dll
2014-05-02 00:57 - 2014-03-11 07:00 - 00720896 _____ (Microsoft Corporation) C:\windows\system32\fveapi.dll
2014-05-02 00:57 - 2014-03-11 06:21 - 00918528 _____ (Microsoft Corporation) C:\windows\system32\MrmCoreR.dll
2014-05-02 00:57 - 2014-03-11 06:02 - 00629760 _____ (Microsoft Corporation) C:\windows\SysWOW64\MrmCoreR.dll
2014-05-02 00:57 - 2014-03-11 05:35 - 02317824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-05-02 00:57 - 2014-03-08 13:47 - 00565536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2014-05-02 00:57 - 2014-03-08 13:47 - 00180056 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-05-02 00:57 - 2014-03-08 13:40 - 00136024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wfplwfs.sys
2014-05-02 00:57 - 2014-03-08 13:38 - 01542768 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2014-05-02 00:57 - 2014-03-08 13:35 - 00467800 ____C (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS
2014-05-02 00:57 - 2014-03-08 13:35 - 00337752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys
2014-05-02 00:57 - 2014-03-08 08:29 - 01339240 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-05-02 00:57 - 2014-03-08 08:29 - 00356848 _____ (Microsoft Corporation) C:\windows\system32\dcomp.dll
2014-05-02 00:57 - 2014-03-08 04:34 - 01095488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2014-05-02 00:57 - 2014-03-08 02:34 - 00731648 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2014-05-02 00:57 - 2014-03-08 02:02 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\sxproxy.dll
2014-05-02 00:57 - 2014-03-08 01:44 - 00731648 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2014-05-02 00:57 - 2014-03-08 01:33 - 00271872 _____ (Microsoft Corporation) C:\windows\system32\spp.dll
2014-05-02 00:57 - 2014-03-08 01:25 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\SetNetworkLocation.dll
2014-05-02 00:57 - 2014-03-08 01:12 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\sxproxy.dll
2014-05-02 00:57 - 2014-03-08 00:53 - 01843712 _____ (Microsoft Corporation) C:\windows\system32\Display.dll
2014-05-02 00:57 - 2014-03-08 00:51 - 00334848 _____ (Microsoft Corporation) C:\windows\system32\MDEServer.exe
2014-05-02 00:57 - 2014-03-08 00:47 - 00222720 _____ (Microsoft Corporation) C:\windows\SysWOW64\spp.dll
2014-05-02 00:57 - 2014-03-08 00:12 - 01816576 _____ (Microsoft Corporation) C:\windows\SysWOW64\Display.dll
2014-05-02 00:57 - 2014-03-08 00:09 - 01411584 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-05-02 00:57 - 2014-03-08 00:04 - 00160768 _____ (Microsoft Corporation) C:\windows\system32\AppxAllUserStore.dll
2014-05-02 00:57 - 2014-03-08 00:03 - 00939520 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-05-02 00:57 - 2014-03-08 00:01 - 00827392 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2014-05-02 00:57 - 2014-03-07 23:50 - 01066496 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-05-02 00:57 - 2014-03-07 23:48 - 00252928 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentClient.dll
2014-05-02 00:57 - 2014-03-07 23:46 - 01063424 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2014-05-02 00:57 - 2014-03-07 23:41 - 00412672 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2014-05-02 00:57 - 2014-03-07 23:40 - 00139776 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppxAllUserStore.dll
2014-05-02 00:57 - 2014-03-07 23:37 - 00755712 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-05-02 00:57 - 2014-03-07 23:31 - 00222720 _____ (Microsoft Corporation) C:\windows\SysWOW64\dcomp.dll
2014-05-02 00:57 - 2014-03-07 23:30 - 00197632 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppXDeploymentClient.dll
2014-05-02 00:57 - 2014-03-07 23:25 - 00264192 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2014-05-02 00:57 - 2014-03-07 23:09 - 00958464 _____ (Microsoft Corporation) C:\windows\system32\MFMediaEngine.dll
2014-05-02 00:57 - 2014-03-07 23:04 - 00717312 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2014-05-02 00:57 - 2014-03-07 23:02 - 00801792 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFMediaEngine.dll
2014-05-02 00:57 - 2014-03-07 22:58 - 00567296 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2014-05-02 00:57 - 2014-03-07 22:41 - 01306624 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentServer.dll
2014-05-02 00:57 - 2014-03-07 22:11 - 00924160 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentExtensions.dll
2014-05-02 00:57 - 2014-03-06 07:35 - 01466864 _____ (Microsoft Corporation) C:\windows\system32\propsys.dll
2014-05-02 00:57 - 2014-03-06 07:34 - 00113648 _____ (Microsoft Corporation) C:\windows\system32\userenv.dll
2014-05-02 00:57 - 2014-03-06 05:53 - 02141912 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
2014-05-02 00:57 - 2014-03-06 05:53 - 00518552 _____ (Microsoft Corporation) C:\windows\system32\dxgi.dll
2014-05-02 00:57 - 2014-03-06 05:51 - 00488280 _____ (Microsoft Corporation) C:\windows\system32\netcfgx.dll
2014-05-02 00:57 - 2014-03-06 05:51 - 00379224 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2014-05-02 00:57 - 2014-03-06 05:40 - 00492256 _____ (Microsoft Corporation) C:\windows\system32\mfsvr.dll
2014-05-02 00:57 - 2014-03-06 05:40 - 00467504 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-05-02 00:57 - 2014-03-06 05:40 - 00463264 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-05-02 00:57 - 2014-03-06 05:40 - 00364640 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-05-02 00:57 - 2014-03-06 05:40 - 00244888 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2014-05-02 00:57 - 2014-03-06 05:39 - 00212992 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2014-05-02 00:57 - 2014-03-06 04:20 - 01200296 _____ (Microsoft Corporation) C:\windows\SysWOW64\propsys.dll
2014-05-02 00:57 - 2014-03-06 04:19 - 00390488 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcfgx.dll
2014-05-02 00:57 - 2014-03-06 04:19 - 00094016 _____ (Microsoft Corporation) C:\windows\SysWOW64\userenv.dll
2014-05-02 00:57 - 2014-03-06 04:13 - 01779800 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
2014-05-02 00:57 - 2014-03-06 04:13 - 00406912 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxgi.dll
2014-05-02 00:57 - 2014-03-06 03:46 - 01679128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2014-05-02 00:57 - 2014-03-06 03:35 - 00406512 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2014-05-02 00:57 - 2014-03-06 03:35 - 00388408 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfsvr.dll
2014-05-02 00:57 - 2014-03-06 03:35 - 00326024 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2014-05-02 00:57 - 2014-03-06 03:35 - 00305768 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2014-05-02 00:57 - 2014-03-06 02:29 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\wlanhlp.dll
2014-05-02 00:57 - 2014-03-06 02:24 - 00111616 ____C (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2014-05-02 00:57 - 2014-03-06 02:24 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\IPMIDrv.sys
2014-05-02 00:57 - 2014-03-06 02:24 - 00033280 ____C (Microsoft Corporation) C:\windows\system32\Drivers\hidusb.sys
2014-05-02 00:57 - 2014-03-06 02:22 - 00679424 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2014-05-02 00:57 - 2014-03-06 02:22 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2014-05-02 00:57 - 2014-03-06 02:22 - 00134144 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys
2014-05-02 00:57 - 2014-03-06 02:20 - 00443392 _____ (Microsoft Corporation) C:\windows\system32\Drivers\nwifi.sys
2014-05-02 00:57 - 2014-03-06 02:20 - 00402944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2014-05-02 00:57 - 2014-03-06 02:20 - 00245760 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2014-05-02 00:57 - 2014-03-06 02:19 - 00283648 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2014-05-02 00:57 - 2014-03-06 02:19 - 00115200 _____ (Microsoft Corporation) C:\windows\system32\umpnpmgr.dll
2014-05-02 00:57 - 2014-03-06 02:19 - 00057856 _____ (Microsoft Corporation) C:\windows\system32\drvcfg.exe
2014-05-02 00:57 - 2014-03-06 02:19 - 00049152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpipreg.sys
2014-05-02 00:57 - 2014-03-06 02:08 - 00110592 _____ (Microsoft Corporation) C:\windows\system32\drvinst.exe
2014-05-02 00:57 - 2014-03-06 02:08 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\l2gpstore.dll
2014-05-02 00:57 - 2014-03-06 01:41 - 00115200 _____ (Microsoft Corporation) C:\windows\system32\DevPropMgr.dll
2014-05-02 00:57 - 2014-03-06 01:38 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2014-05-02 00:57 - 2014-03-06 01:37 - 00064512 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2014-05-02 00:57 - 2014-03-06 01:28 - 00011264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlanhlp.dll
2014-05-02 00:57 - 2014-03-06 01:10 - 00058368 _____ (Microsoft Corporation) C:\windows\SysWOW64\l2gpstore.dll
2014-05-02 00:57 - 2014-03-06 01:09 - 00098816 _____ (Microsoft Corporation) C:\windows\SysWOW64\drvinst.exe
2014-05-02 00:57 - 2014-03-06 01:00 - 00247296 _____ (Microsoft Corporation) C:\windows\system32\SensorsApi.dll
2014-05-02 00:57 - 2014-03-06 00:47 - 01057280 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2014-05-02 00:57 - 2014-03-06 00:46 - 00085504 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2014-05-02 00:57 - 2014-03-06 00:44 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2014-05-02 00:57 - 2014-03-06 00:16 - 00171008 _____ (Microsoft Corporation) C:\windows\SysWOW64\SensorsApi.dll
2014-05-02 00:57 - 2014-03-06 00:08 - 00855552 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2014-05-02 00:57 - 2014-03-06 00:02 - 00834560 _____ (Microsoft Corporation) C:\windows\system32\netlogon.dll
2014-05-02 00:57 - 2014-03-05 23:57 - 00443904 _____ (Microsoft Corporation) C:\windows\system32\wlansec.dll
2014-05-02 00:57 - 2014-03-05 23:39 - 02133504 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2014-05-02 00:57 - 2014-03-05 23:34 - 00201216 _____ (Microsoft Corporation) C:\windows\system32\AudioEndpointBuilder.dll
2014-05-02 00:57 - 2014-03-05 23:32 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\wlanapi.dll
2014-05-02 00:57 - 2014-03-05 23:31 - 02479616 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
2014-05-02 00:57 - 2014-03-05 23:29 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\netlogon.dll
2014-05-02 00:57 - 2014-03-05 23:27 - 00274944 _____ (Microsoft Corporation) C:\windows\system32\WsmWmiPl.dll
2014-05-02 00:57 - 2014-03-05 23:24 - 00462336 _____ (Microsoft Corporation) C:\windows\system32\wlangpui.dll
2014-05-02 00:57 - 2014-03-05 23:23 - 02270208 _____ (Microsoft Corporation) C:\windows\SysWOW64\msftedit.dll
2014-05-02 00:57 - 2014-03-05 23:23 - 00186368 _____ (Microsoft Corporation) C:\windows\system32\dafWfdProvider.dll
2014-05-02 00:57 - 2014-03-05 23:21 - 00370176 _____ (Microsoft Corporation) C:\windows\system32\wlanmsm.dll
2014-05-02 00:57 - 2014-03-05 23:21 - 00291840 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Sensors.dll
2014-05-02 00:57 - 2014-03-05 23:16 - 01527296 _____ (Microsoft Corporation) C:\windows\system32\wlansvc.dll
2014-05-02 00:57 - 2014-03-05 23:16 - 00834048 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-05-02 00:57 - 2014-03-05 23:13 - 00298496 _____ (Microsoft Corporation) C:\windows\system32\WSDMon.dll
2014-05-02 00:57 - 2014-03-05 23:13 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlanapi.dll
2014-05-02 00:57 - 2014-03-05 23:11 - 02030080 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2014-05-02 00:57 - 2014-03-05 23:09 - 01764864 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2014-05-02 00:57 - 2014-03-05 23:06 - 00386560 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlangpui.dll
2014-05-02 00:57 - 2014-03-05 23:05 - 01230336 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.dll
2014-05-02 00:57 - 2014-03-05 23:04 - 00300544 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlanmsm.dll
2014-05-02 00:57 - 2014-03-05 23:04 - 00226304 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Sensors.dll
2014-05-02 00:57 - 2014-03-05 23:01 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Scanners.dll
2014-05-02 00:57 - 2014-03-05 22:54 - 01023488 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2014-05-02 00:57 - 2014-03-05 22:54 - 00888320 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.dll
2014-05-02 00:57 - 2014-03-05 22:51 - 00151040 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Scanners.dll
2014-05-02 00:57 - 2014-03-05 22:47 - 00324096 _____ (Microsoft Corporation) C:\windows\system32\SessEnv.dll
2014-05-02 00:57 - 2014-03-05 22:42 - 01129472 _____ (Microsoft Corporation) C:\windows\system32\SearchFolder.dll
2014-05-02 00:57 - 2014-03-05 22:42 - 00280576 _____ (Microsoft Corporation) C:\windows\SysWOW64\SessEnv.dll
2014-05-02 00:57 - 2014-03-05 22:33 - 00839168 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchFolder.dll
2014-05-02 00:57 - 2014-03-05 22:21 - 05770752 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-05-02 00:57 - 2014-03-04 05:15 - 00428888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2014-05-02 00:57 - 2014-03-04 05:14 - 00360512 _____ (Microsoft Corporation) C:\windows\system32\mfreadwrite.dll
2014-05-02 00:57 - 2014-03-04 04:16 - 02088160 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2014-05-02 00:57 - 2014-03-04 04:10 - 00355832 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfreadwrite.dll
2014-05-02 00:57 - 2014-03-04 00:16 - 00655360 _____ (Microsoft Corporation) C:\windows\system32\dnsapi.dll
2014-05-02 00:57 - 2014-03-04 00:13 - 00254464 _____ (Microsoft Corporation) C:\windows\system32\dnsrslvr.dll
2014-05-02 00:57 - 2014-03-04 00:08 - 00299008 _____ (Microsoft Corporation) C:\windows\system32\pdh.dll
2014-05-02 00:57 - 2014-03-04 00:00 - 00512000 _____ (Microsoft Corporation) C:\windows\system32\wlidprov.dll
2014-05-02 00:57 - 2014-03-03 23:56 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RMapi.dll
2014-05-02 00:57 - 2014-03-03 23:50 - 00220160 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2014-05-02 00:57 - 2014-03-03 23:42 - 00494592 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnsapi.dll
2014-05-02 00:57 - 2014-03-03 23:39 - 00254976 _____ (Microsoft Corporation) C:\windows\SysWOW64\pdh.dll
2014-05-02 00:57 - 2014-03-03 23:32 - 00356864 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlidprov.dll
2014-05-02 00:57 - 2014-03-03 23:15 - 00542208 _____ (Microsoft Corporation) C:\windows\system32\Windows.Graphics.Printing.dll
2014-05-02 00:57 - 2014-03-03 23:05 - 00402432 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Graphics.Printing.dll
2014-05-02 00:57 - 2014-03-03 23:03 - 00669696 _____ (Microsoft Corporation) C:\windows\system32\rasapi32.dll
2014-05-02 00:57 - 2014-03-03 23:03 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\CredentialMigrationHandler.dll
2014-05-02 00:57 - 2014-03-03 22:54 - 00027136 _____ (Microsoft Corporation) C:\windows\SysWOW64\CredentialMigrationHandler.dll
2014-05-02 00:57 - 2014-03-03 22:52 - 00605184 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasapi32.dll
2014-05-02 00:57 - 2014-02-06 15:59 - 00425984 _____ (Microsoft Corporation) C:\windows\system32\clusapi.dll
2014-05-02 00:57 - 2014-02-06 14:26 - 00313344 _____ (Microsoft Corporation) C:\windows\SysWOW64\clusapi.dll
2014-05-02 00:57 - 2013-12-23 16:28 - 00262656 _____ (Microsoft Corporation) C:\windows\SysWOW64\LocationApi.dll
2014-05-02 00:57 - 2013-12-23 16:26 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\LocationApi.dll
2014-05-02 00:56 - 2014-02-25 23:29 - 02678784 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers.dll
2014-05-02 00:54 - 2014-02-22 09:59 - 01519520 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2014-05-02 00:54 - 2014-02-22 09:59 - 01290688 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2014-05-02 00:54 - 2014-02-22 09:59 - 00526304 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2014-05-02 00:54 - 2014-02-22 09:59 - 00461176 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2014-05-02 00:54 - 2014-02-22 09:59 - 00407536 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
2014-05-02 00:54 - 2014-02-22 09:15 - 01929608 _____ (Microsoft Corporation) C:\windows\system32\setupapi.dll
2014-05-02 00:54 - 2014-02-22 09:15 - 01206000 _____ (Microsoft Corporation) C:\windows\system32\Taskmgr.exe
2014-05-02 00:54 - 2014-02-22 09:15 - 00531128 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2014-05-02 00:54 - 2014-02-22 09:00 - 00590168 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fvevol.sys
2014-05-02 00:54 - 2014-02-22 09:00 - 00249688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdyboost.sys
2014-05-02 00:54 - 2014-02-22 08:55 - 01435304 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2014-05-02 00:54 - 2014-02-22 08:55 - 00388408 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
2014-05-02 00:54 - 2014-02-22 08:55 - 00244848 _____ (Microsoft Corporation) C:\windows\system32\sppwinob.dll
2014-05-02 00:54 - 2014-02-22 08:53 - 03394384 _____ (Microsoft Corporation) C:\windows\system32\WSService.dll
2014-05-02 00:54 - 2014-02-22 08:50 - 02588168 _____ (Microsoft Corporation) C:\windows\system32\WpcMon.exe
2014-05-02 00:54 - 2014-02-22 08:50 - 00761792 _____ (Microsoft Corporation) C:\windows\system32\iuilp.dll
2014-05-02 00:54 - 2014-02-22 08:50 - 00645104 _____ (Microsoft Corporation) C:\windows\system32\SHCore.dll
2014-05-02 00:54 - 2014-02-22 08:49 - 00384856 ____C (Microsoft Corporation) C:\windows\system32\Drivers\spaceport.sys
2014-05-02 00:54 - 2014-02-22 08:49 - 00280920 ____C (Microsoft Corporation) C:\windows\system32\Drivers\pci.sys
2014-05-02 00:54 - 2014-02-22 08:49 - 00148824 ____C (Microsoft Corporation) C:\windows\system32\Drivers\USBSTOR.SYS
2014-05-02 00:54 - 2014-02-22 08:48 - 02574240 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2014-05-02 00:54 - 2014-02-22 08:48 - 01791752 ____C (Microsoft Corporation) C:\windows\system32\WMALFXGFXDSP.dll
2014-05-02 00:54 - 2014-02-22 08:46 - 01927600 _____ (Microsoft Corporation) C:\windows\system32\combase.dll
2014-05-02 00:54 - 2014-02-22 08:46 - 01445616 _____ (Microsoft Corporation) C:\windows\system32\webservices.dll
2014-05-02 00:54 - 2014-02-22 08:46 - 01000424 _____ (Microsoft Corporation) C:\windows\system32\WinTypes.dll
2014-05-02 00:54 - 2014-02-22 08:46 - 00669896 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2014-05-02 00:54 - 2014-02-22 08:44 - 00539992 ____C (Microsoft Corporation) C:\windows\system32\Drivers\acpi.sys
2014-05-02 00:54 - 2014-02-22 08:44 - 00424280 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2014-05-02 00:54 - 2014-02-22 08:44 - 00360792 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fltMgr.sys
2014-05-02 00:54 - 2014-02-22 08:44 - 00311640 ____C (Microsoft Corporation) C:\windows\system32\Drivers\volsnap.sys
2014-05-02 00:54 - 2014-02-22 08:43 - 01727760 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2014-05-02 00:54 - 2014-02-22 08:43 - 01659056 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2014-05-02 00:54 - 2014-02-22 08:43 - 01519592 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2014-05-02 00:54 - 2014-02-22 08:43 - 01487520 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2014-05-02 00:54 - 2014-02-22 08:43 - 01356360 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2014-05-02 00:54 - 2014-02-22 08:41 - 02142976 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll
2014-05-02 00:54 - 2014-02-22 08:41 - 01399176 _____ (Microsoft Corporation) C:\windows\system32\winmde.dll
2014-05-02 00:54 - 2014-02-22 08:41 - 01374384 _____ (Microsoft Corporation) C:\windows\system32\wmpmde.dll
2014-05-02 00:54 - 2014-02-22 08:41 - 01215832 _____ (Microsoft Corporation) C:\windows\system32\mfnetsrc.dll
2014-05-02 00:54 - 2014-02-22 08:41 - 00881616 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2014-05-02 00:54 - 2014-02-22 08:41 - 00800552 _____ (Microsoft Corporation) C:\windows\system32\mfnetcore.dll
2014-05-02 00:54 - 2014-02-22 08:41 - 00609456 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2014-05-02 00:54 - 2014-02-22 08:41 - 00391008 _____ (Microsoft Corporation) C:\windows\system32\MMDevAPI.dll
2014-05-02 00:54 - 2014-02-22 08:41 - 00372360 _____ (Microsoft Corporation) C:\windows\system32\msvproc.dll
2014-05-02 00:54 - 2014-02-22 08:40 - 01118552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2014-05-02 00:54 - 2014-02-22 07:52 - 01767440 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupapi.dll
2014-05-02 00:54 - 2014-02-22 07:51 - 01063976 _____ (Microsoft Corporation) C:\windows\SysWOW64\Taskmgr.exe
2014-05-02 00:54 - 2014-02-22 07:42 - 01017936 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2014-05-02 00:54 - 2014-02-22 07:42 - 00422968 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2014-05-02 00:54 - 2014-02-22 07:38 - 01374384 _____ (Microsoft Corporation) C:\windows\SysWOW64\combase.dll
2014-05-02 00:54 - 2014-02-22 07:38 - 01077944 _____ (Microsoft Corporation) C:\windows\SysWOW64\webservices.dll
2014-05-02 00:54 - 2014-02-22 07:25 - 02410496 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2014-05-02 00:54 - 2014-02-22 07:18 - 00477744 _____ (Microsoft Corporation) C:\windows\SysWOW64\SHCore.dll
2014-05-02 00:54 - 2014-02-22 07:08 - 01474104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2014-05-02 00:54 - 2014-02-22 07:04 - 02144984 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcore.dll
2014-05-02 00:54 - 2014-02-22 07:04 - 01206000 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmde.dll
2014-05-02 00:54 - 2014-02-22 07:04 - 01011280 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfnetsrc.dll
2014-05-02 00:54 - 2014-02-22 07:04 - 00707048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2014-05-02 00:54 - 2014-02-22 07:04 - 00650736 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfnetcore.dll
2014-05-02 00:54 - 2014-02-22 07:04 - 00518552 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2014-05-02 00:54 - 2014-02-22 07:04 - 00296448 _____ (Microsoft Corporation) C:\windows\SysWOW64\MMDevAPI.dll
2014-05-02 00:54 - 2014-02-22 05:24 - 02825216 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2014-05-02 00:54 - 2014-02-22 05:22 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-05-02 00:54 - 2014-02-22 05:15 - 04192768 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-05-02 00:54 - 2014-02-22 05:14 - 00298496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ks.sys
2014-05-02 00:54 - 2014-02-22 05:11 - 00272896 ____C (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2014-05-02 00:54 - 2014-02-22 05:08 - 00630784 _____ (Microsoft Corporation) C:\windows\system32\OobeFldr.dll
2014-05-02 00:54 - 2014-02-22 05:07 - 00545792 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll
2014-05-02 00:54 - 2014-02-22 05:07 - 00018432 _____ (Microsoft Corporation) C:\windows\system32\WofUtil.dll
2014-05-02 00:54 - 2014-02-22 04:46 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-05-02 00:54 - 2014-02-22 04:46 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\scrrun.dll
2014-05-02 00:54 - 2014-02-22 04:44 - 02767360 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-05-02 00:54 - 2014-02-22 04:30 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-05-02 00:54 - 2014-02-22 04:28 - 02428928 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2014-05-02 00:54 - 2014-02-22 04:25 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\recimg.exe
2014-05-02 00:54 - 2014-02-22 04:25 - 00160256 _____ (Microsoft Corporation) C:\windows\system32\DWWIN.EXE
2014-05-02 00:54 - 2014-02-22 04:17 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-05-02 00:54 - 2014-02-22 04:17 - 00630272 _____ (Microsoft Corporation) C:\windows\SysWOW64\OobeFldr.dll
2014-05-02 00:54 - 2014-02-22 04:16 - 00617472 _____ (Microsoft Corporation) C:\windows\SysWOW64\apphelp.dll
2014-05-02 00:54 - 2014-02-22 04:01 - 00586240 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-05-02 00:54 - 2014-02-22 04:00 - 05784064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-05-02 00:54 - 2014-02-22 03:57 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\scrrun.dll
2014-05-02 00:54 - 2014-02-22 03:54 - 00586240 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-05-02 00:54 - 2014-02-22 03:47 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\dfp.exe
2014-05-02 00:54 - 2014-02-22 03:44 - 02178048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-05-02 00:54 - 2014-02-22 03:41 - 00878592 _____ (Microsoft Corporation) C:\windows\system32\ActionCenter.dll
2014-05-02 00:54 - 2014-02-22 03:41 - 00320000 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe
2014-05-02 00:54 - 2014-02-22 03:38 - 00390656 _____ (Microsoft Corporation) C:\windows\system32\DfpCommon.dll
2014-05-02 00:54 - 2014-02-22 03:36 - 04254720 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-05-02 00:54 - 2014-02-22 03:36 - 00441344 _____ (Microsoft Corporation) C:\windows\system32\mssph.dll
2014-05-02 00:54 - 2014-02-22 03:34 - 11742720 _____ (Microsoft Corporation) C:\windows\system32\glcndFilter.dll
2014-05-02 00:54 - 2014-02-22 03:33 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-05-02 00:54 - 2014-02-22 03:25 - 01428480 _____ (Microsoft Corporation) C:\windows\system32\RecoveryDrive.exe
2014-05-02 00:54 - 2014-02-22 03:22 - 00606208 _____ (Microsoft Corporation) C:\windows\system32\comdlg32.dll
2014-05-02 00:54 - 2014-02-22 03:18 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\mssvp.dll
2014-05-02 00:54 - 2014-02-22 03:18 - 00488448 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-05-02 00:54 - 2014-02-22 03:09 - 01224192 _____ (Microsoft Corporation) C:\windows\system32\werconcpl.dll
2014-05-02 00:54 - 2014-02-22 03:09 - 00628736 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-05-02 00:54 - 2014-02-22 03:08 - 00997888 _____ (Microsoft Corporation) C:\windows\system32\reseteng.dll
2014-05-02 00:54 - 2014-02-22 03:06 - 02943488 _____ (Microsoft Corporation) C:\windows\system32\Wpc.dll
2014-05-02 00:54 - 2014-02-22 03:05 - 01757184 _____ (Microsoft Corporation) C:\windows\system32\WMPDMC.exe
2014-05-02 00:54 - 2014-02-22 03:02 - 08946688 _____ (Microsoft Corporation) C:\windows\SysWOW64\glcndFilter.dll
2014-05-02 00:54 - 2014-02-22 03:01 - 02648064 _____ (Microsoft Corporation) C:\windows\system32\WpcWebSync.dll
2014-05-02 00:54 - 2014-02-22 03:01 - 01227776 _____ (Microsoft Corporation) C:\windows\system32\usercpl.dll
2014-05-02 00:54 - 2014-02-22 03:01 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssph.dll
2014-05-02 00:54 - 2014-02-22 03:00 - 02043904 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-05-02 00:54 - 2014-02-22 02:57 - 00710656 _____ (Microsoft Corporation) C:\windows\system32\lsm.dll
2014-05-02 00:54 - 2014-02-22 02:53 - 00825344 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll
2014-05-02 00:54 - 2014-02-22 02:52 - 01132032 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2014-05-02 00:54 - 2014-02-22 02:48 - 00427520 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-05-02 00:54 - 2014-02-22 02:47 - 01192448 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2014-05-02 00:54 - 2014-02-22 02:45 - 00562176 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-05-02 00:54 - 2014-02-22 02:40 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-05-02 00:54 - 2014-02-22 02:39 - 13551104 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-05-02 00:54 - 2014-02-22 02:38 - 00753664 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2014-05-02 00:54 - 2014-02-22 02:37 - 02220032 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wpc.dll
2014-05-02 00:54 - 2014-02-22 02:35 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2014-05-02 00:54 - 2014-02-22 02:35 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\WofTasks.dll
2014-05-02 00:54 - 2014-02-22 02:34 - 00467456 _____ (Microsoft Corporation) C:\windows\system32\energy.dll
2014-05-02 00:54 - 2014-02-22 02:33 - 11745792 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-05-02 00:54 - 2014-02-22 02:33 - 01967104 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-05-02 00:54 - 2014-02-22 02:33 - 00653312 _____ (Microsoft Corporation) C:\windows\system32\DismApi.dll
2014-05-02 00:54 - 2014-02-22 02:28 - 02643456 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
2014-05-02 00:54 - 2014-02-22 02:26 - 00792576 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Globalization.dll
2014-05-02 00:54 - 2014-02-22 02:26 - 00366080 _____ (Microsoft Corporation) C:\windows\system32\wcmsvc.dll
2014-05-02 00:54 - 2014-02-22 02:25 - 01361408 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2014-05-02 00:54 - 2014-02-22 02:25 - 00269824 _____ (Microsoft Corporation) C:\windows\system32\bisrv.dll
2014-05-02 00:54 - 2014-02-22 02:24 - 00666624 _____ (Microsoft Corporation) C:\windows\system32\wimgapi.dll
2014-05-02 00:54 - 2014-02-22 02:23 - 03494912 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
2014-05-02 00:54 - 2014-02-22 02:23 - 02843136 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2014-05-02 00:54 - 2014-02-22 02:23 - 01576960 _____ (Microsoft Corporation) C:\windows\system32\wlidsvc.dll
2014-05-02 00:54 - 2014-02-22 02:23 - 00628224 _____ (Microsoft Corporation) C:\windows\system32\msTextPrediction.dll
2014-05-02 00:54 - 2014-02-22 02:23 - 00344576 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-05-02 00:54 - 2014-02-22 02:21 - 01287168 _____ (Microsoft Corporation) C:\windows\system32\mispace.dll
2014-05-02 00:54 - 2014-02-22 02:16 - 11776000 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2014-05-02 00:54 - 2014-02-22 02:14 - 00584704 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2014-05-02 00:54 - 2014-02-22 02:13 - 01728000 _____ (Microsoft Corporation) C:\windows\system32\dui70.dll
2014-05-02 00:54 - 2014-02-22 02:11 - 02395136 _____ (Microsoft Corporation) C:\windows\system32\storagewmi.dll
2014-05-02 00:54 - 2014-02-22 02:11 - 02262016 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-05-02 00:54 - 2014-02-22 02:11 - 00704512 _____ (Microsoft Corporation) C:\windows\system32\Windows.Security.Authentication.OnlineId.dll
2014-05-02 00:54 - 2014-02-22 02:10 - 00569856 _____ (Microsoft Corporation) C:\windows\system32\wpncore.dll
2014-05-02 00:54 - 2014-02-22 02:07 - 00718336 _____ (Microsoft Corporation) C:\windows\system32\swprv.dll
2014-05-02 00:54 - 2014-02-22 02:04 - 01107456 _____ (Microsoft Corporation) C:\windows\system32\perftrack.dll
2014-05-02 00:54 - 2014-02-22 02:04 - 01029120 _____ (Microsoft Corporation) C:\windows\SysWOW64\mispace.dll
2014-05-02 00:54 - 2014-02-22 02:01 - 13933568 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2014-05-02 00:54 - 2014-02-22 02:00 - 01341440 _____ (Microsoft Corporation) C:\windows\SysWOW64\dui70.dll
2014-05-02 00:54 - 2014-02-22 02:00 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\StructuredQuery.dll
2014-05-02 00:54 - 2014-02-22 01:59 - 01621504 _____ (Microsoft Corporation) C:\windows\system32\RacEngn.dll
2014-05-02 00:54 - 2014-02-22 01:59 - 01403392 _____ (Microsoft Corporation) C:\windows\SysWOW64\storagewmi.dll
2014-05-02 00:54 - 2014-02-22 01:59 - 00791552 _____ (Microsoft Corporation) C:\windows\system32\uDWM.dll
2014-05-02 00:54 - 2014-02-22 01:59 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2014-05-02 00:54 - 2014-02-22 01:54 - 00647168 _____ (Microsoft Corporation) C:\windows\system32\SettingSyncHost.exe
2014-05-02 00:54 - 2014-02-22 01:53 - 12027904 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll
2014-05-02 00:54 - 2014-02-22 01:51 - 01258496 _____ (Microsoft Corporation) C:\windows\SysWOW64\RacEngn.dll
2014-05-02 00:54 - 2014-02-22 01:51 - 00716288 _____ (Microsoft Corporation) C:\windows\system32\ntshrui.dll
2014-05-02 00:54 - 2014-02-22 01:51 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\thumbcache.dll
2014-05-02 00:54 - 2014-02-22 01:49 - 08874496 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll
2014-05-02 00:54 - 2014-02-22 01:49 - 01400832 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-05-02 00:54 - 2014-02-22 01:49 - 00755200 _____ (Microsoft Corporation) C:\windows\system32\msctfuimanager.dll
2014-05-02 00:54 - 2014-02-22 01:47 - 00517120 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSyncHost.exe
2014-05-02 00:54 - 2014-02-22 01:45 - 00845824 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
2014-05-02 00:54 - 2014-02-22 01:44 - 00721408 _____ (Microsoft Corporation) C:\windows\system32\twinapi.dll
2014-05-02 00:54 - 2014-02-22 01:40 - 02368512 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2014-05-02 00:54 - 2014-02-22 01:40 - 00321536 _____ (Microsoft Corporation) C:\windows\system32\stobject.dll
2014-05-02 00:54 - 2014-02-22 01:39 - 00556032 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinapi.dll
2014-05-02 00:54 - 2014-02-22 01:38 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-05-02 00:54 - 2014-02-22 01:37 - 01716736 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2014-05-02 00:54 - 2014-02-22 01:37 - 00658432 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
2014-05-02 00:54 - 2014-02-22 01:34 - 02100736 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlowUI.dll
2014-05-02 00:54 - 2014-02-22 01:32 - 01789440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-05-02 00:54 - 2014-02-22 01:27 - 01143808 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-05-02 00:54 - 2014-02-22 01:24 - 02760704 _____ (Microsoft Corporation) C:\windows\system32\wpccpl.dll
2014-05-02 00:54 - 2014-02-22 01:22 - 00777728 _____ (Microsoft Corporation) C:\windows\system32\SettingSyncCore.dll
2014-05-02 00:54 - 2014-02-22 01:21 - 00600576 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSyncCore.dll
2014-05-02 00:54 - 2014-02-22 01:18 - 00576512 _____ (Microsoft Corporation) C:\windows\system32\SettingSync.dll
2014-05-02 00:54 - 2014-02-22 01:06 - 01640960 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Immersive.dll
2014-05-02 00:54 - 2014-02-22 01:04 - 01217024 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Streaming.dll
2014-05-02 00:54 - 2014-02-22 01:03 - 01496576 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Immersive.dll
2014-05-02 00:54 - 2014-02-22 01:01 - 00978944 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Streaming.dll
2014-05-02 00:54 - 2014-02-22 01:01 - 00635904 _____ (Microsoft Corporation) C:\windows\system32\WWAHost.exe
2014-05-02 00:54 - 2014-02-22 01:00 - 00514560 _____ (Microsoft Corporation) C:\windows\SysWOW64\WWAHost.exe
2014-05-02 00:54 - 2014-02-21 21:33 - 00262335 _____ () C:\windows\system32\dfpinc.dat
2014-05-02 00:54 - 2014-02-07 18:08 - 00139600 _____ () C:\windows\system32\systemsf.ebd
2014-05-02 00:54 - 2014-02-02 07:48 - 00307304 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2014-05-02 00:54 - 2014-02-02 06:33 - 00230808 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2014-05-02 00:54 - 2014-01-29 01:53 - 01653352 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-05-02 00:54 - 2014-01-29 00:44 - 01369736 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-05-02 00:54 - 2014-01-27 08:38 - 01584128 _____ (Microsoft Corporation) C:\windows\system32\workfolderssvc.dll
2014-05-02 00:54 - 2014-01-07 18:30 - 00745328 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2014-05-02 00:54 - 2013-12-10 00:35 - 00530944 _____ (Microsoft Corporation) C:\windows\system32\AppReadiness.dll
2014-05-02 00:53 - 2014-02-22 09:59 - 00289752 _____ (Microsoft Corporation) C:\windows\system32\sqmapi.dll
2014-05-02 00:53 - 2014-02-22 09:59 - 00209160 _____ (Microsoft Corporation) C:\windows\system32\imm32.dll
2014-05-02 00:53 - 2014-02-22 09:59 - 00139464 _____ (Microsoft Corporation) C:\windows\system32\wermgr.exe
2014-05-02 00:53 - 2014-02-22 09:59 - 00123448 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2014-05-02 00:53 - 2014-02-22 09:58 - 00036200 _____ (Microsoft Corporation) C:\windows\system32\WerFaultSecure.exe
2014-05-02 00:53 - 2014-02-22 09:15 - 00275312 _____ (Microsoft Corporation) C:\windows\system32\powrprof.dll
2014-05-02 00:53 - 2014-02-22 09:15 - 00188464 _____ (Microsoft Corporation) C:\windows\system32\systemreset.exe
2014-05-02 00:53 - 2014-02-22 09:15 - 00071888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpfve.sys
2014-05-02 00:53 - 2014-02-22 09:02 - 00170952 _____ (Microsoft Corporation) C:\windows\system32\wscapi.dll
2014-05-02 00:53 - 2014-02-22 09:02 - 00083120 _____ (Microsoft Corporation) C:\windows\system32\taskhost.exe
2014-05-02 00:53 - 2014-02-22 09:02 - 00080048 _____ (Microsoft Corporation) C:\windows\system32\taskhostex.exe
2014-05-02 00:53 - 2014-02-22 09:00 - 00236888 ____C (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
2014-05-02 00:53 - 2014-02-22 09:00 - 00151384 ____C (Microsoft Corporation) C:\windows\system32\Drivers\dumpsd.sys
2014-05-02 00:53 - 2014-02-22 09:00 - 00079192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fileinfo.sys
2014-05-02 00:53 - 2014-02-22 08:59 - 00032088 _____ (Microsoft Corporation) C:\windows\system32\ploptin.dll
2014-05-02 00:53 - 2014-02-22 08:59 - 00027480 _____ (Microsoft Corporation) C:\windows\system32\SysResetErr.exe
2014-05-02 00:53 - 2014-02-22 08:55 - 00162176 _____ (Microsoft Corporation) C:\windows\system32\AuthHost.exe
2014-05-02 00:53 - 2014-02-22 08:55 - 00152848 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2014-05-02 00:53 - 2014-02-22 08:55 - 00131168 _____ (Microsoft Corporation) C:\windows\system32\easinvoker.exe
2014-05-02 00:53 - 2014-02-22 08:55 - 00105864 _____ (Microsoft Corporation) C:\windows\system32\ncryptsslp.dll
2014-05-02 00:53 - 2014-02-22 08:50 - 00258784 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlows.exe
2014-05-02 00:53 - 2014-02-22 08:50 - 00101216 _____ (Microsoft Corporation) C:\windows\system32\RestoreOptIn.exe
2014-05-02 00:53 - 2014-02-22 08:50 - 00054816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wpcfltr.sys
2014-05-02 00:53 - 2014-02-22 08:50 - 00043408 _____ (Microsoft Corporation) C:\windows\system32\CloudNotifications.exe
2014-05-02 00:53 - 2014-02-22 08:50 - 00032544 _____ (Microsoft Corporation) C:\windows\system32\UserAccountBroker.exe
2014-05-02 00:53 - 2014-02-22 08:49 - 00372568 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-05-02 00:53 - 2014-02-22 08:49 - 00325464 ____C (Microsoft Corporation) C:\windows\system32\Drivers\USBXHCI.SYS
2014-05-02 00:53 - 2014-02-22 08:49 - 00189784 ____C (Microsoft Corporation) C:\windows\system32\Drivers\UCX01000.SYS
2014-05-02 00:53 - 2014-02-22 08:49 - 00146776 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msgpioclx.sys
2014-05-02 00:53 - 2014-02-22 08:49 - 00079192 ____C (Microsoft Corporation) C:\windows\system32\Drivers\sdstor.sys
2014-05-02 00:53 - 2014-02-22 08:48 - 00210736 _____ (Microsoft Corporation) C:\windows\system32\SndVol.exe
2014-05-02 00:53 - 2014-02-22 08:44 - 00924504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\refs.sys
2014-05-02 00:53 - 2014-02-22 08:43 - 00142576 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2014-05-02 00:53 - 2014-02-22 08:43 - 00094560 _____ (Microsoft Corporation) C:\windows\system32\bcd.dll
2014-05-02 00:53 - 2014-02-22 08:41 - 00324896 _____ (Microsoft Corporation) C:\windows\system32\MFCaptureEngine.dll
2014-05-02 00:53 - 2014-02-22 08:41 - 00028416 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2014-05-02 00:53 - 2014-02-22 07:52 - 00251504 _____ (Microsoft Corporation) C:\windows\SysWOW64\powrprof.dll
2014-05-02 00:53 - 2014-02-22 07:51 - 00140456 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscapi.dll
2014-05-02 00:53 - 2014-02-22 07:42 - 00410568 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2014-05-02 00:53 - 2014-02-22 07:42 - 00369288 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll
2014-05-02 00:53 - 2014-02-22 07:42 - 00232896 _____ (Microsoft Corporation) C:\windows\SysWOW64\sqmapi.dll
2014-05-02 00:53 - 2014-02-22 07:42 - 00137344 _____ (Microsoft Corporation) C:\windows\SysWOW64\wermgr.exe
2014-05-02 00:53 - 2014-02-22 07:42 - 00098072 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2014-05-02 00:53 - 2014-02-22 07:41 - 00033056 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFaultSecure.exe
2014-05-02 00:53 - 2014-02-22 07:38 - 00506120 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinTypes.dll
2014-05-02 00:53 - 2014-02-22 07:38 - 00336232 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll
2014-05-02 00:53 - 2014-02-22 07:38 - 00089848 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncryptsslp.dll
2014-05-02 00:53 - 2014-02-22 07:25 - 00180240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SndVol.exe
2014-05-02 00:53 - 2014-02-22 07:18 - 00089848 _____ (Microsoft Corporation) C:\windows\SysWOW64\RestoreOptIn.exe
2014-05-02 00:53 - 2014-02-22 07:18 - 00041320 _____ (Microsoft Corporation) C:\windows\SysWOW64\CloudNotifications.exe
2014-05-02 00:53 - 2014-02-22 07:18 - 00029912 _____ (Microsoft Corporation) C:\windows\SysWOW64\UserAccountBroker.exe
2014-05-02 00:53 - 2014-02-22 07:11 - 00490136 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2014-05-02 00:53 - 2014-02-22 07:08 - 00079496 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcd.dll
2014-05-02 00:53 - 2014-02-22 07:04 - 00317584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvproc.dll
2014-05-02 00:53 - 2014-02-22 07:04 - 00285144 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFCaptureEngine.dll
2014-05-02 00:53 - 2014-02-22 05:20 - 00245248 _____ (Microsoft Corporation) C:\windows\system32\microsoft-windows-system-events.dll
2014-05-02 00:53 - 2014-02-22 05:20 - 00128512 _____ (Microsoft Corporation) C:\windows\system32\microsoft-windows-kernel-power-events.dll
2014-05-02 00:53 - 2014-02-22 05:17 - 00902144 _____ (Microsoft Corporation) C:\windows\system32\autoconv.exe
2014-05-02 00:53 - 2014-02-22 05:17 - 00890880 _____ (Microsoft Corporation) C:\windows\system32\autochk.exe
2014-05-02 00:53 - 2014-02-22 05:17 - 00874496 _____ (Microsoft Corporation) C:\windows\system32\autofmt.exe
2014-05-02 00:53 - 2014-02-22 05:17 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\f3ahvoas.dll
2014-05-02 00:53 - 2014-02-22 05:14 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\luafv.sys
2014-05-02 00:53 - 2014-02-22 05:14 - 00054272 _____ (Microsoft Corporation) C:\windows\system32\Drivers\watchdog.sys
2014-05-02 00:53 - 2014-02-22 05:14 - 00033280 ____C (Microsoft Corporation) C:\windows\system32\Drivers\BasicRender.sys
2014-05-02 00:53 - 2014-02-22 05:09 - 00663040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2014-05-02 00:53 - 2014-02-22 05:08 - 00056320 _____ (Microsoft Corporation) C:\windows\system32\mf3216.dll
2014-05-02 00:53 - 2014-02-22 05:07 - 00068096 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2014-05-02 00:53 - 2014-02-22 05:07 - 00014848 _____ (Microsoft Corporation) C:\windows\system32\clrhost.dll
2014-05-02 00:53 - 2014-02-22 05:06 - 00109568 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2014-05-02 00:53 - 2014-02-22 05:04 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\offreg.dll
2014-05-02 00:53 - 2014-02-22 05:03 - 00349696 _____ (Microsoft Corporation) C:\windows\system32\bcdedit.exe
2014-05-02 00:53 - 2014-02-22 05:03 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\spbcd.dll
2014-05-02 00:53 - 2014-02-22 05:02 - 00208896 _____ (Microsoft Corporation) C:\windows\system32\aelupsvc.dll
2014-05-02 00:53 - 2014-02-22 05:01 - 00094720 _____ (Microsoft Corporation) C:\windows\system32\spcompat.dll
2014-05-02 00:53 - 2014-02-22 05:00 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\ReAgentc.exe
2014-05-02 00:53 - 2014-02-22 04:59 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\WindowsAnytimeUpgrade.exe
2014-05-02 00:53 - 2014-02-22 04:57 - 00156672 _____ (Microsoft Corporation) C:\windows\system32\slc.dll
2014-05-02 00:53 - 2014-02-22 04:57 - 00068096 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-05-02 00:53 - 2014-02-22 04:54 - 00123904 _____ (Microsoft Corporation) C:\windows\system32\sppc.dll
2014-05-02 00:53 - 2014-02-22 04:50 - 00224256 _____ (Microsoft Corporation) C:\windows\system32\ActionQueue.dll
2014-05-02 00:53 - 2014-02-22 04:50 - 00135168 _____ (Microsoft Corporation) C:\windows\system32\fsutil.exe
2014-05-02 00:53 - 2014-02-22 04:47 - 00589312 _____ (Microsoft Corporation) C:\windows\system32\vdsdyn.dll
2014-05-02 00:53 - 2014-02-22 04:47 - 00236544 _____ (Microsoft Corporation) C:\windows\system32\vdsbas.dll
2014-05-02 00:53 - 2014-02-22 04:47 - 00165376 _____ (Microsoft Corporation) C:\windows\system32\bcdboot.exe
2014-05-02 00:53 - 2014-02-22 04:45 - 00214016 _____ (Microsoft Corporation) C:\windows\system32\scrobj.dll
2014-05-02 00:53 - 2014-02-22 04:45 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\fhevents.dll
2014-05-02 00:53 - 2014-02-22 04:42 - 00038680 _____ (Microsoft Corporation) C:\windows\system32\LockScreenContentServer.exe
2014-05-02 00:53 - 2014-02-22 04:41 - 00196608 _____ (Microsoft Corporation) C:\windows\system32\PkgMgr.exe
2014-05-02 00:53 - 2014-02-22 04:37 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\diskpart.exe
2014-05-02 00:53 - 2014-02-22 04:34 - 00273408 _____ (Microsoft Corporation) C:\windows\system32\dmdskmgr.dll
2014-05-02 00:53 - 2014-02-22 04:32 - 00130048 _____ (Microsoft Corporation) C:\windows\system32\vdsutil.dll
2014-05-02 00:53 - 2014-02-22 04:29 - 00156672 _____ (Microsoft Corporation) C:\windows\system32\RelPost.exe
2014-05-02 00:53 - 2014-02-22 04:27 - 00141824 _____ (Microsoft Corporation) C:\windows\system32\dot3mm.dll
2014-05-02 00:53 - 2014-02-22 04:25 - 00148992 _____ (Microsoft Corporation) C:\windows\system32\sppnp.dll
2014-05-02 00:53 - 2014-02-22 04:24 - 00800256 _____ (Microsoft Corporation) C:\windows\SysWOW64\autoconv.exe
2014-05-02 00:53 - 2014-02-22 04:24 - 00792576 _____ (Microsoft Corporation) C:\windows\SysWOW64\autochk.exe
2014-05-02 00:53 - 2014-02-22 04:24 - 00780288 _____ (Microsoft Corporation) C:\windows\SysWOW64\autofmt.exe
2014-05-02 00:53 - 2014-02-22 04:24 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\SSShim.dll
2014-05-02 00:53 - 2014-02-22 04:22 - 00177664 _____ (Microsoft Corporation) C:\windows\system32\easwrt.dll
2014-05-02 00:53 - 2014-02-22 04:22 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2014-05-02 00:53 - 2014-02-22 04:17 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\DAMM.dll
2014-05-02 00:53 - 2014-02-22 04:16 - 00432640 _____ (Microsoft Corporation) C:\windows\system32\zipfldr.dll
2014-05-02 00:53 - 2014-02-22 04:16 - 00148992 _____ (Microsoft Corporation) C:\windows\system32\cscript.exe
2014-05-02 00:53 - 2014-02-22 04:16 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\wshom.ocx
2014-05-02 00:53 - 2014-02-22 04:16 - 00012288 _____ (Microsoft Corporation) C:\windows\SysWOW64\clrhost.dll
2014-05-02 00:53 - 2014-02-22 04:15 - 00137728 _____ (Microsoft Corporation) C:\windows\SysWOW64\imm32.dll
2014-05-02 00:53 - 2014-02-22 04:14 - 00216576 _____ (Microsoft Corporation) C:\windows\system32\cleanmgr.exe
2014-05-02 00:53 - 2014-02-22 04:13 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\offreg.dll
2014-05-02 00:53 - 2014-02-22 04:11 - 00068096 _____ (Microsoft Corporation) C:\windows\SysWOW64\spbcd.dll
2014-05-02 00:53 - 2014-02-22 04:09 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\ReAgentc.exe
2014-05-02 00:53 - 2014-02-22 04:08 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\wercplsupport.dll
2014-05-02 00:53 - 2014-02-22 04:06 - 00148992 _____ (Microsoft Corporation) C:\windows\SysWOW64\slc.dll
2014-05-02 00:53 - 2014-02-22 04:05 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\RASMM.dll
2014-05-02 00:53 - 2014-02-22 04:05 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\pnpclean.dll
2014-05-02 00:53 - 2014-02-22 04:05 - 00095232 _____ (Microsoft Corporation) C:\windows\SysWOW64\sppc.dll
2014-05-02 00:53 - 2014-02-22 04:05 - 00027136 _____ (Microsoft Corporation) C:\windows\system32\LockScreenContentHost.dll
2014-05-02 00:53 - 2014-02-22 04:04 - 00575488 _____ (Microsoft Corporation) C:\windows\system32\dfrgui.exe
2014-05-02 00:53 - 2014-02-22 04:03 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2014-05-02 00:53 - 2014-02-22 04:02 - 00123904 _____ (Microsoft Corporation) C:\windows\system32\LockScreenContent.dll
2014-05-02 00:53 - 2014-02-22 04:02 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\acppage.dll
2014-05-02 00:53 - 2014-02-22 04:01 - 00112640 _____ (Microsoft Corporation) C:\windows\SysWOW64\fsutil.exe
2014-05-02 00:53 - 2014-02-22 04:00 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-05-02 00:53 - 2014-02-22 03:59 - 01283584 _____ (Microsoft Corporation) C:\windows\system32\vds.exe
2014-05-02 00:53 - 2014-02-22 03:59 - 00173056 _____ (Microsoft Corporation) C:\windows\system32\werui.dll
2014-05-02 00:53 - 2014-02-22 03:58 - 00610304 _____ (Microsoft Corporation) C:\windows\system32\sud.dll
2014-05-02 00:53 - 2014-02-22 03:58 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-05-02 00:53 - 2014-02-22 03:58 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\DAConn.dll
2014-05-02 00:53 - 2014-02-22 03:57 - 00165376 _____ (Microsoft Corporation) C:\windows\SysWOW64\scrobj.dll
2014-05-02 00:53 - 2014-02-22 03:56 - 02862592 _____ (Microsoft Corporation) C:\windows\system32\themeui.dll
2014-05-02 00:53 - 2014-02-22 03:56 - 00467456 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2014-05-02 00:53 - 2014-02-22 03:56 - 00350720 _____ (Microsoft Corporation) C:\windows\system32\srchadmin.dll
2014-05-02 00:53 - 2014-02-22 03:56 - 00173056 _____ (Microsoft Corporation) C:\windows\system32\dmvdsitf.dll
2014-05-02 00:53 - 2014-02-22 03:55 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\srrstr.dll
2014-05-02 00:53 - 2014-02-22 03:55 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\SrTasks.exe
2014-05-02 00:53 - 2014-02-22 03:53 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\PkgMgr.exe
2014-05-02 00:53 - 2014-02-22 03:52 - 02288640 _____ (Microsoft Corporation) C:\windows\system32\SyncCenter.dll
2014-05-02 00:53 - 2014-02-22 03:52 - 00331264 _____ (Microsoft Corporation) C:\windows\system32\newdev.dll
2014-05-02 00:53 - 2014-02-22 03:51 - 00444416 _____ (Microsoft Corporation) C:\windows\system32\spwizeng.dll
2014-05-02 00:53 - 2014-02-22 03:50 - 00136192 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskpart.exe
2014-05-02 00:53 - 2014-02-22 03:47 - 00207872 _____ (Microsoft Corporation) C:\windows\SysWOW64\dmdskmgr.dll
2014-05-02 00:53 - 2014-02-22 03:47 - 00127488 _____ (Microsoft Corporation) C:\windows\system32\migisol.dll
2014-05-02 00:53 - 2014-02-22 03:47 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-05-02 00:53 - 2014-02-22 03:46 - 00283136 _____ (Microsoft Corporation) C:\windows\system32\wbadmin.exe
2014-05-02 00:53 - 2014-02-22 03:41 - 02566656 _____ (Microsoft Corporation) C:\windows\system32\themecpl.dll
2014-05-02 00:53 - 2014-02-22 03:41 - 00135168 _____ (Microsoft Corporation) C:\windows\system32\netid.dll
2014-05-02 00:53 - 2014-02-22 03:40 - 00138752 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWWIN.EXE
2014-05-02 00:53 - 2014-02-22 03:39 - 00834048 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2014-05-02 00:53 - 2014-02-22 03:38 - 00140288 _____ (Microsoft Corporation) C:\windows\SysWOW64\easwrt.dll
2014-05-02 00:53 - 2014-02-22 03:37 - 00912384 _____ (Microsoft Corporation) C:\windows\system32\nettrace.dll
2014-05-02 00:53 - 2014-02-22 03:36 - 00385024 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2014-05-02 00:53 - 2014-02-22 03:35 - 00504832 _____ (Microsoft Corporation) C:\windows\system32\DevicePairing.dll
2014-05-02 00:53 - 2014-02-22 03:34 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\WindowsAnytimeUpgradeResults.exe
2014-05-02 00:53 - 2014-02-22 03:33 - 00402944 _____ (Microsoft Corporation) C:\windows\SysWOW64\zipfldr.dll
2014-05-02 00:53 - 2014-02-22 03:32 - 00118272 _____ (Microsoft Corporation) C:\windows\SysWOW64\cscript.exe
2014-05-02 00:53 - 2014-02-22 03:31 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-05-02 00:53 - 2014-02-22 03:30 - 00213504 _____ (Microsoft Corporation) C:\windows\SysWOW64\cleanmgr.exe
2014-05-02 00:53 - 2014-02-22 03:29 - 00271872 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2014-05-02 00:53 - 2014-02-22 03:28 - 00250880 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-05-02 00:53 - 2014-02-22 03:27 - 00397824 _____ (Microsoft Corporation) C:\windows\system32\sharemediacpl.dll
2014-05-02 00:53 - 2014-02-22 03:25 - 00059392 _____ (Microsoft Corporation) C:\windows\SysWOW64\StorageContextHandler.dll
2014-05-02 00:53 - 2014-02-22 03:21 - 00561664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfrgui.exe
2014-05-02 00:53 - 2014-02-22 03:21 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2014-05-02 00:53 - 2014-02-22 03:21 - 00045568 _____ (Microsoft Corporation) C:\windows\SysWOW64\acppage.dll
2014-05-02 00:53 - 2014-02-22 03:20 - 01152512 _____ (Microsoft Corporation) C:\windows\system32\wscui.cpl
2014-05-02 00:53 - 2014-02-22 03:18 - 00722432 _____ (Microsoft Corporation) C:\windows\system32\WindowsAnytimeUpgradeui.exe
2014-05-02 00:53 - 2014-02-22 03:17 - 00693248 _____ (Microsoft Corporation) C:\windows\system32\fhcfg.dll
2014-05-02 00:53 - 2014-02-22 03:17 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-05-02 00:53 - 2014-02-22 03:17 - 00159232 _____ (Microsoft Corporation) C:\windows\SysWOW64\werui.dll
2014-05-02 00:53 - 2014-02-22 03:16 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\sud.dll
2014-05-02 00:53 - 2014-02-22 03:16 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\srchadmin.dll
2014-05-02 00:53 - 2014-02-22 03:16 - 00151040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dmvdsitf.dll
2014-05-02 00:53 - 2014-02-22 03:15 - 01543680 _____ (Microsoft Corporation) C:\windows\system32\wbengine.exe
2014-05-02 00:53 - 2014-02-22 03:14 - 02811392 _____ (Microsoft Corporation) C:\windows\SysWOW64\themeui.dll
2014-05-02 00:53 - 2014-02-22 03:14 - 02165760 _____ (Microsoft Corporation) C:\windows\SysWOW64\SyncCenter.dll
2014-05-02 00:53 - 2014-02-22 03:14 - 00376320 _____ (Microsoft Corporation) C:\windows\system32\wsqmcons.exe
2014-05-02 00:53 - 2014-02-22 03:13 - 00897024 _____ (Microsoft Corporation) C:\windows\system32\sdclt.exe
2014-05-02 00:53 - 2014-02-22 03:13 - 00557056 _____ (Microsoft Corporation) C:\windows\system32\PrintDialogs.dll
2014-05-02 00:53 - 2014-02-22 03:13 - 00307200 _____ (Microsoft Corporation) C:\windows\SysWOW64\newdev.dll
2014-05-02 00:53 - 2014-02-22 03:12 - 00797696 _____ (Microsoft Corporation) C:\windows\system32\PurchaseWindowsLicense.dll
2014-05-02 00:53 - 2014-02-22 03:12 - 00352768 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwizeng.dll
2014-05-02 00:53 - 2014-02-22 03:09 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\gameux.dll
2014-05-02 00:53 - 2014-02-22 03:09 - 00097280 _____ (Microsoft Corporation) C:\windows\SysWOW64\migisol.dll
2014-05-02 00:53 - 2014-02-22 03:09 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-02 00:53 - 2014-02-22 03:04 - 00935424 _____ (Microsoft Corporation) C:\windows\system32\rasgcw.dll
2014-05-02 00:53 - 2014-02-22 03:04 - 00483840 _____ (Microsoft Corporation) C:\windows\system32\WLanConn.dll
2014-05-02 00:53 - 2014-02-22 03:04 - 00098304 _____ (Microsoft Corporation) C:\windows\SysWOW64\netid.dll
2014-05-02 00:53 - 2014-02-22 03:03 - 00779264 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2014-05-02 00:53 - 2014-02-22 03:02 - 00258560 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
2014-05-02 00:53 - 2014-02-22 03:01 - 00832512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ActionCenter.dll
2014-05-02 00:53 - 2014-02-22 03:00 - 00217600 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssphtb.dll
2014-05-02 00:53 - 2014-02-22 02:59 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\mdmregistration.dll
2014-05-02 00:53 - 2014-02-22 02:56 - 00110592 _____ (Microsoft Corporation) C:\windows\system32\samlib.dll
2014-05-02 00:53 - 2014-02-22 02:55 - 00244224 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-05-02 00:53 - 2014-02-22 02:54 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\authz.dll
2014-05-02 00:53 - 2014-02-22 02:54 - 00225280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-05-02 00:53 - 2014-02-22 02:54 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\deviceassociation.dll
2014-05-02 00:53 - 2014-02-22 02:53 - 00545280 _____ (Microsoft Corporation) C:\windows\system32\untfs.dll
2014-05-02 00:53 - 2014-02-22 02:52 - 00079872 _____ (Microsoft Corporation) C:\windows\system32\powercfg.exe
2014-05-02 00:53 - 2014-02-22 02:50 - 00036352 _____ (Microsoft Corporation) C:\windows\system32\winbrand.dll
2014-05-02 00:53 - 2014-02-22 02:49 - 00155648 _____ (Microsoft Corporation) C:\windows\system32\MicrosoftAccountTokenProvider.dll
2014-05-02 00:53 - 2014-02-22 02:48 - 01136128 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscui.cpl
2014-05-02 00:53 - 2014-02-22 02:48 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\psmsrv.dll
2014-05-02 00:53 - 2014-02-22 02:46 - 00528896 _____ (Microsoft Corporation) C:\windows\SysWOW64\comdlg32.dll
2014-05-02 00:53 - 2014-02-22 02:46 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\winsku.dll
2014-05-02 00:53 - 2014-02-22 02:45 - 00512000 _____ (Microsoft Corporation) C:\windows\system32\wimserv.exe
2014-05-02 00:53 - 2014-02-22 02:45 - 00453632 _____ (Microsoft Corporation) C:\windows\system32\wbiosrvc.dll
2014-05-02 00:53 - 2014-02-22 02:45 - 00193024 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2014-05-02 00:53 - 2014-02-22 02:45 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\WiFiDisplay.dll
2014-05-02 00:53 - 2014-02-22 02:44 - 00675328 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssvp.dll
2014-05-02 00:53 - 2014-02-22 02:44 - 00356864 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2014-05-02 00:53 - 2014-02-22 02:44 - 00182272 _____ (Microsoft Corporation) C:\windows\system32\korwbrkr.dll
2014-05-02 00:53 - 2014-02-22 02:43 - 00107008 _____ (Microsoft Corporation) C:\windows\system32\wersvc.dll
2014-05-02 00:53 - 2014-02-22 02:43 - 00074752 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-05-02 00:53 - 2014-02-22 02:41 - 00492032 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintDialogs.dll
2014-05-02 00:53 - 2014-02-22 02:40 - 02537472 _____ (Microsoft Corporation) C:\windows\SysWOW64\gameux.dll
2014-05-02 00:53 - 2014-02-22 02:39 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\dasHost.exe
2014-05-02 00:53 - 2014-02-22 02:37 - 00183808 _____ (Microsoft Corp.) C:\windows\system32\Defrag.exe
2014-05-02 00:53 - 2014-02-22 02:36 - 01392640 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPDMC.exe
2014-05-02 00:53 - 2014-02-22 02:36 - 00835584 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasgcw.dll
2014-05-02 00:53 - 2014-02-22 02:36 - 00391680 _____ (Microsoft Corporation) C:\windows\SysWOW64\WLanConn.dll
2014-05-02 00:53 - 2014-02-22 02:36 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\Dism.exe
2014-05-02 00:53 - 2014-02-22 02:34 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\dwmredir.dll
2014-05-02 00:53 - 2014-02-22 02:32 - 01162752 _____ (Microsoft Corporation) C:\windows\SysWOW64\usercpl.dll
2014-05-02 00:53 - 2014-02-22 02:31 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\mdmregistration.dll
2014-05-02 00:53 - 2014-02-22 02:30 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2014-05-02 00:53 - 2014-02-22 02:29 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\BootMenuUX.dll
2014-05-02 00:53 - 2014-02-22 02:29 - 00062976 _____ (Microsoft Corporation) C:\windows\SysWOW64\samlib.dll
2014-05-02 00:53 - 2014-02-22 02:28 - 00176128 _____ (Microsoft Corporation) C:\windows\SysWOW64\authz.dll
2014-05-02 00:53 - 2014-02-22 02:28 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\deviceassociation.dll
2014-05-02 00:53 - 2014-02-22 02:27 - 00484864 _____ (Microsoft Corporation) C:\windows\SysWOW64\untfs.dll
2014-05-02 00:53 - 2014-02-22 02:26 - 00299008 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.dll
2014-05-02 00:53 - 2014-02-22 02:26 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\powercfg.exe
2014-05-02 00:53 - 2014-02-22 02:25 - 00449024 _____ (Microsoft Corporation) C:\windows\system32\defragsvc.dll
2014-05-02 00:53 - 2014-02-22 02:25 - 00399872 _____ (Microsoft Corporation) C:\windows\system32\das.dll
2014-05-02 00:53 - 2014-02-22 02:25 - 00233472 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2014-05-02 00:53 - 2014-02-22 02:25 - 00164352 _____ (Microsoft Corporation) C:\windows\system32\wscinterop.dll
2014-05-02 00:53 - 2014-02-22 02:25 - 00027136 _____ (Microsoft Corporation) C:\windows\SysWOW64\winbrand.dll
2014-05-02 00:53 - 2014-02-22 02:23 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\MicrosoftAccountTokenProvider.dll
2014-05-02 00:53 - 2014-02-22 02:22 - 00336384 _____ (Microsoft Corporation) C:\windows\system32\MbaeApiPublic.dll
2014-05-02 00:53 - 2014-02-22 02:22 - 00270336 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsku.dll
2014-05-02 00:53 - 2014-02-22 02:19 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\wcmcsp.dll
2014-05-02 00:53 - 2014-02-22 02:19 - 00059392 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-05-02 00:53 - 2014-02-22 02:18 - 00619520 _____ (Microsoft Corporation) C:\windows\system32\UserLanguagesCpl.dll
2014-05-02 00:53 - 2014-02-22 02:15 - 00211968 _____ (Microsoft Corporation) C:\windows\SysWOW64\Dism.exe
2014-05-02 00:53 - 2014-02-22 02:14 - 00752640 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2014-05-02 00:53 - 2014-02-22 02:12 - 00459776 _____ (Microsoft Corporation) C:\windows\SysWOW64\DismApi.dll
2014-05-02 00:53 - 2014-02-22 02:10 - 00747008 _____ (Microsoft Corporation) C:\windows\system32\wlidcli.dll
2014-05-02 00:53 - 2014-02-22 02:09 - 00109568 _____ (Microsoft Corporation) C:\windows\system32\dwm.exe
2014-05-02 00:53 - 2014-02-22 02:08 - 00155136 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2014-05-02 00:53 - 2014-02-22 02:07 - 00551424 _____ (Microsoft Corporation) C:\windows\SysWOW64\wimgapi.dll
2014-05-02 00:53 - 2014-02-22 02:07 - 00109568 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscinterop.dll
2014-05-02 00:53 - 2014-02-22 02:06 - 01035264 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll
2014-05-02 00:53 - 2014-02-22 02:06 - 00251904 _____ (Microsoft Corporation) C:\windows\SysWOW64\MbaeApiPublic.dll
2014-05-02 00:53 - 2014-02-22 02:04 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\slpts.dll
2014-05-02 00:53 - 2014-02-22 02:02 - 00559104 _____ (Microsoft Corporation) C:\windows\SysWOW64\UserLanguagesCpl.dll
2014-05-02 00:53 - 2014-02-22 02:02 - 00208896 _____ (Microsoft Corporation) C:\windows\system32\PlayToManager.dll
2014-05-02 00:53 - 2014-02-22 02:02 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\AppxSysprep.dll
2014-05-02 00:53 - 2014-02-22 01:59 - 01436160 _____ (Microsoft Corporation) C:\windows\system32\VSSVC.exe
2014-05-02 00:53 - 2014-02-22 01:58 - 00544768 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlidcli.dll
2014-05-02 00:53 - 2014-02-22 01:55 - 00132608 _____ (Microsoft Corporation) C:\windows\system32\mssprxy.dll
2014-05-02 00:53 - 2014-02-22 01:55 - 00018432 _____ (Microsoft Corporation) C:\windows\system32\energytask.dll
2014-05-02 00:53 - 2014-02-22 01:55 - 00014848 _____ (Microsoft Corporation) C:\windows\SysWOW64\slpts.dll
2014-05-02 00:53 - 2014-02-22 01:55 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\msshooks.dll
2014-05-02 00:53 - 2014-02-22 01:54 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\rdbui.dll
2014-05-02 00:53 - 2014-02-22 01:54 - 00286720 _____ (Microsoft Corporation) C:\windows\system32\wlidcredprov.dll
2014-05-02 00:53 - 2014-02-22 01:54 - 00194560 _____ (Microsoft Corporation) C:\windows\system32\SearchFilterHost.exe
2014-05-02 00:53 - 2014-02-22 01:54 - 00137216 _____ (Microsoft Corporation) C:\windows\SysWOW64\PlayToManager.dll
2014-05-02 00:53 - 2014-02-22 01:54 - 00055296 _____ (Microsoft Corporation) C:\windows\system32\AepRoam.dll
2014-05-02 00:53 - 2014-02-22 01:53 - 00876544 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-05-02 00:53 - 2014-02-22 01:52 - 00196096 _____ (Microsoft Corporation) C:\windows\system32\WSClient.dll
2014-05-02 00:53 - 2014-02-22 01:52 - 00134144 _____ (Microsoft Corporation) C:\windows\system32\wscsvc.dll
2014-05-02 00:53 - 2014-02-22 01:51 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\netplwiz.dll
2014-05-02 00:53 - 2014-02-22 01:49 - 00468480 _____ (Microsoft Corporation) C:\windows\system32\SystemSettings.Handlers.dll
2014-05-02 00:53 - 2014-02-22 01:48 - 01144320 _____ (Microsoft Corporation) C:\windows\system32\wwanmm.dll
2014-05-02 00:53 - 2014-02-22 01:48 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\BioCredProv.dll
2014-05-02 00:53 - 2014-02-22 01:48 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssprxy.dll
2014-05-02 00:53 - 2014-02-22 01:47 - 01008640 _____ (Microsoft Corporation) C:\windows\system32\WlanMM.dll
2014-05-02 00:53 - 2014-02-22 01:47 - 00505344 _____ (Microsoft Corporation) C:\windows\system32\VAN.dll
2014-05-02 00:53 - 2014-02-22 01:47 - 00185856 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlidcredprov.dll
2014-05-02 00:53 - 2014-02-22 01:47 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\AltTab.dll
2014-05-02 00:53 - 2014-02-22 01:46 - 03312128 _____ (Microsoft Corporation) C:\windows\system32\bootux.dll
2014-05-02 00:53 - 2014-02-22 01:45 - 00269312 _____ (Microsoft Corporation) C:\windows\system32\PlayToDevice.dll
2014-05-02 00:53 - 2014-02-22 01:45 - 00169472 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSClient.dll
2014-05-02 00:53 - 2014-02-22 01:45 - 00164352 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchFilterHost.exe
2014-05-02 00:53 - 2014-02-22 01:44 - 00510976 _____ (Microsoft Corporation) C:\windows\system32\timedate.cpl
2014-05-02 00:53 - 2014-02-22 01:44 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\provsvc.dll
2014-05-02 00:53 - 2014-02-22 01:44 - 00226304 _____ (Microsoft Corporation) C:\windows\system32\SndVolSSO.dll
2014-05-02 00:53 - 2014-02-22 01:44 - 00154624 _____ (Microsoft Corporation) C:\windows\SysWOW64\netplwiz.dll
2014-05-02 00:53 - 2014-02-22 01:43 - 00644608 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntshrui.dll
2014-05-02 00:53 - 2014-02-22 01:43 - 00469504 _____ (Microsoft Corporation) C:\windows\system32\taskeng.exe
2014-05-02 00:53 - 2014-02-22 01:43 - 00260608 _____ (Microsoft Corporation) C:\windows\SysWOW64\BioCredProv.dll
2014-05-02 00:53 - 2014-02-22 01:43 - 00140800 _____ (Microsoft Corporation) C:\windows\system32\SkyDriveShell.dll
2014-05-02 00:53 - 2014-02-22 01:43 - 00117760 _____ (Microsoft Corporation) C:\windows\SysWOW64\thumbcache.dll
2014-05-02 00:53 - 2014-02-22 01:43 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Renewal.dll
2014-05-02 00:53 - 2014-02-22 01:42 - 00943104 _____ (Microsoft Corporation) C:\windows\SysWOW64\WlanMM.dll
2014-05-02 00:53 - 2014-02-22 01:42 - 00709120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctfuimanager.dll
2014-05-02 00:53 - 2014-02-22 01:42 - 00448000 _____ (Microsoft Corporation) C:\windows\SysWOW64\VAN.dll
2014-05-02 00:53 - 2014-02-22 01:40 - 00322048 _____ (Microsoft Corporation) C:\windows\system32\fhcpl.dll
2014-05-02 00:53 - 2014-02-22 01:40 - 00203776 _____ (Microsoft Corporation) C:\windows\SysWOW64\PlayToDevice.dll
2014-05-02 00:53 - 2014-02-22 01:39 - 00356352 _____ (Microsoft Corporation) C:\windows\SysWOW64\taskeng.exe
2014-05-02 00:53 - 2014-02-22 01:39 - 00321536 _____ (Microsoft Corporation) C:\windows\SysWOW64\provsvc.dll
2014-05-02 00:53 - 2014-02-22 01:38 - 00470016 _____ (Microsoft Corporation) C:\windows\SysWOW64\timedate.cpl
2014-05-02 00:53 - 2014-02-22 01:38 - 00121856 _____ (Microsoft Corporation) C:\windows\SysWOW64\SkyDriveShell.dll
2014-05-02 00:53 - 2014-02-22 01:36 - 00232448 _____ (Microsoft Corporation) C:\windows\system32\InputSwitch.dll
2014-05-02 00:53 - 2014-02-22 01:35 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-05-02 00:53 - 2014-02-22 01:35 - 00155136 _____ (Microsoft Corporation) C:\windows\system32\SettingMonitor.dll
2014-05-02 00:53 - 2014-02-22 01:34 - 00288768 _____ (Microsoft Corporation) C:\windows\SysWOW64\stobject.dll
2014-05-02 00:53 - 2014-02-22 01:33 - 00609792 _____ (Microsoft Corporation) C:\windows\system32\pnidui.dll
2014-05-02 00:53 - 2014-02-22 01:33 - 00130560 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingMonitor.dll
2014-05-02 00:53 - 2014-02-22 01:31 - 00432640 _____ (Microsoft Corporation) C:\windows\system32\wwanconn.dll
2014-05-02 00:53 - 2014-02-22 01:31 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\IdCtrls.dll
2014-05-02 00:53 - 2014-02-22 01:30 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\wpnprv.dll
2014-05-02 00:53 - 2014-02-22 01:29 - 00191488 _____ (Microsoft Corporation) C:\windows\SysWOW64\InputSwitch.dll
2014-05-02 00:53 - 2014-02-22 01:24 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\MrmIndexer.dll
2014-05-02 00:53 - 2014-02-22 01:24 - 00082432 _____ (Microsoft Corporation) C:\windows\SysWOW64\IdCtrls.dll
2014-05-02 00:53 - 2014-02-22 01:22 - 00591872 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-05-02 00:53 - 2014-02-22 01:21 - 00518144 _____ (Microsoft Corporation) C:\windows\SysWOW64\MrmIndexer.dll
2014-05-02 00:53 - 2014-02-22 01:20 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\AuthBroker.dll
2014-05-02 00:53 - 2014-02-22 01:19 - 00099840 _____ (Microsoft Corporation) C:\windows\SysWOW64\AuthBroker.dll
2014-05-02 00:53 - 2014-02-22 01:17 - 00459264 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSync.dll
2014-05-02 00:53 - 2014-02-22 01:17 - 00128512 _____ (Microsoft Corporation) C:\windows\system32\CloudStorageWizard.exe
2014-05-02 00:53 - 2014-02-22 01:17 - 00109568 _____ (Microsoft Corporation) C:\windows\SysWOW64\CloudStorageWizard.exe
2014-05-02 00:53 - 2014-02-22 00:54 - 00214016 _____ (Microsoft Corporation) C:\windows\SysWOW64\SndVolSSO.dll
2014-05-02 00:53 - 2014-01-31 23:00 - 00002255 _____ () C:\windows\SysWOW64\WimBootCompress.ini
2014-05-02 00:53 - 2014-01-31 23:00 - 00002255 _____ () C:\windows\system32\WimBootCompress.ini
2014-05-02 00:53 - 2014-01-31 05:09 - 00081920 ____C (Microsoft Corporation) C:\windows\system32\Drivers\BTHUSB.SYS
2014-05-02 00:53 - 2014-01-31 05:08 - 01200640 ____C (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys
2014-05-02 00:53 - 2014-01-31 04:59 - 00191488 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2014-05-02 00:53 - 2014-01-31 04:11 - 00144384 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2014-05-02 00:53 - 2014-01-31 02:55 - 03596800 _____ (Microsoft Corporation) C:\windows\system32\rdpcore.dll
2014-05-02 00:53 - 2014-01-31 02:35 - 03085824 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpcore.dll
2014-05-02 00:53 - 2014-01-31 02:19 - 00092672 _____ (Microsoft Corporation) C:\windows\system32\dafBth.dll
2014-05-02 00:53 - 2014-01-31 02:15 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll
2014-05-02 00:53 - 2014-01-31 02:10 - 00559104 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.Connectivity.dll
2014-05-02 00:53 - 2014-01-31 02:08 - 00507392 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll
2014-05-02 00:53 - 2014-01-31 02:04 - 00409600 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.Connectivity.dll
2014-05-02 00:53 - 2014-01-31 01:24 - 01057792 _____ (Microsoft Corporation) C:\windows\SysWOW64\printui.dll
2014-05-02 00:53 - 2014-01-31 01:18 - 01185280 _____ (Microsoft Corporation) C:\windows\system32\printui.dll
2014-05-02 00:53 - 2014-01-29 01:52 - 00551256 ____C (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys
2014-05-02 00:53 - 2014-01-29 01:40 - 00994136 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2014-05-02 00:53 - 2014-01-28 17:36 - 00249856 _____ (Microsoft Corporation) C:\windows\system32\rascustom.dll
2014-05-02 00:53 - 2014-01-28 17:18 - 00534528 _____ (Microsoft Corporation) C:\windows\system32\rasmans.dll
2014-05-02 00:53 - 2014-01-28 17:17 - 00245248 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.Vpn.dll
2014-05-02 00:53 - 2014-01-27 12:53 - 00413184 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2014-05-02 00:53 - 2014-01-27 12:48 - 00167424 ____C (Microsoft Corporation) C:\windows\system32\Drivers\rfcomm.sys
2014-05-02 00:53 - 2014-01-27 10:04 - 01311744 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2014-05-02 00:53 - 2014-01-21 23:21 - 00184320 _____ (Microsoft Corporation) C:\windows\system32\deviceaccess.dll
2014-05-02 00:53 - 2014-01-21 22:50 - 00147968 _____ (Microsoft Corporation) C:\windows\SysWOW64\deviceaccess.dll
2014-05-02 00:53 - 2014-01-17 10:24 - 00388096 _____ (Microsoft Corporation) C:\windows\system32\ninput.dll
2014-05-02 00:53 - 2014-01-17 10:04 - 00292864 _____ (Microsoft Corporation) C:\windows\SysWOW64\ninput.dll
2014-05-02 00:53 - 2014-01-07 17:33 - 00552632 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2014-05-02 00:53 - 2013-12-04 11:41 - 00226304 ____C (Microsoft Corporation) C:\windows\system32\Drivers\BthLEEnum.sys
2014-05-02 00:53 - 2013-12-04 08:54 - 00660480 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Bluetooth.dll
2014-05-02 00:53 - 2013-12-04 08:16 - 00546304 _____ (Microsoft Corporation) C:\windows\system32\AppxPackaging.dll
2014-05-02 00:53 - 2013-12-04 07:19 - 00439808 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Bluetooth.dll
2014-05-02 00:53 - 2013-12-04 06:53 - 00473600 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppxPackaging.dll
2014-05-02 00:53 - 2013-11-27 02:10 - 00203264 _____ (Microsoft Corporation) C:\windows\system32\netiohlp.dll
2014-05-02 00:53 - 2013-11-27 01:56 - 00167936 _____ (Microsoft Corporation) C:\windows\SysWOW64\netiohlp.dll
2014-05-02 00:53 - 2013-11-10 16:41 - 00359936 _____ (Microsoft Corporation) C:\windows\system32\vmrdvcore.dll
2014-05-02 00:53 - 2013-11-07 21:04 - 00488960 _____ (Microsoft Corporation) C:\windows\system32\winspool.drv
2014-05-02 00:53 - 2013-11-07 20:47 - 00370176 _____ (Microsoft Corporation) C:\windows\SysWOW64\winspool.drv
2014-05-02 00:52 - 2014-02-22 05:17 - 00008192 ____H (Microsoft Corporation) C:\windows\system32\ext-ms-win-ntuser-private-l1-1-1.dll
2014-05-02 00:52 - 2014-02-22 05:17 - 00005632 ____H (Microsoft Corporation) C:\windows\system32\ext-ms-win-session-winsta-l1-1-0.dll
2014-05-02 00:52 - 2014-02-22 05:17 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\ext-ms-win-ntuser-private-l1-1-0.dll
2014-05-02 00:52 - 2014-02-22 05:17 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\ext-ms-win-kernel32-package-l1-1-1.dll
2014-05-02 00:52 - 2014-02-22 05:08 - 00173568 _____ (Microsoft Corporation) C:\windows\system32\syncui.dll
2014-05-02 00:52 - 2014-02-22 05:08 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\shimeng.dll
2014-05-02 00:52 - 2014-02-22 05:08 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2014-05-02 00:52 - 2014-02-22 05:08 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2014-05-02 00:52 - 2014-02-22 05:00 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\lpksetupproxyserv.dll
2014-05-02 00:52 - 2014-02-22 04:48 - 00162816 _____ (Microsoft Corporation) C:\windows\system32\ocsetapi.dll
2014-05-02 00:52 - 2014-02-22 04:39 - 00020992 _____ (Microsoft Corporation) C:\windows\system32\fhsvcctl.dll
2014-05-02 00:52 - 2014-02-22 04:25 - 00028160 _____ (Microsoft Corporation) C:\windows\SysWOW64\f3ahvoas.dll
2014-05-02 00:52 - 2014-02-22 04:25 - 00008192 ____H (Microsoft Corporation) C:\windows\SysWOW64\ext-ms-win-ntuser-private-l1-1-1.dll
2014-05-02 00:52 - 2014-02-22 04:25 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\ext-ms-win-ntuser-private-l1-1-0.dll
2014-05-02 00:52 - 2014-02-22 04:24 - 00005632 ____H (Microsoft Corporation) C:\windows\SysWOW64\ext-ms-win-session-winsta-l1-1-0.dll
2014-05-02 00:52 - 2014-02-22 04:24 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\ext-ms-win-networking-wcmapi-l1-1-0.dll
2014-05-02 00:52 - 2014-02-22 04:24 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\ext-ms-win-kernel32-package-l1-1-1.dll
2014-05-02 00:52 - 2014-02-22 04:17 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\BulkOperationHost.exe
2014-05-02 00:52 - 2014-02-22 04:16 - 00527360 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-05-02 00:52 - 2014-02-22 04:08 - 00113152 _____ (Microsoft Corporation) C:\windows\system32\shsetup.dll
2014-05-02 00:52 - 2014-02-22 04:07 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\scavengeui.dll
2014-05-02 00:52 - 2014-02-22 04:07 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\StorageContextHandler.dll
2014-05-02 00:52 - 2014-02-22 04:07 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-05-02 00:52 - 2014-02-22 03:59 - 00163328 _____ (Microsoft Corporation) C:\windows\SysWOW64\ocsetapi.dll
2014-05-02 00:52 - 2014-02-22 03:59 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-05-02 00:52 - 2014-02-22 03:47 - 00106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupugc.exe
2014-05-02 00:52 - 2014-02-22 03:35 - 00156160 _____ (Microsoft Corporation) C:\windows\system32\aitagent.exe
2014-05-02 00:52 - 2014-02-22 03:27 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2014-05-02 00:52 - 2014-02-22 03:03 - 02544128 _____ (Microsoft Corporation) C:\windows\SysWOW64\themecpl.dll
2014-05-02 00:52 - 2014-02-22 02:59 - 00220160 _____ (Microsoft Corporation) C:\windows\system32\wmpdxm.dll
2014-05-02 00:52 - 2014-02-22 02:54 - 00323584 _____ (Microsoft Corporation) C:\windows\system32\GlobCollationHost.dll
2014-05-02 00:52 - 2014-02-22 02:53 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2014-05-02 00:52 - 2014-02-22 02:51 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\fveskybackup.dll
2014-05-02 00:52 - 2014-02-22 02:48 - 00355328 _____ (Microsoft Corporation) C:\windows\system32\wincorlib.dll
2014-05-02 00:52 - 2014-02-22 02:27 - 00202240 _____ (Microsoft Corporation) C:\windows\SysWOW64\GlobCollationHost.dll
2014-05-02 00:52 - 2014-02-22 02:23 - 00256000 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincorlib.dll
2014-05-02 00:52 - 2014-02-22 02:19 - 00146944 _____ (Microsoft Corporation) C:\windows\SysWOW64\korwbrkr.dll
2014-05-02 00:52 - 2014-02-22 02:16 - 00017920 _____ (Microsoft Corporation) C:\windows\SysWOW64\sxshared.dll
2014-05-02 00:52 - 2014-02-22 02:09 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-05-02 00:52 - 2014-02-22 01:57 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\winbici.dll
2014-05-02 00:52 - 2014-02-22 01:55 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\ConfigureExpandedStorage.dll
2014-05-02 00:52 - 2014-02-22 01:55 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\dataclen.dll
2014-05-02 00:52 - 2014-02-22 01:48 - 00051712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ConfigureExpandedStorage.dll
2014-05-02 00:52 - 2014-02-22 01:48 - 00034304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dataclen.dll
2014-05-02 00:52 - 2014-02-22 01:48 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\msshooks.dll
2014-05-02 00:52 - 2014-02-22 01:39 - 00193024 _____ (Microsoft Corporation) C:\windows\SysWOW64\bthprops.cpl
2014-05-02 00:52 - 2014-02-22 01:22 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\SettingSyncPolicy.dll
2014-05-02 00:52 - 2014-02-22 01:20 - 00027648 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSyncPolicy.dll
2014-05-02 00:52 - 2014-02-21 21:43 - 00002440 ___RS () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk
2014-05-02 00:52 - 2014-02-21 21:37 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-05-02 00:52 - 2014-02-21 21:37 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-05-02 00:52 - 2014-02-21 21:37 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-05-02 00:52 - 2014-02-21 21:37 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-05-02 00:52 - 2014-02-07 18:08 - 00100197 _____ () C:\windows\SysWOW64\RacRules.xml
2014-05-02 00:52 - 2014-02-07 18:08 - 00100197 _____ () C:\windows\system32\RacRules.xml
2014-05-02 00:52 - 2014-01-31 23:00 - 00011109 _____ () C:\windows\SysWOW64\connectedsearch-results.searchconnector-ms
2014-05-02 00:52 - 2014-01-31 23:00 - 00011109 _____ () C:\windows\system32\connectedsearch-results.searchconnector-ms
2014-05-02 00:52 - 2014-01-31 23:00 - 00007762 _____ () C:\windows\SysWOW64\connectedsearch-suggestions.searchconnector-ms
2014-05-02 00:52 - 2014-01-31 23:00 - 00007762 _____ () C:\windows\system32\connectedsearch-suggestions.searchconnector-ms
2014-05-02 00:52 - 2014-01-31 23:00 - 00007130 _____ () C:\windows\SysWOW64\connectedsearch-zeroinput.searchconnector-ms
2014-05-02 00:52 - 2014-01-31 23:00 - 00007130 _____ () C:\windows\system32\connectedsearch-zeroinput.searchconnector-ms
2014-05-02 00:52 - 2014-01-27 10:54 - 00761856 _____ (Microsoft Corporation) C:\windows\system32\WorkfoldersControl.dll
2014-05-02 00:52 - 2014-01-27 04:45 - 00050053 _____ () C:\windows\system32\srms.dat
2014-05-02 00:52 - 2013-11-27 02:47 - 00015360 _____ (Microsoft Corporation) C:\windows\system32\finger.exe
2014-05-02 00:52 - 2013-11-27 02:20 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\finger.exe
2014-05-02 00:20 - 2014-05-02 00:20 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-05-02 00:18 - 2014-05-02 00:18 - 00233912 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2014-05-02 00:18 - 2014-05-02 00:18 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-05-02 00:18 - 2014-05-02 00:18 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-05-02 00:18 - 2014-05-02 00:18 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-05-02 00:18 - 2014-05-02 00:18 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-05-02 00:18 - 2014-05-02 00:18 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-05-02 00:18 - 2014-05-02 00:18 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-05-02 00:18 - 2014-05-02 00:18 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-05-02 00:18 - 2014-05-02 00:18 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-05-02 00:18 - 2014-05-02 00:18 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-04-30 10:08 - 2014-04-30 21:05 - 00027648 ___SH () C:\Users\Braden\Downloads\Thumbs.db
2014-04-27 16:15 - 2014-05-24 23:44 - 00000918 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-27 16:15 - 2014-05-24 22:48 - 00000914 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-27 16:15 - 2014-05-08 22:38 - 00003890 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-27 16:15 - 2014-04-27 16:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-27 14:07 - 2014-05-08 11:51 - 00000000 ____D () C:\Users\Braden\AppData\Local\CrashDumps
2014-04-26 15:30 - 2014-02-22 05:16 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2014-04-26 15:30 - 2014-02-22 04:24 - 00124416 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2014-04-26 15:09 - 2014-05-15 23:38 - 93223848 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-04-26 15:09 - 2014-05-15 23:38 - 00000000 ____D () C:\windows\system32\MRT
2014-04-26 12:26 - 2013-11-27 08:34 - 03210528 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2014-04-26 12:26 - 2013-11-27 08:27 - 00809872 _____ (Microsoft Corporation) C:\windows\system32\mfmp4srcsnk.dll
2014-04-26 12:26 - 2013-11-27 07:00 - 00663680 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmp4srcsnk.dll
2014-04-26 12:26 - 2013-11-27 06:47 - 02804528 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2014-04-26 12:26 - 2013-11-27 05:02 - 00142848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ipnat.sys
2014-04-26 12:26 - 2013-11-27 03:24 - 00306688 _____ (Microsoft Corporation) C:\windows\system32\msieftp.dll
2014-04-26 12:26 - 2013-11-27 02:46 - 00273920 _____ (Microsoft Corporation) C:\windows\SysWOW64\msieftp.dll
2014-04-26 12:26 - 2013-11-27 02:10 - 00273408 _____ (Microsoft Corporation) C:\windows\system32\Windows.Graphics.dll
2014-04-26 12:26 - 2013-11-27 01:56 - 00218112 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Graphics.dll
2014-04-26 12:26 - 2013-11-24 16:30 - 00513536 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-04-26 12:26 - 2013-11-24 16:28 - 00589824 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-04-26 12:26 - 2013-11-23 00:13 - 00024064 _____ (Microsoft Corporation) C:\windows\system32\bi.dll
2014-04-26 12:26 - 2013-11-23 00:13 - 00019456 ____C (Microsoft Corporation) C:\windows\system32\Drivers\BtaMPM.sys
2014-04-26 12:26 - 2013-11-22 21:50 - 00282112 _____ (Microsoft Corporation) C:\windows\system32\SystemEventsBrokerServer.dll
2014-04-26 12:26 - 2013-11-20 23:58 - 00207872 _____ (Microsoft Corporation) C:\windows\system32\deviceregistration.dll
2014-04-26 12:26 - 2013-11-15 07:59 - 00470016 _____ (Microsoft Corporation) C:\windows\system32\mfds.dll
2014-04-26 12:26 - 2013-11-15 07:25 - 00433664 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfds.dll
2014-04-26 12:23 - 2013-10-23 04:29 - 00044936 _____ (Microsoft Corporation) C:\windows\system32\wldp.dll
2014-04-26 12:23 - 2013-10-23 04:21 - 00155480 ____C (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2014-04-26 12:23 - 2013-10-23 04:13 - 00171864 _____ (Microsoft Corporation) C:\windows\system32\kd_02_8086.dll
2014-04-26 12:23 - 2013-10-21 20:56 - 00186880 _____ (Microsoft Corporation) C:\windows\system32\WorkFoldersShell.dll
2014-04-26 12:23 - 2013-10-07 22:58 - 00094208 _____ (Microsoft Corporation) C:\windows\SysWOW64\shsetup.dll
2014-04-26 12:23 - 2013-10-07 22:09 - 01160704 _____ (Microsoft Corporation) C:\windows\system32\Windows.Web.Http.dll
2014-04-26 12:23 - 2013-10-07 21:50 - 00903168 _____ (Microsoft Corporation) C:\windows\system32\iphlpsvc.dll
2014-04-26 12:23 - 2013-10-07 21:50 - 00762368 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Web.Http.dll
2014-04-26 12:23 - 2013-10-05 08:25 - 00057176 ____C (Microsoft Corporation) C:\windows\system32\Drivers\stornvme.sys
2014-04-26 12:23 - 2013-10-05 07:21 - 00699840 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll
2014-04-26 12:23 - 2013-10-05 05:05 - 00578952 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10level9.dll
2014-04-26 12:23 - 2013-10-05 04:01 - 00454656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2014-04-26 12:23 - 2013-10-05 02:36 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2014-04-26 12:23 - 2013-10-05 02:18 - 01011712 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2014-04-26 12:23 - 2013-10-05 01:56 - 01147904 _____ (Microsoft Corporation) C:\windows\system32\UIAutomationCore.dll
2014-04-26 12:23 - 2013-10-05 01:55 - 00226304 _____ (Microsoft Corporation) C:\windows\system32\miutils.dll
2014-04-26 12:23 - 2013-10-05 01:40 - 00795648 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2014-04-26 12:23 - 2013-10-05 01:24 - 00180224 _____ (Microsoft Corporation) C:\windows\SysWOW64\miutils.dll
2014-04-26 12:23 - 2013-10-05 01:21 - 00920064 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIAutomationCore.dll
2014-04-26 12:23 - 2013-10-05 01:15 - 00286208 _____ (Microsoft Corporation) C:\windows\system32\pcsvDevice.dll
2014-04-26 12:23 - 2013-10-05 00:43 - 00578560 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.BackgroundTransfer.dll
2014-04-26 12:23 - 2013-10-05 00:35 - 00411648 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2014-04-26 12:23 - 2013-09-17 02:06 - 01067080 _____ (Microsoft Corporation) C:\windows\system32\mfasfsrcsnk.dll
2014-04-26 12:23 - 2013-09-16 23:31 - 00883184 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfasfsrcsnk.dll
2014-04-26 12:23 - 2013-09-14 07:07 - 02134120 _____ (Microsoft Corporation) C:\windows\system32\d3d9.dll
2014-04-26 12:23 - 2013-09-14 07:00 - 00391512 _____ (Microsoft Corporation) C:\windows\system32\tsmf.dll
2014-04-26 12:23 - 2013-09-14 05:39 - 01799944 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d9.dll
2014-04-26 12:23 - 2013-09-14 05:33 - 00345552 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsmf.dll
2014-04-26 12:23 - 2013-09-14 03:05 - 00338944 _____ (Microsoft Corporation) C:\windows\system32\rdpclip.exe
2014-04-26 12:23 - 2013-09-13 01:22 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\ftp.exe
2014-04-26 12:23 - 2013-09-13 00:47 - 00049152 _____ (Microsoft Corporation) C:\windows\SysWOW64\ftp.exe
2014-04-26 12:23 - 2013-09-12 01:45 - 00101888 _____ (Microsoft Corporation) C:\windows\system32\eappgnui.dll
2014-04-26 12:23 - 2013-09-12 01:08 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\eapp3hst.dll
2014-04-26 12:23 - 2013-09-12 01:02 - 00093184 _____ (Microsoft Corporation) C:\windows\SysWOW64\eappgnui.dll
2014-04-26 12:23 - 2013-09-12 00:44 - 00331776 _____ (Microsoft Corporation) C:\windows\system32\eapphost.dll
2014-04-26 12:23 - 2013-09-12 00:37 - 00245248 _____ (Microsoft Corporation) C:\windows\SysWOW64\eapp3hst.dll
2014-04-26 12:23 - 2013-09-12 00:21 - 00262144 _____ (Microsoft Corporation) C:\windows\SysWOW64\eapphost.dll
2014-04-26 12:23 - 2013-09-12 00:16 - 00335360 _____ (Microsoft Corporation) C:\windows\system32\eappcfg.dll
2014-04-26 12:23 - 2013-09-12 00:01 - 00272896 _____ (Microsoft Corporation) C:\windows\SysWOW64\eappcfg.dll
2014-04-26 12:23 - 2013-09-09 21:52 - 00132608 _____ (Microsoft Corporation) C:\windows\system32\msched.dll
2014-04-26 12:21 - 2013-11-10 19:48 - 00039768 ____C (Microsoft Corporation) C:\windows\system32\Drivers\intelpep.sys
2014-04-26 12:21 - 2013-11-01 04:39 - 00086872 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pdc.sys
2014-04-26 12:21 - 2013-10-25 18:54 - 00146776 _____ (Microsoft Corporation) C:\windows\system32\Drivers\SerCx2.sys
2014-04-26 12:20 - 2014-01-04 08:54 - 00138240 _____ () C:\windows\system32\OEMLicense.dll
2014-04-26 12:20 - 2014-01-04 08:08 - 00103936 _____ () C:\windows\SysWOW64\OEMLicense.dll
2014-04-26 12:20 - 2014-01-02 16:54 - 00461312 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2014-04-26 12:20 - 2014-01-02 16:48 - 00336896 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2014-04-26 12:20 - 2013-12-31 16:57 - 01214976 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2014-04-26 12:20 - 2013-12-30 16:34 - 00218112 _____ (Microsoft Corporation) C:\windows\SysWOW64\sti.dll
2014-04-26 12:20 - 2013-12-30 16:32 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\sti.dll
2014-04-26 12:20 - 2013-12-27 01:57 - 00842752 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.dll
2014-04-26 12:20 - 2013-12-27 00:03 - 00630272 _____ (Microsoft Corporation) C:\windows\SysWOW64\MsSpellCheckingFacility.dll
2014-04-26 12:20 - 2013-12-21 00:21 - 00376320 _____ (Microsoft Corporation) C:\windows\system32\pnrpsvc.dll
2014-04-26 12:20 - 2013-12-17 00:21 - 00408576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdbss.sys
2014-04-26 12:20 - 2013-12-13 00:24 - 00121088 ____C (Microsoft Corporation) C:\windows\system32\Drivers\USBAUDIO.sys
2014-04-26 12:18 - 2013-11-22 21:34 - 00393216 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2014-04-26 12:18 - 2013-11-22 21:13 - 00348160 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2014-04-26 12:17 - 2014-01-07 00:03 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\pcaui.exe
2014-04-26 12:17 - 2014-01-06 22:59 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\pcaui.exe
2014-04-26 12:17 - 2014-01-06 22:00 - 02397184 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-04-26 12:17 - 2014-01-06 21:30 - 02071552 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-04-26 12:17 - 2013-12-08 17:27 - 02152448 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-04-26 12:17 - 2013-12-08 17:19 - 00570880 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2014-04-26 12:17 - 2013-12-08 16:55 - 00444928 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2014-04-26 12:17 - 2013-12-08 16:54 - 01317376 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-04-26 12:17 - 2013-11-20 23:42 - 04604416 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2014-04-26 12:17 - 2013-11-20 22:44 - 03936256 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2014-04-26 12:17 - 2013-10-19 01:53 - 00075360 _____ (Microsoft Corporation) C:\windows\system32\imagehlp.dll
2014-04-26 12:17 - 2013-10-19 00:14 - 00070680 _____ (Microsoft Corporation) C:\windows\SysWOW64\imagehlp.dll
2014-04-26 12:16 - 2014-01-28 23:41 - 00208896 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpencom.dll
2014-04-26 12:16 - 2014-01-28 17:36 - 00249856 _____ (Microsoft Corporation) C:\windows\system32\rdpencom.dll
2014-04-26 12:16 - 2014-01-27 12:07 - 04175360 _____ (Microsoft Corporation) C:\windows\system32\dbgeng.dll
2014-04-26 12:16 - 2014-01-27 11:23 - 02873344 _____ (Microsoft Corporation) C:\windows\SysWOW64\dbgeng.dll
2014-04-26 12:16 - 2014-01-27 10:18 - 01486848 _____ (Microsoft Corporation) C:\windows\system32\dbghelp.dll
2014-04-26 12:16 - 2014-01-27 10:00 - 01238016 _____ (Microsoft Corporation) C:\windows\SysWOW64\dbghelp.dll
2014-04-26 12:16 - 2014-01-17 16:04 - 00764864 _____ (Microsoft Corporation) C:\windows\system32\mfmpeg2srcsnk.dll
2014-04-26 12:16 - 2014-01-17 14:54 - 00669352 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmpeg2srcsnk.dll
2014-04-26 12:16 - 2013-12-21 07:51 - 06353960 _____ (Microsoft Corporation) C:\windows\system32\sppsvc.exe
2014-04-26 12:16 - 2013-12-21 01:54 - 00447488 _____ (Microsoft Corporation) C:\windows\system32\sppcomapi.dll
2014-04-26 12:16 - 2013-11-27 04:41 - 00084480 _____ (Microsoft Corporation) C:\windows\system32\WSCollect.exe
2014-04-26 12:15 - 2013-10-16 08:58 - 01943536 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2014-04-26 12:15 - 2013-10-16 06:54 - 01581968 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll

==================== One Month Modified Files and Folders =======

2014-05-25 01:21 - 2014-05-25 01:21 - 00000000 ____D () C:\FRST
2014-05-25 01:21 - 2014-05-24 23:35 - 00000000 ____D () C:\Users\Braden\Documents\SetiCleanup
2014-05-25 01:01 - 2013-10-07 11:27 - 00865408 _____ () C:\windows\system32\PerfStringBackup.INI
2014-05-24 23:57 - 2013-08-22 06:25 - 00524288 ___SH () C:\windows\system32\config\BBI
2014-05-24 23:56 - 2014-03-20 08:47 - 00004608 _____ () C:\windows\system32\VfService.trf
2014-05-24 23:56 - 2014-03-20 08:28 - 01824923 _____ () C:\windows\WindowsUpdate.log
2014-05-24 23:56 - 2013-08-22 07:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-05-24 23:44 - 2014-04-27 16:15 - 00000918 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-24 23:34 - 2013-08-22 07:46 - 00024798 _____ () C:\windows\setupact.log
2014-05-24 23:00 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\sru
2014-05-24 22:57 - 2014-04-24 11:13 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-536334463-990417566-2955768994-1001
2014-05-24 22:48 - 2014-05-08 18:38 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-05-24 22:48 - 2014-04-27 16:15 - 00000914 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-24 22:48 - 2014-04-24 11:10 - 00000000 __RDO () C:\Users\Braden\SkyDrive
2014-05-23 18:20 - 2014-04-24 11:11 - 00003934 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{F2F2F948-81C3-42C0-8131-27FEF553CAAD}
2014-05-23 18:16 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\AppReadiness
2014-05-22 23:06 - 2014-05-22 23:06 - 00000000 ____D () C:\Users\Braden\Desktop\ProcessExplorer
2014-05-22 23:03 - 2014-05-22 23:03 - 01243655 _____ () C:\Users\Braden\Desktop\ProcessExplorer.zip
2014-05-19 23:42 - 2014-04-24 22:54 - 00000000 ____D () C:\Users\Braden\AppData\Roaming\vlc
2014-05-19 23:40 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\rescache
2014-05-19 00:33 - 2014-04-24 21:46 - 00000000 ____D () C:\Users\Braden\AppData\Roaming\uTorrent
2014-05-17 21:28 - 2014-04-24 11:09 - 00028945 _____ () C:\Users\Braden\AppData\Roaming\AbsoluteReminder.xml
2014-05-17 15:17 - 2014-05-02 17:57 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-05-17 15:17 - 2014-05-02 17:52 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-16 01:20 - 2014-05-16 01:20 - 00076976 _____ () C:\Users\Braden\AppData\Roaming\LoJackSetup.exe
2014-05-15 23:41 - 2014-04-24 11:08 - 00000000 ___RD () C:\Users\Braden\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 23:41 - 2014-04-24 11:08 - 00000000 ___RD () C:\Users\Braden\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 23:40 - 2013-10-07 11:23 - 00006048 _____ () C:\windows\PFRO.log
2014-05-15 23:40 - 2013-08-22 08:36 - 00000000 ___RD () C:\windows\ToastData
2014-05-15 23:40 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-15 23:40 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-15 23:40 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\WinStore
2014-05-15 23:40 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\SecureBootUpdates
2014-05-15 23:40 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-15 23:40 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-15 23:38 - 2014-04-26 15:09 - 93223848 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-05-15 23:38 - 2014-04-26 15:09 - 00000000 ____D () C:\windows\system32\MRT
2014-05-15 23:38 - 2013-08-22 06:25 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-05-15 23:37 - 2013-08-22 06:25 - 00000167 _____ () C:\windows\win.ini
2014-05-15 23:18 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\NDF
2014-05-15 11:37 - 2014-05-10 23:02 - 00004964 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for LENOVO-PC-Braden Lenovo-PC
2014-05-12 08:20 - 2014-05-12 08:20 - 00000069 _____ () C:\ProgramData\lmabscan.log
2014-05-12 08:18 - 2014-05-12 08:18 - 00000000 ____D () C:\Program Files\Lexmark
2014-05-10 05:10 - 2014-05-10 05:10 - 01257126 _____ () C:\Users\Braden\Downloads\Kristol_on_Pornography.zip
2014-05-09 01:46 - 2014-05-08 18:29 - 00000000 ____D () C:\Users\Braden\AppData\Roaming\KeePass
2014-05-08 22:38 - 2014-04-27 16:15 - 00003890 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 22:38 - 2014-04-24 11:16 - 00003654 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-08 19:13 - 2014-05-08 19:13 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Braden\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-08 18:39 - 2014-05-08 18:39 - 00002357 _____ () C:\Users\Braden\Desktop\Safe Money.lnk
2014-05-08 18:39 - 2014-05-08 18:39 - 00001352 _____ () C:\Users\Braden\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security.lnk
2014-05-08 18:39 - 2014-05-08 18:39 - 00001151 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2014-05-08 18:38 - 2014-05-08 18:38 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-05-08 18:38 - 2013-08-22 08:36 - 00000000 ___HD () C:\windows\ELAMBKUP
2014-05-08 18:36 - 2014-05-08 18:35 - 00484160 _____ () C:\windows\system32\FNTCACHE.DAT
2014-05-08 18:36 - 2014-03-20 08:43 - 00000000 ____D () C:\ProgramData\McAfee
2014-05-08 18:24 - 2014-05-08 18:24 - 00001140 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2014-05-08 18:24 - 2014-05-08 18:24 - 00001128 _____ () C:\Users\Braden\Desktop\KeePass 2.lnk
2014-05-08 18:24 - 2014-05-08 18:24 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2
2014-05-08 18:24 - 2014-04-24 11:14 - 00078848 ___SH () C:\Users\Braden\Desktop\Thumbs.db
2014-05-08 18:22 - 2014-05-08 18:19 - 240197440 _____ (Kaspersky Lab) C:\Users\Braden\Downloads\kis14.0.0.4651abcdefEN_5874.exe
2014-05-08 17:54 - 2014-05-08 17:54 - 02545000 _____ (Dominik Reichl ) C:\Users\Braden\Downloads\KeePass-2.26-Setup.exe
2014-05-08 17:51 - 2014-05-08 17:48 - 230094896 _____ (Emsisoft GmbH ) C:\Users\Braden\Downloads\EmsisoftAntiMalwareSetup.exe
2014-05-08 17:49 - 2014-05-08 17:49 - 00002774 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-05-08 17:49 - 2014-05-08 17:49 - 00000845 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-05-08 17:49 - 2014-05-08 17:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-05-08 17:49 - 2014-05-08 17:49 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-08 17:43 - 2014-05-08 17:43 - 04745984 _____ (Piriform Ltd) C:\Users\Braden\Downloads\ccsetup413.exe
2014-05-08 16:57 - 2014-04-24 11:08 - 00000000 ____D () C:\Users\Braden\AppData\Local\VirtualStore
2014-05-08 16:56 - 2014-05-08 16:56 - 00002973 _____ () C:\Users\Braden\Desktop\HiJackThis.lnk
2014-05-08 16:56 - 2014-05-08 16:56 - 00000000 ____D () C:\Users\Braden\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-05-08 16:56 - 2014-05-08 16:56 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2014-05-08 11:51 - 2014-04-27 14:07 - 00000000 ____D () C:\Users\Braden\AppData\Local\CrashDumps
2014-05-07 17:33 - 2014-04-24 11:08 - 00000000 ____D () C:\Users\Braden\AppData\Local\Packages
2014-05-07 16:17 - 2014-05-07 16:17 - 04304384 _____ () C:\Users\Braden\Downloads\2014_102_9.ppt
2014-05-05 21:40 - 2014-05-15 11:45 - 23544320 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-05 20:25 - 2014-05-15 11:45 - 17382912 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-05 20:00 - 2014-05-15 11:45 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-05 19:10 - 2014-05-15 11:45 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-05-04 03:02 - 2014-05-04 03:02 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-05-04 03:02 - 2014-05-04 03:02 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-05-02 18:03 - 2014-05-02 18:03 - 00000000 __SHD () C:\Users\Braden\AppData\Local\EmieUserList
2014-05-02 18:03 - 2014-05-02 18:03 - 00000000 __SHD () C:\Users\Braden\AppData\Local\EmieSiteList
2014-05-02 17:57 - 2014-05-02 17:57 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-02 17:57 - 2013-08-22 12:12 - 00000000 ____D () C:\windows\ShellNew
2014-05-02 17:57 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-05-02 17:56 - 2014-05-02 17:56 - 00000000 ____D () C:\windows\PCHEALTH
2014-05-02 17:56 - 2014-05-02 17:56 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-05-02 17:56 - 2014-05-02 17:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-02 17:56 - 2014-05-02 17:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-05-02 17:56 - 2014-05-02 17:52 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-05-02 17:53 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Common Files\System
2014-05-02 17:52 - 2014-05-02 17:52 - 00000000 __RHD () C:\MSOCache
2014-05-02 17:52 - 2014-05-02 17:52 - 00000000 ____D () C:\Users\Braden\AppData\Local\Microsoft Help
2014-05-02 17:52 - 2014-05-02 17:52 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-05-02 17:52 - 2014-05-02 17:52 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-05-02 17:51 - 2014-05-02 17:49 - 00000000 ____D () C:\Users\Braden\Downloads\Microsoft_Office_Professional_Plus_2013_with_SP1_64-bit_(English)_X19-39668
2014-05-02 17:49 - 2014-05-02 17:47 - 00003119 _____ () C:\Users\Braden\Downloads\SecureDownloadManager.log
2014-05-02 17:47 - 2014-05-02 17:47 - 00000183 _____ () C:\Users\Braden\Downloads\100290475831.sdx
2014-05-02 17:46 - 2014-05-02 17:46 - 00000000 ____D () C:\Users\Braden\AppData\Roaming\e-academy Inc
2014-05-02 17:46 - 2014-05-02 17:45 - 00775168 _____ () C:\Users\Braden\Downloads\SDM_EN.msi
2014-05-02 16:21 - 2014-05-02 16:21 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-02 16:21 - 2014-05-02 16:21 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-02 11:57 - 2014-05-02 11:57 - 00199792 _____ () C:\Users\Braden\Downloads\Retail License Lottery Results (1).xlsx
2014-05-02 11:55 - 2014-05-02 11:55 - 00199792 _____ () C:\Users\Braden\Downloads\Retail License Lottery Results.xlsx
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ___RD () C:\windows\ImmersiveControlPanel
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\zh-HK
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\uk-UA
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\tr-TR
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\th-TH
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\SystemResetPlatform
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\sr-Latn-RS
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\sr-Latn-CS
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\sl-SI
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\sk-SK
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\setup
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\ro-RO
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\migwiz
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\lv-LV
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\lt-LT
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\hr-HR
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\he-IL
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\et-EE
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\en-GB
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\bg-BG
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\ar-SA
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\MediaViewer
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\FileManager
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\Camera
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-05-02 01:38 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2014-05-02 01:38 - 2013-08-22 06:36 - 00000000 ____D () C:\windows\SysWOW64\oobe
2014-05-02 01:38 - 2013-08-22 06:36 - 00000000 ____D () C:\windows\SysWOW64\Dism
2014-05-02 01:38 - 2013-08-22 06:36 - 00000000 ____D () C:\windows\system32\Sysprep
2014-05-02 01:38 - 2013-08-22 06:36 - 00000000 ____D () C:\windows\system32\oobe
2014-05-02 01:38 - 2013-08-22 06:36 - 00000000 ____D () C:\windows\system32\Dism
2014-05-02 01:38 - 2013-08-22 06:36 - 00000000 ____D () C:\windows\servicing
2014-05-02 00:20 - 2014-05-02 00:20 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-05-02 00:18 - 2014-05-02 00:18 - 00233912 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2014-05-02 00:18 - 2014-05-02 00:18 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-05-02 00:18 - 2014-05-02 00:18 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-05-02 00:18 - 2014-05-02 00:18 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-05-02 00:18 - 2014-05-02 00:18 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-05-02 00:18 - 2014-05-02 00:18 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-05-02 00:18 - 2014-05-02 00:18 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-05-02 00:18 - 2014-05-02 00:18 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-05-02 00:18 - 2014-05-02 00:18 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-05-02 00:18 - 2014-05-02 00:18 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-05-01 13:30 - 2013-08-22 08:38 - 00693240 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-05-01 13:30 - 2013-08-22 08:38 - 00105464 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-30 21:05 - 2014-04-30 10:08 - 00027648 ___SH () C:\Users\Braden\Downloads\Thumbs.db
2014-04-27 16:15 - 2014-04-27 16:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-27 16:15 - 2014-04-24 11:16 - 00000000 ____D () C:\Users\Braden\AppData\Local\Google
2014-04-27 16:15 - 2014-04-24 11:16 - 00000000 ____D () C:\Users\Braden\AppData\Local\Deployment
2014-04-27 16:15 - 2014-04-24 11:16 - 00000000 ____D () C:\Program Files (x86)\Google

Some content of TEMP:
====================
C:\Users\Braden\AppData\Local\Temp\procexp64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== BCD ================================

Firmware Boot Manager
---------------------
identifier              {fwbootmgr}
displayorder            {bootmgr}
                        {ec01ead6-b068-11e3-8ac9-a05219a7a119}
                        {ec01ead7-b068-11e3-8ac9-a05219a7a119}
                        {ec01ead8-b068-11e3-8ac9-a05219a7a119}
timeout                 0

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume2
path                    \EFI\Microsoft\Boot\bootmgfw.efi
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {current}
resumeobject            {eb996dd0-b068-11e3-8ac9-a05219a7a119}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Firmware Application (101fffff)
-------------------------------
identifier              {ec01ead6-b068-11e3-8ac9-a05219a7a119}
description             EFI USB Device

Firmware Application (101fffff)
-------------------------------
identifier              {ec01ead7-b068-11e3-8ac9-a05219a7a119}
description             EFI DVD/CDROM

Firmware Application (101fffff)
-------------------------------
identifier              {ec01ead8-b068-11e3-8ac9-a05219a7a119}
description             EFI Network

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \windows\system32\winload.efi
description             Windows 8.1
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {ec01eadb-b068-11e3-8ac9-a05219a7a119}
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
osdevice                partition=C:
systemroot              \windows
resumeobject            {eb996dd0-b068-11e3-8ac9-a05219a7a119}
nx                      OptIn
bootmenupolicy          Standard
detecthal               Yes

Windows Boot Loader
-------------------
identifier              {ec01eadb-b068-11e3-8ac9-a05219a7a119}
device                  ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{ec01eadc-b068-11e3-8ac9-a05219a7a119}
path                    \windows\system32\winload.efi
description             Windows Recovery Environment
locale                  en-us
inherit                 {bootloadersettings}
displaymessage          Recovery
displaymessageoverride  Recovery
osdevice                ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{ec01eadc-b068-11e3-8ac9-a05219a7a119}
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes

Resume from Hibernate
---------------------
identifier              {eb996dd0-b068-11e3-8ac9-a05219a7a119}
device                  partition=C:
path                    \windows\system32\winresume.efi
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
recoverysequence        {ec01eadb-b068-11e3-8ac9-a05219a7a119}
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
filedevice              partition=C:
filepath                \hiberfil.sys
bootmenupolicy          Standard
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=\Device\HarddiskVolume2
path                    \EFI\Microsoft\Boot\memtest.efi
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 No

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {ec01eadc-b068-11e3-8ac9-a05219a7a119}
description             Windows Recovery
ramdisksdidevice        partition=\Device\HarddiskVolume1
ramdisksdipath          \Recovery\WindowsRE\boot.sdi



LastRegBack: 2014-05-19 00:04

==================== End Of Log ============================

Attached Files



#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,926 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:20 AM

Posted 31 May 2014 - 07:30 AM

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start
HKLM-x32\...\Run: [PureLeads Tray] => C:\Program Files (x86)\PureLeads\PureLeadsTray.exe [83232 2014-01-23] (PureLeads)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com/?type=599486&fr=spigot-yhp-ie
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {9820ACB6-42A4-48F2-888B-B5E2C8383F61} URL =
Winsock: Catalog9 01 C:\windows\SysWOW64\plsapp.dll [354592] (Sendori)
Winsock: Catalog9 02 C:\windows\SysWOW64\plsapp.dll [354592] (Sendori)
Winsock: Catalog9 03 C:\windows\SysWOW64\plsapp.dll [354592] (Sendori)
Winsock: Catalog9 04 C:\windows\SysWOW64\plsapp.dll [354592] (Sendori)
Winsock: Catalog9 16 C:\windows\SysWOW64\plsapp.dll [354592] (Sendori)
Winsock: Catalog9-x64 01 C:\windows\system32\plsapp64.dll [439296] (Sendori)
Winsock: Catalog9-x64 02 C:\windows\system32\plsapp64.dll [439296] (Sendori)
Winsock: Catalog9-x64 03 C:\windows\system32\plsapp64.dll [439296] (Sendori)
Winsock: Catalog9-x64 04 C:\windows\system32\plsapp64.dll [439296] (Sendori)
Winsock: Catalog9-x64 16 C:\windows\system32\plsapp64.dll [439296] (Sendori)
S2 plsapp; C:\Program Files (x86)\PureLeads\plsapp.exe [3690784 2014-01-23] (Sendori)
S2 PlsvcV1; C:\Program Files (x86)\PureLeads\PureLeadsSvc.exe [91936 2014-01-23] (PureLeads)
S2 PlsvcV2; C:\Program Files (x86)\PureLeads\PureLeads.Service.exe [24352 2014-01-23] (sendori)
C:\Program Files (x86)\PureLeads
End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.
===

What are the remaining issues with this computer?

#7 Mubarraz470

Mubarraz470
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Seattle
  • Local time:11:20 PM

Posted 05 June 2014 - 02:30 AM

Thank you for the information. As I stated, my "customer" chose to reset laptop to factory specs. It was reset a few days ago. He is experiencing some weird crashes so our work is probably not done. I'll have some new data to start this session over next week. I'm out of town until Monday and will be working on it that night.

 

Thank you again, I have all the tools ready to go. Can we keep this thread open, or shall I start a new one?

 

Mubarraz...



#8 nasdaq

nasdaq

  • Malware Response Team
  • 39,926 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:20 AM

Posted 05 June 2014 - 08:36 AM

Stay with this topic since it's the same computer.

#9 Mubarraz470

Mubarraz470
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Seattle
  • Local time:11:20 PM

Posted 11 June 2014 - 10:22 PM

Thank you, I will. Picking this back up again next week, was on vacation this week.



#10 Mubarraz470

Mubarraz470
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Seattle
  • Local time:11:20 PM

Posted 25 June 2014 - 12:20 AM

Please close this. My friend's system is working well. I'm opening a new one for my own, I think I have something a bit more serious and challenging :D



#11 nasdaq

nasdaq

  • Malware Response Team
  • 39,926 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:20 AM

Posted 25 June 2014 - 07:20 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users