Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

dllhost.exe


  • This topic is locked This topic is locked
5 replies to this topic

#1 X2djcart

X2djcart

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:29 PM

Posted 14 July 2014 - 10:36 AM

I believe I have a virus on all of the pc's.  I have attached the DDS.txt as outlined in the instructions.  I believe the BIOS have been updated as well.  The broadband network card has all of extra setting added to it.

Computer: Dell Latitude D830

 

 

Hello is there anyone who can me get this virus off my pc.

Attached Files


Edited by X2djcart, 14 July 2014 - 01:39 PM.


BC AdBot (Login to Remove)

 


#2 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,070 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:09:29 PM

Posted 19 July 2014 - 09:10 AM

Greetings and :welcome: to BleepingComputer,
My name is xXToffeeXx, but feel free to call me Toffee if it is easier for you. I will be helping you with your malware problems.
 
A few points to cover before we start:

  • Do not run any tools without being instructed to as this makes my job much harder in trying to figure out what you have done.
  • Make sure to read my instructions fully before attempting a step.
  • If you have problems or questions with any of the steps, feel free to ask me. I will be happy to answer any questions you have.
  • Please follow the topic by clicking on the "Follow this topic" button, and make sure a tick is in the "receive notifications" and is set to "Instantly". Any replies should be made in this topic by clicking the "Reply to this topic" button.
  • Important information in my posts will often be in bold, make sure to take note of these.
  • I will attempt to reply as soon as possible, and normally within 24 hours of your reply. If this is not possible or I have a delay then I will let you know.
  • I will bump a topic after 3 days of no activity, and then will give you another 2 days to reply before a topic is closed. If you need more time than this please let me know.
  • Lets get going now :thumbup2:

==========================
 
Hi X2djcart,
 
Please download Farbar Recovery Scan Tool and save it to your Desktop.
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.

Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.
 
--------------
 
To recap, in your next reply I would like to see the following. Make sure to copy & paste them unless I ask otherwise:

  • FRST.txt
  • Addition.txt

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#3 X2djcart

X2djcart
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:29 PM

Posted 22 July 2014 - 07:44 AM

Here you go:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:21-07-2014
Ran by X2ALMASEE (administrator) on WISHFULL on 21-07-2014 08:26:09
Running from C:\Users\X2ALMASEE\Desktop
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Sysinternals - www.sysinternals.com) C:\Users\X2ALMASEE\SysinternalsSuite\Tcpview.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_14_0_0_145_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe

==================== Registry (Whitelisted) ==================

HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [93696 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [93696 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-3419121912-63707900-122756666-1000\...\Policies\Explorer: []
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
ShortcutTarget: VPN Client.lnk -> C:\Windows\Installer\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}\Icon3E5562ED7.ico ()
Startup: C:\Users\DOCARTER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\X2ALMASEE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: AutoCAD Digital Signatures Icon Overlay Handler -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA888292DE06CCE01
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {2AB1C516-6654-4D3A-B3D6-2185BBCEB409} https://access-a1.xxxxxxxxxxx.com/+CSCOL+/csvrloader32.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 74.75.75.3 75.75.75.23 75.175.76.75
Tcpip\..\Interfaces\{15b74f87-80b2-4630-9af9-fa034ab1a534}: [NameServer]154.2.18.100,154.2.18.50

FireFox:
========
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/Lync,version=15.0 - C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)

Chrome:
=======
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\X2ALMASEE\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-14]
CHR Extension: (Google Wallet) - C:\Users\X2ALMASEE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-14]

========================== Services (Whitelisted) =================

R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
S2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528616 2010-03-23] (Cisco Systems, Inc.)
S3 DNXPG; C:\Users\X2ALMASEE\AppData\Local\Temp\DNXPG.exe [482176 2014-07-14] (Sysinternals - www.sysinternals.com) [File not signed]
S3 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1064752 2014-02-27] (Flexera Software LLC)
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [108032 2014-05-30] (Microsoft Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 mitsijm2014; C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [723744 2013-01-25] (Autodesk, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R2 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [308859 2010-03-23] (Cisco Systems, Inc.) [File not signed]
R3 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.)
R3 guardian2; C:\Windows\System32\Drivers\oz776.sys [69664 2009-09-09] (O2Micro)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-07-21] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
S4 WavxDMgr; C:\Windows\System32\DRIVERS\WavxDMgr.sys [205624 2009-03-06] (Wave Systems Corp.)

========================== Drivers MD5 =======================

C:\Windows\System32\DRIVERS\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys D0B388DA1D111A34366E04EB4A5DD156
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\djsvs.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D320BF87125326F996D4904FE24300FC
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 46387FB17B086D16DEA267D5BE23A2F2
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\drivers\bxvbdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60x.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bcmwl6.sys EB7C2DADF52F50F69F198C14C3556DC1
C:\Windows\system32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 85449EEBE8F8EBD6481EFBF0F352B4EB
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CVirtA.sys B5ECADF7708960F1818C7FA015F4C239
C:\Windows\system32\Drivers\CVPNDRVA.sys 18994842386FD3039279D7865740ABBD
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\dmvsc.sys 2A958EF85DB1B61FFCA65044FA4BCE9E
C:\Windows\System32\DRIVERS\dne2000.sys B5AA5AA5AC327BD7C1AEC0C58F0C1144
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 71BC35067CABC02C9453AEAA42B2E43E
C:\Windows\system32\drivers\evbdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\system32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\system32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legitB
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Fs_Rec.sys 7DAE5EBCC80E45D3253F4923DC424D05
C:\Windows\System32\DRIVERS\fvevol.sys E306A24D9694C724FA2491278BF50FDB
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\Drivers\oz776.sys F058C5F64DFF28A2C8D7D1D04171E604
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys A5EF29D5315111C80A5C1ABAD14C8972
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys 5CD5F9A5444E6CDCB0AC89BD62D8B76E
C:\Windows\System32\DRIVERS\igdkmd32.sys 9467514EA189475A6E7FDC5D7BDE9D3F
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys EB34CE31FABD4DC4343FD2AD16D2CAF9
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 4120DA10AA42A9996F4575DB9E3E6E6E
C:\Windows\System32\Drivers\ksecpkg.sys D3964885F0A11ACF51DA3AAA776973B2
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mbam.sys 8683C1B450F4B3872839308D836E0F92
C:\Windows\system32\drivers\MBAMSwissArmy.sys 12E71DA845D76665B56753AD149E32B3
C:\Windows\system32\drivers\mwac.sys BD27D97297934FD4217A37FD28A7ABC7
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MpFilter.sys 8072A7BB35D92CC621AC2605EEF79BC4
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 21F4B24ACFC79A483515BD986DD9043F
C:\Windows\System32\DRIVERS\mrxsmb.sys 5D16C921E3671636C0EBA3BBAAC5FD25
C:\Windows\System32\DRIVERS\mrxsmb10.sys 6D17A4791ACA19328C685D256349FEFC
C:\Windows\System32\DRIVERS\mrxsmb20.sys B81F204D146000BE76651A50670A5E9E
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\system32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 8C9C922D71F1CD4DEF73F186416B7896
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\system32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NisDrvWFP.sys FCBC2F48430EB0D7150A6521C0B84ACA
C:\Windows\system32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Ntfs.sys C8DFF8D07755A66C7A4A738930F0FEAC
C:\Windows\system32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys B3E25EE28883877076E0E1FF877D02E0
C:\Windows\system32\drivers\nvstor.sys 4380E59A170D88C4F1022EFF6719A8A4
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys 3F34A1B4C5F6475F320C275E63AFCE9B
C:\Windows\system32\drivers\parvdm.sys ==> MD5 is legit
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys ==> MD5 is legit
C:\Windows\system32\Drivers\RDPWD.sys F031683E6D1FEA157ABB2FF260B51E61
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\system32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\system32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys E4C2764065D66EA1D2D3EBC28FE99C46
C:\Windows\System32\DRIVERS\srv2.sys 03F0545BD8D4C77FA0AE1CEEDFCC71AB
C:\Windows\System32\DRIVERS\VSTAZL3.SYS E00FDFAFF025E94F9821153750C35A6D
C:\Windows\System32\DRIVERS\VSTDPV3.SYS CEB4E3B6890E1E42DCA6694D9E59E1A0
C:\Windows\System32\DRIVERS\VSTCNXT3.SYS BC0C7EA89194C299F051C24119000E17
C:\Windows\System32\DRIVERS\srvnet.sys BE6BD660CAA6F291AE06A718A4FA8ABC
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\synth3dvsc.sys F2AD8960812FD111E20E84659EF19D43
C:\Windows\System32\drivers\tcpip.sys 5579DD18546999F5D0EC39D018726C6B
C:\Windows\System32\DRIVERS\tcpip.sys 5579DD18546999F5D0EC39D018726C6B
C:\Windows\System32\drivers\tcpipreg.sys 3EEBD3BD93DA46A26E89893C7AB2FF3B
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 2C2C5AFE7EE4F620D69C23C0617651A8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\system32\drivers\terminpt.sys 052306FD76793D5D5AB5D9891FD1ADBB
C:\Windows\System32\DRIVERS\tssecsrv.sys B37B08F2E5EEB1A37E448E09BACE1101
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\system32\drivers\TsUsbGD.sys 01246F0BAAD7B68EC0F472AA41E33282
C:\Windows\System32\drivers\tsusbhub.sys 045ACB987C650D8186C6B4A692223860
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbccgp.sys 0803FBA9FE829D61AE26EC0BCC910C46
C:\Windows\system32\drivers\usbcir.sys 2352AB5F9F8F097BF9D41D5A4718A041
C:\Windows\System32\DRIVERS\usbehci.sys D40855F89B69305140BBD7E9A3BA2DA6
C:\Windows\System32\DRIVERS\usbhub.sys EDF2DF71C4F1E13A6AC75F5224DE655A
C:\Windows\system32\drivers\usbohci.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit
C:\Windows\system32\drivers\USBSTOR.SYS F991AB9CC6B908DB552166768176896A
C:\Windows\System32\DRIVERS\usbuhci.sys 800AABFD625EEFF899F7E5496BDE37AB
C:\Windows\System32\DRIVERS\VClone.sys DAEF3AC067094497402C77476BBC3540
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viac7.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys 7090D3436EEB4E7DA3373090A23448F7
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WavxDMgr.sys 1A72B3DC868BEEB86B98681A236BC20B
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys 25944D2CC49E0A6C581D02A74B7D6645
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys 06E6F32C8D0A3F66D956F57B43A2E070

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-07-21 08:26 - 2014-07-21 08:27 - 00024880 _____ () C:\Users\X2ALMASEE\Desktop\FRST.txt
2014-07-21 08:25 - 2014-07-21 08:26 - 00000000 ____D () C:\FRST
2014-07-21 08:24 - 2014-07-21 08:24 - 01080320 _____ (Farbar) C:\Users\X2ALMASEE\Desktop\FRST.exe
2014-07-21 08:24 - 2009-06-10 17:39 - 00000824 _____ () C:\Users\X2ALMASEE\Documents\hosts - Copy (2)
2014-07-21 08:24 - 2009-06-10 17:39 - 00000824 _____ () C:\Users\X2ALMASEE\Documents\hosts - Copy
2014-07-21 08:15 - 2014-07-21 08:15 - 00000000 ____D () C:\Windows\LastGood
2014-07-16 11:20 - 2010-03-23 13:30 - 00001073 _____ () C:\Users\X2ALMASEE\Documents\sig.dat
2014-07-16 11:14 - 2014-07-16 11:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Systems VPN Client
2014-07-16 11:14 - 2014-07-16 11:14 - 00000000 ____D () C:\Program Files\Common Files\Deterministic Networks
2014-07-16 09:35 - 2014-07-16 09:35 - 00000000 ____D () C:\Users\X2ALMASEE\AppData\Local\Adobe
2014-07-16 08:04 - 2014-07-16 08:04 - 00000000 ____D () C:\Users\X2ALMASEE\AppData\Local\Apps\2.0
2014-07-14 20:17 - 2014-07-17 19:48 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-14 20:17 - 2014-07-14 20:17 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-14 20:17 - 2014-07-14 20:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-07-14 20:17 - 2014-07-14 20:17 - 00000000 ____D () C:\Users\X2ALMASEE\AppData\Roaming\Macromedia
2014-07-14 20:14 - 2014-07-14 20:14 - 01057688 _____ (Adobe) C:\Users\X2ALMASEE\Documents\install_flashplayer14x32ax_chra_dy_awa_aih.exe
2014-07-14 17:57 - 2014-07-14 17:57 - 00014088 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\Drivers\PROCEXP141.SYS
2014-07-14 17:42 - 2014-07-14 17:42 - 00000000 ____D () C:\Users\X2ALMASEE\AppData\Roaming\Adobe
2014-07-14 17:41 - 2014-07-14 17:41 - 00002471 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-07-14 17:41 - 2014-07-14 17:41 - 00001993 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-07-14 17:40 - 2014-07-14 17:40 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-07-14 17:40 - 2014-07-14 17:40 - 00000000 ____D () C:\Program Files\Adobe
2014-07-14 16:04 - 2014-07-13 11:22 - 00161520 _____ () C:\Users\X2ALMASEE\Documents\GDIPFONTCACHEV1.DAT
2014-07-14 15:42 - 2014-07-14 15:42 - 29720784 _____ (Microsoft Corporation) C:\Users\X2ALMASEE\Downloads\IE11-Windows6.1-x86-en-us.exe
2014-07-14 15:01 - 2014-07-14 16:56 - 00000134 _____ () C:\Users\X2ALMASEE\Desktop\Internet Explorer Troubleshooting.url
2014-07-14 15:01 - 2014-06-26 17:38 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-14 15:00 - 2014-07-14 15:00 - 00000000 ____D () C:\Users\X2ALMASEE\AppData\Roaming\Google
2014-07-14 14:58 - 2014-07-14 20:11 - 00002135 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-14 14:58 - 2014-07-14 14:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-14 14:56 - 2014-07-21 08:18 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-14 14:56 - 2014-07-21 08:13 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-14 14:56 - 2014-07-14 15:47 - 00000000 ____D () C:\Users\X2ALMASEE\AppData\Local\Google
2014-07-14 14:56 - 2014-07-14 14:58 - 00000000 ____D () C:\Program Files\Google
2014-07-14 14:55 - 2014-07-14 17:43 - 00000000 ____D () C:\ProgramData\Adobe
2014-07-14 12:51 - 2014-07-14 12:51 - 00000000 ____D () C:\Program Files\Broadcom
2014-07-14 12:50 - 2014-07-14 12:50 - 05002248 _____ () C:\Users\X2ALMASEE\Downloads\R116101.EXE
2014-07-14 12:50 - 2014-07-14 12:50 - 00000000 ____D () C:\dell
2014-07-14 11:44 - 2014-07-14 16:36 - 00001170 _____ () C:\Users\X2ALMASEE\Desktop\ListCWall.txt
2014-07-14 11:44 - 2014-07-14 11:44 - 00400632 _____ (Bleeping Computer, LLC) C:\Users\X2ALMASEE\Downloads\ListCWall.exe
2014-07-14 11:19 - 2014-07-14 11:19 - 00008347 _____ () C:\Users\X2ALMASEE\Desktop\attach.txt
2014-07-14 10:45 - 2014-07-14 10:45 - 00037921 _____ () C:\Users\X2ALMASEE\Downloads\Shortcut.txt
2014-07-14 10:45 - 2014-07-14 10:45 - 00000282 _____ () C:\Users\X2ALMASEE\Desktop\Addition.txt
2014-07-14 10:44 - 2014-07-14 10:45 - 00028868 _____ () C:\Users\X2ALMASEE\Downloads\Addition.txt
2014-07-14 10:39 - 2014-07-14 10:39 - 00925696 _____ (Farbar) C:\Users\X2ALMASEE\Downloads\ListParts.exe
2014-07-14 10:39 - 2014-07-14 10:39 - 00005570 _____ () C:\Users\X2ALMASEE\Downloads\Result.txt
2014-07-14 10:10 - 2012-02-11 01:37 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-07-14 10:10 - 2011-03-11 01:38 - 00332160 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-07-14 10:10 - 2011-03-11 01:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-07-14 10:10 - 2011-03-11 01:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-07-14 10:09 - 2014-07-14 10:09 - 00001948 _____ () C:\Users\X2ALMASEE\Downloads\~ESETUninstaller.log
2014-07-14 10:09 - 2011-03-11 01:39 - 00143744 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-07-14 10:09 - 2011-03-11 01:39 - 00117120 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-07-14 10:09 - 2011-03-11 01:38 - 00080256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-07-14 10:09 - 2011-03-11 01:38 - 00022400 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-07-14 10:09 - 2011-03-11 00:01 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-07-14 10:09 - 2011-02-25 01:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-07-14 10:08 - 2014-07-14 10:08 - 00663552 _____ (ESET) C:\Users\X2ALMASEE\Downloads\ESETUninstaller.exe
2014-07-14 10:00 - 2014-07-14 10:00 - 00146816 _____ () C:\Windows\Minidump\071414-38859-01.dmp
2014-07-14 09:38 - 2014-07-14 09:38 - 00146816 _____ () C:\Windows\Minidump\071414-39936-01.dmp
2014-07-13 11:43 - 2014-07-13 11:43 - 00000147 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-07-13 10:25 - 2009-06-10 17:20 - 00000802 _____ () C:\Users\X2ALMASEE\Documents\FXSEXT.ecf
2014-07-11 13:03 - 2014-07-14 10:00 - 238953228 _____ () C:\Windows\MEMORY.DMP
2014-07-11 13:03 - 2014-07-14 10:00 - 00000000 ____D () C:\Windows\Minidump
2014-07-11 13:03 - 2014-07-11 13:03 - 00146816 _____ () C:\Windows\Minidump\071114-35771-01.dmp
2014-07-11 12:20 - 2014-06-06 05:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-11 12:20 - 2014-05-30 02:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-11 12:20 - 2014-05-28 05:51 - 10992640 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-11 12:20 - 2014-05-28 05:51 - 06043136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-11 12:20 - 2014-05-28 05:51 - 02078208 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-11 12:20 - 2014-05-28 05:51 - 01234432 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-11 12:20 - 2014-05-28 05:51 - 00981504 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-11 12:20 - 2014-05-28 05:51 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-11 12:20 - 2014-05-28 05:51 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-11 12:20 - 2014-05-28 05:51 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-11 12:20 - 2014-05-28 05:51 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-11 12:20 - 2014-05-28 05:51 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-11 12:20 - 2014-05-28 05:51 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-11 12:20 - 2014-05-28 05:51 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-11 12:20 - 2014-05-28 05:51 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-11 12:20 - 2014-05-28 05:50 - 01466368 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-11 12:20 - 2014-05-28 05:50 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-11 12:20 - 2014-05-28 05:50 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-11 12:20 - 2014-05-28 05:50 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-11 12:20 - 2014-05-28 04:54 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-11 12:20 - 2013-05-09 23:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-07-11 10:23 - 2012-12-07 08:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-07-11 10:23 - 2012-12-07 08:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-07-11 10:23 - 2012-12-07 06:46 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-07-11 10:23 - 2012-12-07 06:46 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-07-11 10:23 - 2012-12-07 06:46 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-07-11 10:23 - 2012-12-07 06:46 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-07-11 10:23 - 2012-12-07 06:46 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-07-11 10:23 - 2012-12-07 06:46 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-07-11 10:23 - 2012-12-07 06:46 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-07-11 10:23 - 2012-12-07 06:46 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-07-11 10:23 - 2012-12-07 06:46 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-07-11 10:23 - 2012-12-07 06:46 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-07-11 10:23 - 2012-12-07 06:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-07-11 10:23 - 2012-12-07 06:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-07-11 10:23 - 2012-12-07 06:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-07-11 10:23 - 2012-12-07 06:46 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-07-11 10:22 - 2014-06-17 21:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-11 10:22 - 2014-06-17 20:52 - 02350080 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-11 10:22 - 2014-05-30 03:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-11 10:22 - 2014-05-30 03:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-11 10:22 - 2014-05-30 03:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-11 10:22 - 2014-05-30 03:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-11 10:22 - 2014-05-30 03:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-11 10:22 - 2014-05-30 03:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-11 10:22 - 2014-05-30 03:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-11 10:22 - 2011-12-30 01:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-07-11 10:21 - 2014-06-29 21:40 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-11 10:21 - 2014-06-29 21:36 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-11 10:21 - 2014-06-05 10:26 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-11 10:21 - 2014-04-11 22:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-07-11 10:21 - 2014-04-11 22:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-07-11 10:21 - 2014-04-11 22:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-07-11 10:21 - 2014-04-11 22:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-07-11 10:21 - 2014-04-11 22:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-07-11 10:21 - 2014-04-11 22:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-07-11 10:21 - 2013-07-04 08:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-07-11 10:17 - 2013-09-07 22:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-07-11 10:17 - 2012-08-22 13:16 - 00712048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-07-11 10:17 - 2012-07-04 15:45 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-07-11 10:16 - 2014-02-03 22:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-07-11 10:16 - 2014-02-03 22:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-07-11 10:16 - 2014-02-03 22:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-07-11 10:16 - 2014-02-03 22:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-07-11 10:16 - 2014-01-27 22:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-07-11 10:16 - 2013-12-31 19:05 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-07-11 10:16 - 2013-10-29 22:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-07-11 10:16 - 2013-10-03 21:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-07-11 10:16 - 2013-10-03 21:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-07-11 10:16 - 2013-10-03 21:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-07-11 10:16 - 2013-08-28 21:50 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-07-11 10:16 - 2013-08-28 21:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-07-11 10:16 - 2013-08-28 21:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-07-11 10:16 - 2013-08-27 20:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-07-11 10:16 - 2013-03-19 00:48 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-07-11 10:16 - 2013-03-18 23:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-07-11 10:16 - 2013-03-18 22:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-07-11 10:16 - 2013-01-24 00:47 - 00196328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-07-11 10:16 - 2012-08-21 16:12 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2014-07-11 10:16 - 2011-06-16 00:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-07-11 10:16 - 2011-02-18 01:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-07-11 10:15 - 2012-10-03 12:42 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-07-11 10:15 - 2012-10-03 12:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-07-11 10:15 - 2012-10-03 12:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-07-11 10:15 - 2012-10-03 12:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-07-11 10:15 - 2012-10-03 12:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-07-11 10:15 - 2012-10-03 12:40 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-07-11 10:15 - 2012-10-03 11:21 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-07-11 10:15 - 2012-05-05 03:46 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-07-11 10:15 - 2011-05-04 00:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-07-11 10:15 - 2011-05-04 00:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-07-11 10:15 - 2011-05-04 00:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-07-11 10:15 - 2011-05-04 00:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-07-11 10:15 - 2011-05-04 00:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-07-11 10:15 - 2011-05-04 00:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-07-11 10:15 - 2011-05-04 00:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-07-11 10:15 - 2011-05-04 00:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-07-11 10:15 - 2011-05-04 00:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-07-11 10:14 - 2014-01-23 22:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-07-11 10:14 - 2013-12-03 22:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-07-11 10:14 - 2013-12-03 22:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-07-11 10:14 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-07-11 10:14 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-07-11 10:14 - 2013-12-03 22:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-07-11 10:14 - 2013-12-03 21:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-07-11 10:14 - 2013-12-03 21:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-07-11 10:14 - 2013-12-03 21:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-07-11 10:14 - 2013-12-03 21:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-07-11 10:14 - 2013-08-04 21:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-07-11 10:14 - 2013-07-09 00:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-07-11 10:14 - 2013-07-09 00:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-07-11 10:14 - 2013-07-04 07:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-07-11 10:14 - 2013-07-04 07:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-07-11 10:14 - 2013-07-04 07:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-07-11 10:14 - 2013-07-04 05:48 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-07-11 10:14 - 2013-07-02 23:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-07-11 10:14 - 2013-07-02 23:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-07-11 10:14 - 2012-10-09 13:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-07-11 10:14 - 2012-10-09 13:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-07-11 10:14 - 2012-05-01 00:44 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-07-11 10:14 - 2012-04-17 00:34 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-11 10:14 - 2012-04-07 07:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-07-11 10:14 - 2012-01-04 04:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-07-11 10:13 - 2013-02-11 23:32 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-07-11 10:13 - 2011-04-28 22:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-07-11 10:13 - 2011-04-28 22:46 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-07-11 10:13 - 2011-04-28 22:46 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-07-11 10:12 - 2012-11-02 01:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-07-11 10:11 - 2013-08-27 04:21 - 01077760 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-07-11 10:11 - 2013-08-27 04:21 - 00808448 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-07-11 10:11 - 2011-03-03 01:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-07-11 10:11 - 2011-03-03 01:38 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-07-11 10:11 - 2011-03-03 01:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-07-11 10:10 - 2014-03-04 05:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-07-11 10:10 - 2014-03-04 05:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-07-11 10:10 - 2014-03-04 05:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-07-11 10:10 - 2014-03-04 05:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-07-11 10:10 - 2014-03-04 05:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-07-11 10:10 - 2014-03-04 05:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-07-11 10:10 - 2014-03-04 05:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-07-11 10:10 - 2014-03-04 05:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-07-11 10:10 - 2014-03-04 05:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-07-11 10:10 - 2014-03-04 05:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-07-11 10:10 - 2014-03-04 05:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-07-11 10:10 - 2013-10-18 21:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-07-11 10:09 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-07-11 10:09 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-07-11 10:09 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-07-11 10:09 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-07-11 10:09 - 2013-11-11 22:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-07-11 10:09 - 2013-10-11 22:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-07-11 10:09 - 2013-10-11 22:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-07-11 10:09 - 2013-10-11 21:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-07-11 10:09 - 2013-10-11 21:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-07-11 10:09 - 2013-08-01 07:03 - 00729024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-07-11 10:09 - 2013-04-10 01:18 - 00218984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-07-11 10:09 - 2012-04-27 23:17 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-07-11 10:09 - 2011-08-27 00:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-07-11 10:09 - 2011-08-27 00:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-07-11 10:09 - 2011-08-17 00:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-07-11 10:09 - 2011-08-17 00:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-07-11 10:09 - 2011-07-08 22:30 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-07-11 10:09 - 2011-05-24 06:44 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-07-11 10:09 - 2011-04-26 22:17 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-07-11 10:09 - 2011-04-26 22:17 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-07-11 10:08 - 2013-07-20 06:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-07-11 10:08 - 2013-06-06 00:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-07-11 10:08 - 2013-06-06 00:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-07-11 10:08 - 2013-06-06 00:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-07-11 10:08 - 2013-06-05 23:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-07-11 10:08 - 2013-06-05 23:01 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-07-11 10:08 - 2013-05-12 23:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-07-11 10:08 - 2013-05-12 23:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-07-11 10:08 - 2013-04-26 00:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-07-11 10:08 - 2013-02-15 00:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-07-11 10:08 - 2013-02-15 00:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-07-11 10:08 - 2013-02-14 23:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-07-11 10:08 - 2011-05-03 00:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-07-11 10:07 - 2013-12-09 22:02 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-11 10:07 - 2012-06-06 01:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-07-11 10:07 - 2011-11-19 10:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-07-11 10:07 - 2011-10-15 01:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-07-11 10:07 - 2011-02-12 01:35 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-07-11 10:06 - 2013-07-25 04:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-07-11 10:06 - 2012-07-04 17:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-07-11 10:06 - 2012-07-04 17:14 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-07-11 10:06 - 2012-07-04 17:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-07-11 10:06 - 2010-12-23 01:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-07-11 10:06 - 2010-12-23 01:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-07-11 10:06 - 2010-12-23 01:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-07-11 10:05 - 2013-10-03 21:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-07-11 10:05 - 2013-10-03 21:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-07-11 10:05 - 2011-10-26 00:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-07-11 10:05 - 2011-10-26 00:32 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-07-09 10:37 - 2014-04-04 22:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-07-09 10:37 - 2014-04-04 22:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-07-09 10:37 - 2013-11-26 07:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-07-09 10:35 - 2012-04-26 00:45 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-07-09 10:35 - 2012-04-26 00:45 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-07-09 10:35 - 2012-04-26 00:41 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-07-09 10:35 - 2011-12-16 03:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-07-09 08:37 - 2014-07-09 08:37 - 00000000 ____D () C:\Program Files\Cisco Systems
2014-07-09 08:36 - 2010-12-20 12:48 - 08001536 ____N () C:\Users\X2ALMASEE\Downloads\vpnclient-win-msi-5.0.07.0290-k9.exe
2014-07-09 08:19 - 2014-03-24 22:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-07-09 08:19 - 2013-10-02 21:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-07-09 08:19 - 2013-07-25 21:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-07-09 08:19 - 2013-07-12 06:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-07-09 08:19 - 2012-09-25 18:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-07-09 08:19 - 2012-03-17 03:27 - 00056176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-07-09 08:19 - 2011-11-17 01:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-07-09 08:19 - 2011-06-15 04:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\odbcjt32.dll
2014-07-09 08:19 - 2011-06-15 04:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-07-09 08:19 - 2011-06-15 04:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-07-09 08:19 - 2011-06-15 04:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-07-09 08:19 - 2011-06-15 04:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-07-09 08:18 - 2013-10-05 15:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-07-09 08:18 - 2013-07-09 00:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-07-09 08:18 - 2013-07-09 00:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-07-09 08:17 - 2013-10-11 22:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-07-09 08:17 - 2013-10-11 22:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-07-09 08:17 - 2013-10-11 22:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-07-09 08:17 - 2012-05-14 00:33 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-07-09 08:16 - 2014-05-08 05:06 - 00919040 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-07-09 08:16 - 2014-03-04 05:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-07-09 08:16 - 2013-08-01 21:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-07-09 08:16 - 2013-08-01 21:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-07-09 08:16 - 2013-08-01 21:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-07-09 08:16 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-07-09 08:16 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-07-09 08:16 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-07-09 08:16 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-07-09 08:16 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-07-09 08:16 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-07-09 08:16 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-07-09 08:16 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-07-09 08:16 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-07-09 08:16 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-07-09 08:16 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-07-09 08:16 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-07-09 08:16 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-07-09 08:16 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-07-09 08:16 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-07-09 08:16 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-07-09 08:16 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-07-09 08:16 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-07-09 08:16 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-07-09 08:16 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-07-09 08:16 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-07-09 08:16 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-07-09 08:16 - 2013-08-01 20:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-07-09 08:16 - 2013-08-01 20:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-07-09 08:16 - 2013-08-01 20:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-07-09 08:16 - 2013-08-01 20:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-07-09 08:16 - 2013-08-01 20:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-07-09 08:16 - 2012-11-22 22:48 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-07-08 18:32 - 2013-11-26 21:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-07-08 18:32 - 2013-11-26 21:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-07-08 18:32 - 2013-11-26 21:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-07-08 18:32 - 2013-11-26 21:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-07-08 18:32 - 2013-11-26 21:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-07-08 18:32 - 2013-11-26 21:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-07-08 18:31 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-07-08 18:31 - 2011-04-09 01:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-07-08 18:30 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-07-08 18:30 - 2013-06-25 18:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-07-08 18:30 - 2011-03-11 01:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-07-08 18:30 - 2011-03-11 01:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-07-08 18:30 - 2011-02-23 00:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-07-08 18:29 - 2013-02-27 01:05 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-07-08 18:29 - 2013-02-27 00:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-07-08 12:54 - 2012-07-25 23:39 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-07-08 12:54 - 2012-07-25 23:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-07-08 12:54 - 2012-07-25 23:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-07-08 12:54 - 2012-07-25 23:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-07-08 12:54 - 2012-07-25 23:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-07-08 12:54 - 2012-07-25 23:20 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-07-08 12:54 - 2012-07-25 22:46 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-07-08 12:54 - 2012-07-25 22:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-07-08 12:54 - 2012-07-25 22:32 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-07-08 12:54 - 2012-06-02 10:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-07-08 12:54 - 2012-06-02 10:34 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-07-08 12:53 - 2012-03-01 01:46 - 00019824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-07-08 12:53 - 2012-03-01 01:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-07-08 12:43 - 2013-06-14 23:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-07-08 12:25 - 2014-07-08 12:25 - 00161520 _____ () C:\Users\DOCARTER\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-08 12:25 - 2014-07-08 12:25 - 00001421 _____ () C:\Users\DOCARTER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-08 12:25 - 2014-07-08 12:25 - 00000020 ___SH () C:\Users\DOCARTER\ntuser.ini
2014-07-07 20:37 - 2014-07-07 20:37 - 00000000 __RSH () C:\MSDOS.SYS
2014-07-07 20:37 - 2014-07-07 20:37 - 00000000 __RSH () C:\IO.SYS
2014-07-07 19:59 - 2012-02-17 01:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-07-07 19:59 - 2012-02-17 00:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-07-07 19:50 - 2014-07-13 11:22 - 00161520 _____ () C:\Users\X2ALMASEE\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-07 19:50 - 2014-07-07 19:50 - 00001421 _____ () C:\Users\X2ALMASEE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-07 19:50 - 2012-06-02 18:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-07-07 19:50 - 2012-06-02 18:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-07-07 19:49 - 2014-07-07 19:49 - 00000000 ____D () C:\Program Files\Intel
2014-07-07 19:49 - 2012-06-02 18:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-07-07 19:49 - 2012-06-02 18:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-07-07 19:49 - 2012-06-02 18:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-07-07 19:49 - 2012-06-02 18:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-07-07 19:49 - 2012-06-02 18:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-07-07 19:49 - 2009-09-23 11:49 - 00140288 _____ () C:\Windows\system32\igfxtvcx.dll
2014-07-07 19:48 - 2014-07-07 19:48 - 00000020 ___SH () C:\Users\X2ALMASEE\ntuser.ini
2014-07-07 19:48 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-07-07 19:48 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-07-07 19:43 - 2014-07-07 19:43 - 00262144 _____ () C:\Windows\system32\config\userdiff
2014-07-07 16:29 - 2014-07-07 16:29 - 00021316 _____ () C:\Windows\system32\emptyregdb.dat
2014-07-07 16:26 - 2014-07-21 08:26 - 01762282 _____ () C:\Windows\WindowsUpdate.log
2014-07-07 16:22 - 2014-07-07 16:22 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-07-07 15:50 - 2014-07-14 13:20 - 00000000 ____D () C:\Users\DOCARTER
2014-07-07 15:50 - 2014-07-13 11:50 - 00000000 ____D () C:\Users\X2ALMASEE
2014-07-07 15:50 - 2009-07-14 00:42 - 00000000 ___RD () C:\Users\X2ALMASEE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-07 15:50 - 2009-07-14 00:42 - 00000000 ___RD () C:\Users\DOCARTER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-07 15:50 - 2009-07-14 00:37 - 00000000 ___RD () C:\Users\X2ALMASEE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-07-07 15:50 - 2009-07-14 00:37 - 00000000 ___RD () C:\Users\DOCARTER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-07-07 15:46 - 2014-07-07 15:49 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-07-07 14:46 - 2014-07-07 16:33 - 00006060 _____ () C:\Windows\comsetup.log
2014-07-07 14:32 - 2014-07-07 14:32 - 00002650 _____ () C:\Users\X2ALMASEE\Desktop\Windows Compatibility Report.htm
2014-07-07 14:30 - 2014-07-07 14:36 - 00001890 _____ () C:\Windows\diagwrn.xml
2014-07-07 14:30 - 2014-07-07 14:36 - 00001890 _____ () C:\Windows\diagerr.xml
2014-07-07 09:44 - 2014-07-07 09:44 - 00000000 ____D () C:\Users\DOCARTER\AppData\Local\VirtualStore
2014-07-06 14:47 - 2014-07-06 14:47 - 00000000 ____D () C:\Users\X2ALMASEE\AppData\Local\VirtualStore
2014-07-06 14:17 - 2014-07-06 14:17 - 00604992 _____ (Microsoft Corporation) C:\Users\X2ALMASEE\Downloads\WMIDiag.exe
2014-07-06 14:15 - 2014-07-06 14:15 - 00000000 ____D () C:\Users\X2ALMASEE\Documents\VAMT2
2014-07-06 14:14 - 2014-07-07 15:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAMT 2.0
2014-07-06 14:14 - 2014-07-07 15:56 - 00000000 ____D () C:\Program Files\VAMT 2.0
2014-07-06 14:13 - 2014-07-06 14:13 - 04984832 _____ () C:\Users\X2ALMASEE\Downloads\vamtMMC.msi
2014-07-06 14:05 - 2012-06-05 18:30 - 00000981 _____ () C:\Users\X2ALMASEE\Documents\server.key
2014-07-06 14:00 - 2014-06-26 17:26 - 00103969 _____ () C:\Users\X2ALMASEE\Documents\setupact.log
2014-07-06 09:38 - 2014-01-10 18:31 - 00000032 _____ () C:\Users\X2ALMASEE\Documents\Setup.log
2014-07-06 09:23 - 2014-07-16 10:13 - 00001594 _____ () C:\Windows\VPNUnInstall.MIF
2014-07-04 20:00 - 2014-07-04 20:00 - 00000000 _____ () C:\Windows\system32\LWPMGZA
2014-07-04 19:23 - 2014-07-04 19:23 - 00025992 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\pgdfgsvc.exe
2014-07-04 16:09 - 2014-07-07 16:19 - 00000000 ____D () C:\Users\X2ALMASEE\SysinternalsSuite
2014-07-04 16:07 - 2014-07-04 16:07 - 13395687 _____ () C:\Users\X2ALMASEE\Downloads\SysinternalsSuite.zip
2014-07-04 15:36 - 2014-07-07 16:19 - 00000000 ____D () C:\Users\X2ALMASEE\Downloads\ProcessExplorer
2014-07-04 15:36 - 2014-07-04 15:36 - 01243655 _____ () C:\Users\X2ALMASEE\Downloads\ProcessExplorer (1).zip
2014-07-04 15:16 - 2014-07-07 15:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2014-07-04 15:16 - 2014-07-07 15:56 - 00000000 ____D () C:\Program Files\WinPcap
2014-07-04 15:15 - 2014-07-07 15:56 - 00000000 ____D () C:\Program Files\Wireshark
2014-06-29 13:16 - 2014-06-29 13:16 - 00080756 _____ () C:\Users\X2ALMASEE\Downloads\telnetEnable.zip
2014-06-28 20:46 - 2014-06-28 20:49 - 101862111 _____ () C:\Windows\system32\LX
2014-06-27 10:49 - 2014-06-25 16:44 - 00000656 _____ () C:\Users\X2ALMASEE\Documents\JRT.txt
2014-06-27 10:32 - 2014-06-27 10:32 - 01238357 _____ () C:\Users\X2ALMASEE\Downloads\D830_A17.exe
2014-06-25 16:31 - 2014-06-25 16:31 - 00001254 _____ () C:\Users\X2ALMASEE\Documents\VirusRemoveInstructions.txt
2014-06-25 16:30 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-06-25 14:32 - 2008-10-21 14:18 - 00000268 _____ () C:\Users\X2ALMASEE\Documents\tss1_license.txt
2014-06-25 14:31 - 2014-01-10 10:54 - 00000712 _____ () C:\Users\X2ALMASEE\Documents\state.rsm
2014-06-25 14:30 - 2014-06-18 19:18 - 00000004 ____T () C:\Users\X2ALMASEE\Documents\syncSharedMemoryForWakeupSemaphoreDREAMWISHER-X2ALMASEE-1
2014-06-25 14:30 - 2014-01-24 09:19 - 00001059 _____ () C:\Users\X2ALMASEE\Documents\regid.1991-06.com.microsoft Microsoft Visio Professional 2013.swidtag
2014-06-25 14:07 - 2014-06-25 13:41 - 00000000 _____ () C:\Users\X2ALMASEE\Documents\WavXMapDrive.bat
2014-06-25 09:21 - 2013-10-01 19:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-06-24 19:12 - 2014-06-24 19:12 - 01697368 _____ () C:\Users\X2ALMASEE\Downloads\setup-network-utilities.exe
2014-06-24 18:58 - 2014-07-08 10:54 - 00000412 __RSH () C:\ProgramData\ntuser.pol
2014-06-24 18:19 - 2014-06-24 18:19 - 00000000 _____ () C:\Windows\system32\WXS
2014-06-24 18:08 - 2014-05-16 12:36 - 00000000 ____D () C:\Users\X2ALMASEE\Documents\host
2014-06-23 17:10 - 2014-07-07 16:19 - 00000000 ____D () C:\Users\X2ALMASEE\Downloads\checksum
2014-06-22 18:20 - 2014-07-07 16:19 - 00000000 ____D () C:\Users\X2ALMASEE\Downloads\telnetEnable
2014-06-22 17:04 - 2014-06-22 17:04 - 01243655 _____ () C:\Users\X2ALMASEE\Downloads\ProcessExplorer.zip
2014-06-22 11:09 - 2014-07-07 15:59 - 00000000 ____D () C:\Windows\pss
2014-06-22 10:31 - 2014-06-18 19:11 - 00000806 _____ () C:\Users\X2ALMASEE\Documents\user.config
2014-06-22 09:12 - 2014-07-21 08:15 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-22 09:12 - 2014-07-07 15:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-22 09:12 - 2014-06-22 09:12 - 00001076 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-22 09:11 - 2014-07-07 15:56 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-22 09:11 - 2014-07-07 15:55 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-06-22 09:11 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-22 09:11 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-22 09:11 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-22 08:54 - 2014-07-07 16:19 - 00000000 ____D () C:\Users\X2ALMASEE\Downloads\AccessChk
2014-06-22 08:54 - 2014-06-22 08:54 - 00136200 _____ () C:\Users\X2ALMASEE\Downloads\AccessChk.zip
2014-06-22 08:53 - 2014-07-07 16:19 - 00000000 ____D () C:\Users\X2ALMASEE\Documents\DiskView

==================== One Month Modified Files and Folders =======

2014-07-21 08:27 - 2014-07-21 08:26 - 00024880 _____ () C:\Users\X2ALMASEE\Desktop\FRST.txt
2014-07-21 08:26 - 2014-07-21 08:25 - 00000000 ____D () C:\FRST
2014-07-21 08:26 - 2014-07-07 16:26 - 01762282 _____ () C:\Windows\WindowsUpdate.log
2014-07-21 08:26 - 2010-11-20 17:01 - 00780920 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-21 08:24 - 2014-07-21 08:24 - 01080320 _____ (Farbar) C:\Users\X2ALMASEE\Desktop\FRST.exe
2014-07-21 08:21 - 2009-07-14 00:34 - 00028480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-21 08:21 - 2009-07-14 00:34 - 00028480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-21 08:18 - 2014-07-14 14:56 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-21 08:18 - 2009-07-14 00:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-21 08:17 - 2009-07-14 00:53 - 00014124 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-21 08:15 - 2014-07-21 08:15 - 00000000 ____D () C:\Windows\LastGood
2014-07-21 08:15 - 2014-06-22 09:12 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-21 08:13 - 2014-07-14 14:56 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-21 08:13 - 2009-07-14 00:39 - 00372219 _____ () C:\Windows\setupact.log
2014-07-21 08:11 - 2014-01-10 13:50 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-07-21 08:06 - 2014-01-10 15:38 - 00002352 ____H () C:\Users\X2ALMASEE\Documents\Default.rdp
2014-07-21 08:04 - 2013-06-19 07:30 - 00091495 _____ () C:\Windows\IE11_main.log
2014-07-21 08:00 - 2009-07-14 00:52 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-07-17 19:48 - 2014-07-14 20:17 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-16 11:15 - 2014-01-22 08:44 - 00001594 _____ () C:\Windows\VPNInstall.MIF
2014-07-16 11:14 - 2014-07-16 11:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Systems VPN Client
2014-07-16 11:14 - 2014-07-16 11:14 - 00000000 ____D () C:\Program Files\Common Files\Deterministic Networks
2014-07-16 10:13 - 2014-07-06 09:23 - 00001594 _____ () C:\Windows\VPNUnInstall.MIF
2014-07-16 09:35 - 2014-07-16 09:35 - 00000000 ____D () C:\Users\X2ALMASEE\AppData\Local\Adobe
2014-07-16 08:04 - 2014-07-16 08:04 - 00000000 ____D () C:\Users\X2ALMASEE\AppData\Local\Apps\2.0
2014-07-14 20:17 - 2014-07-14 20:17 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-14 20:17 - 2014-07-14 20:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-07-14 20:17 - 2014-07-14 20:17 - 00000000 ____D () C:\Users\X2ALMASEE\AppData\Roaming\Macromedia
2014-07-14 20:14 - 2014-07-14 20:14 - 01057688 _____ (Adobe) C:\Users\X2ALMASEE\Documents\install_flashplayer14x32ax_chra_dy_awa_aih.exe
2014-07-14 20:11 - 2014-07-14 14:58 - 00002135 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-14 17:57 - 2014-07-14 17:57 - 00014088 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\Drivers\PROCEXP141.SYS
2014-07-14 17:43 - 2014-07-14 14:55 - 00000000 ____D () C:\ProgramData\Adobe
2014-07-14 17:42 - 2014-07-14 17:42 - 00000000 ____D () C:\Users\X2ALMASEE\AppData\Roaming\Adobe
2014-07-14 17:41 - 2014-07-14 17:41 - 00002471 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-07-14 17:41 - 2014-07-14 17:41 - 00001993 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-07-14 17:40 - 2014-07-14 17:40 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-07-14 17:40 - 2014-07-14 17:40 - 00000000 ____D () C:\Program Files\Adobe
2014-07-14 16:56 - 2014-07-14 15:01 - 00000134 _____ () C:\Users\X2ALMASEE\Desktop\Internet Explorer Troubleshooting.url
2014-07-14 16:48 - 2010-11-20 17:48 - 00012850 _____ () C:\Windows\PFRO.log
2014-07-14 16:36 - 2014-07-14 11:44 - 00001170 _____ () C:\Users\X2ALMASEE\Desktop\ListCWall.txt
2014-07-14 15:47 - 2014-07-14 14:56 - 00000000 ____D () C:\Users\X2ALMASEE\AppData\Local\Google
2014-07-14 15:42 - 2014-07-14 15:42 - 29720784 _____ (Microsoft Corporation) C:\Users\X2ALMASEE\Downloads\IE11-Windows6.1-x86-en-us.exe
2014-07-14 15:06 - 2014-01-10 13:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-14 15:03 - 2014-01-10 07:50 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-14 15:00 - 2014-07-14 15:00 - 00000000 ____D () C:\Users\X2ALMASEE\AppData\Roaming\Google
2014-07-14 14:58 - 2014-07-14 14:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-14 14:58 - 2014-07-14 14:56 - 00000000 ____D () C:\Program Files\Google
2014-07-14 14:58 - 2014-01-10 18:42 - 00000000 ____D () C:\ProgramData\Google
2014-07-14 13:20 - 2014-07-07 15:50 - 00000000 ____D () C:\Users\DOCARTER
2014-07-14 12:51 - 2014-07-14 12:51 - 00000000 ____D () C:\Program Files\Broadcom
2014-07-14 12:50 - 2014-07-14 12:50 - 05002248 _____ () C:\Users\X2ALMASEE\Downloads\R116101.EXE
2014-07-14 12:50 - 2014-07-14 12:50 - 00000000 ____D () C:\dell
2014-07-14 11:44 - 2014-07-14 11:44 - 00400632 _____ (Bleeping Computer, LLC) C:\Users\X2ALMASEE\Downloads\ListCWall.exe
2014-07-14 11:19 - 2014-07-14 11:19 - 00008347 _____ () C:\Users\X2ALMASEE\Desktop\attach.txt
2014-07-14 10:45 - 2014-07-14 10:45 - 00037921 _____ () C:\Users\X2ALMASEE\Downloads\Shortcut.txt
2014-07-14 10:45 - 2014-07-14 10:45 - 00000282 _____ () C:\Users\X2ALMASEE\Desktop\Addition.txt
2014-07-14 10:45 - 2014-07-14 10:44 - 00028868 _____ () C:\Users\X2ALMASEE\Downloads\Addition.txt
2014-07-14 10:39 - 2014-07-14 10:39 - 00925696 _____ (Farbar) C:\Users\X2ALMASEE\Downloads\ListParts.exe
2014-07-14 10:39 - 2014-07-14 10:39 - 00005570 _____ () C:\Users\X2ALMASEE\Downloads\Result.txt
2014-07-14 10:09 - 2014-07-14 10:09 - 00001948 _____ () C:\Users\X2ALMASEE\Downloads\~ESETUninstaller.log
2014-07-14 10:08 - 2014-07-14 10:08 - 00663552 _____ (ESET) C:\Users\X2ALMASEE\Downloads\ESETUninstaller.exe
2014-07-14 10:00 - 2014-07-14 10:00 - 00146816 _____ () C:\Windows\Minidump\071414-38859-01.dmp
2014-07-14 10:00 - 2014-07-11 13:03 - 238953228 _____ () C:\Windows\MEMORY.DMP
2014-07-14 10:00 - 2014-07-11 13:03 - 00000000 ____D () C:\Windows\Minidump
2014-07-14 09:38 - 2014-07-14 09:38 - 00146816 _____ () C:\Windows\Minidump\071414-39936-01.dmp
2014-07-13 11:50 - 2014-07-07 15:50 - 00000000 ____D () C:\Users\X2ALMASEE
2014-07-13 11:43 - 2014-07-13 11:43 - 00000147 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-07-13 11:27 - 2009-07-13 22:37 - 00000000 __RHD () C:\Users\Default
2014-07-13 11:22 - 2014-07-14 16:04 - 00161520 _____ () C:\Users\X2ALMASEE\Documents\GDIPFONTCACHEV1.DAT
2014-07-13 11:22 - 2014-07-07 19:50 - 00161520 _____ () C:\Users\X2ALMASEE\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-13 11:14 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-07-13 11:00 - 2009-07-14 00:33 - 00533904 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-13 10:55 - 2009-07-13 22:37 - 00000000 ____D () C:\Program Files\Common Files\System
2014-07-13 10:30 - 2014-05-07 06:53 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-11 13:03 - 2014-07-11 13:03 - 00146816 _____ () C:\Windows\Minidump\071114-35771-01.dmp
2014-07-09 09:04 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\Registration
2014-07-09 08:40 - 2009-07-14 00:52 - 00000000 ____D () C:\Program Files\Windows Defender
2014-07-09 08:37 - 2014-07-09 08:37 - 00000000 ____D () C:\Program Files\Cisco Systems
2014-07-08 12:25 - 2014-07-08 12:25 - 00161520 _____ () C:\Users\DOCARTER\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-08 12:25 - 2014-07-08 12:25 - 00001421 _____ () C:\Users\DOCARTER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-08 12:25 - 2014-07-08 12:25 - 00000020 ___SH () C:\Users\DOCARTER\ntuser.ini
2014-07-08 10:54 - 2014-06-24 18:58 - 00000412 __RSH () C:\ProgramData\ntuser.pol
2014-07-07 20:37 - 2014-07-07 20:37 - 00000000 __RSH () C:\MSDOS.SYS
2014-07-07 20:37 - 2014-07-07 20:37 - 00000000 __RSH () C:\IO.SYS
2014-07-07 19:50 - 2014-07-07 19:50 - 00001421 _____ () C:\Users\X2ALMASEE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-07 19:49 - 2014-07-07 19:49 - 00000000 ____D () C:\Program Files\Intel
2014-07-07 19:48 - 2014-07-07 19:48 - 00000020 ___SH () C:\Users\X2ALMASEE\ntuser.ini
2014-07-07 19:48 - 2009-07-14 00:52 - 00000000 ____D () C:\Windows\system32\restore
2014-07-07 19:47 - 2013-06-19 07:24 - 00000000 __SHD () C:\Recovery
2014-07-07 19:47 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\Recovery
2014-07-07 19:44 - 2013-06-19 11:03 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-07-07 19:44 - 2009-07-14 00:57 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-07-07 19:44 - 2009-07-14 00:52 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-07-07 19:43 - 2014-07-07 19:43 - 00262144 _____ () C:\Windows\system32\config\userdiff
2014-07-07 16:40 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\rescache
2014-07-07 16:33 - 2014-07-07 14:46 - 00006060 _____ () C:\Windows\comsetup.log
2014-07-07 16:29 - 2014-07-07 16:29 - 00021316 _____ () C:\Windows\system32\emptyregdb.dat
2014-07-07 16:29 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-07-07 16:28 - 2009-07-13 22:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-07-07 16:23 - 2009-07-14 00:34 - 00005157 _____ () C:\Windows\DtcInstall.log
2014-07-07 16:22 - 2014-07-07 16:22 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-07-07 16:22 - 2009-07-13 22:37 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-07-07 16:22 - 2009-07-13 22:37 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-07 16:19 - 2014-07-04 16:09 - 00000000 ____D () C:\Users\X2ALMASEE\SysinternalsSuite
2014-07-07 16:19 - 2014-07-04 15:36 - 00000000 ____D () C:\Users\X2ALMASEE\Downloads\ProcessExplorer
2014-07-07 16:19 - 2014-06-23 17:10 - 00000000 ____D () C:\Users\X2ALMASEE\Downloads\checksum
2014-07-07 16:19 - 2014-06-22 18:20 - 00000000 ____D () C:\Users\X2ALMASEE\Downloads\telnetEnable
2014-07-07 16:19 - 2014-06-22 08:54 - 00000000 ____D () C:\Users\X2ALMASEE\Downloads\AccessChk
2014-07-07 16:19 - 2014-06-22 08:53 - 00000000 ____D () C:\Users\X2ALMASEE\Documents\DiskView
2014-07-07 16:19 - 2014-06-18 18:29 - 00000000 ___SD () C:\Users\X2ALMASEE\Documents\My Shapes
2014-07-07 16:19 - 2014-06-11 19:52 - 00000000 ____D () C:\Users\X2ALMASEE\Downloads\TCPView
2014-07-07 16:19 - 2014-06-11 12:35 - 00000000 ____D () C:\Users\X2ALMASEE\Downloads\RootkitRevealer
2014-07-07 16:19 - 2014-06-06 20:21 - 00000000 ____D () C:\Users\X2ALMASEE\Downloads\WNDR3400v2_V1.0.0.38_1.0.61
2014-07-07 16:19 - 2014-04-23 08:24 - 00000000 ____D () C:\Users\X2ALMASEE\Documents\Arduino
2014-07-07 16:19 - 2014-02-27 19:39 - 00000000 ____D () C:\Users\X2ALMASEE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
2014-07-07 16:19 - 2014-02-27 19:06 - 00000000 ____D () C:\Users\X2ALMASEE\Documents\Inventor
2014-07-07 16:19 - 2014-02-27 19:03 - 00000000 ____D () C:\Users\X2ALMASEE\Documents\Autodesk
2014-07-07 16:19 - 2014-02-27 18:22 - 00000000 ____D () C:\Users\X2ALMASEE\Documents\Inventor Server SDK ACAD 2014
2014-07-07 16:19 - 2014-02-27 18:19 - 00000000 ____D () C:\Users\X2ALMASEE\AppData\Local\Autodesk
2014-07-07 16:19 - 2014-01-30 09:24 - 00000000 ____D () C:\Users\X2ALMASEE\Documents\OneNote Notebooks
2014-07-07 16:19 - 2014-01-29 09:37 - 00000000 ____D () C:\Users\X2ALMASEE\Documents\Outlook Files
2014-07-07 16:18 - 2014-04-19 11:24 - 00000000 ____D () C:\Users\DOCARTER\Documents\Arduino
2014-07-07 16:18 - 2014-04-19 11:24 - 00000000 ____D () C:\Users\DOCARTER\AppData\Roaming\Arduino
2014-07-07 16:18 - 2014-04-18 14:11 - 00000000 ____D () C:\Users\DOCARTER\Documents\Inventor
2014-07-07 16:18 - 2014-03-30 12:46 - 00000000 ____D () C:\Users\DOCARTER\Documents\OneNote Notebooks
2014-07-07 16:18 - 2014-03-05 21:28 - 00000000 ____D () C:\Users\DOCARTER\AppData\Roaming\Autodesk
2014-07-07 16:18 - 2014-03-05 21:28 - 00000000 ____D () C:\Users\DOCARTER\AppData\Local\Autodesk
2014-07-07 16:18 - 2014-01-30 17:43 - 00000000 ____D () C:\Users\DOCARTER\AppData\Roaming\Malwarebytes
2014-07-07 16:18 - 2014-01-30 15:55 - 00000000 ____D () C:\Users\DOCARTER\Documents\Outlook Files
2014-07-07 16:18 - 2014-01-30 15:52 - 00000000 ____D () C:\Users\DOCARTER\AppData\Roaming\Google
2014-07-07 16:18 - 2014-01-30 15:51 - 00000000 ____D () C:\Users\DOCARTER\AppData\Roaming\Macromedia
2014-07-07 16:18 - 2014-01-30 15:47 - 00000000 ____D () C:\Users\DOCARTER\AppData\Roaming\Wave Systems Corp
2014-07-07 16:18 - 2014-01-30 15:46 - 00000000 ____D () C:\Users\DOCARTER\AppData\Roaming\Adobe
2014-07-07 16:00 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\zh-TW
2014-07-07 16:00 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-07-07 16:00 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\zh-CN
2014-07-07 16:00 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-07-07 16:00 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\sv-SE
2014-07-07 15:59 - 2014-06-22 11:09 - 00000000 ____D () C:\Windows\pss
2014-07-07 15:59 - 2014-01-14 13:14 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-07-07 15:59 - 2014-01-10 18:42 - 00000000 ____D () C:\Windows\system32\Macromed
2014-07-07 15:59 - 2014-01-10 18:19 - 00000000 ____D () C:\Windows\system32\BioAPIFFDB
2014-07-07 15:59 - 2014-01-10 08:10 - 00000000 ____D () C:\Windows\system32\Lang
2014-07-07 15:59 - 2011-04-11 22:24 - 00000000 ____D () C:\Windows\ShellNew
2014-07-07 15:59 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\ru-RU
2014-07-07 15:59 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\pt-PT
2014-07-07 15:59 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\pt-BR
2014-07-07 15:59 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\pl-PL
2014-07-07 15:59 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\nl-NL
2014-07-07 15:59 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-07 15:59 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\nb-NO
2014-07-07 15:59 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\ko-KR
2014-07-07 15:59 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\ja-JP
2014-07-07 15:59 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\it-IT
2014-07-07 15:59 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\hu-HU
2014-07-07 15:59 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\fr-FR
2014-07-07 15:59 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\fi-FI
2014-07-07 15:59 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\el-GR
2014-07-07 15:59 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-07-07 15:59 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system
2014-07-07 15:57 - 2014-02-27 18:15 - 00000000 ____D () C:\Users\Public\Documents\Autodesk
2014-07-07 15:56 - 2014-07-06 14:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAMT 2.0
2014-07-07 15:56 - 2014-07-06 14:14 - 00000000 ____D () C:\Program Files\VAMT 2.0
2014-07-07 15:56 - 2014-07-04 15:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2014-07-07 15:56 - 2014-07-04 15:16 - 00000000 ____D () C:\Program Files\WinPcap
2014-07-07 15:56 - 2014-07-04 15:15 - 00000000 ____D () C:\Program Files\Wireshark
2014-07-07 15:56 - 2014-06-22 09:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-07 15:56 - 2014-06-22 09:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-07 15:56 - 2014-06-12 20:53 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-07 15:56 - 2014-02-27 19:51 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-07-07 15:56 - 2014-02-27 19:33 - 00000000 ____D () C:\Program Files\Microsoft WSE
2014-07-07 15:56 - 2014-02-27 18:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2014-07-07 15:56 - 2014-02-27 18:03 - 00000000 ____D () C:\ProgramData\Autodesk
2014-07-07 15:56 - 2014-01-22 11:05 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-07-07 15:56 - 2014-01-10 13:43 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-07-07 15:56 - 2014-01-10 10:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2014-07-07 15:56 - 2014-01-10 10:53 - 00000000 ____D () C:\Program Files\Seagate
2014-07-07 15:56 - 2014-01-10 08:27 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-07-07 15:56 - 2009-07-13 22:37 - 00000000 ___RD () C:\Users\Public
2014-07-07 15:55 - 2014-06-22 09:11 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-07-07 15:55 - 2014-02-27 18:20 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2014-07-07 15:55 - 2014-02-27 18:07 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2014-07-07 15:55 - 2014-01-29 09:28 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-07-07 15:55 - 2014-01-10 18:19 - 00000000 ____D () C:\Program Files\Fingerprint Sensor
2014-07-07 15:55 - 2014-01-10 18:14 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-07-07 15:55 - 2014-01-10 13:43 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-07-07 15:55 - 2014-01-10 10:49 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2014-07-07 15:55 - 2009-07-13 22:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-07-07 15:54 - 2014-02-27 18:08 - 00000000 ____D () C:\Program Files\Autodesk
2014-07-07 15:50 - 2009-07-14 00:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-07 15:50 - 2009-07-13 22:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-07 15:49 - 2014-07-07 15:46 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-07-07 15:46 - 2011-04-11 22:24 - 00000000 ____D () C:\Windows\CSC
2014-07-07 15:08 - 2013-06-19 10:07 - 01511759 _____ () C:\Windows\WindowsUpdate (1).log
2014-07-07 14:36 - 2014-07-07 14:30 - 00001890 _____ () C:\Windows\diagwrn.xml
2014-07-07 14:36 - 2014-07-07 14:30 - 00001890 _____ () C:\Windows\diagerr.xml
2014-07-07 14:32 - 2014-07-07 14:32 - 00002650 _____ () C:\Users\X2ALMASEE\Desktop\Windows Compatibility Report.htm
2014-07-07 09:44 - 2014-07-07 09:44 - 00000000 ____D () C:\Users\DOCARTER\AppData\Local\VirtualStore
2014-07-06 14:47 - 2014-07-06 14:47 - 00000000 ____D () C:\Users\X2ALMASEE\AppData\Local\VirtualStore
2014-07-06 14:17 - 2014-07-06 14:17 - 00604992 _____ (Microsoft Corporation) C:\Users\X2ALMASEE\Downloads\WMIDiag.exe
2014-07-06 14:15 - 2014-07-06 14:15 - 00000000 ____D () C:\Users\X2ALMASEE\Documents\VAMT2
2014-07-06 14:13 - 2014-07-06 14:13 - 04984832 _____ () C:\Users\X2ALMASEE\Downloads\vamtMMC.msi
2014-07-04 20:00 - 2014-07-04 20:00 - 00000000 _____ () C:\Windows\system32\LWPMGZA
2014-07-04 19:23 - 2014-07-04 19:23 - 00025992 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\pgdfgsvc.exe
2014-07-04 16:07 - 2014-07-04 16:07 - 13395687 _____ () C:\Users\X2ALMASEE\Downloads\SysinternalsSuite.zip
2014-07-04 15:36 - 2014-07-04 15:36 - 01243655 _____ () C:\Users\X2ALMASEE\Downloads\ProcessExplorer (1).zip
2014-06-29 21:40 - 2014-07-11 10:21 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-29 21:36 - 2014-07-11 10:21 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-29 13:16 - 2014-06-29 13:16 - 00080756 _____ () C:\Users\X2ALMASEE\Downloads\telnetEnable.zip
2014-06-28 20:49 - 2014-06-28 20:46 - 101862111 _____ () C:\Windows\system32\LX
2014-06-28 18:59 - 2014-01-23 13:03 - 00000000 ____D () C:\Conde
2014-06-27 10:32 - 2014-06-27 10:32 - 01238357 _____ () C:\Users\X2ALMASEE\Downloads\D830_A17.exe
2014-06-26 17:38 - 2014-07-14 15:01 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-26 17:26 - 2014-07-06 14:00 - 00103969 _____ () C:\Users\X2ALMASEE\Documents\setupact.log
2014-06-25 16:44 - 2014-06-27 10:49 - 00000656 _____ () C:\Users\X2ALMASEE\Documents\JRT.txt
2014-06-25 16:31 - 2014-06-25 16:31 - 00001254 _____ () C:\Users\X2ALMASEE\Documents\VirusRemoveInstructions.txt
2014-06-25 13:41 - 2014-06-25 14:07 - 00000000 _____ () C:\Users\X2ALMASEE\Documents\WavXMapDrive.bat
2014-06-24 19:12 - 2014-06-24 19:12 - 01697368 _____ () C:\Users\X2ALMASEE\Downloads\setup-network-utilities.exe
2014-06-24 18:19 - 2014-06-24 18:19 - 00000000 _____ () C:\Windows\system32\WXS
2014-06-22 17:04 - 2014-06-22 17:04 - 01243655 _____ () C:\Users\X2ALMASEE\Downloads\ProcessExplorer.zip
2014-06-22 09:12 - 2014-06-22 09:12 - 00001076 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-22 08:54 - 2014-06-22 08:54 - 00136200 _____ () C:\Users\X2ALMASEE\Downloads\AccessChk.zip

Some content of TEMP:
====================
C:\Users\X2ALMASEE\AppData\Local\Temp\ADInsightDll.dll
C:\Users\X2ALMASEE\AppData\Local\Temp\csvrelay32.dll
C:\Users\X2ALMASEE\AppData\Local\Temp\csvrelay64.dll
C:\Users\X2ALMASEE\AppData\Local\Temp\DelayInst.exe
C:\Users\X2ALMASEE\AppData\Local\Temp\DNXPG.exe
C:\Users\X2ALMASEE\AppData\Local\Temp\installservice.exe
C:\Users\X2ALMASEE\AppData\Local\Temp\vpnclient_setup.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=C:
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {current}
resumeobject            {77039670-d8f1-11e2-baec-a2a2aadfd7d0}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {77039674-d8f1-11e2-baec-a2a2aadfd7d0}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {77039670-d8f1-11e2-baec-a2a2aadfd7d0}
nx                      OptIn

Windows Boot Loader
-------------------
identifier              {77039674-d8f1-11e2-baec-a2a2aadfd7d0}
device                  ramdisk=[C:]\Recovery\77039674-d8f1-11e2-baec-a2a2aadfd7d0\Winre.wim,{77039675-d8f1-11e2-baec-a2a2aadfd7d0}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\77039674-d8f1-11e2-baec-a2a2aadfd7d0\Winre.wim,{77039675-d8f1-11e2-baec-a2a2aadfd7d0}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Resume from Hibernate
---------------------
identifier              {77039670-d8f1-11e2-baec-a2a2aadfd7d0}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
pae                     Yes
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=C:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 Yes

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {77039675-d8f1-11e2-baec-a2a2aadfd7d0}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\77039674-d8f1-11e2-baec-a2a2aadfd7d0\boot.sdi

 

LastRegBack: 2014-07-07 17:08

==================== End Of Log ============================

 

 

addition.txt

Additional scan result of Farbar Recovery Scan Tool (x86) Version:21-07-2014
Ran by X2ALMASEE at 2014-07-21 08:27:44
Running from C:\Users\X2ALMASEE\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
AuthenTec Fingerprint Sensor Minimum Install (Version: 7.9.0.0 - AuthenTec) Hidden
AutoCAD 2014 - English (Version: 19.1.108.1 - Autodesk) Hidden
AutoCAD 2014 - English (Version: 19.1.42.0 - Autodesk) Hidden
AutoCAD 2014 Language Pack - English (Version: 19.1.42.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.6.12.800 - Autodesk)
Autodesk App Manager (HKLM\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
Autodesk AutoCAD 2014 - English (HKLM\...\AutoCAD 2014 - English) (Version: 19.1.42.0 - Autodesk)
Autodesk AutoCAD 2014 - English SP1 (HKLM\...\AutoCAD 2014 - English SP1) (Version: 1 - Autodesk)
Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service (Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (Version: 3.1.3.0 - Autodesk) Hidden
Autodesk DWG TrueView 2014 (HKLM\...\DWG TrueView 2014) (Version: 19.1.18.0 - Autodesk)
Autodesk Featured Apps (HKLM\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk)
Autodesk Inventor Content Center Libraries 2014 (Desktop Content) (HKLM\...\{B46DECD1-1832-4EF1-0000-22D71E81877C}) (Version: 18.0.17000.0000 - Autodesk)
Autodesk Inventor Professional 2014 - English (HKLM\...\Autodesk Inventor Professional 2014) (Version: 18.0.17000.0000 - Autodesk)
Autodesk Inventor Professional 2014 (Version: 18.0.17000.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2014 English Language Pack (Version: 18.0.17000.0000 - Autodesk) Hidden
Autodesk Material Library 2014 (HKLM\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2014 (HKLM\...\{5C29CC1F-218F-4C30-948A-11066CAC59FB}) (Version: 4.0.19.0 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.27 - Autodesk)
Autodesk ReCap (Version: 1.0.43.27 - Autodesk) Hidden
Autodesk ReCap Language Pack-English (Version: 1.0.43.27 - Autodesk) Hidden
Autodesk Vault Basic 2014 (Client) (HKLM\...\Autodesk Vault Basic 2014 (Client)) (Version: 18.0.86.0 - Autodesk)
Autodesk Vault Basic 2014 (Client) (Version: 18.0.86.0 - Autodesk) Hidden
Autodesk Vault Basic 2014 (Client) English Language Pack (Version: 18.0.86.0 - Autodesk) Hidden
biolsp patch (Version: 01.00.02.0005 - Wave Systems Corp) Hidden
Broadcom Gigabit Integrated Controller (HKLM\...\{B7F54262-AB66-44B3-88BF-9FC69941B643}) (Version: 8.22.11 - Broadcom Corporation)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}) (Version: 5.0.6 - Cisco Systems, Inc.)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{2BC398D2-11C8-43B1-AB84-675D33EB28C2}) (Version:  - Microsoft)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{2BC398D2-11C8-43B1-AB84-675D33EB28C2}) (Version:  - Microsoft)
Document Manager Lite (Version: 06.09.00.082 - Wave Systems Corp.) Hidden
DWG TrueView 2014 (Version: 19.1.18.0 - Autodesk) Hidden
Eco Materials Adviser for Autodesk Inventor 2014 (32-bit) (HKLM\...\{E0A2A99A-D618-4F24-9730-464893DC27AC}) (Version: 4.4.1.0 - Granta Design Limited)
EMBASSY Security Center (Version: 03.09.00.054 - Wave Systems Corp) Hidden
EMBASSY Security Setup (Version: 03.09.00.062 - Wave Systems Corp) Hidden
ESC Home Page Plugin (Version: 03.04.00.022 - Wave Systems Corp) Hidden
Gemalto (Version: 01.01.00.0000 - Wave Systems Corp) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Intel® TV Wizard (HKLM\...\TVWiz) (Version:  - Intel Corporation)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{4903D172-DCCB-392F-93A3-34CA9D47FE3D}) (Version:  - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Access MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Visio MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Visio Professional 2013 (HKLM\...\Office15.VISPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visio Professional 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x86) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x86) English (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729 (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729 (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729 (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729 (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Word MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NTRU TCG Software Stack (Version: 2.1.29 - NTRU Cryptosystems) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Preboot Manager (Version: 02.09.00.022 - Wave Systems Corp.) Hidden
Private Information Manager (Version: 06.04.00.042 - Wave Systems Corp.) Hidden
SeaTools for Windows (HKLM\...\SeaTools for Windows) (Version:  - Seagate Technology)
Secure Update (Version: 05.07.00.014 - Your Company Name) Hidden
Security Wizards (Version: 01.07.00.014 - Your Company Name) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (Version:  - Microsoft) Hidden
Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002) (HKLM\...\{09959E11-AD5D-408E-96AF-E3346954D6B8}) (Version: 1.0.0 - Microsoft)
Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002) (HKLM\...\{64F3B15C-24C7-4B2B-9B72-65CCBBD7F06B}) (Version: 1.0.0 - Microsoft)
SketchUp Import for AutoCAD 2014 (HKLM\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
Start Menu Cleanup (Version: 01.01.00.003 - Wave Systems Corp) Hidden
Trusted Drive Manager (Version: 2.6.1.56 - Wave Systems Corp.) Hidden
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 32-Bit Edition (HKLM\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{122B0E69-64AF-41BE-B3F6-D387A7E7E687}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 32-Bit Edition (HKLM\...\{90150000-0018-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{122B0E69-64AF-41BE-B3F6-D387A7E7E687}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 32-Bit Edition (HKLM\...\{90150000-001B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{122B0E69-64AF-41BE-B3F6-D387A7E7E687}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 32-Bit Edition (HKLM\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{AC57CF13-C24E-4C00-969F-5394DAE589C5}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 32-Bit Edition (HKLM\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{A4EACEBA-1944-45DB-B547-8967AA7926B9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B7EA8070-C37F-4617-82F4-52CF3304595A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 32-Bit Edition (HKLM\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{B7EA8070-C37F-4617-82F4-52CF3304595A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{9BC5FF1D-9626-44D7-BC7F-EB44BD8BDB9F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2878313) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1FB43AFB-8112-41B9-B9A6-A43474F46123}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2878313) 32-Bit Edition (HKLM\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{1FB43AFB-8112-41B9-B9A6-A43474F46123}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D27F6360-AE1E-4C8C-8ECD-C0375E20B923}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 32-Bit Edition (HKLM\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{D27F6360-AE1E-4C8C-8ECD-C0375E20B923}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.VISPROR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{06EF2BF7-7351-4D70-A0D5-588FCCF9808D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 32-Bit Edition (HKLM\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{06EF2BF7-7351-4D70-A0D5-588FCCF9808D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7C5CEE0F-6823-4BB7-A28F-76FEC14EB6AC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition (HKLM\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{7C5CEE0F-6823-4BB7-A28F-76FEC14EB6AC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880987) 32-Bit Edition (HKLM\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{07017577-FBD6-45E2-A796-659E8F428057}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880987) 32-Bit Edition (HKLM\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.VISPROR_{07017577-FBD6-45E2-A796-659E8F428057}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM\...\{90150000-0090-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 32-Bit Edition (HKLM\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{56962EB1-4DD3-48BB-934B-EA4C4516D89A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 32-Bit Edition (HKLM\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.VISPROR_{56962EB1-4DD3-48BB-934B-EA4C4516D89A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 32-Bit Edition (HKLM\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUSR_{63AED158-0508-4738-A811-840B2053EF3B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 32-Bit Edition (HKLM\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.VISPROR_{63AED158-0508-4738-A811-840B2053EF3B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 32-Bit Edition (HKLM\...\{90150000-001F-0C0A-0000-0000000FF1CE}_Office15.PROPLUSR_{23073850-B916-414F-9204-AB0512524A6A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 32-Bit Edition (HKLM\...\{90150000-001F-0C0A-0000-0000000FF1CE}_Office15.VISPROR_{23073850-B916-414F-9204-AB0512524A6A}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 32-Bit Edition (HKLM\...\{90150000-00BA-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{FC6618D2-F75D-4FDD-B396-E4B0C0D757B6}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 32-Bit Edition (HKLM\...\{90150000-00A1-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{CA0F0611-10FB-47D4-A642-E3BABCC73393}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM\...\{90150000-001A-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881075) 32-Bit Edition (HKLM\...\{90150000-0018-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{15033648-0DAB-4BE8-B84B-D1139BD0563F}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 32-Bit Edition (HKLM\...\{90150000-0019-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{7500AD77-83C6-400B-8B2F-F8E401A7B697}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2878322) 32-Bit Edition (HKLM\...\{90150000-0054-0409-0000-0000000FF1CE}_Office15.VISPROR_{99298FA5-31E3-4F40-A6AF-021459F6F37D}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2878322) 32-Bit Edition (HKLM\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{99298FA5-31E3-4F40-A6AF-021459F6F37D}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.VISPROR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7CD05CC-CA85-428C-91FD-74A908D126E1}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 32-Bit Edition (HKLM\...\{90150000-001A-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{2C43B8B8-09A1-4D09-B4B9-B247A7348D75}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 32-Bit Edition (HKLM\...\{90150000-001B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{2C43B8B8-09A1-4D09-B4B9-B247A7348D75}) (Version:  - Microsoft)
upekmsi (Version: 03.00.00.0000 - Wave Systems Corp) Hidden
VBA (2627.01) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Volume Activation Management Tool 2.0 (HKLM\...\{EE010C18-9A1A-4F0E-B46E-884CA113232E}) (Version: 2.0.67.0 - Microsoft Corporation)
Wave Infrastructure Installer (Version: 06.01.52.0025 - Wave Systems Corp) Hidden
Wave Support Software (Version: 05.10.00.030 - Wave Systems Corp) Hidden

==================== Restore Points  =========================

11-07-2014 17:17:00 Windows Update
13-07-2014 14:11:56 Windows Update
13-07-2014 14:23:53 Windows Update
14-07-2014 16:51:19 Installed Broadcom Gigabit Integrated Controller
14-07-2014 18:48:00 Windows Update
14-07-2014 19:26:49 Windows Update
14-07-2014 19:43:13 Windows Modules Installer
14-07-2014 19:43:47 Windows Modules Installer
14-07-2014 20:07:59 Windows Modules Installer
14-07-2014 20:08:43 Windows Modules Installer
14-07-2014 20:55:07 Windows Modules Installer
14-07-2014 20:56:01 Windows Modules Installer
15-07-2014 07:00:38 Windows Update
16-07-2014 10:51:11 Windows Update
16-07-2014 12:25:25 Windows Update
16-07-2014 13:40:07 Removed Cisco Systems VPN Client 5.0.07.0290
16-07-2014 13:46:15 Installed Cisco Systems VPN Client 5.0.07.0290
16-07-2014 14:03:29 Removed Cisco Systems VPN Client 5.0.07.0290
16-07-2014 14:06:23 Removed Cisco Systems VPN Client 5.0.07.0290
16-07-2014 14:07:35 Removed Cisco Systems VPN Client 5.0.07.0290
16-07-2014 14:08:54 Removed Cisco Systems VPN Client 5.0.07.0290
16-07-2014 14:11:50 Removed Cisco Systems VPN Client 5.0.07.0290
16-07-2014 14:16:40 Windows Update
16-07-2014 15:13:31 Installed Cisco Systems VPN Client 5.0.07.0290
17-07-2014 14:06:49 Windows Update
17-07-2014 14:58:27 Windows Update
21-07-2014 11:55:27 Windows Update

==================== Hosts content: ==========================

2009-07-13 22:04 - 2009-06-10 17:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {2375F586-1009-41FB-B54E-30D8AF2B781D} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => C:\Program Files\Windows Media Player\wmpnscfg.exe
Task: {3F6A04A3-538F-420A-BB2F-67A79C518057} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe
Task: {5086A350-AF21-4197-ADA3-0D7C5FA39608} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-14] (Google Inc.)
Task: {67D2C9D1-AFD8-415A-B374-02F46796D300} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {6CD5C8FF-FC75-4231-B768-4875B6098F13} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-14] (Google Inc.)
Task: {71C03CDD-10CF-4B1C-9F90-8BFDCE0BD839} - System32\Tasks\Microsoft Office 15 Sync Maintenance for WISHFULL-X2ALMASEE WISHFULL => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-04-08] (Microsoft Corporation)
Task: {A0923972-887D-488A-9248-590F54863496} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {D324C575-D927-4C3D-8327-4F0AA28A2B31} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-14] (Adobe Systems Incorporated)
Task: {DDB944F1-3DB3-464C-9FE8-95BBCF9E96CF} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

==================== EXE Association (whitelisted) =============

==================== MSCONFIG/TASK MANAGER disabled items =========

==================== Faulty Device Manager Devices =============

Name: Cisco Systems VPN Adapter
Description: Cisco Systems VPN Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: UMBus Root Bus Enumerator
Description: UMBus Root Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Could not start eventlog service, could not read events.

The Windows Event Log service is starting.
The Windows Event Log service could not be started.

A system error has occurred.

The system cannot find message text for message number 0x1069 in the message file for (null).

More help is available by typing NET HELPMSG 4201.

==================== Memory info ===========================

Percentage of memory in use: 67%
Total physical RAM: 2037.97 MB
Available physical RAM: 662.88 MB
Total Pagefile: 4075.94 MB
Available Pagefile: 2629.79 MB
Total Virtual: 2047.88 MB
Available Virtual: 1883.74 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.51 GB) (Free:863.66 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 4A6EDFDE)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#4 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,070 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:09:29 PM

Posted 22 July 2014 - 01:00 PM

Hi X2djcart,
 
Why do you think you have a virus on all computers?
 
Running a Malwarebytes scan:

  • Double-click on the Malwarebytes icon on your desktop
  • The program will open and click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

--------------
 
This scan can take a long time, so it is best done overnight or when you do not need the computer
 
I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

--------------
 
To recap, in your next reply I would like to see the following. Make sure to copy & paste them unless I ask otherwise:

  • Malwarebytes log
  • ESET log

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#5 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,070 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:09:29 PM

Posted 25 July 2014 - 09:15 AM

Hi X2djcart,
 
This is a 3 day bump:
 
It has been 3 days since my last post.

  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#6 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,070 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:09:29 PM

Posted 27 July 2014 - 10:00 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users