Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Com Surrogate Virus creating copies of dllhost process


  • This topic is locked This topic is locked
6 replies to this topic

#1 CDST

CDST

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:55 AM

Posted 14 September 2014 - 03:08 PM

Hi,

 

I'm having the same problem as a lot of previous posters, where a virus consistently (every 5ish minutes) creates new dllhost processes that hog CPU and RAM. 

 

I'd greatly appreciate if someone has a chance to look at this. Thank you so much for your time!

 

DDS log below, and attach file attached:

 

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 8.0.7601.17514
Run by Owner at 21:14:40 on 2014-09-13
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.3317.1837 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Program Files\IDT\WDM\STacSV.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
C:\Program Files\IDT\WDM\aestsrv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe
c:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files\Intel\Services\IPT\jhi_service.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
C:\Windows\system32\DRIVERS\o2flash.exe
c:\Windows\system32\srvany.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SDIOAssist.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Common Files\SPBA\upeksvr.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\Owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\ooVoo\ooVoo.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Windows\system32\dllhost.exe
C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
.
============== Pseudo HJT Report ===============
.
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - c:\program files\microsoft office 15\root\office15\OCHelper.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office 15\root\office15\URLREDIR.DLL
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - c:\program files\microsoft office 15\root\office15\GROOVEEX.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRun: [Spotify Web Helper] "c:\users\owner\appdata\roaming\spotify\data\SpotifyWebHelper.exe"
uRun: [ooVoo.exe] c:\program files\oovoo\oovoo.exe /minimized
uRun: [RESTART_STICKY_NOTES] c:\windows\system32\StikyNot.exe
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10m_ActiveX.exe -update activex
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [FreeFallProtection] c:\program files\stmicroelectronics\accelerometerp11\FF_Protection.exe
mRun: [IMSS] "c:\program files\intel\intel® management engine components\imss\PIconStartup.exe"
mRun: [IntelPROSet] "c:\program files\common files\intel\wirelesscommon\iFrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [Dell Webcam Central] "c:\program files\dell webcam\dell webcam central\WebcamDell2.exe" /mode2
mRun: [RemoteControl9] "c:\program files\cyberlink\powerdvd9\PDVD9Serv.exe"
mRun: [PDVD9LanguageShortcut] "c:\program files\cyberlink\powerdvd9\language\Language.exe"
mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\oem\12.0\sharedcom\RoxWatchTray12OEM.exe"
mRun: [Desktop Disc Tool] "c:\program files\roxio\oem\roxio burn\RoxioBurnLauncher.exe"
mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\dellsy~1.lnk - c:\program files\dell\dell system manager\DCPSysMgr.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: DisableCAD = dword:1
IE: E&xport to Microsoft Excel - c:\program files\microsoft office 15\root\office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\microsoft office 15\root\office15\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office 15\root\office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - c:\program files\microsoft office 15\root\office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office 15\root\office15\ONBttnIELinkedNotes.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{E9796CAC-0866-44C7-94FC-841196906F9A} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{E9796CAC-0866-44C7-94FC-841196906F9A}\35B697E65647 : DHCPNameServer = 192.168.0.1
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - c:\program files\microsoft office 15\root\office15\MSOSB.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
Notify: spba - c:\program files\common files\spba\homefus2.dll
AppInit_DLLs= c:\windows\system32\nvinit.dll
SSODL: WebCheck - <orphaned>
LSA: Authentication Packages =  msv1_0 wvauth
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\37.0.2062.120\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2014-9-13 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2014-9-13 192352]
R0 nvpciflt;nvpciflt;c:\windows\system32\drivers\nvpciflt.sys [2011-5-18 20328]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\drivers\stdcfltn.sys [2011-5-18 17648]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-9-13 779536]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2014-9-13 414520]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165648]
R2 AESTFilters;Andrea ST Filters Service;c:\program files\idt\wdm\AEstSrv.exe [2011-5-18 81920]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-9-13 24184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-9-13 67824]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-9-13 71944]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2014-9-13 50344]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;c:\program files\microsoft office 15\clientx86\officeclicktorun.exe [2014-8-29 1626800]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\broadcom corporation\broadcom ush host components\cv\bin\HostControlService.exe [2010-10-25 826272]
R2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\broadcom corporation\broadcom ush host components\cv\bin\HostStorageService.exe [2010-10-25 32160]
R2 dcpsysmgrsvc;Dell System Manager Service;c:\program files\dell\dell system manager\DCPSysMgrSvc.exe [2011-1-20 388464]
R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe -k HsfXAudioService [2009-7-13 20992]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IPROSetMonitor.exe [2011-5-18 110752]
R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;c:\program files\intel\services\ipt\jhi_service.exe [2010-11-29 210896]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes anti-malware\mbamscheduler.exe [2014-9-13 1809720]
R2 MBAMService;MBAMService;c:\program files\malwarebytes anti-malware\mbamservice.exe [2014-9-13 860472]
R2 O2SDIOAssist;O2SDIOAssist;c:\windows\system32\srvany.exe [2011-5-18 8192]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2011-2-3 378472]
R2 UNS;Intel® Management and Security Application User Notification Service;c:\program files\intel\intel® management engine components\uns\UNS.exe [2011-5-18 2656280]
R2 ZcfgSvc7;Intel® PROSet/Wireless ZeroConfig Service;c:\program files\intel\wifi\bin\ZCfgSvc7.exe [2010-12-23 577536]
R3 Acceler;Accelerometer Service;c:\windows\system32\drivers\Accelern.sys [2011-5-18 43888]
R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\drivers\btwampfl.sys [2011-5-18 300584]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2011-5-18 33320]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\drivers\CtClsFlt.sys [2011-5-18 144576]
R3 cvusbdrv;Dell ControlVault;c:\windows\system32\drivers\cvusbdrv.sys [2011-5-18 33832]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-9-13 23256]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-9-13 110296]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-9-13 51928]
R3 MEI;Intel® Management Engine Interface;c:\windows\system32\drivers\HECI.sys [2011-5-18 41088]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-10-24 43392]
R3 NETwNs32;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\NETwNs32.sys [2011-5-18 7434240]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
R3 O2MDFRDR;O2MDFRDR;c:\windows\system32\drivers\o2mdfw7.sys [2011-5-18 60904]
R3 O2SDJRDR;O2SDJRDR;c:\windows\system32\drivers\o2sdjw7.sys [2011-5-18 63848]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files\common files\roxio shared\oem\12.0\sharedcom\RoxWatch12OEM.exe [2010-11-25 219632]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 CtAudDrv;Provides advanced audio effects for audio devices.;c:\windows\system32\drivers\CtAudDrv.sys [2011-5-18 134144]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 netvsc;netvsc;c:\windows\system32\drivers\netvsc60.sys [2010-11-20 126464]
S3 O2MDRRDR;O2MDRRDR;c:\windows\system32\drivers\O2MDRw7.sys [2011-5-18 62440]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files\common files\roxio shared\oem\12.0\sharedcom\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 SynthVid;SynthVid;c:\windows\system32\drivers\VMBusVideoM.sys [2010-11-20 19456]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-6-24 1343400]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== Created Last 30 ================
.
2014-09-14 01:01:25 -------- d-----w- C:\FRST
2014-09-14 00:24:36 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-09-14 00:23:27 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-09-14 00:23:27 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-09-14 00:23:27 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-09-14 00:23:26 -------- d-----w- c:\programdata\Malwarebytes
2014-09-14 00:23:26 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-09-14 00:22:53 -------- d-----w- c:\users\owner\appdata\local\Programs
2014-09-13 21:07:33 -------- d-----w- c:\users\owner\appdata\roaming\AVAST Software
2014-09-13 21:06:50 779536 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-09-13 21:06:50 71944 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-09-13 21:06:50 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-09-13 21:06:50 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-09-13 21:06:50 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-09-13 21:06:50 192352 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-09-13 21:06:49 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-09-13 21:06:46 43152 ----a-w- c:\windows\avastSS.scr
2014-09-13 21:04:48 -------- d-----w- c:\program files\AVAST Software
2014-09-13 21:02:29 -------- d-----w- c:\programdata\AVAST Software
2014-09-13 18:42:59 62576 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{56d4eab1-abf0-4531-ab67-958af6077d00}\offreg.dll
2014-09-13 01:10:20 8581864 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{56d4eab1-abf0-4531-ab67-958af6077d00}\mpengine.dll
2014-09-10 16:15:02 2285056 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-09-10 12:44:58 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-09-10 12:44:57 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-09-10 12:44:44 793600 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-09-10 12:44:44 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
2014-09-10 12:44:40 445952 ----a-w- c:\windows\system32\aepdu.dll
2014-09-10 12:44:40 302592 ----a-w- c:\windows\system32\aeinv.dll
2014-09-02 02:02:17 -------- d-----w- c:\users\owner\appdata\local\Irrational Games
2014-09-01 20:20:53 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2014-09-01 20:20:53 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2014-09-01 20:20:49 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2014-09-01 20:20:48 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2014-09-01 20:20:39 -------- d-----w- c:\program files\Microsoft XNA
2014-09-01 20:04:41 -------- d-sh--w- c:\users\owner\appdata\local\EmieUserList
2014-09-01 20:04:41 -------- d-sh--w- c:\users\owner\appdata\local\EmieSiteList
2014-08-31 19:32:52 -------- d-----w- c:\users\owner\appdata\local\Spotify
2014-08-31 19:32:06 -------- d-----w- c:\users\owner\appdata\roaming\Spotify
2014-08-31 16:22:54 -------- d-----w- c:\users\owner\appdata\roaming\ooVoo Details
2014-08-31 16:22:41 -------- d-----w- c:\program files\ooVoo
2014-08-29 20:57:06 590536 ----a-w- c:\programdata\microsoft\clicktorun\{9ac08e99-230b-47e8-9721-4577b7f124ea}\integrator.exe
2014-08-29 20:54:27 -------- d-----w- c:\programdata\regid.1991-06.com.microsoft
2014-08-29 20:47:44 -------- d-----w- c:\program files\Microsoft Office 15
2014-08-28 13:19:54 -------- d-----w- c:\program files\common files\Steam
2014-08-28 13:19:49 -------- d-----w- c:\program files\Steam
2014-08-27 21:53:59 305152 ----a-w- c:\windows\system32\gdi32.dll
2014-08-27 21:53:59 2352640 ----a-w- c:\windows\system32\win32k.sys
2014-08-26 07:02:18 215552 ----a-w- c:\program files\internet explorer\DiagnosticsHub.ScriptedSandboxPlugin.dll
2014-08-25 22:55:39 317440 ----a-w- c:\windows\system32\spoolsv.exe
2014-08-25 22:55:08 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2014-08-25 22:55:08 3419136 ----a-w- c:\windows\system32\d2d1.dll
2014-08-25 22:55:08 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-08-25 13:26:43 1247744 ----a-w- c:\windows\system32\DWrite.dll
2014-08-25 13:17:22 -------- d-s---w- c:\windows\system32\CompatTel
2014-08-25 07:17:43 -------- d-----w- c:\windows\system32\MRT
2014-08-25 06:45:39 -------- d-----w- c:\windows\Migration
2014-08-25 06:24:36 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-08-25 06:24:36 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-08-25 06:24:36 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-08-25 06:24:36 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-08-25 06:24:35 613888 ----a-w- c:\windows\system32\WUDFx.dll
2014-08-25 06:24:35 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-08-25 06:24:35 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2014-08-25 06:23:54 99480 ----a-w- c:\windows\system32\infocardapi.dll
2014-08-25 06:23:51 8856 ----a-w- c:\windows\system32\icardres.dll
2014-08-25 06:23:44 619672 ----a-w- c:\windows\system32\icardagt.exe
2014-08-25 06:23:40 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-08-25 06:23:03 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2014-08-25 06:23:02 5120 ----a-w- c:\windows\system32\wmi.dll
2014-08-25 06:14:42 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2014-08-25 06:14:41 164864 ----a-w- c:\program files\windows media player\wmplayer.exe
2014-08-25 06:08:46 69632 ----a-w- c:\windows\system32\smss.exe
2014-08-25 06:08:46 640512 ----a-w- c:\windows\system32\advapi32.dll
2014-08-25 06:08:46 619520 ----a-w- c:\windows\system32\tdh.dll
2014-08-25 06:08:46 38912 ----a-w- c:\windows\system32\csrsrv.dll
2014-08-25 06:08:46 1289096 ----a-w- c:\windows\system32\ntdll.dll
2014-08-25 06:08:35 231424 ----a-w- c:\windows\system32\mswsock.dll
2014-08-25 06:08:26 49152 ----a-w- c:\windows\system32\taskhost.exe
2014-08-25 02:05:18 530432 ----a-w- c:\windows\system32\comctl32.dll
2014-08-25 02:05:16 55808 ----a-w- c:\windows\system32\drivers\hidclass.sys
2014-08-25 02:05:16 25728 ----a-w- c:\windows\system32\drivers\hidparse.sys
2014-08-25 02:05:14 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2014-08-25 02:05:13 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2014-08-25 02:05:12 175104 ----a-w- c:\windows\system32\wintrust.dll
2014-08-25 02:05:07 168960 ----a-w- c:\windows\system32\credui.dll
2014-08-25 02:05:07 152576 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2014-08-25 02:04:53 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2014-08-25 02:04:40 376832 ----a-w- c:\windows\system32\dpnet.dll
2014-08-25 02:04:37 301568 ----a-w- c:\windows\system32\msieftp.dll
2014-08-25 02:04:22 654336 ----a-w- c:\windows\system32\rpcrt4.dll
2014-08-25 02:04:05 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys
2014-08-25 02:02:54 102608 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-08-25 02:01:59 400896 ----a-w- c:\windows\system32\srcore.dll
2014-08-25 02:00:59 65536 ----a-w- c:\windows\system32\TSpkg.dll
2014-08-25 01:59:53 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2014-08-25 01:58:59 47104 ----a-w- c:\windows\system32\appinfo.dll
2014-08-25 01:46:47 826880 ----a-w- c:\windows\system32\rdpcore.dll
2014-08-25 01:46:47 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2014-08-25 01:43:47 2425856 ----a-w- c:\windows\system32\wucltux.dll
2014-08-25 01:43:43 92672 ----a-w- c:\windows\system32\wudriver.dll
2014-08-25 01:43:34 33792 ----a-w- c:\windows\system32\wuapp.exe
2014-08-25 01:43:34 179656 ----a-w- c:\windows\system32\wuwebv.dll
2014-08-24 19:52:20 -------- d-----w- c:\users\owner\appdata\roaming\Mount&Blade Warband
2014-08-24 19:35:09 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
2014-08-24 19:35:09 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2014-08-24 19:35:09 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2014-08-24 19:34:56 -------- d-----w- c:\program files\Mount&Blade Warband
2014-08-24 19:31:22 740840 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{397edc59-9d6d-40b7-9b1a-99ee5f9c23a3}\gapaengine.dll
2014-08-24 19:24:21 -------- d-----w- c:\users\owner\appdata\local\Google
2014-08-24 19:24:04 -------- d-----w- c:\users\owner\appdata\local\Apps
2014-08-24 19:24:03 -------- d-----w- c:\users\owner\appdata\local\Deployment
2014-08-15 01:15:54 773968 ----a-w- c:\windows\system32\msvcr100.dll
2014-08-15 01:15:54 421200 ----a-w- c:\windows\system32\msvcp100.dll
.
==================== Find3M  ====================
.
2014-07-25 06:35:46 875688 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2014-07-16 02:46:02 2048 ----a-w- c:\windows\system32\tzres.dll
2014-06-18 01:51:32 646144 ----a-w- c:\windows\system32\osk.exe
2014-06-16 01:44:49 730048 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2014-06-16 01:44:49 219072 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2014-06-16 01:40:20 107520 ----a-w- c:\windows\system32\cdd.dll
.
============= FINISH: 21:21:37.14 ===============


BC AdBot (Login to Remove)

 


#2 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:55 AM

Posted 14 September 2014 - 03:52 PM

Hi there,

please run a FRST scan:


Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.


#3 CDST

CDST
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:55 AM

Posted 15 September 2014 - 08:26 PM

Thank you!

 

FRST:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-09-2014
Ran by Owner (administrator) on DELL_LAPTOP on 15-09-2014 21:23:20
Running from C:\Users\Owner\Downloads
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AEstSrv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(Dell Inc.) C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel Corporation) C:\Program Files\Intel\Services\IPT\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
() C:\Windows\System32\srvany.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(O2Micro.) C:\Windows\System32\SDIOAssist.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
(UPEK Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
() C:\Program Files\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Creative Technology Ltd) C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
() C:\Program Files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Spotify Ltd) C:\Users\Owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dell Inc.) C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [488816 2011-01-04] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [536668 2010-12-07] (IDT, Inc.)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2010-12-15] ()
HKLM\...\Run: [IMSS] => C:\Program Files\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [112152 2010-12-03] (Intel Corporation)
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1210640 2010-12-23] (Intel® Corporation)
HKLM\...\Run: [Dell Webcam Central] => C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [462993 2010-03-12] (Creative Technology Ltd)
HKLM\...\Run: [RemoteControl9] => C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM\...\Run: [PDVD9LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-04-29] (CyberLink Corp.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [RoxWatchTray] => C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM\...\Run: [Desktop Disc Tool] => C:\Program Files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM\...\Run: [NVHotkey] => rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [997920 2011-06-15] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-13] (AVAST Software)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
HKU\S-1-5-21-186684007-3129811665-3508793504-1001\...\Run: [Spotify Web Helper] => C:\Users\Owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-08-31] (Spotify Ltd)
HKU\S-1-5-21-186684007-3129811665-3508793504-1001\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!
AppInit_DLLs: C:\Windows\system32\nvinit.dll => C:\Windows\system32\nvinit.dll [192616 2011-02-03] (NVIDIA Corporation)
Lsa: [Authentication Packages] msv1_0 wvauth
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell System Manager.lnk
ShortcutTarget: Dell System Manager.lnk -> C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe (Dell Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software )
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: EnabledUnlockedFDEIconOverlay -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll (Wave Systems Corp.)
ShellIconOverlayIdentifiers: UninitializedFdeIconOverlay -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll (Wave Systems Corp.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/USREL/1
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USREL/1
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - DefaultScope {50C20C0A-6268-4881-BB31-15E7A841CF46} URL = 
SearchScopes: HKCU - {50C20C0A-6268-4881-BB31-15E7A841CF46} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> F61CB904DC673568A3DB67223C3F1DEC55C4AD053BF389B6184A7761B812092B
CHR StartupUrls: Default -> "hxxp://www.cnn.com/", "hxxp://theoldreader.com/", "hxxp://mcnugg3t.wordpress.com/", "hxxp://myfitnesspal.com/", "hxxp://www.nytimes.com/pages/travel/index.html", "hxxp://www.arestlesstransplant.com/"
CHR DefaultSearchKeyword: Default -> D7D449C447560AB15FEC316D60DA1E1CA6CE4BB2A06958196F992160B16461FD
CHR DefaultSearchProvider: Default -> EA8968B5F68D708DD985C98F04B5DDB9CFCFE76095BE818489448E1446BCAB2F
CHR CustomProfile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-24]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-24]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-24]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-24]
CHR Extension: (Adblock Plus) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-09-13]
CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-24]
CHR Extension: (Google Wallet) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-24]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-24]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-13] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1626800 2014-07-31] (Microsoft Corporation)
R2 Credential Vault Host Control Service; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [826272 2010-10-25] (Broadcom Corporation)
R2 Credential Vault Host Storage; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [32160 2010-10-25] (Broadcom Corporation)
R2 dcpsysmgrsvc; c:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe [388464 2011-01-20] (Dell Inc.)
R2 Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [110752 2010-09-22] (Intel Corporation)
R2 jhi_service; C:\Program Files\Intel\Services\IPT\jhi_service.exe [210896 2010-11-29] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736 2011-04-27] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [208944 2011-04-27] (Microsoft Corporation)
R2 nvUpdatusService; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2009704 2011-02-03] (NVIDIA Corporation)
R2 O2FLASH; C:\Windows\system32\DRIVERS\o2flash.exe [72296 2010-02-11] (O2Micro International)
R2 O2SDIOAssist; c:\Windows\system32\srvany.exe [8192 2003-04-18] () [File not signed]
S3 RoxMediaDB12OEM; C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [1116656 2010-11-25] (Sonic Solutions)
S2 RoxWatch12; C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [219632 2010-11-25] (Sonic Solutions)
S3 SecureStorageService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe [1477632 2010-11-03] (Wave Systems Corp.) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [262226 2010-12-07] (IDT, Inc.)
S2 tcsd_win32.exe; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1629696 2010-07-13] () [File not signed]
R2 TdmService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe [2336104 2010-10-16] (Wave Systems Corp.)
R2 ZcfgSvc7; C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe [577536 2010-12-23] (Intel® Corporation) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 Acceler; C:\Windows\System32\DRIVERS\Accelern.sys [43888 2010-12-13] (ST Microelectronics)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-09-13] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-09-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-09-13] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-09-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-09-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-09-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [71944 2014-09-13] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-09-13] ()
R3 BTWAMPFL; C:\Windows\System32\DRIVERS\btwampfl.sys [300584 2011-05-18] (Broadcom Corporation.)
R3 cvusbdrv; C:\Windows\System32\Drivers\cvusbdrv.sys [33832 2010-08-24] (Broadcom Corporation)
R3 e1cexpress; C:\Windows\System32\DRIVERS\e1c6232.sys [238760 2010-10-28] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-09-15] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)
R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [165648 2011-04-18] (Microsoft Corporation)
R3 MpNWMon; C:\Windows\System32\DRIVERS\MpNWMon.sys [43392 2011-04-18] (Microsoft Corporation)
S3 netvsc; C:\Windows\System32\DRIVERS\netvsc60.sys [126464 2010-11-20] (Microsoft Corporation)
R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwNs32.sys [7434240 2010-12-21] (Intel Corporation)
R0 nvpciflt; C:\Windows\System32\DRIVERS\nvpciflt.sys [20328 2011-02-03] (NVIDIA Corporation)
R3 O2MDFRDR; C:\Windows\System32\DRIVERS\O2MDFw7.sys [60904 2011-01-04] (O2Micro )
S3 O2MDRRDR; C:\Windows\system32\drivers\O2MDRw7.sys [62440 2011-01-04] (O2Micro )
R3 O2SDJRDR; C:\Windows\System32\DRIVERS\o2sdjw7.sys [63848 2011-01-04] (O2Micro )
R0 PBADRV; C:\Windows\System32\DRIVERS\PBADRV.sys [26608 2008-06-04] (Dell Inc)
R0 stdcfltn; C:\Windows\System32\DRIVERS\stdcfltn.sys [17648 2010-08-20] (ST Microelectronics)
S3 SynthVid; C:\Windows\System32\DRIVERS\VMBusVideoM.sys [19456 2010-11-20] (Microsoft Corporation)
S1 MpKslb96bfc47; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{56D4EAB1-ABF0-4531-AB67-958AF6077D00}\MpKslb96bfc47.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-14 16:37 - 2014-09-14 16:37 - 14317568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-14 16:37 - 2014-09-14 16:37 - 02046464 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 01766912 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-14 16:37 - 2014-09-14 16:37 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-09-14 16:37 - 2014-09-14 16:37 - 01129984 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00745472 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-14 16:37 - 2014-09-14 16:37 - 00719360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00629248 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-09-14 16:37 - 2014-09-14 16:37 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00242200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-09-14 16:37 - 2014-09-14 16:37 - 00138752 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-09-14 16:37 - 2014-09-14 16:37 - 00137216 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-14 16:37 - 2014-09-14 16:37 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-09-14 16:37 - 2014-09-14 16:37 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-09-14 16:37 - 2014-09-14 16:37 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-09-14 16:37 - 2014-09-14 16:37 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-14 16:37 - 2014-09-14 16:37 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-14 16:37 - 2014-09-14 16:37 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-14 16:36 - 2014-09-14 16:38 - 00006996 _____ () C:\Windows\IE10_main.log
2014-09-13 21:23 - 2014-09-13 21:23 - 00000269 _____ () C:\Users\Owner\Downloads\fixlist.txt
2014-09-13 21:22 - 2014-09-14 16:04 - 00000000 ____D () C:\Users\Owner\Desktop\DDS
2014-09-13 21:21 - 2014-09-13 21:21 - 00026074 _____ () C:\Users\Owner\Desktop\dds.txt
2014-09-13 21:21 - 2014-09-13 21:21 - 00009912 _____ () C:\Users\Owner\Desktop\attach.txt
2014-09-13 21:10 - 2014-09-13 21:11 - 00167744 _____ () C:\Windows\Minidump\091314-47970-01.dmp
2014-09-13 21:10 - 2014-09-13 21:10 - 515021767 _____ () C:\Windows\MEMORY.DMP
2014-09-13 21:10 - 2014-09-13 21:10 - 00000000 ____D () C:\Windows\Minidump
2014-09-13 21:04 - 2014-09-13 21:04 - 00098956 _____ () C:\Users\Owner\Desktop\FRST.txt
2014-09-13 21:04 - 2014-09-13 21:04 - 00030219 _____ () C:\Users\Owner\Desktop\Addition.txt
2014-09-13 21:03 - 2014-09-13 21:04 - 00030219 _____ () C:\Users\Owner\Downloads\Addition.txt
2014-09-13 21:03 - 2014-09-13 21:03 - 00688992 ____R (Swearware) C:\Users\Owner\Downloads\dds.com
2014-09-13 21:01 - 2014-09-15 21:24 - 00021799 _____ () C:\Users\Owner\Downloads\FRST.txt
2014-09-13 21:01 - 2014-09-15 21:23 - 00000000 ____D () C:\FRST
2014-09-13 21:00 - 2014-09-13 21:00 - 01097728 _____ (Farbar) C:\Users\Owner\Downloads\FRST.exe
2014-09-13 20:24 - 2014-09-15 21:04 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-13 20:23 - 2014-09-13 20:23 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-13 20:23 - 2014-09-13 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-13 20:23 - 2014-09-13 20:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-13 20:23 - 2014-09-13 20:23 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-09-13 20:23 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-13 20:23 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-13 20:23 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-13 20:20 - 2014-09-13 20:22 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Owner\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-13 17:07 - 2014-09-13 17:07 - 00002121 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-09-13 17:07 - 2014-09-13 17:07 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\AVAST Software
2014-09-13 17:07 - 2014-09-13 17:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-13 17:06 - 2014-09-13 17:07 - 00414520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-09-13 17:06 - 2014-09-13 17:06 - 00779536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-09-13 17:06 - 2014-09-13 17:06 - 00276432 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-09-13 17:06 - 2014-09-13 17:06 - 00192352 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-09-13 17:06 - 2014-09-13 17:06 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-09-13 17:06 - 2014-09-13 17:06 - 00071944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-09-13 17:06 - 2014-09-13 17:06 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-09-13 17:06 - 2014-09-13 17:06 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-09-13 17:06 - 2014-09-13 17:06 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-13 17:06 - 2014-09-13 17:06 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-09-13 17:04 - 2014-09-13 17:04 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-13 17:02 - 2014-09-13 17:04 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-13 17:01 - 2014-09-13 17:01 - 04862664 _____ (AVAST Software) C:\Users\Owner\Downloads\avast_free_antivirus_setup_online.exe
2014-09-13 14:17 - 2014-09-13 14:17 - 00000000 ____D () C:\Windows\Sun
2014-09-10 12:15 - 2014-06-26 21:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 08:44 - 2014-09-04 21:52 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 08:44 - 2014-09-04 21:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-10 08:44 - 2014-08-01 07:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 08:44 - 2014-07-06 21:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 08:44 - 2014-07-06 21:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 08:44 - 2014-06-23 22:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-08 09:31 - 2014-09-08 09:31 - 00000000 ____D () C:\Users\Owner\Documents\NeocoreGames
2014-09-08 09:31 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-09-08 09:31 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-09-08 09:31 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-09-08 09:31 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-09-08 09:31 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-09-08 09:31 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-09-08 09:31 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-09-08 09:31 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-09-08 09:31 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-09-08 09:31 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-09-08 09:31 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-09-08 09:31 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-09-08 09:31 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-09-08 09:31 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-09-08 09:31 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-09-08 09:31 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-09-08 09:31 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-09-08 09:31 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-09-08 09:31 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-09-04 09:20 - 2014-09-04 09:20 - 00000000 ____D () C:\Users\Owner\Documents\Paradox Interactive
2014-09-02 18:58 - 2014-09-02 18:58 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2014-09-01 22:02 - 2014-09-01 22:02 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-09-01 22:02 - 2014-09-01 22:02 - 00000000 ____D () C:\Users\Owner\AppData\Local\Irrational Games
2014-09-01 22:01 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-09-01 22:01 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-09-01 22:01 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-09-01 22:01 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-09-01 22:01 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-09-01 22:01 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-09-01 22:01 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-09-01 22:01 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-09-01 22:01 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-09-01 22:01 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-09-01 22:01 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-09-01 22:01 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-09-01 22:01 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-09-01 22:01 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-09-01 22:01 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-09-01 22:01 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-09-01 22:01 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-09-01 22:01 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-09-01 22:01 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-09-01 22:01 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-09-01 16:25 - 2014-09-01 16:25 - 00000000 ____D () C:\Users\Owner\Documents\My Games
2014-09-01 16:20 - 2014-09-01 16:20 - 00000000 ____D () C:\Program Files\Microsoft XNA
2014-09-01 16:20 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-09-01 16:20 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-09-01 16:20 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-09-01 16:20 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-09-01 16:04 - 2014-09-01 16:04 - 00000000 __SHD () C:\Users\Owner\AppData\Local\EmieUserList
2014-09-01 16:04 - 2014-09-01 16:04 - 00000000 __SHD () C:\Users\Owner\AppData\Local\EmieSiteList
2014-08-31 21:15 - 2014-08-31 21:15 - 00091504 _____ () C:\Users\Owner\Desktop\Greyhound Ticket.aspx
2014-08-31 15:32 - 2014-09-13 14:37 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Spotify
2014-08-31 15:32 - 2014-09-08 08:45 - 00000000 ____D () C:\Users\Owner\AppData\Local\Spotify
2014-08-31 15:32 - 2014-08-31 15:32 - 00001769 _____ () C:\Users\Owner\Desktop\Spotify.lnk
2014-08-31 15:32 - 2014-08-31 15:32 - 00001755 _____ () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-08-31 15:31 - 2014-08-31 15:31 - 00136352 _____ (Spotify Ltd) C:\Users\Owner\Downloads\SpotifySetup.exe
2014-08-31 12:22 - 2014-09-13 13:43 - 00001817 _____ () C:\Users\Public\Desktop\ooVoo.lnk
2014-08-31 12:22 - 2014-09-13 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ooVoo
2014-08-31 12:22 - 2014-09-13 13:43 - 00000000 ____D () C:\Program Files\ooVoo
2014-08-31 12:22 - 2014-08-31 12:22 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\ooVoo Details
2014-08-31 12:20 - 2014-08-31 12:20 - 02387520 _____ (ooVoo LLC) C:\Users\Owner\Downloads\ooVooSetup.exe
2014-08-29 17:07 - 2014-08-29 17:07 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-08-29 16:54 - 2014-08-29 16:54 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-29 16:51 - 2014-08-29 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-08-29 16:47 - 2014-08-29 16:47 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-29 16:46 - 2014-08-29 16:46 - 01034928 _____ (Microsoft Corporation) C:\Users\Owner\Downloads\setupproplusretail.x86.en-us_TX_PR_act_1_.exe
2014-08-28 10:43 - 2014-09-02 08:58 - 00000000 ____D () C:\Users\Owner\Desktop\Education
2014-08-28 09:19 - 2014-09-12 22:03 - 00000000 ____D () C:\Program Files\Steam
2014-08-28 09:19 - 2014-09-04 08:46 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-08-28 09:19 - 2014-08-28 09:19 - 01141680 _____ () C:\Users\Owner\Downloads\SteamSetup.exe
2014-08-28 09:19 - 2014-08-28 09:19 - 00000923 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-08-28 09:19 - 2014-08-28 09:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-27 17:53 - 2014-08-22 21:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 17:53 - 2014-08-22 20:42 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-25 18:55 - 2014-02-03 22:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-08-25 18:55 - 2013-11-26 04:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-08-25 18:55 - 2013-11-23 14:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-08-25 18:55 - 2012-02-11 01:37 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-08-25 10:14 - 2014-08-25 10:14 - 00001509 _____ () C:\Users\Owner\Desktop\mb_warband - Shortcut.lnk
2014-08-25 09:26 - 2013-04-09 19:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-08-25 09:17 - 2014-09-10 12:07 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-25 03:17 - 2014-09-10 12:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-25 02:24 - 2012-07-25 23:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-08-25 02:24 - 2012-07-25 23:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-08-25 02:24 - 2012-07-25 23:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-08-25 02:24 - 2012-07-25 23:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-08-25 02:24 - 2012-07-25 23:20 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-08-25 02:24 - 2012-07-25 22:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-08-25 02:24 - 2012-07-25 22:32 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-08-25 02:24 - 2012-06-02 10:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-08-25 02:23 - 2014-06-30 18:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-25 02:23 - 2014-06-06 02:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-25 02:23 - 2014-03-09 17:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-25 02:23 - 2014-03-09 17:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-25 02:23 - 2012-03-01 01:46 - 00019824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-08-25 02:23 - 2012-03-01 01:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-08-25 02:14 - 2013-05-10 00:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-08-25 02:14 - 2013-05-10 00:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-08-25 02:08 - 2014-08-25 02:08 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-08-25 02:08 - 2014-08-25 02:08 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-08-25 02:08 - 2014-08-25 02:08 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-08-25 02:08 - 2014-08-25 02:08 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-08-25 02:08 - 2014-08-25 02:08 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-08-25 02:08 - 2014-08-25 02:08 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-08-25 02:08 - 2014-08-25 02:08 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-08-25 02:05 - 2014-08-25 02:10 - 00013347 _____ () C:\Windows\IE11_main.log
2014-08-24 22:05 - 2013-10-03 21:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-08-24 22:05 - 2013-10-03 21:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-08-24 22:05 - 2013-07-09 00:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-08-24 22:05 - 2013-07-04 07:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-08-24 22:05 - 2013-07-02 23:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-08-24 22:05 - 2013-07-02 23:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-08-24 22:05 - 2012-08-22 13:16 - 00712048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-08-24 22:05 - 2012-07-04 15:45 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-08-24 22:04 - 2014-07-13 21:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-24 22:04 - 2013-10-29 22:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-08-24 22:04 - 2013-02-11 23:32 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-08-24 22:04 - 2013-01-24 00:47 - 00196328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-08-24 22:04 - 2012-11-02 01:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-08-24 22:03 - 2014-06-15 21:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-24 22:03 - 2014-06-15 21:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-08-24 22:03 - 2014-06-15 21:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-24 22:03 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-08-24 22:03 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-08-24 22:03 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-08-24 22:03 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-08-24 22:03 - 2014-03-04 05:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-08-24 22:03 - 2014-03-04 05:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-08-24 22:03 - 2014-03-04 05:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-08-24 22:03 - 2014-03-04 05:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-08-24 22:03 - 2014-03-04 05:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-08-24 22:03 - 2014-03-04 05:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-08-24 22:03 - 2014-03-04 05:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-08-24 22:03 - 2014-03-04 05:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-08-24 22:03 - 2014-03-04 05:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-08-24 22:03 - 2014-03-04 05:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-08-24 22:03 - 2014-03-04 05:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-08-24 22:03 - 2013-12-31 19:05 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-08-24 22:03 - 2013-10-18 21:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-08-24 22:03 - 2013-10-11 22:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-08-24 22:03 - 2013-10-11 22:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-08-24 22:03 - 2013-10-11 21:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-08-24 22:03 - 2013-10-11 21:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-08-24 22:03 - 2013-05-09 23:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-08-24 22:03 - 2012-08-21 16:12 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2014-08-24 22:03 - 2012-07-06 15:23 - 00393728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-08-24 22:03 - 2012-04-27 23:17 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-08-24 22:03 - 2011-12-30 01:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-08-24 22:03 - 2011-04-27 23:15 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2014-08-24 22:03 - 2011-03-11 01:39 - 00143744 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-08-24 22:03 - 2011-03-11 01:39 - 00117120 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-08-24 22:03 - 2011-03-11 01:38 - 00332160 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-08-24 22:03 - 2011-03-11 01:38 - 00080256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-08-24 22:03 - 2011-03-11 01:38 - 00022400 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-08-24 22:03 - 2011-03-11 01:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-08-24 22:03 - 2011-03-11 01:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-08-24 22:03 - 2011-03-11 00:01 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-08-24 22:02 - 2014-07-15 22:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-24 22:02 - 2014-02-03 22:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-08-24 22:02 - 2014-02-03 22:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-08-24 22:02 - 2014-02-03 22:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-08-24 22:02 - 2014-02-03 22:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-08-24 22:02 - 2014-01-27 22:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-08-24 22:02 - 2013-08-27 20:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-08-24 22:02 - 2013-07-20 06:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-08-24 22:02 - 2013-06-06 00:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-08-24 22:02 - 2013-06-06 00:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-08-24 22:02 - 2013-06-06 00:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-08-24 22:02 - 2013-06-05 23:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-08-24 22:02 - 2013-06-05 23:01 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-08-24 22:02 - 2013-05-12 23:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-08-24 22:02 - 2013-05-12 23:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-08-24 22:02 - 2013-04-26 00:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-08-24 22:02 - 2013-03-18 23:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-08-24 22:02 - 2013-02-15 00:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-08-24 22:02 - 2013-02-15 00:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-08-24 22:02 - 2013-02-14 23:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-08-24 22:02 - 2012-10-03 12:42 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-08-24 22:02 - 2012-10-03 12:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-08-24 22:02 - 2012-10-03 12:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-08-24 22:02 - 2012-10-03 12:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-08-24 22:02 - 2012-10-03 12:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-08-24 22:02 - 2012-10-03 12:40 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-08-24 22:02 - 2012-10-03 11:21 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-08-24 22:02 - 2012-06-06 01:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-08-24 22:02 - 2011-11-19 10:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-08-24 22:01 - 2014-06-17 21:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-08-24 22:01 - 2014-06-06 05:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-08-24 22:01 - 2014-06-03 05:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-24 22:01 - 2014-06-03 05:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-24 22:01 - 2014-06-03 05:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-24 22:01 - 2014-06-03 05:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-24 22:01 - 2014-05-30 03:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-08-24 22:01 - 2014-05-30 03:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-08-24 22:01 - 2014-05-30 02:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-08-24 22:01 - 2014-04-04 22:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-08-24 22:01 - 2014-04-04 22:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-08-24 22:01 - 2014-01-23 22:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-08-24 22:01 - 2013-11-26 07:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-08-24 22:01 - 2013-10-03 21:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-08-24 22:01 - 2013-10-03 21:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-08-24 22:01 - 2013-07-25 04:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-08-24 22:01 - 2012-12-07 08:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-08-24 22:01 - 2012-12-07 08:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-08-24 22:01 - 2012-12-07 06:46 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-08-24 22:01 - 2012-12-07 06:46 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-08-24 22:01 - 2012-12-07 06:46 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-08-24 22:01 - 2012-12-07 06:46 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-08-24 22:01 - 2012-12-07 06:46 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-08-24 22:01 - 2012-12-07 06:46 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-08-24 22:01 - 2012-12-07 06:46 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-08-24 22:01 - 2012-12-07 06:46 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-08-24 22:01 - 2012-12-07 06:46 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-08-24 22:01 - 2012-12-07 06:46 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-08-24 22:01 - 2012-12-07 06:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-08-24 22:01 - 2012-12-07 06:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-08-24 22:01 - 2012-12-07 06:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-08-24 22:01 - 2012-12-07 06:46 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-08-24 22:01 - 2012-07-04 17:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-08-24 22:01 - 2012-07-04 17:14 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-08-24 22:01 - 2012-07-04 17:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-08-24 22:01 - 2012-05-05 03:46 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-08-24 22:01 - 2011-10-26 00:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-08-24 22:01 - 2011-10-26 00:32 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-08-24 22:01 - 2011-10-15 01:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-08-24 22:00 - 2014-05-30 03:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-08-24 22:00 - 2014-05-30 03:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-08-24 22:00 - 2014-05-30 03:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-08-24 22:00 - 2014-05-30 03:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-08-24 22:00 - 2013-10-11 22:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-08-24 22:00 - 2013-10-11 22:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-08-24 22:00 - 2013-10-11 22:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-08-24 22:00 - 2013-08-04 21:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-08-24 22:00 - 2013-07-25 21:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-08-24 22:00 - 2013-07-04 07:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-08-24 22:00 - 2013-07-04 07:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-08-24 22:00 - 2013-07-04 05:48 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-08-24 22:00 - 2012-09-25 18:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-08-24 22:00 - 2012-05-14 00:33 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-08-24 22:00 - 2012-05-01 00:44 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-08-24 22:00 - 2012-04-26 00:45 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-08-24 22:00 - 2012-04-26 00:45 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-08-24 22:00 - 2012-04-26 00:41 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-08-24 22:00 - 2012-03-17 03:27 - 00056176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-08-24 22:00 - 2012-01-04 04:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-08-24 22:00 - 2011-12-16 03:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-08-24 22:00 - 2011-11-17 01:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-08-24 21:59 - 2014-06-24 21:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-24 21:59 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-08-24 21:59 - 2014-04-11 22:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-08-24 21:59 - 2014-04-11 22:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-08-24 21:59 - 2014-04-11 22:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-08-24 21:59 - 2014-04-11 22:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-08-24 21:59 - 2014-04-11 22:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-08-24 21:59 - 2014-04-11 22:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-08-24 21:59 - 2014-03-04 05:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-08-24 21:59 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-08-24 21:59 - 2013-12-03 22:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-08-24 21:59 - 2013-12-03 22:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-08-24 21:59 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-08-24 21:59 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-08-24 21:59 - 2013-12-03 22:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-08-24 21:59 - 2013-12-03 21:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-08-24 21:59 - 2013-12-03 21:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-08-24 21:59 - 2013-12-03 21:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-08-24 21:59 - 2013-12-03 21:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-08-24 21:59 - 2013-11-26 21:19 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-08-24 21:59 - 2013-11-26 21:18 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-08-24 21:59 - 2013-11-26 21:18 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-08-24 21:59 - 2013-11-26 21:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-08-24 21:59 - 2013-11-26 21:18 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-08-24 21:59 - 2013-11-26 21:18 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-08-24 21:59 - 2013-11-26 21:18 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-08-24 21:59 - 2013-10-05 15:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-08-24 21:59 - 2013-08-01 21:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 20:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-08-24 21:59 - 2013-08-01 20:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 20:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 20:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 20:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-08-24 21:59 - 2013-07-12 06:08 - 00146816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-08-24 21:59 - 2013-07-12 06:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-08-24 21:59 - 2013-07-09 00:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-08-24 21:59 - 2013-07-09 00:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-08-24 21:59 - 2013-07-04 08:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-08-24 21:59 - 2013-06-25 18:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-08-24 21:59 - 2013-06-14 23:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-08-24 21:59 - 2012-11-28 18:57 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-08-24 21:59 - 2012-11-28 18:57 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-08-24 21:59 - 2012-11-28 18:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-08-24 21:59 - 2012-10-09 13:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-08-24 21:59 - 2012-10-09 13:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-08-24 21:58 - 2013-02-27 00:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-08-24 21:46 - 2012-02-17 01:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-08-24 21:46 - 2012-02-17 00:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-08-24 21:43 - 2014-05-14 12:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-24 21:43 - 2014-05-14 12:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-24 21:43 - 2014-05-14 12:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-24 21:43 - 2014-05-14 12:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-24 21:43 - 2014-05-14 12:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-24 21:43 - 2014-05-14 12:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-24 21:43 - 2014-05-14 12:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-24 21:43 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-24 21:43 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-24 17:06 - 2014-08-24 17:06 - 00001198 _____ () C:\Users\Owner\Desktop\M&B WB.lnk
2014-08-24 17:05 - 2014-08-24 22:56 - 00000000 ____D () C:\Users\Owner\Documents\Mount&Blade Warband Savegames
2014-08-24 16:26 - 2014-08-24 16:31 - 306043563 _____ () C:\Users\Owner\Downloads\Silverstag_v023_basic-3693-0-23 (1).rar
2014-08-24 16:11 - 2014-09-10 09:44 - 00000000 ____D () C:\Users\Owner\Desktop\Personal
2014-08-24 15:58 - 2014-08-24 16:03 - 306043563 _____ () C:\Users\Owner\Downloads\Silverstag_v023_basic-3693-0-23.rar
2014-08-24 15:55 - 2014-08-24 15:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-08-24 15:55 - 2014-08-24 15:55 - 00000000 ____D () C:\Program Files\7-Zip
2014-08-24 15:52 - 2014-08-24 17:04 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Mount&Blade Warband
2014-08-24 15:35 - 2014-08-24 15:35 - 00001100 _____ () C:\Users\UpdatusUser\Desktop\Mount&Blade Warband.lnk
2014-08-24 15:35 - 2014-08-24 15:35 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mount&Blade Warband
2014-08-24 15:35 - 2014-08-24 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mount&Blade Warband
2014-08-24 15:35 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-08-24 15:35 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-08-24 15:35 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-08-24 15:34 - 2014-08-24 22:24 - 00000000 ____D () C:\Users\Owner\Documents\Mount&Blade Warband
2014-08-24 15:34 - 2014-08-24 17:03 - 00000000 ____D () C:\Program Files\Mount&Blade Warband
2014-08-24 15:25 - 2014-09-13 08:31 - 00002131 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-24 15:25 - 2014-08-24 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-24 15:24 - 2014-09-15 20:29 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-24 15:24 - 2014-09-15 18:20 - 00000880 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-24 15:24 - 2014-08-24 15:25 - 00000000 ____D () C:\Users\Owner\AppData\Local\Google
2014-08-24 15:24 - 2014-08-24 15:25 - 00000000 ____D () C:\Program Files\Google
2014-08-24 15:24 - 2014-08-24 15:24 - 00000000 ____D () C:\Users\Owner\AppData\Local\Deployment
2014-08-24 15:24 - 2014-08-24 15:24 - 00000000 ____D () C:\Users\Owner\AppData\Local\Apps\2.0
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-15 21:24 - 2014-09-13 21:01 - 00021799 _____ () C:\Users\Owner\Downloads\FRST.txt
2014-09-15 21:23 - 2014-09-13 21:01 - 00000000 ____D () C:\FRST
2014-09-15 21:15 - 2011-05-18 13:47 - 01310627 _____ () C:\Windows\WindowsUpdate.log
2014-09-15 21:04 - 2014-09-13 20:24 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-15 20:29 - 2014-08-24 15:24 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-15 19:31 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\rescache
2014-09-15 18:28 - 2009-07-14 00:34 - 00031312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-15 18:28 - 2009-07-14 00:34 - 00031312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-15 18:25 - 2010-11-20 17:01 - 00785842 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-15 18:20 - 2014-08-24 15:24 - 00000880 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-15 18:20 - 2011-05-18 14:09 - 00000000 ____D () C:\ProgramData\Sonic
2014-09-15 18:19 - 2011-05-18 15:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-15 18:18 - 2009-07-14 00:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-15 18:18 - 2009-07-14 00:39 - 00054203 _____ () C:\Windows\setupact.log
2014-09-14 16:38 - 2014-09-14 16:36 - 00006996 _____ () C:\Windows\IE10_main.log
2014-09-14 16:37 - 2014-09-14 16:37 - 14317568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-14 16:37 - 2014-09-14 16:37 - 02046464 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 01766912 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-14 16:37 - 2014-09-14 16:37 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-09-14 16:37 - 2014-09-14 16:37 - 01129984 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00745472 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-14 16:37 - 2014-09-14 16:37 - 00719360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00629248 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-09-14 16:37 - 2014-09-14 16:37 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00242200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-09-14 16:37 - 2014-09-14 16:37 - 00138752 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-09-14 16:37 - 2014-09-14 16:37 - 00137216 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-14 16:37 - 2014-09-14 16:37 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-09-14 16:37 - 2014-09-14 16:37 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-09-14 16:37 - 2014-09-14 16:37 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-09-14 16:37 - 2014-09-14 16:37 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-14 16:37 - 2014-09-14 16:37 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-14 16:37 - 2014-09-14 16:37 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-14 16:04 - 2014-09-13 21:22 - 00000000 ____D () C:\Users\Owner\Desktop\DDS
2014-09-14 15:57 - 2010-11-20 17:48 - 00113368 _____ () C:\Windows\PFRO.log
2014-09-13 21:23 - 2014-09-13 21:23 - 00000269 _____ () C:\Users\Owner\Downloads\fixlist.txt
2014-09-13 21:21 - 2014-09-13 21:21 - 00026074 _____ () C:\Users\Owner\Desktop\dds.txt
2014-09-13 21:21 - 2014-09-13 21:21 - 00009912 _____ () C:\Users\Owner\Desktop\attach.txt
2014-09-13 21:12 - 2011-06-16 13:44 - 00001415 _____ () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-13 21:11 - 2014-09-13 21:10 - 00167744 _____ () C:\Windows\Minidump\091314-47970-01.dmp
2014-09-13 21:10 - 2014-09-13 21:10 - 515021767 _____ () C:\Windows\MEMORY.DMP
2014-09-13 21:10 - 2014-09-13 21:10 - 00000000 ____D () C:\Windows\Minidump
2014-09-13 21:04 - 2014-09-13 21:04 - 00098956 _____ () C:\Users\Owner\Desktop\FRST.txt
2014-09-13 21:04 - 2014-09-13 21:04 - 00030219 _____ () C:\Users\Owner\Desktop\Addition.txt
2014-09-13 21:04 - 2014-09-13 21:03 - 00030219 _____ () C:\Users\Owner\Downloads\Addition.txt
2014-09-13 21:03 - 2014-09-13 21:03 - 00688992 ____R (Swearware) C:\Users\Owner\Downloads\dds.com
2014-09-13 21:00 - 2014-09-13 21:00 - 01097728 _____ (Farbar) C:\Users\Owner\Downloads\FRST.exe
2014-09-13 20:23 - 2014-09-13 20:23 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-13 20:23 - 2014-09-13 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-13 20:23 - 2014-09-13 20:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-13 20:23 - 2014-09-13 20:23 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-09-13 20:22 - 2014-09-13 20:20 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Owner\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-13 17:07 - 2014-09-13 17:07 - 00002121 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-09-13 17:07 - 2014-09-13 17:07 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\AVAST Software
2014-09-13 17:07 - 2014-09-13 17:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-13 17:07 - 2014-09-13 17:06 - 00414520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-09-13 17:06 - 2014-09-13 17:06 - 00779536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-09-13 17:06 - 2014-09-13 17:06 - 00276432 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-09-13 17:06 - 2014-09-13 17:06 - 00192352 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-09-13 17:06 - 2014-09-13 17:06 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-09-13 17:06 - 2014-09-13 17:06 - 00071944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-09-13 17:06 - 2014-09-13 17:06 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-09-13 17:06 - 2014-09-13 17:06 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-09-13 17:06 - 2014-09-13 17:06 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-13 17:06 - 2014-09-13 17:06 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-09-13 17:04 - 2014-09-13 17:04 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-13 17:04 - 2014-09-13 17:02 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-13 17:01 - 2014-09-13 17:01 - 04862664 _____ (AVAST Software) C:\Users\Owner\Downloads\avast_free_antivirus_setup_online.exe
2014-09-13 14:37 - 2014-08-31 15:32 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Spotify
2014-09-13 14:17 - 2014-09-13 14:17 - 00000000 ____D () C:\Windows\Sun
2014-09-13 13:43 - 2014-08-31 12:22 - 00001817 _____ () C:\Users\Public\Desktop\ooVoo.lnk
2014-09-13 13:43 - 2014-08-31 12:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ooVoo
2014-09-13 13:43 - 2014-08-31 12:22 - 00000000 ____D () C:\Program Files\ooVoo
2014-09-13 08:31 - 2014-08-24 15:25 - 00002131 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-12 22:03 - 2014-08-28 09:19 - 00000000 ____D () C:\Program Files\Steam
2014-09-10 20:53 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-10 12:15 - 2014-08-25 03:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 12:08 - 2011-06-24 09:29 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-10 12:07 - 2014-08-25 09:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 09:44 - 2014-08-24 16:11 - 00000000 ____D () C:\Users\Owner\Desktop\Personal
2014-09-08 09:31 - 2014-09-08 09:31 - 00000000 ____D () C:\Users\Owner\Documents\NeocoreGames
2014-09-08 08:45 - 2014-08-31 15:32 - 00000000 ____D () C:\Users\Owner\AppData\Local\Spotify
2014-09-04 21:52 - 2014-09-10 08:44 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-04 21:47 - 2014-09-10 08:44 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-04 09:20 - 2014-09-04 09:20 - 00000000 ____D () C:\Users\Owner\Documents\Paradox Interactive
2014-09-04 08:46 - 2014-08-28 09:19 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-09-02 18:58 - 2014-09-02 18:58 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2014-09-02 08:58 - 2014-08-28 10:43 - 00000000 ____D () C:\Users\Owner\Desktop\Education
2014-09-01 22:02 - 2014-09-01 22:02 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-09-01 22:02 - 2014-09-01 22:02 - 00000000 ____D () C:\Users\Owner\AppData\Local\Irrational Games
2014-09-01 16:25 - 2014-09-01 16:25 - 00000000 ____D () C:\Users\Owner\Documents\My Games
2014-09-01 16:20 - 2014-09-01 16:20 - 00000000 ____D () C:\Program Files\Microsoft XNA
2014-09-01 16:20 - 2009-07-13 22:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-09-01 16:04 - 2014-09-01 16:04 - 00000000 __SHD () C:\Users\Owner\AppData\Local\EmieUserList
2014-09-01 16:04 - 2014-09-01 16:04 - 00000000 __SHD () C:\Users\Owner\AppData\Local\EmieSiteList
2014-08-31 21:15 - 2014-08-31 21:15 - 00091504 _____ () C:\Users\Owner\Desktop\Greyhound Ticket.aspx
2014-08-31 19:56 - 2009-07-14 00:33 - 00478704 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-31 15:32 - 2014-08-31 15:32 - 00001769 _____ () C:\Users\Owner\Desktop\Spotify.lnk
2014-08-31 15:32 - 2014-08-31 15:32 - 00001755 _____ () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-08-31 15:31 - 2014-08-31 15:31 - 00136352 _____ (Spotify Ltd) C:\Users\Owner\Downloads\SpotifySetup.exe
2014-08-31 12:23 - 2011-06-16 13:45 - 00127408 _____ () C:\Users\Owner\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-31 12:22 - 2014-08-31 12:22 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\ooVoo Details
2014-08-31 12:20 - 2014-08-31 12:20 - 02387520 _____ (ooVoo LLC) C:\Users\Owner\Downloads\ooVooSetup.exe
2014-08-29 17:07 - 2014-08-29 17:07 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-08-29 17:07 - 2011-02-10 12:09 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-08-29 16:57 - 2014-08-29 16:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-08-29 16:54 - 2014-08-29 16:54 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-29 16:47 - 2014-08-29 16:47 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-29 16:46 - 2014-08-29 16:46 - 01034928 _____ (Microsoft Corporation) C:\Users\Owner\Downloads\setupproplusretail.x86.en-us_TX_PR_act_1_.exe
2014-08-28 09:19 - 2014-08-28 09:19 - 01141680 _____ () C:\Users\Owner\Downloads\SteamSetup.exe
2014-08-28 09:19 - 2014-08-28 09:19 - 00000923 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-08-28 09:19 - 2014-08-28 09:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-25 10:14 - 2014-08-25 10:14 - 00001509 _____ () C:\Users\Owner\Desktop\mb_warband - Shortcut.lnk
2014-08-25 09:17 - 2010-11-20 20:47 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-25 09:17 - 2009-07-14 00:52 - 00000000 ____D () C:\Program Files\Windows Defender
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\zh-TW
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\zh-CN
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\sv-SE
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\ru-RU
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\pt-PT
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\pt-BR
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\pl-PL
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\nl-NL
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\nb-NO
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\ko-KR
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\ja-JP
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\it-IT
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\hu-HU
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\fr-FR
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\fi-FI
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\el-GR
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-08-25 09:15 - 2011-05-18 14:03 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-25 02:18 - 2011-05-18 14:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-25 02:10 - 2014-08-25 02:05 - 00013347 _____ () C:\Windows\IE11_main.log
2014-08-25 02:08 - 2014-08-25 02:08 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-08-25 02:08 - 2014-08-25 02:08 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-08-25 02:08 - 2014-08-25 02:08 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-08-25 02:08 - 2014-08-25 02:08 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-08-25 02:08 - 2014-08-25 02:08 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-08-25 02:08 - 2014-08-25 02:08 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-08-25 02:08 - 2014-08-25 02:08 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-08-24 22:56 - 2014-08-24 17:05 - 00000000 ____D () C:\Users\Owner\Documents\Mount&Blade Warband Savegames
2014-08-24 22:24 - 2014-08-24 15:34 - 00000000 ____D () C:\Users\Owner\Documents\Mount&Blade Warband
2014-08-24 21:41 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-08-24 17:06 - 2014-08-24 17:06 - 00001198 _____ () C:\Users\Owner\Desktop\M&B WB.lnk
2014-08-24 17:04 - 2014-08-24 15:52 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Mount&Blade Warband
2014-08-24 17:03 - 2014-08-24 15:34 - 00000000 ____D () C:\Program Files\Mount&Blade Warband
2014-08-24 16:31 - 2014-08-24 16:26 - 306043563 _____ () C:\Users\Owner\Downloads\Silverstag_v023_basic-3693-0-23 (1).rar
2014-08-24 16:03 - 2014-08-24 15:58 - 306043563 _____ () C:\Users\Owner\Downloads\Silverstag_v023_basic-3693-0-23.rar
2014-08-24 15:59 - 2011-06-16 13:43 - 00000000 ____D () C:\Users\Owner\AppData\Local\VirtualStore
2014-08-24 15:55 - 2014-08-24 15:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-08-24 15:55 - 2014-08-24 15:55 - 00000000 ____D () C:\Program Files\7-Zip
2014-08-24 15:35 - 2014-08-24 15:35 - 00001100 _____ () C:\Users\UpdatusUser\Desktop\Mount&Blade Warband.lnk
2014-08-24 15:35 - 2014-08-24 15:35 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mount&Blade Warband
2014-08-24 15:35 - 2014-08-24 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mount&Blade Warband
2014-08-24 15:25 - 2014-08-24 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-24 15:25 - 2014-08-24 15:24 - 00000000 ____D () C:\Users\Owner\AppData\Local\Google
2014-08-24 15:25 - 2014-08-24 15:24 - 00000000 ____D () C:\Program Files\Google
2014-08-24 15:24 - 2014-08-24 15:24 - 00000000 ____D () C:\Users\Owner\AppData\Local\Deployment
2014-08-24 15:24 - 2014-08-24 15:24 - 00000000 ____D () C:\Users\Owner\AppData\Local\Apps\2.0
2014-08-22 21:46 - 2014-08-27 17:53 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-22 20:42 - 2014-08-27 17:53 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 12:03 - 2009-07-13 22:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
 
Some content of TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\8E31.exe
C:\Users\Owner\AppData\Local\Temp\HssInstaller.exe
C:\Users\Owner\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\Owner\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Owner\AppData\Local\Temp\MSN70AE.exe
C:\Users\Owner\AppData\Local\Temp\ochelper.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-15 19:06
 
==================== End Of Log ============================

 

Addition:

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-09-2014
Ran by Owner at 2014-09-15 21:24:53
Running from C:\Users\Owner\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {108DAC43-C256-20B7-BB05-914135DA5160}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Microsoft Security Essentials (Enabled - Up to date) {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
AccelerometerP11 (HKLM\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.10.21 - STMicroelectronics)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.2.152.26 - Adobe Systems Incorporated)
AI War: Fleet Command (HKLM\...\Steam App 40400) (Version:  - Arcen Games, LLC)
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2021 - AVAST Software)
Banished (HKLM\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
BioAPI Framework (Version: 1.0.2 - Dell Inc.) Hidden
Conexant HDA D330 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F) (Version: 7.80.4.0 - Conexant)
Crusader Kings II (HKLM\...\Steam App 203770) (Version:  - Paradox Development Studio)
Custom (Version: 12.34.56.789 - Wave Systems Corp.) Hidden
CyberLink PowerDVD 9.5 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.3225 - CyberLink Corp.)
CyberLink PowerDVD 9.5 (Version: 9.5.1.3225 - CyberLink Corp.) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell ControlVault Host Components Installer (Version: 2.0.20.159 - Broadcom Corporation) Hidden
Dell Data Protection | Access (HKLM\...\{A7D91856-258D-4C87-8041-B170851CE432}) (Version: 2.0.00000.154 - Dell Inc.)
Dell Data Protection | Access (Version: 01.00.00.154 - Wave Systems Corp) Hidden
Dell Data Protection | Access | Drivers (HKLM\...\{4E4E65EE-C456-45AC-B5AD-C62C3A325BD0}) (Version: 1.00.011 - Dell Inc.)
Dell Data Protection | Access | Middleware (HKLM\...\{841CBDD5-4BB5-403E-AEE3-2FADC3890BE8}) (Version: 1.00.005 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{3138EAD3-700B-4A10-B617-B3F8096EE30D}) (Version: 1.0.0 - Dell Inc)
Dell System Manager (HKLM\...\{43CFE88C-A97B-4875-9BCC-E93EC0EEEEA4}) (Version: 1.6.00000 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1208.101.116 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM\...\Dell Webcam Central) (Version: 1.40.28 - Creative Technology Ltd)
DellAccess (Version: 01.00.00.078 - Wave Systems Corp.) Hidden
Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)
DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden
EMBASSY Security Center (Version: 04.02.00.072 - Wave Systems Corp.) Hidden
Freedom Force (HKLM\...\Steam App 8880) (Version:  - Irrational Games)
Freedom Force vs. the 3rd Reich (HKLM\...\Steam App 8890) (Version:  - Irrational Games)
Gemalto (Version: 01.01.01.0000 - Wave Systems Corp) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Intel PROSet Wireless (Version:  - ) Hidden
Intel® Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Identity Protection Technology 1.0.71.0 (HKLM\...\{2C43790E-8470-1027-82D3-DF319F3C410F}) (Version: 1.0.71.0 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Network Connections 15.7.176.1 (HKLM\...\PROSetDX) (Version: 15.7.176.1 - Dell)
Intel® Network Connections 15.7.176.1 (Version: 15.7.176.1 - Dell) Hidden
Intel® Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2266 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{4C1CCA11-0D08-4D5E-8444-2D9FB48BCABF}) (Version: 14.00.20110 - Intel Corporation)
Java Auto Updater (Version: 2.0.6.1 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 29 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216024FF}) (Version: 6.0.290 - Oracle)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4641.1003 - Microsoft Corporation)
Microsoft Security Client (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 2.1.1116.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Modem Diagnostic Tool (HKLM\...\{294EAADF-E50F-4DD8-AD8D-19587EA10512}) (Version: 1.0.28.0 - Dell)
Mount&Blade Warband (HKLM\...\Mount&Blade Warband) (Version:  - )
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Netwaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.59 - BVRP Software, Inc)
NTRU TCG Software Stack (Version: 2.1.34 - Security Innovation) Hidden
NVIDIA 3D Vision Driver 266.96 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 266.96 - NVIDIA Corporation)
NVIDIA Control Panel 266.96 (Version: 266.96 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 266.96 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 266.96 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.39.0 - NVIDIA Corporation) Hidden
NVIDIA nView 135.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 135.60 - NVIDIA Corporation)
NVIDIA nView Desktop Manager (Version: 6.14.10.13560 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.0.21 (Version: 1.0.21 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.6696 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.0.21 - NVIDIA Corporation) Hidden
O2Micro Flash Memory Card Windows Driver (HKLM\...\InstallShield_{1B7D35ED-B68B-479F-94D7-0D8DF2BBC90E}) (Version: 3.0.07.19 - O2Micro International LTD.)
O2Micro Flash Memory Card Windows Driver (Version: 3.0.07.19 - O2Micro International LTD.) Hidden
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
ooVoo (HKLM\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.6.5001 - ooVoo LLC.)
Orcs Must Die! 2 (HKLM\...\Steam App 201790) (Version:  - Robot Entertainment)
PC-CCID (Version: 2.0.0 - Gemalto) Hidden
PhotoShowExpress (Version: 2.0.063 - Sonic Solutions) Hidden
Preboot Manager (Version: 03.02.00.066 - Wave Systems Corp.) Hidden
Private Information Manager (Version: 07.00.00.026 - Wave Systems Corp.) Hidden
Roxio Activation Module (Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (Version: 1.3.3 - Roxio) Hidden
Roxio Burn (Version: 1.8 - Roxio) Hidden
Roxio Creator Starter (HKLM\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio Creator Starter (Version: 1.0.439 - Roxio) Hidden
Roxio Creator Starter (Version: 5.0.0 - Roxio) Hidden
Roxio Express Labeler 3 (Version: 3.2.2 - Roxio) Hidden
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Sonic CinePlayer Decoder Pack (Version: 4.3.0 - Sonic Solutions) Hidden
SPBA 5.9 (Version: 5.9.4.6686 - UPEK Inc.) Hidden
Spotify (HKCU\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB)
Steam (HKLM\...\Steam) (Version:  - Valve Corporation)
Terraria (HKLM\...\Steam App 105600) (Version:  - Re-Logic)
The Incredible Adventures of Van Helsing (HKLM\...\Steam App 215530) (Version:  - NeocoreGames)
Trusted Drive Manager (Version: 4.0.0.512 - Wave Systems Corp.) Hidden
Upek Touchchip Fingerprint Reader (Version: 1.2.004 - Dell Inc.) Hidden
Wave Infrastructure Installer (Version: 07.02.40.0008 - Wave Systems Corp) Hidden
Wave Support Software Installer (Version: 05.12.00.012 - Wave Systems Corp) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6900 - Broadcom Corporation)
Windows Driver Package - Dell Inc. PBADRV System  (09/11/2009 1.0.1.6) (HKLM\...\9512AA21B791B05A54E27065C45BBC417AB282DF) (Version: 09/11/2009 1.0.1.6 - Dell Inc.)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-186684007-3129811665-3508793504-1001_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks?
 
==================== Restore Points  =========================
 
01-09-2014 20:20:07 Installed Microsoft XNA Framework Redistributable 4.0
02-09-2014 02:00:26 Installed DirectX
03-09-2014 23:17:20 Windows Update
07-09-2014 13:13:08 Windows Update
08-09-2014 13:30:07 Installed DirectX
10-09-2014 16:04:57 Windows Update
13-09-2014 21:04:18 avast! antivirus system restore point
13-09-2014 21:45:37 Windows Modules Installer
14-09-2014 01:38:17 Windows Update
14-09-2014 20:36:18 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:04 - 2009-06-10 17:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {01D66B79-B5AC-41C1-85B5-536975AACA32} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2014-07-31] (Microsoft Corporation)
Task: {076C5D89-60B7-474E-89F3-FF090942495C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-24] (Google Inc.)
Task: {09E0E8E8-A0EB-43C8-BEDA-5092DD0758FA} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27] (Microsoft Corporation)
Task: {291ED721-A031-4274-90ED-26B05C6546F7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-09-13] (AVAST Software)
Task: {5D0831B9-B5C7-4D35-822C-15F04F13E57E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-29] (Microsoft Corporation)
Task: {D1987508-6144-4115-8409-A4850C328AFF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-29] (Microsoft Corporation)
Task: {DA309C08-CF9E-48F1-80D8-DFE9ABF877AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-24] (Google Inc.)
Task: {E5B3CF97-1E57-4301-A139-8A50E9F01210} - System32\Tasks\Microsoft\Microsoft Antimalware\MP Scheduled Scan => c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-09-13 17:06 - 2014-09-13 17:06 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-14 16:01 - 2014-09-14 16:01 - 02862592 _____ () C:\Program Files\AVAST Software\Avast\defs\14091401\algo.dll
2014-09-15 18:20 - 2014-09-15 18:20 - 02862592 _____ () C:\Program Files\AVAST Software\Avast\defs\14091501\algo.dll
2014-08-29 16:47 - 2014-05-20 03:11 - 00080040 _____ () C:\Program Files\Microsoft Office 15\ClientX86\ApiClient.dll
2011-05-18 13:50 - 2003-04-18 22:06 - 00008192 _____ () c:\Windows\system32\srvany.exe
2014-08-29 16:57 - 2014-08-29 16:57 - 08892576 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2010-10-15 19:14 - 2010-10-15 19:14 - 00132384 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2011-05-18 13:48 - 2010-12-15 11:46 - 00686704 _____ () C:\Program Files\STMicroelectronics\AccelerometerP11\FF_Protection.exe
2010-11-17 11:35 - 2010-11-17 11:35 - 00514544 _____ () C:\Program Files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
2010-11-24 23:44 - 2010-11-24 23:44 - 00375280 _____ () c:\program files\common files\roxio shared\dllshared\SQLite352.dll
2014-09-13 17:06 - 2014-09-13 17:06 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-09-13 08:31 - 2014-09-03 23:01 - 01098056 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-13 08:31 - 2014-09-03 23:01 - 00174408 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.120\libegl.dll
2014-09-13 08:31 - 2014-09-03 23:01 - 08577864 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-13 08:31 - 2014-09-03 23:01 - 00331592 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-13 08:31 - 2014-09-03 23:01 - 01660232 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
2014-09-13 08:31 - 2014-09-03 23:01 - 14891848 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
==================== Faulty Device Manager Devices =============
 
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: MpKslb96bfc47
Description: MpKslb96bfc47
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: MpKslb96bfc47
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/15/2014 07:10:17 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Activation context generation failed for "imaging1".Error in manifest or policy file "imaging2" on line imaging3.
The element imaging appears as a child of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by this version of Windows.
 
Error: (09/15/2014 07:09:15 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (09/15/2014 06:19:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/14/2014 03:59:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/13/2014 09:46:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FRST.exe, version: 12.9.2014.0, time stamp: 0x5413314f
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea91c
Exception code: 0xc00000fd
Fault offset: 0x00058472
Faulting process id: 0x1380
Faulting application start time: 0xFRST.exe0
Faulting application path: FRST.exe1
Faulting module path: FRST.exe2
Report Id: FRST.exe3
 
Error: (09/13/2014 09:11:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/13/2014 05:04:15 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {47b881f9-9a3c-4fea-b291-5880336aba57}
 
Error: (09/13/2014 03:39:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17280, time stamp: 0x4a5bc6b7
Faulting module name: MSHTML.dll, version: 11.0.9600.17280, time stamp: 0x53f27d67
Exception code: 0xc0000005
Fault offset: 0x001032c5
Faulting process id: 0x31b8
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
 
Error: (09/13/2014 03:31:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17280, time stamp: 0x4a5bc6b7
Faulting module name: MSHTML.dll, version: 11.0.9600.17280, time stamp: 0x53f27d67
Exception code: 0xc0000005
Fault offset: 0x001032c5
Faulting process id: 0x1f00
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
 
Error: (09/13/2014 03:19:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17280, time stamp: 0x4a5bc6b7
Faulting module name: MSHTML.dll, version: 11.0.9600.17280, time stamp: 0x53f27d67
Exception code: 0xc00000fd
Fault offset: 0x00407a4d
Faulting process id: 0x223c
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
 
 
System errors:
=============
Error: (09/15/2014 09:17:55 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (09/15/2014 06:18:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NTRU TSS v1.2.1.34 TCS service depends on the TPM Base Services service which failed to start because of the following error: 
%%0
 
Error: (09/15/2014 06:18:46 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 4:38:31 PM on ‎9/‎14/‎2014 was unexpected.
 
Error: (09/14/2014 04:36:42 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {51FA2736-5DEE-11D4-98E8-006008BF430C}
 
Error: (09/14/2014 04:00:19 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (09/14/2014 03:58:28 PM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.
 
Feature: %%835
 
Error Code: 0x80004005
 
Error description: Unspecified error 
 
Reason: %%842
 
Error: (09/14/2014 03:58:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NTRU TSS v1.2.1.34 TCS service depends on the TPM Base Services service which failed to start because of the following error: 
%%0
 
Error: (09/14/2014 03:57:49 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 9:54:31 PM on ‎9/‎13/‎2014 was unexpected.
 
Error: (09/13/2014 09:53:53 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\System32\IWMSSvc.dll
 
Error: (09/13/2014 09:28:41 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Modules Installer service, but this action failed with the following error: 
%%1056
 
 
Microsoft Office Sessions:
=========================
Error: (09/15/2014 07:10:17 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: imagingurn:schemas-microsoft-com:asm.v1^assemblyc:\program files\microsoft security client\MSESysprep.dllc:\program files\microsoft security client\MSESysprep.dll10
 
Error: (09/15/2014 07:09:15 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\O2Micro\Oz600\DPInst64.exe
 
Error: (09/15/2014 06:19:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/14/2014 03:59:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/13/2014 09:46:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FRST.exe12.9.2014.05413314fntdll.dll6.1.7601.18247521ea91cc00000fd00058472138001cfcfba930489d2C:\Users\Owner\Downloads\FRST.exeC:\Windows\SYSTEM32\ntdll.dllfef201aa-3bb0-11e4-9b17-08edb9dba9ee
 
Error: (09/13/2014 09:11:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/13/2014 05:04:15 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {47b881f9-9a3c-4fea-b291-5880336aba57}
 
Error: (09/13/2014 03:39:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.172804a5bc6b7MSHTML.dll11.0.9600.1728053f27d67c0000005001032c531b801cfcf89d33cf6fdC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dllb50147fe-3b7d-11e4-996a-08edb9dba9ee
 
Error: (09/13/2014 03:31:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.172804a5bc6b7MSHTML.dll11.0.9600.1728053f27d67c0000005001032c51f0001cfcf886c00a0faC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll9dc40598-3b7c-11e4-996a-08edb9dba9ee
 
Error: (09/13/2014 03:19:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.172804a5bc6b7MSHTML.dll11.0.9600.1728053f27d67c00000fd00407a4d223c01cfcf87044ad370C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dlle6eae1a8-3b7a-11e4-996a-08edb9dba9ee
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 71%
Total physical RAM: 3317.02 MB
Available physical RAM: 939.76 MB
Total Pagefile: 6632.32 MB
Available Pagefile: 3603.23 MB
Total Virtual: 2047.88 MB
Available Virtual: 1912.21 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:297.07 GB) (Free:222.47 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: C14A73D4)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=1009 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=297.1 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#4 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:55 AM

Posted 15 September 2014 - 08:40 PM

Ok. How is your computer running after the following steps?


Step 1

Please download this attached Attached File  fixlist.txt   269bytes   2 downloads and save it in the same directory as FRST.
  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.


Step 2

Please download the ESET Online Scanner and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start esetsmartinstaller_enu.exe with administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log file is created at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
    Copy and paste the content of this log file in your next reply.
Note: Do not forget to re-enable your antivirus application after running the above scan!



Step 3

Start FRST with administator privileges.
  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste this log in your next reply.


#5 CDST

CDST
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:55 AM

Posted 15 September 2014 - 10:21 PM

Everything seems back to normal. Thank you soooo much!

 

Fixlog:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 12-09-2014
Ran by Owner at 2014-09-15 22:17:34 Run:2
Running from C:\Users\Owner\Downloads
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
CloseProcesses:
HKU\S-1-5-21-186684007-3129811665-3508793504-1001\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!
EmptyTemp:
*****************
 
Processes closed successfully.
"HKU\S-1-5-21-186684007-3129811665-3508793504-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32" => Key Deleted Successfully.
"HKU\S-1-5-21-186684007-3129811665-3508793504-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}" => Key deleted successfully.
EmptyTemp: => Removed 1.1 GB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====

 

ESET:

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=442b1e388c433f47b8e9ac9264d90cf2
# engine=20169
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-16 03:15:23
# local_time=2014-09-15 11:15:23 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 90 0 6114008 0 0
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5894 16777213 100 100 88971054 106814279 0 0
# scanned=170280
# found=0
# cleaned=0
# scan_time=2756
 

FRST Scan:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-09-2014
Ran by Owner (administrator) on DELL_LAPTOP on 15-09-2014 23:18:17
Running from C:\Users\Owner\Downloads
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(UPEK Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AEstSrv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(Dell Inc.) C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel Corporation) C:\Program Files\Intel\Services\IPT\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
() C:\Windows\System32\srvany.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(O2Micro.) C:\Windows\System32\SDIOAssist.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
() C:\Program Files\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Creative Technology Ltd) C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
() C:\Program Files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Spotify Ltd) C:\Users\Owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dell Inc.) C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Spotify Ltd) C:\Users\Owner\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Owner\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Owner\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Owner\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Owner\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Owner\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [488816 2011-01-04] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [536668 2010-12-07] (IDT, Inc.)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2010-12-15] ()
HKLM\...\Run: [IMSS] => C:\Program Files\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [112152 2010-12-03] (Intel Corporation)
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1210640 2010-12-23] (Intel® Corporation)
HKLM\...\Run: [Dell Webcam Central] => C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [462993 2010-03-12] (Creative Technology Ltd)
HKLM\...\Run: [RemoteControl9] => C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM\...\Run: [PDVD9LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-04-29] (CyberLink Corp.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [RoxWatchTray] => C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM\...\Run: [Desktop Disc Tool] => C:\Program Files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM\...\Run: [NVHotkey] => rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [997920 2011-06-15] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-13] (AVAST Software)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
HKU\S-1-5-21-186684007-3129811665-3508793504-1001\...\Run: [Spotify Web Helper] => C:\Users\Owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-08-31] (Spotify Ltd)
AppInit_DLLs: C:\Windows\system32\nvinit.dll => C:\Windows\system32\nvinit.dll [192616 2011-02-03] (NVIDIA Corporation)
Lsa: [Authentication Packages] msv1_0 wvauth
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell System Manager.lnk
ShortcutTarget: Dell System Manager.lnk -> C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe (Dell Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software )
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: EnabledUnlockedFDEIconOverlay -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll (Wave Systems Corp.)
ShellIconOverlayIdentifiers: UninitializedFdeIconOverlay -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll (Wave Systems Corp.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/USREL/1
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USREL/1
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - DefaultScope {50C20C0A-6268-4881-BB31-15E7A841CF46} URL = 
SearchScopes: HKCU - {50C20C0A-6268-4881-BB31-15E7A841CF46} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> F61CB904DC673568A3DB67223C3F1DEC55C4AD053BF389B6184A7761B812092B
CHR StartupUrls: Default -> "hxxp://www.cnn.com/", "hxxp://theoldreader.com/", "hxxp://mcnugg3t.wordpress.com/", "hxxp://myfitnesspal.com/", "hxxp://www.nytimes.com/pages/travel/index.html", "hxxp://www.arestlesstransplant.com/"
CHR DefaultSearchKeyword: Default -> D7D449C447560AB15FEC316D60DA1E1CA6CE4BB2A06958196F992160B16461FD
CHR DefaultSearchProvider: Default -> EA8968B5F68D708DD985C98F04B5DDB9CFCFE76095BE818489448E1446BCAB2F
CHR CustomProfile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-24]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-24]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-24]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-24]
CHR Extension: (Adblock Plus) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-09-13]
CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-24]
CHR Extension: (Google Wallet) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-24]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-24]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-13] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1626800 2014-07-31] (Microsoft Corporation)
R2 Credential Vault Host Control Service; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [826272 2010-10-25] (Broadcom Corporation)
R2 Credential Vault Host Storage; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [32160 2010-10-25] (Broadcom Corporation)
R2 dcpsysmgrsvc; c:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe [388464 2011-01-20] (Dell Inc.)
R2 Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [110752 2010-09-22] (Intel Corporation)
R2 jhi_service; C:\Program Files\Intel\Services\IPT\jhi_service.exe [210896 2010-11-29] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736 2011-04-27] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [208944 2011-04-27] (Microsoft Corporation)
R2 nvUpdatusService; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2009704 2011-02-03] (NVIDIA Corporation)
R2 O2FLASH; C:\Windows\system32\DRIVERS\o2flash.exe [72296 2010-02-11] (O2Micro International)
R2 O2SDIOAssist; c:\Windows\system32\srvany.exe [8192 2003-04-18] () [File not signed]
S3 RoxMediaDB12OEM; C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [1116656 2010-11-25] (Sonic Solutions)
S2 RoxWatch12; C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [219632 2010-11-25] (Sonic Solutions)
S3 SecureStorageService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe [1477632 2010-11-03] (Wave Systems Corp.) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [262226 2010-12-07] (IDT, Inc.)
S2 tcsd_win32.exe; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1629696 2010-07-13] () [File not signed]
R2 TdmService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe [2336104 2010-10-16] (Wave Systems Corp.)
R2 ZcfgSvc7; C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe [577536 2010-12-23] (Intel® Corporation) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 Acceler; C:\Windows\System32\DRIVERS\Accelern.sys [43888 2010-12-13] (ST Microelectronics)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-09-13] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-09-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-09-13] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-09-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-09-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-09-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [71944 2014-09-13] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-09-13] ()
R3 BTWAMPFL; C:\Windows\System32\DRIVERS\btwampfl.sys [300584 2011-05-18] (Broadcom Corporation.)
R3 cvusbdrv; C:\Windows\System32\Drivers\cvusbdrv.sys [33832 2010-08-24] (Broadcom Corporation)
R3 e1cexpress; C:\Windows\System32\DRIVERS\e1c6232.sys [238760 2010-10-28] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-09-15] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)
R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [165648 2011-04-18] (Microsoft Corporation)
S3 MpNWMon; C:\Windows\System32\DRIVERS\MpNWMon.sys [43392 2011-04-18] (Microsoft Corporation)
S3 netvsc; C:\Windows\System32\DRIVERS\netvsc60.sys [126464 2010-11-20] (Microsoft Corporation)
R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwNs32.sys [7434240 2010-12-21] (Intel Corporation)
R0 nvpciflt; C:\Windows\System32\DRIVERS\nvpciflt.sys [20328 2011-02-03] (NVIDIA Corporation)
R3 O2MDFRDR; C:\Windows\System32\DRIVERS\O2MDFw7.sys [60904 2011-01-04] (O2Micro )
S3 O2MDRRDR; C:\Windows\system32\drivers\O2MDRw7.sys [62440 2011-01-04] (O2Micro )
R3 O2SDJRDR; C:\Windows\System32\DRIVERS\o2sdjw7.sys [63848 2011-01-04] (O2Micro )
R0 PBADRV; C:\Windows\System32\DRIVERS\PBADRV.sys [26608 2008-06-04] (Dell Inc)
R0 stdcfltn; C:\Windows\System32\DRIVERS\stdcfltn.sys [17648 2010-08-20] (ST Microelectronics)
S3 SynthVid; C:\Windows\System32\DRIVERS\VMBusVideoM.sys [19456 2010-11-20] (Microsoft Corporation)
S1 MpKslb96bfc47; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{56D4EAB1-ABF0-4531-AB67-958AF6077D00}\MpKslb96bfc47.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-15 22:26 - 2014-09-15 22:26 - 00000000 ____D () C:\Program Files\ESET
2014-09-15 22:25 - 2014-09-15 22:31 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-15 22:25 - 2014-09-15 22:25 - 02347384 _____ (ESET) C:\Users\Owner\Downloads\esetsmartinstaller_enu.exe
2014-09-15 22:25 - 2014-09-15 22:25 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-15 22:25 - 2014-09-15 22:25 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-14 16:37 - 2014-09-14 16:37 - 14317568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-14 16:37 - 2014-09-14 16:37 - 02046464 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 01766912 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-14 16:37 - 2014-09-14 16:37 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-09-14 16:37 - 2014-09-14 16:37 - 01129984 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00745472 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-14 16:37 - 2014-09-14 16:37 - 00719360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00629248 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-09-14 16:37 - 2014-09-14 16:37 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00242200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-09-14 16:37 - 2014-09-14 16:37 - 00138752 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-09-14 16:37 - 2014-09-14 16:37 - 00137216 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-14 16:37 - 2014-09-14 16:37 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-09-14 16:37 - 2014-09-14 16:37 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-09-14 16:37 - 2014-09-14 16:37 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-09-14 16:37 - 2014-09-14 16:37 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-14 16:37 - 2014-09-14 16:37 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-14 16:37 - 2014-09-14 16:37 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-14 16:36 - 2014-09-14 16:38 - 00006996 _____ () C:\Windows\IE10_main.log
2014-09-13 21:22 - 2014-09-14 16:04 - 00000000 ____D () C:\Users\Owner\Desktop\DDS
2014-09-13 21:21 - 2014-09-13 21:21 - 00026074 _____ () C:\Users\Owner\Desktop\dds.txt
2014-09-13 21:21 - 2014-09-13 21:21 - 00009912 _____ () C:\Users\Owner\Desktop\attach.txt
2014-09-13 21:10 - 2014-09-13 21:11 - 00167744 _____ () C:\Windows\Minidump\091314-47970-01.dmp
2014-09-13 21:10 - 2014-09-13 21:10 - 515021767 _____ () C:\Windows\MEMORY.DMP
2014-09-13 21:10 - 2014-09-13 21:10 - 00000000 ____D () C:\Windows\Minidump
2014-09-13 21:04 - 2014-09-13 21:04 - 00098956 _____ () C:\Users\Owner\Desktop\FRST.txt
2014-09-13 21:04 - 2014-09-13 21:04 - 00030219 _____ () C:\Users\Owner\Desktop\Addition.txt
2014-09-13 21:03 - 2014-09-15 21:25 - 00030834 _____ () C:\Users\Owner\Downloads\Addition.txt
2014-09-13 21:03 - 2014-09-13 21:03 - 00688992 ____R (Swearware) C:\Users\Owner\Downloads\dds.com
2014-09-13 21:01 - 2014-09-15 23:18 - 00021897 _____ () C:\Users\Owner\Downloads\FRST.txt
2014-09-13 21:01 - 2014-09-15 23:18 - 00000000 ____D () C:\FRST
2014-09-13 21:00 - 2014-09-13 21:00 - 01097728 _____ (Farbar) C:\Users\Owner\Downloads\FRST.exe
2014-09-13 20:24 - 2014-09-15 22:23 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-13 20:23 - 2014-09-13 20:23 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-13 20:23 - 2014-09-13 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-13 20:23 - 2014-09-13 20:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-13 20:23 - 2014-09-13 20:23 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-09-13 20:23 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-13 20:23 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-13 20:23 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-13 20:20 - 2014-09-13 20:22 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Owner\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-13 17:07 - 2014-09-13 17:07 - 00002121 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-09-13 17:07 - 2014-09-13 17:07 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\AVAST Software
2014-09-13 17:07 - 2014-09-13 17:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-13 17:06 - 2014-09-13 17:07 - 00414520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-09-13 17:06 - 2014-09-13 17:06 - 00779536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-09-13 17:06 - 2014-09-13 17:06 - 00276432 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-09-13 17:06 - 2014-09-13 17:06 - 00192352 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-09-13 17:06 - 2014-09-13 17:06 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-09-13 17:06 - 2014-09-13 17:06 - 00071944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-09-13 17:06 - 2014-09-13 17:06 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-09-13 17:06 - 2014-09-13 17:06 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-09-13 17:06 - 2014-09-13 17:06 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-13 17:06 - 2014-09-13 17:06 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-09-13 17:04 - 2014-09-13 17:04 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-13 17:02 - 2014-09-13 17:04 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-13 17:01 - 2014-09-13 17:01 - 04862664 _____ (AVAST Software) C:\Users\Owner\Downloads\avast_free_antivirus_setup_online.exe
2014-09-13 14:17 - 2014-09-13 14:17 - 00000000 ____D () C:\Windows\Sun
2014-09-10 12:15 - 2014-06-26 21:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 08:44 - 2014-09-04 21:52 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 08:44 - 2014-09-04 21:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-10 08:44 - 2014-08-01 07:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 08:44 - 2014-07-06 21:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 08:44 - 2014-07-06 21:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 08:44 - 2014-06-23 22:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-08 09:31 - 2014-09-08 09:31 - 00000000 ____D () C:\Users\Owner\Documents\NeocoreGames
2014-09-08 09:31 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-09-08 09:31 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-09-08 09:31 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-09-08 09:31 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-09-08 09:31 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-09-08 09:31 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-09-08 09:31 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-09-08 09:31 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-09-08 09:31 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-09-08 09:31 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-09-08 09:31 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-09-08 09:31 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-09-08 09:31 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-09-08 09:31 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-09-08 09:31 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-09-08 09:31 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-09-08 09:31 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-09-08 09:31 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-09-08 09:31 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-09-04 09:20 - 2014-09-04 09:20 - 00000000 ____D () C:\Users\Owner\Documents\Paradox Interactive
2014-09-02 18:58 - 2014-09-02 18:58 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2014-09-01 22:02 - 2014-09-01 22:02 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-09-01 22:02 - 2014-09-01 22:02 - 00000000 ____D () C:\Users\Owner\AppData\Local\Irrational Games
2014-09-01 22:01 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-09-01 22:01 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-09-01 22:01 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-09-01 22:01 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-09-01 22:01 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-09-01 22:01 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-09-01 22:01 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-09-01 22:01 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-09-01 22:01 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-09-01 22:01 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-09-01 22:01 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-09-01 22:01 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-09-01 22:01 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-09-01 22:01 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-09-01 22:01 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-09-01 22:01 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-09-01 22:01 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-09-01 22:01 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-09-01 22:01 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-09-01 22:01 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-09-01 16:25 - 2014-09-01 16:25 - 00000000 ____D () C:\Users\Owner\Documents\My Games
2014-09-01 16:20 - 2014-09-01 16:20 - 00000000 ____D () C:\Program Files\Microsoft XNA
2014-09-01 16:20 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-09-01 16:20 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-09-01 16:20 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-09-01 16:20 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-09-01 16:04 - 2014-09-01 16:04 - 00000000 __SHD () C:\Users\Owner\AppData\Local\EmieUserList
2014-09-01 16:04 - 2014-09-01 16:04 - 00000000 __SHD () C:\Users\Owner\AppData\Local\EmieSiteList
2014-08-31 21:15 - 2014-08-31 21:15 - 00091504 _____ () C:\Users\Owner\Desktop\Greyhound Ticket.aspx
2014-08-31 15:32 - 2014-09-15 23:18 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Spotify
2014-08-31 15:32 - 2014-09-15 22:48 - 00000000 ____D () C:\Users\Owner\AppData\Local\Spotify
2014-08-31 15:32 - 2014-08-31 15:32 - 00001769 _____ () C:\Users\Owner\Desktop\Spotify.lnk
2014-08-31 15:32 - 2014-08-31 15:32 - 00001755 _____ () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-08-31 15:31 - 2014-08-31 15:31 - 00136352 _____ (Spotify Ltd) C:\Users\Owner\Downloads\SpotifySetup.exe
2014-08-31 12:22 - 2014-09-13 13:43 - 00001817 _____ () C:\Users\Public\Desktop\ooVoo.lnk
2014-08-31 12:22 - 2014-09-13 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ooVoo
2014-08-31 12:22 - 2014-09-13 13:43 - 00000000 ____D () C:\Program Files\ooVoo
2014-08-31 12:22 - 2014-08-31 12:22 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\ooVoo Details
2014-08-31 12:20 - 2014-08-31 12:20 - 02387520 _____ (ooVoo LLC) C:\Users\Owner\Downloads\ooVooSetup.exe
2014-08-29 17:07 - 2014-08-29 17:07 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-08-29 16:54 - 2014-08-29 16:54 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-29 16:51 - 2014-08-29 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-08-29 16:47 - 2014-08-29 16:47 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-29 16:46 - 2014-08-29 16:46 - 01034928 _____ (Microsoft Corporation) C:\Users\Owner\Downloads\setupproplusretail.x86.en-us_TX_PR_act_1_.exe
2014-08-28 10:43 - 2014-09-02 08:58 - 00000000 ____D () C:\Users\Owner\Desktop\Education
2014-08-28 09:19 - 2014-09-12 22:03 - 00000000 ____D () C:\Program Files\Steam
2014-08-28 09:19 - 2014-09-04 08:46 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-08-28 09:19 - 2014-08-28 09:19 - 01141680 _____ () C:\Users\Owner\Downloads\SteamSetup.exe
2014-08-28 09:19 - 2014-08-28 09:19 - 00000923 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-08-28 09:19 - 2014-08-28 09:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-27 17:53 - 2014-08-22 21:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 17:53 - 2014-08-22 20:42 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-25 18:55 - 2014-02-03 22:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-08-25 18:55 - 2013-11-26 04:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-08-25 18:55 - 2013-11-23 14:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-08-25 18:55 - 2012-02-11 01:37 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-08-25 10:14 - 2014-08-25 10:14 - 00001509 _____ () C:\Users\Owner\Desktop\mb_warband - Shortcut.lnk
2014-08-25 09:26 - 2013-04-09 19:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-08-25 09:17 - 2014-09-10 12:07 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-25 03:17 - 2014-09-10 12:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-25 02:24 - 2012-07-25 23:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-08-25 02:24 - 2012-07-25 23:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-08-25 02:24 - 2012-07-25 23:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-08-25 02:24 - 2012-07-25 23:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-08-25 02:24 - 2012-07-25 23:20 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-08-25 02:24 - 2012-07-25 22:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-08-25 02:24 - 2012-07-25 22:32 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-08-25 02:24 - 2012-06-02 10:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-08-25 02:23 - 2014-06-30 18:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-25 02:23 - 2014-06-06 02:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-25 02:23 - 2014-03-09 17:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-25 02:23 - 2014-03-09 17:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-25 02:23 - 2012-03-01 01:46 - 00019824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-08-25 02:23 - 2012-03-01 01:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-08-25 02:14 - 2013-05-10 00:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-08-25 02:14 - 2013-05-10 00:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-08-25 02:08 - 2014-08-25 02:08 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-08-25 02:08 - 2014-08-25 02:08 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-08-25 02:08 - 2014-08-25 02:08 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-08-25 02:08 - 2014-08-25 02:08 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-08-25 02:08 - 2014-08-25 02:08 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-08-25 02:08 - 2014-08-25 02:08 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-08-25 02:08 - 2014-08-25 02:08 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-08-25 02:05 - 2014-08-25 02:10 - 00013347 _____ () C:\Windows\IE11_main.log
2014-08-24 22:05 - 2013-10-03 21:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-08-24 22:05 - 2013-10-03 21:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-08-24 22:05 - 2013-07-09 00:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-08-24 22:05 - 2013-07-04 07:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-08-24 22:05 - 2013-07-02 23:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-08-24 22:05 - 2013-07-02 23:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-08-24 22:05 - 2012-08-22 13:16 - 00712048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-08-24 22:05 - 2012-07-04 15:45 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-08-24 22:04 - 2014-07-13 21:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-24 22:04 - 2013-10-29 22:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-08-24 22:04 - 2013-02-11 23:32 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-08-24 22:04 - 2013-01-24 00:47 - 00196328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-08-24 22:04 - 2012-11-02 01:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-08-24 22:03 - 2014-06-15 21:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-24 22:03 - 2014-06-15 21:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-08-24 22:03 - 2014-06-15 21:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-24 22:03 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-08-24 22:03 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-08-24 22:03 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-08-24 22:03 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-08-24 22:03 - 2014-03-04 05:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-08-24 22:03 - 2014-03-04 05:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-08-24 22:03 - 2014-03-04 05:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-08-24 22:03 - 2014-03-04 05:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-08-24 22:03 - 2014-03-04 05:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-08-24 22:03 - 2014-03-04 05:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-08-24 22:03 - 2014-03-04 05:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-08-24 22:03 - 2014-03-04 05:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-08-24 22:03 - 2014-03-04 05:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-08-24 22:03 - 2014-03-04 05:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-08-24 22:03 - 2014-03-04 05:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-08-24 22:03 - 2013-12-31 19:05 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-08-24 22:03 - 2013-10-18 21:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-08-24 22:03 - 2013-10-11 22:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-08-24 22:03 - 2013-10-11 22:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-08-24 22:03 - 2013-10-11 21:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-08-24 22:03 - 2013-10-11 21:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-08-24 22:03 - 2013-05-09 23:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-08-24 22:03 - 2012-08-21 16:12 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2014-08-24 22:03 - 2012-07-06 15:23 - 00393728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-08-24 22:03 - 2012-04-27 23:17 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-08-24 22:03 - 2011-12-30 01:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-08-24 22:03 - 2011-04-27 23:15 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2014-08-24 22:03 - 2011-03-11 01:39 - 00143744 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-08-24 22:03 - 2011-03-11 01:39 - 00117120 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-08-24 22:03 - 2011-03-11 01:38 - 00332160 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-08-24 22:03 - 2011-03-11 01:38 - 00080256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-08-24 22:03 - 2011-03-11 01:38 - 00022400 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-08-24 22:03 - 2011-03-11 01:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-08-24 22:03 - 2011-03-11 01:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-08-24 22:03 - 2011-03-11 00:01 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-08-24 22:02 - 2014-07-15 22:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-24 22:02 - 2014-02-03 22:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-08-24 22:02 - 2014-02-03 22:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-08-24 22:02 - 2014-02-03 22:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-08-24 22:02 - 2014-02-03 22:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-08-24 22:02 - 2014-01-27 22:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-08-24 22:02 - 2013-08-27 20:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-08-24 22:02 - 2013-07-20 06:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-08-24 22:02 - 2013-06-06 00:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-08-24 22:02 - 2013-06-06 00:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-08-24 22:02 - 2013-06-06 00:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-08-24 22:02 - 2013-06-05 23:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-08-24 22:02 - 2013-06-05 23:01 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-08-24 22:02 - 2013-05-12 23:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-08-24 22:02 - 2013-05-12 23:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-08-24 22:02 - 2013-04-26 00:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-08-24 22:02 - 2013-03-18 23:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-08-24 22:02 - 2013-02-15 00:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-08-24 22:02 - 2013-02-15 00:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-08-24 22:02 - 2013-02-14 23:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-08-24 22:02 - 2012-10-03 12:42 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-08-24 22:02 - 2012-10-03 12:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-08-24 22:02 - 2012-10-03 12:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-08-24 22:02 - 2012-10-03 12:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-08-24 22:02 - 2012-10-03 12:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-08-24 22:02 - 2012-10-03 12:40 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-08-24 22:02 - 2012-10-03 11:21 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-08-24 22:02 - 2012-06-06 01:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-08-24 22:02 - 2011-11-19 10:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-08-24 22:01 - 2014-06-17 21:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-08-24 22:01 - 2014-06-06 05:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-08-24 22:01 - 2014-06-03 05:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-24 22:01 - 2014-06-03 05:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-24 22:01 - 2014-06-03 05:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-24 22:01 - 2014-06-03 05:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-24 22:01 - 2014-05-30 03:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-08-24 22:01 - 2014-05-30 03:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-08-24 22:01 - 2014-05-30 02:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-08-24 22:01 - 2014-04-04 22:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-08-24 22:01 - 2014-04-04 22:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-08-24 22:01 - 2014-01-23 22:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-08-24 22:01 - 2013-11-26 07:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-08-24 22:01 - 2013-10-03 21:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-08-24 22:01 - 2013-10-03 21:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-08-24 22:01 - 2013-07-25 04:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-08-24 22:01 - 2012-12-07 08:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-08-24 22:01 - 2012-12-07 08:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-08-24 22:01 - 2012-12-07 06:46 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-08-24 22:01 - 2012-12-07 06:46 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-08-24 22:01 - 2012-12-07 06:46 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-08-24 22:01 - 2012-12-07 06:46 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-08-24 22:01 - 2012-12-07 06:46 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-08-24 22:01 - 2012-12-07 06:46 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-08-24 22:01 - 2012-12-07 06:46 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-08-24 22:01 - 2012-12-07 06:46 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-08-24 22:01 - 2012-12-07 06:46 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-08-24 22:01 - 2012-12-07 06:46 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-08-24 22:01 - 2012-12-07 06:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-08-24 22:01 - 2012-12-07 06:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-08-24 22:01 - 2012-12-07 06:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-08-24 22:01 - 2012-12-07 06:46 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-08-24 22:01 - 2012-07-04 17:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-08-24 22:01 - 2012-07-04 17:14 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-08-24 22:01 - 2012-07-04 17:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-08-24 22:01 - 2012-05-05 03:46 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-08-24 22:01 - 2011-10-26 00:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-08-24 22:01 - 2011-10-26 00:32 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-08-24 22:01 - 2011-10-15 01:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-08-24 22:00 - 2014-05-30 03:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-08-24 22:00 - 2014-05-30 03:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-08-24 22:00 - 2014-05-30 03:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-08-24 22:00 - 2014-05-30 03:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-08-24 22:00 - 2013-10-11 22:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-08-24 22:00 - 2013-10-11 22:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-08-24 22:00 - 2013-10-11 22:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-08-24 22:00 - 2013-08-04 21:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-08-24 22:00 - 2013-07-25 21:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-08-24 22:00 - 2013-07-04 07:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-08-24 22:00 - 2013-07-04 07:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-08-24 22:00 - 2013-07-04 05:48 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-08-24 22:00 - 2012-09-25 18:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-08-24 22:00 - 2012-05-14 00:33 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-08-24 22:00 - 2012-05-01 00:44 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-08-24 22:00 - 2012-04-26 00:45 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-08-24 22:00 - 2012-04-26 00:45 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-08-24 22:00 - 2012-04-26 00:41 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-08-24 22:00 - 2012-03-17 03:27 - 00056176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-08-24 22:00 - 2012-01-04 04:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-08-24 22:00 - 2011-12-16 03:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-08-24 22:00 - 2011-11-17 01:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-08-24 21:59 - 2014-06-24 21:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-24 21:59 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-08-24 21:59 - 2014-04-11 22:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-08-24 21:59 - 2014-04-11 22:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-08-24 21:59 - 2014-04-11 22:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-08-24 21:59 - 2014-04-11 22:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-08-24 21:59 - 2014-04-11 22:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-08-24 21:59 - 2014-04-11 22:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-08-24 21:59 - 2014-03-04 05:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-08-24 21:59 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-08-24 21:59 - 2013-12-03 22:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-08-24 21:59 - 2013-12-03 22:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-08-24 21:59 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-08-24 21:59 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-08-24 21:59 - 2013-12-03 22:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-08-24 21:59 - 2013-12-03 21:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-08-24 21:59 - 2013-12-03 21:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-08-24 21:59 - 2013-12-03 21:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-08-24 21:59 - 2013-12-03 21:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-08-24 21:59 - 2013-11-26 21:19 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-08-24 21:59 - 2013-11-26 21:18 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-08-24 21:59 - 2013-11-26 21:18 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-08-24 21:59 - 2013-11-26 21:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-08-24 21:59 - 2013-11-26 21:18 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-08-24 21:59 - 2013-11-26 21:18 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-08-24 21:59 - 2013-11-26 21:18 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-08-24 21:59 - 2013-10-05 15:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-08-24 21:59 - 2013-08-01 21:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 20:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-08-24 21:59 - 2013-08-01 20:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 20:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 20:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-08-24 21:59 - 2013-08-01 20:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-08-24 21:59 - 2013-07-12 06:08 - 00146816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-08-24 21:59 - 2013-07-12 06:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-08-24 21:59 - 2013-07-09 00:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-08-24 21:59 - 2013-07-09 00:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-08-24 21:59 - 2013-07-04 08:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-08-24 21:59 - 2013-06-25 18:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-08-24 21:59 - 2013-06-14 23:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-08-24 21:59 - 2012-11-28 18:57 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-08-24 21:59 - 2012-11-28 18:57 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-08-24 21:59 - 2012-11-28 18:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-08-24 21:59 - 2012-10-09 13:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-08-24 21:59 - 2012-10-09 13:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-08-24 21:58 - 2013-02-27 00:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-08-24 21:46 - 2012-02-17 01:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-08-24 21:46 - 2012-02-17 00:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-08-24 21:43 - 2014-05-14 12:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-24 21:43 - 2014-05-14 12:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-24 21:43 - 2014-05-14 12:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-24 21:43 - 2014-05-14 12:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-24 21:43 - 2014-05-14 12:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-24 21:43 - 2014-05-14 12:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-24 21:43 - 2014-05-14 12:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-24 21:43 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-24 21:43 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-24 17:06 - 2014-08-24 17:06 - 00001198 _____ () C:\Users\Owner\Desktop\M&B WB.lnk
2014-08-24 17:05 - 2014-08-24 22:56 - 00000000 ____D () C:\Users\Owner\Documents\Mount&Blade Warband Savegames
2014-08-24 16:26 - 2014-08-24 16:31 - 306043563 _____ () C:\Users\Owner\Downloads\Silverstag_v023_basic-3693-0-23 (1).rar
2014-08-24 16:11 - 2014-09-10 09:44 - 00000000 ____D () C:\Users\Owner\Desktop\Personal
2014-08-24 15:58 - 2014-08-24 16:03 - 306043563 _____ () C:\Users\Owner\Downloads\Silverstag_v023_basic-3693-0-23.rar
2014-08-24 15:55 - 2014-08-24 15:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-08-24 15:55 - 2014-08-24 15:55 - 00000000 ____D () C:\Program Files\7-Zip
2014-08-24 15:52 - 2014-08-24 17:04 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Mount&Blade Warband
2014-08-24 15:35 - 2014-08-24 15:35 - 00001100 _____ () C:\Users\UpdatusUser\Desktop\Mount&Blade Warband.lnk
2014-08-24 15:35 - 2014-08-24 15:35 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mount&Blade Warband
2014-08-24 15:35 - 2014-08-24 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mount&Blade Warband
2014-08-24 15:35 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-08-24 15:35 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-08-24 15:35 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-08-24 15:34 - 2014-08-24 22:24 - 00000000 ____D () C:\Users\Owner\Documents\Mount&Blade Warband
2014-08-24 15:34 - 2014-08-24 17:03 - 00000000 ____D () C:\Program Files\Mount&Blade Warband
2014-08-24 15:25 - 2014-09-13 08:31 - 00002131 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-24 15:25 - 2014-08-24 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-24 15:24 - 2014-09-15 22:29 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-24 15:24 - 2014-09-15 22:23 - 00000880 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-24 15:24 - 2014-08-24 15:25 - 00000000 ____D () C:\Users\Owner\AppData\Local\Google
2014-08-24 15:24 - 2014-08-24 15:25 - 00000000 ____D () C:\Program Files\Google
2014-08-24 15:24 - 2014-08-24 15:24 - 00000000 ____D () C:\Users\Owner\AppData\Local\Deployment
2014-08-24 15:24 - 2014-08-24 15:24 - 00000000 ____D () C:\Users\Owner\AppData\Local\Apps\2.0
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-15 23:19 - 2014-09-13 21:01 - 00021897 _____ () C:\Users\Owner\Downloads\FRST.txt
2014-09-15 23:18 - 2014-09-13 21:01 - 00000000 ____D () C:\FRST
2014-09-15 23:18 - 2014-08-31 15:32 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Spotify
2014-09-15 22:48 - 2014-08-31 15:32 - 00000000 ____D () C:\Users\Owner\AppData\Local\Spotify
2014-09-15 22:31 - 2014-09-15 22:25 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-15 22:30 - 2009-07-14 00:34 - 00031312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-15 22:30 - 2009-07-14 00:34 - 00031312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-15 22:29 - 2014-08-24 15:24 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-15 22:27 - 2010-11-20 17:01 - 00785842 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-15 22:26 - 2014-09-15 22:26 - 00000000 ____D () C:\Program Files\ESET
2014-09-15 22:26 - 2011-05-18 13:47 - 01322784 _____ () C:\Windows\WindowsUpdate.log
2014-09-15 22:25 - 2014-09-15 22:25 - 02347384 _____ (ESET) C:\Users\Owner\Downloads\esetsmartinstaller_enu.exe
2014-09-15 22:25 - 2014-09-15 22:25 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-15 22:25 - 2014-09-15 22:25 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-15 22:23 - 2014-09-13 20:24 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-15 22:23 - 2014-08-24 15:24 - 00000880 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-15 22:23 - 2011-05-18 15:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-15 22:22 - 2010-11-20 17:48 - 00135848 _____ () C:\Windows\PFRO.log
2014-09-15 22:22 - 2009-07-14 00:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-15 22:22 - 2009-07-14 00:39 - 00054371 _____ () C:\Windows\setupact.log
2014-09-15 21:25 - 2014-09-13 21:03 - 00030834 _____ () C:\Users\Owner\Downloads\Addition.txt
2014-09-15 19:31 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\rescache
2014-09-15 18:20 - 2011-05-18 14:09 - 00000000 ____D () C:\ProgramData\Sonic
2014-09-14 16:38 - 2014-09-14 16:36 - 00006996 _____ () C:\Windows\IE10_main.log
2014-09-14 16:37 - 2014-09-14 16:37 - 14317568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-14 16:37 - 2014-09-14 16:37 - 02046464 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 01766912 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-14 16:37 - 2014-09-14 16:37 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-09-14 16:37 - 2014-09-14 16:37 - 01129984 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00745472 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-14 16:37 - 2014-09-14 16:37 - 00719360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00629248 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-09-14 16:37 - 2014-09-14 16:37 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00242200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-09-14 16:37 - 2014-09-14 16:37 - 00138752 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-09-14 16:37 - 2014-09-14 16:37 - 00137216 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-14 16:37 - 2014-09-14 16:37 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-09-14 16:37 - 2014-09-14 16:37 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-09-14 16:37 - 2014-09-14 16:37 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-09-14 16:37 - 2014-09-14 16:37 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-14 16:37 - 2014-09-14 16:37 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-09-14 16:37 - 2014-09-14 16:37 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-14 16:37 - 2014-09-14 16:37 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-14 16:04 - 2014-09-13 21:22 - 00000000 ____D () C:\Users\Owner\Desktop\DDS
2014-09-13 21:21 - 2014-09-13 21:21 - 00026074 _____ () C:\Users\Owner\Desktop\dds.txt
2014-09-13 21:21 - 2014-09-13 21:21 - 00009912 _____ () C:\Users\Owner\Desktop\attach.txt
2014-09-13 21:12 - 2011-06-16 13:44 - 00001415 _____ () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-13 21:11 - 2014-09-13 21:10 - 00167744 _____ () C:\Windows\Minidump\091314-47970-01.dmp
2014-09-13 21:10 - 2014-09-13 21:10 - 515021767 _____ () C:\Windows\MEMORY.DMP
2014-09-13 21:10 - 2014-09-13 21:10 - 00000000 ____D () C:\Windows\Minidump
2014-09-13 21:04 - 2014-09-13 21:04 - 00098956 _____ () C:\Users\Owner\Desktop\FRST.txt
2014-09-13 21:04 - 2014-09-13 21:04 - 00030219 _____ () C:\Users\Owner\Desktop\Addition.txt
2014-09-13 21:03 - 2014-09-13 21:03 - 00688992 ____R (Swearware) C:\Users\Owner\Downloads\dds.com
2014-09-13 21:00 - 2014-09-13 21:00 - 01097728 _____ (Farbar) C:\Users\Owner\Downloads\FRST.exe
2014-09-13 20:23 - 2014-09-13 20:23 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-13 20:23 - 2014-09-13 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-13 20:23 - 2014-09-13 20:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-13 20:23 - 2014-09-13 20:23 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-09-13 20:22 - 2014-09-13 20:20 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Owner\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-13 17:07 - 2014-09-13 17:07 - 00002121 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-09-13 17:07 - 2014-09-13 17:07 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\AVAST Software
2014-09-13 17:07 - 2014-09-13 17:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-13 17:07 - 2014-09-13 17:06 - 00414520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-09-13 17:06 - 2014-09-13 17:06 - 00779536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-09-13 17:06 - 2014-09-13 17:06 - 00276432 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-09-13 17:06 - 2014-09-13 17:06 - 00192352 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-09-13 17:06 - 2014-09-13 17:06 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-09-13 17:06 - 2014-09-13 17:06 - 00071944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-09-13 17:06 - 2014-09-13 17:06 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-09-13 17:06 - 2014-09-13 17:06 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-09-13 17:06 - 2014-09-13 17:06 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-13 17:06 - 2014-09-13 17:06 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-09-13 17:04 - 2014-09-13 17:04 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-13 17:04 - 2014-09-13 17:02 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-13 17:01 - 2014-09-13 17:01 - 04862664 _____ (AVAST Software) C:\Users\Owner\Downloads\avast_free_antivirus_setup_online.exe
2014-09-13 14:17 - 2014-09-13 14:17 - 00000000 ____D () C:\Windows\Sun
2014-09-13 13:43 - 2014-08-31 12:22 - 00001817 _____ () C:\Users\Public\Desktop\ooVoo.lnk
2014-09-13 13:43 - 2014-08-31 12:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ooVoo
2014-09-13 13:43 - 2014-08-31 12:22 - 00000000 ____D () C:\Program Files\ooVoo
2014-09-13 08:31 - 2014-08-24 15:25 - 00002131 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-12 22:03 - 2014-08-28 09:19 - 00000000 ____D () C:\Program Files\Steam
2014-09-10 20:53 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-10 12:15 - 2014-08-25 03:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 12:08 - 2011-06-24 09:29 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-10 12:07 - 2014-08-25 09:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 09:44 - 2014-08-24 16:11 - 00000000 ____D () C:\Users\Owner\Desktop\Personal
2014-09-08 09:31 - 2014-09-08 09:31 - 00000000 ____D () C:\Users\Owner\Documents\NeocoreGames
2014-09-04 21:52 - 2014-09-10 08:44 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-04 21:47 - 2014-09-10 08:44 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-04 09:20 - 2014-09-04 09:20 - 00000000 ____D () C:\Users\Owner\Documents\Paradox Interactive
2014-09-04 08:46 - 2014-08-28 09:19 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-09-02 18:58 - 2014-09-02 18:58 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2014-09-02 08:58 - 2014-08-28 10:43 - 00000000 ____D () C:\Users\Owner\Desktop\Education
2014-09-01 22:02 - 2014-09-01 22:02 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-09-01 22:02 - 2014-09-01 22:02 - 00000000 ____D () C:\Users\Owner\AppData\Local\Irrational Games
2014-09-01 16:25 - 2014-09-01 16:25 - 00000000 ____D () C:\Users\Owner\Documents\My Games
2014-09-01 16:20 - 2014-09-01 16:20 - 00000000 ____D () C:\Program Files\Microsoft XNA
2014-09-01 16:20 - 2009-07-13 22:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-09-01 16:04 - 2014-09-01 16:04 - 00000000 __SHD () C:\Users\Owner\AppData\Local\EmieUserList
2014-09-01 16:04 - 2014-09-01 16:04 - 00000000 __SHD () C:\Users\Owner\AppData\Local\EmieSiteList
2014-08-31 21:15 - 2014-08-31 21:15 - 00091504 _____ () C:\Users\Owner\Desktop\Greyhound Ticket.aspx
2014-08-31 19:56 - 2009-07-14 00:33 - 00478704 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-31 15:32 - 2014-08-31 15:32 - 00001769 _____ () C:\Users\Owner\Desktop\Spotify.lnk
2014-08-31 15:32 - 2014-08-31 15:32 - 00001755 _____ () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-08-31 15:31 - 2014-08-31 15:31 - 00136352 _____ (Spotify Ltd) C:\Users\Owner\Downloads\SpotifySetup.exe
2014-08-31 12:23 - 2011-06-16 13:45 - 00127408 _____ () C:\Users\Owner\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-31 12:22 - 2014-08-31 12:22 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\ooVoo Details
2014-08-31 12:20 - 2014-08-31 12:20 - 02387520 _____ (ooVoo LLC) C:\Users\Owner\Downloads\ooVooSetup.exe
2014-08-29 17:07 - 2014-08-29 17:07 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-08-29 17:07 - 2011-02-10 12:09 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-08-29 16:57 - 2014-08-29 16:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-08-29 16:54 - 2014-08-29 16:54 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-29 16:47 - 2014-08-29 16:47 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-29 16:46 - 2014-08-29 16:46 - 01034928 _____ (Microsoft Corporation) C:\Users\Owner\Downloads\setupproplusretail.x86.en-us_TX_PR_act_1_.exe
2014-08-28 09:19 - 2014-08-28 09:19 - 01141680 _____ () C:\Users\Owner\Downloads\SteamSetup.exe
2014-08-28 09:19 - 2014-08-28 09:19 - 00000923 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-08-28 09:19 - 2014-08-28 09:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-25 10:14 - 2014-08-25 10:14 - 00001509 _____ () C:\Users\Owner\Desktop\mb_warband - Shortcut.lnk
2014-08-25 09:17 - 2010-11-20 20:47 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-25 09:17 - 2009-07-14 00:52 - 00000000 ____D () C:\Program Files\Windows Defender
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\zh-TW
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\zh-CN
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\sv-SE
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\ru-RU
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\pt-PT
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\pt-BR
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\pl-PL
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\nl-NL
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\nb-NO
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\ko-KR
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\ja-JP
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\it-IT
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\hu-HU
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\fr-FR
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\fi-FI
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\el-GR
2014-08-25 09:17 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-08-25 09:15 - 2011-05-18 14:03 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-25 02:18 - 2011-05-18 14:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-25 02:10 - 2014-08-25 02:05 - 00013347 _____ () C:\Windows\IE11_main.log
2014-08-25 02:08 - 2014-08-25 02:08 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-08-25 02:08 - 2014-08-25 02:08 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-08-25 02:08 - 2014-08-25 02:08 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-08-25 02:08 - 2014-08-25 02:08 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-08-25 02:08 - 2014-08-25 02:08 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-08-25 02:08 - 2014-08-25 02:08 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-08-25 02:08 - 2014-08-25 02:08 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-08-25 02:06 - 2014-08-25 02:06 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-08-24 22:56 - 2014-08-24 17:05 - 00000000 ____D () C:\Users\Owner\Documents\Mount&Blade Warband Savegames
2014-08-24 22:24 - 2014-08-24 15:34 - 00000000 ____D () C:\Users\Owner\Documents\Mount&Blade Warband
2014-08-24 21:41 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-08-24 17:06 - 2014-08-24 17:06 - 00001198 _____ () C:\Users\Owner\Desktop\M&B WB.lnk
2014-08-24 17:04 - 2014-08-24 15:52 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Mount&Blade Warband
2014-08-24 17:03 - 2014-08-24 15:34 - 00000000 ____D () C:\Program Files\Mount&Blade Warband
2014-08-24 16:31 - 2014-08-24 16:26 - 306043563 _____ () C:\Users\Owner\Downloads\Silverstag_v023_basic-3693-0-23 (1).rar
2014-08-24 16:03 - 2014-08-24 15:58 - 306043563 _____ () C:\Users\Owner\Downloads\Silverstag_v023_basic-3693-0-23.rar
2014-08-24 15:59 - 2011-06-16 13:43 - 00000000 ____D () C:\Users\Owner\AppData\Local\VirtualStore
2014-08-24 15:55 - 2014-08-24 15:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-08-24 15:55 - 2014-08-24 15:55 - 00000000 ____D () C:\Program Files\7-Zip
2014-08-24 15:35 - 2014-08-24 15:35 - 00001100 _____ () C:\Users\UpdatusUser\Desktop\Mount&Blade Warband.lnk
2014-08-24 15:35 - 2014-08-24 15:35 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mount&Blade Warband
2014-08-24 15:35 - 2014-08-24 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mount&Blade Warband
2014-08-24 15:25 - 2014-08-24 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-24 15:25 - 2014-08-24 15:24 - 00000000 ____D () C:\Users\Owner\AppData\Local\Google
2014-08-24 15:25 - 2014-08-24 15:24 - 00000000 ____D () C:\Program Files\Google
2014-08-24 15:24 - 2014-08-24 15:24 - 00000000 ____D () C:\Users\Owner\AppData\Local\Deployment
2014-08-24 15:24 - 2014-08-24 15:24 - 00000000 ____D () C:\Users\Owner\AppData\Local\Apps\2.0
2014-08-22 21:46 - 2014-08-27 17:53 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-22 20:42 - 2014-08-27 17:53 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 12:03 - 2009-07-13 22:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-15 19:06
 
==================== End Of Log ============================


#6 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:55 AM

Posted 16 September 2014 - 07:06 AM

Very good.

That's it! Your logs look clean to me at the moment.
We're gonna clean up everything now, close security holes on your computer and in the end I'll provide you with a list of security tips so you hopefully will not need our help anymore in the future.


My help is free for everybody.
If you want to support me fighting against malware or buy me a beer for the assistance you received, then you can consider a donation: btn_donate_SM.gif.
Thank you!



Clean Up

Now we remove all the tools we used (including their logs and quarantine folders), restore your settings and delete old and infected system restorepoints:
  • You can uninstall programs that you had to install (e.g. MBAM or ESET Onlinescanner) in the control panel if you so wish.
  • Download DelFix (by Xplode) and save it to your Desktop.
    • Close all running programs and start delfix.exe.
    • Make sure that all available options are checked.
    • Click on Run
    • DelFix should remove all our tools and delete itself afterwards. I don't need the log file.
  • If there is still something left you can delete it manually.


Closing security holes

Many infections happen via drive-by downloads that run unnoticed in the background while the user visits an infected website. To achieve this malware exploits security holes in installed software (e.g. browser or its plugins). Older versions of such software often have lots of known exploitable holes. Therefore it's very important to always keep your software up-to-date.
The following software is outdated. Make sure you remove all old versions and install the current one instead if you need the program:

Internet Explorer Version 10
Adobe Flash Player 10 ActiveX
Java™ 6 Update 29

Also: Go to Control Panel and open Windows Updates. Install all available updates and repeat this step until no more updates are provided. Make sure that Automatic Updates are enabled.



Tips

I recommend to read and follow the "16 simple and easy ways to keep your computer safe and secure on the Internet" (Link) by Lawrence Abrams.

#7 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:55 AM

Posted 29 September 2014 - 09:09 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users