Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus/Trojan and Browser Hijack


  • This topic is locked This topic is locked
10 replies to this topic

#1 mbrandau2018

mbrandau2018

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:19 AM

Posted 21 September 2014 - 07:00 PM

Seems I have many issues.  Currently I run the Panda free 2015 version.  Before that was really nothing because my processor is only 1.9 GHz and too slow to run what I already have, ZoneAlarm Internet Security.  Anyway, here is my HJT log:

 

FYI, I have a ROKU so there is a Playon, Plex installed and I have a blackberry.

 

 

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 7:59:08 PM, on 9/21/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17278)
 
 
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
C:\Users\mbrandau\AppData\Roaming\Idhuak\xaylazx.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
C:\Users\mbrandau\Downloads\HijackThis.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\mbrandau\AppData\Roaming\Idhuak\xaylazx.exe
C:\Users\mbrandau\AppData\Roaming\Idhuak\xaylazx.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
C:\WINDOWS\sysWow64\SearchProtocolHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\mbrandau\AppData\Roaming\Idhuak\xaylazx.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=C:\WINDOWS\SysWOW64\userinit.exe,
O1 - Hosts: ::1 localhost
O1 - Hosts: 5.45.78.80 www.google-analytics.com.
O1 - Hosts: 5.45.78.80 google-analytics.com.
O1 - Hosts: 5.45.78.80 connect.facebook.net.
O1 - Hosts: 188.40.62.184 www.google-analytics.com.
O1 - Hosts: 188.40.62.184 google-analytics.com.
O1 - Hosts: 188.40.62.184 connect.facebook.net.
O2 - BHO: Dell Toolbar - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: PlayOn - {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} - C:\Program Files (x86)\MediaMall\toolbar\pobho.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Dell Toolbar - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll
O3 - Toolbar: PlayOn - {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} - C:\Program Files (x86)\MediaMall\toolbar\pobho.dll
O4 - HKLM\..\Run: [PeachtreePrefetcher.exe] C:\Program Files (x86)\Sage\Peachtree\PeachtreePrefetcher.exe /configfile:peachtreeprefetcher.winstart.config
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [RIM PeerManager] "C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [Hide ALL IP] "C:\Program Files (x86)\Hide ALL IP\HideAllIP.exe"
O4 - HKCU\..\Run: [Ofics] C:\Windows\SysWOW64\regsvr32.exe C:\Users\mbrandau\AppData\Local\URXmedia\HuaweiIde90.dll
O4 - HKCU\..\Run: [Plex Media Server] "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"
O4 - HKCU\..\Run: [URXmedia] C:\Users\mbrandau\AppData\Local\URXmedia\tmp1BE4.exe
O4 - HKCU\..\Run: [Idzarylygi] C:\Users\mbrandau\AppData\Roaming\Idhuak\xaylazx.exe
O4 - HKCU\..\Run: [DellSystemDetect] C:\Users\mbrandau\AppData\Local\Apps\2.0\WPHLOW7R.VWE\HOREYTK3.DWD\dell..tion_0f612f649c4a10af_0005.000a_17ece8424e43daec\DellSystemDetect.exe
O4 - Startup: Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk = ?
O4 - Startup: resmon.lnk = ?
O4 - Startup: WSManHTTPConfig.lnk = ?
O8 - Extra context menu item: Customize Menu - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html
O8 - Extra context menu item: PlayOn - file://C:\Program Files (x86)\MediaMall\toolbar\MenuLoad.htm
O8 - Extra context menu item: Save Forms - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Show RoboForm Toolbar - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: PlayOn - {936CEA21-9A68-46D9-A31B-1173A976D896} - C:\Program Files (x86)\MediaMall\toolbar\pobho.dll
O9 - Extra 'Tools' menuitem: PlayOn - {936CEA21-9A68-46D9-A31B-1173A976D896} - C:\Program Files (x86)\MediaMall\toolbar\pobho.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\networkdlllsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\networkdlllsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\networkdlllsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\networkdlllsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\networkdlllsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\networkdlllsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\networkdlllsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\networkdlllsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{04FD9815-B92F-4495-AA4E-8D0EBF7A78C3}: NameServer = 8.8.8.8,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{15D2E35A-6E5C-4F8B-A57B-BA7BC4E0F1DD}: NameServer = 8.8.8.8,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{765C4556-98AB-4D9E-B7E9-DCA1838B29BE}: NameServer = 8.8.8.8,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{82B8064D-4CE7-478F-BC48-D7C128374746}: NameServer = 8.8.8.8,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{8718928D-CBEB-45EA-A621-800A9249001D}: NameServer = 8.8.8.8,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{980883E0-6428-47E9-B04D-4A94D5C89A1F}: NameServer = 8.8.8.8,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{E1524FD5-30FE-4606-86C9-A7AC0BD7A13D}: NameServer = 8.8.8.8,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{E740BF0F-02A0-48A4-BFC8-B51594D14531}: NameServer = 8.8.8.8,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{F54BF96C-D26B-4F4B-A7F1-B6337DA2B57B}: NameServer = 8.8.8.8,8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{04FD9815-B92F-4495-AA4E-8D0EBF7A78C3}: NameServer = 8.8.8.8,8.8.8.8
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: BlackBerry Device Manager - BlackBerry Limited - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HideIPLaucherService - www.hideallip.com - C:\Program Files (x86)\Hide ALL IP\LauncherService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel® HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: MediaMall Server - MediaMall Technologies, Inc. - C:\Program Files (x86)\MediaMall\MediaMallServer.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Panda Free Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Panda Devices Agent (PandaAgent) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
O23 - Service: Pervasive PSQL Workgroup Engine (psqlWGE) - Pervasive Software Inc. - C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe
O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
O23 - Service: RIM MDNS - Apple Inc. - C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
O23 - Service: BlackBerry Link Communication Manager (RIM Tunnel Service) - Research In Motion Limited - C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: Sage 50 SmartPosting 2014 - Sage Software, Inc. - C:\Program Files (x86)\Sage\Peachtree\SmartPostingService2014.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Unknown owner - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
 
--
End of file - 16456 bytes
 


BC AdBot (Login to Remove)

 


#2 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 PM

Posted 21 September 2014 - 07:14 PM

Hi,

yes this computer is infected..
Please run a FRST scan:


Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.


#3 mbrandau2018

mbrandau2018
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:19 AM

Posted 21 September 2014 - 07:59 PM

FRST:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2014 01
Ran by mbrandau (administrator) on LAPTOP on 21-09-2014 20:43:20
Running from C:\Users\mbrandau\Downloads
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(www.hideallip.com) C:\Program Files (x86)\Hide ALL IP\LauncherService.exe
(MediaMall Technologies, Inc.) C:\Program Files (x86)\MediaMall\MediaMallServer.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Pervasive Software Inc.) C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(www.hideallip.com) C:\Program Files (x86)\Hide ALL IP\HideALLIP.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
() C:\Program Files (x86)\Hide ALL IP\networktunnelx64helper.exe
(Binary Fortress Software) C:\Users\mbrandau\AppData\Roaming\Idhuak\xaylazx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
() C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
() C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Binary Fortress Software) C:\Users\mbrandau\AppData\Roaming\Idhuak\xaylazx.exe
(Binary Fortress Software) C:\Users\mbrandau\AppData\Roaming\Idhuak\xaylazx.exe
(Binary Fortress Software) C:\Users\mbrandau\AppData\Roaming\Idhuak\xaylazx.exe
(Binary Fortress Software) C:\Users\mbrandau\AppData\Roaming\Idhuak\xaylazx.exe
(Binary Fortress Software) C:\Users\mbrandau\AppData\Roaming\Idhuak\xaylazx.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6846096 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1253520 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2796272 2013-11-22] (Synaptics Incorporated)
HKLM\...\Run: [CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}] => "C:\ProgramData\cis1CC3.exe" --PostUninstall {81EFDD93-DBBE-415B-BE6E-49B9664E3E82}
HKLM-x32\...\Run: [PeachtreePrefetcher.exe] => C:\Program Files (x86)\Sage\Peachtree\PeachtreePrefetcher.exe [320816 2013-11-07] (Sage Software, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-28] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2014-03-18] (BlackBerry Limited)
HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4494848 2014-06-23] (Research In Motion Limited)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-07-24] (Panda Security, S.L.)
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\SysWOW64\userinit.exe,
HKU\S-1-5-21-717003261-2532330135-182091199-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [247728 2012-04-20] (TomTom)
HKU\S-1-5-21-717003261-2532330135-182091199-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [111320 2014-08-20] (Siber Systems)
HKU\S-1-5-21-717003261-2532330135-182091199-1001\...\Run: [Hide ALL IP] => C:\Program Files (x86)\Hide ALL IP\HideAllIP.exe [3612016 2014-09-20] (www.hideallip.com)
HKU\S-1-5-21-717003261-2532330135-182091199-1001\...\Run: [Ofics] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\mbrandau\AppData\Local\URXmedia\HuaweiIde90.dll
HKU\S-1-5-21-717003261-2532330135-182091199-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [4525192 2014-08-01] (Plex, Inc.)
HKU\S-1-5-21-717003261-2532330135-182091199-1001\...\Run: [URXmedia] => C:\Users\mbrandau\AppData\Local\URXmedia\tmp1BE4.exe [135168 2014-09-19] (Audacity Team )
HKU\S-1-5-21-717003261-2532330135-182091199-1001\...\Run: [Idzarylygi] => C:\Users\mbrandau\AppData\Roaming\Idhuak\xaylazx.exe [344576 2014-09-21] (Binary Fortress Software)
HKU\S-1-5-21-717003261-2532330135-182091199-1001\...\Run: [DellSystemDetect] => C:\Users\mbrandau\AppData\Local\Apps\2.0\WPHLOW7R.VWE\HOREYTK3.DWD\dell..tion_0f612f649c4a10af_0005.000a_17ece8424e43daec\DellSystemDetect.exe [265280 2014-08-31] (Dell)
HKU\S-1-5-21-717003261-2532330135-182091199-1001\...\Policies\Explorer: [Run] "C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\IEUpdate\chkdsk.exe"
HKU\S-1-5-21-717003261-2532330135-182091199-1001\...\MountPoints2: {629906d4-0f9a-11e4-be83-bc855606bc5c} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL E:\start.exe
HKU\S-1-5-21-717003261-2532330135-182091199-1001\...\Command Processor: "C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\IEUpdate\WSManHTTPConfig.exe" <===== ATTENTION!
Startup: C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk
ShortcutTarget: Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\resmon.lnk
ShortcutTarget: resmon.lnk -> C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\IEUpdate\resmon.exe (No File)
Startup: C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WSManHTTPConfig.lnk
ShortcutTarget: WSManHTTPConfig.lnk -> C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\IEUpdate\WSManHTTPConfig.exe (No File)
ShellIconOverlayIdentifiers: 1SecureIconsProvider -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll ()
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7E6823CADA73CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
SearchScopes: HKCU - DefaultScope {5599DFD8-782B-43F7-80FA-E25816AE4E22} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=599486&p={searchTerms}
SearchScopes: HKCU - {5599DFD8-782B-43F7-80FA-E25816AE4E22} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=599486&p={searchTerms}
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: PlayOn -> {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} -> C:\Program Files (x86)\MediaMall\toolbar\pobho64.dll (MediaMall Technologies, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Dell Toolbar -> {09B71986-2AC5-482d-B6CB-42EA34F4F85B} -> C:\Program Files\Dell Printable Web\toolband.dll ()
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: PlayOn -> {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} -> C:\Program Files (x86)\MediaMall\toolbar\pobho.dll (MediaMall Technologies, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
Toolbar: HKLM - PlayOn - {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} - C:\Program Files (x86)\MediaMall\toolbar\pobho64.dll (MediaMall Technologies, Inc.)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKLM-x32 - Dell Toolbar - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll ()
Toolbar: HKLM-x32 - PlayOn - {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} - C:\Program Files (x86)\MediaMall\toolbar\pobho.dll (MediaMall Technologies, Inc.)
Toolbar: HKCU - &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
Winsock: Catalog5 05 C:\WINDOWS\SysWOW64\networkdlllsp.dll [428400] (Network Tunnel Lab)
Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\networkdlllsp.dll [428400] (Network Tunnel Lab)
Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\networkdlllsp.dll [428400] (Network Tunnel Lab)
Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\networkdlllsp.dll [428400] (Network Tunnel Lab)
Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\networkdlllsp.dll [428400] (Network Tunnel Lab)
Winsock: Catalog9 05 C:\WINDOWS\SysWOW64\networkdlllsp.dll [428400] (Network Tunnel Lab)
Winsock: Catalog9 06 C:\WINDOWS\SysWOW64\networkdlllsp.dll [428400] (Network Tunnel Lab)
Winsock: Catalog9 07 C:\WINDOWS\SysWOW64\networkdlllsp.dll [428400] (Network Tunnel Lab)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{04FD9815-B92F-4495-AA4E-8D0EBF7A78C3}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{15D2E35A-6E5C-4F8B-A57B-BA7BC4E0F1DD}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{765C4556-98AB-4D9E-B7E9-DCA1838B29BE}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{82B8064D-4CE7-478F-BC48-D7C128374746}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{980883E0-6428-47E9-B04D-4A94D5C89A1F}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{E1524FD5-30FE-4606-86C9-A7AC0BD7A13D}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{E740BF0F-02A0-48A4-BFC8-B51594D14531}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{F54BF96C-D26B-4F4B-A7F1-B6337DA2B57B}: [NameServer] 8.8.8.8,8.8.8.8
 
FireFox:
========
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @playon.tv/PlayOnToolbar -> C:\Program Files (x86)\MediaMall\toolbar\npVT.dll (MediaMall Technologies, Inc.)
FF Plugin-x32: @rim.com/npappworld -> C:\Program Files (x86)\Research In Motion Limited\BlackBerry World Browser Plugin\npappworld.dll ()
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
 
Chrome: 
=======
CHR Profile: C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Printer Extension Manager Class) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-09-13]
CHR Extension: (Google Docs) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-19]
CHR Extension: (Google Drive) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-19]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-26]
CHR Extension: (YouTube) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-19]
CHR Extension: (Google Search) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-19]
CHR Extension: (High Contrast) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcfdncoelnlbldjfhinnjlhdjlikmph [2014-05-19]
CHR Extension: (AdBlock) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-19]
CHR Extension: (Open SEO Stats(Formerly: PageRank Status)) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdkkfheckcdppiaiabobmennhijkknn [2014-05-19]
CHR Extension: (PlayOn) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\lggaaajacmlhgbpldaboipiinndchjgm [2014-09-17]
CHR Extension: (Google Wallet) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-19]
CHR Extension: (Gmail) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-19]
CHR Extension: (RoboForm) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2014-05-20]
CHR Extension: (Space Planet) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppcocpoeoiajndepaaimnnglicichmbb [2014-05-19]
CHR HKLM-x32\...\Chrome\Extension: [lggaaajacmlhgbpldaboipiinndchjgm] - C:\Program Files (x86)\MediaMall\toolbar\ce.crx [2014-06-13]
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-05-20]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2014-03-18] (BlackBerry Limited) [File not signed]
R2 HideIPLaucherService; C:\Program Files (x86)\Hide ALL IP\LauncherService.exe [489328 2014-01-24] (www.hideallip.com)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-06-05] (Microsoft Corporation)
R2 MediaMall Server; C:\Program Files (x86)\MediaMall\MediaMallServer.exe [5813040 2014-09-09] (MediaMall Technologies, Inc.)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [141560 2014-07-24] (Panda Security, S.L.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-06-05] (Microsoft Corporation)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [61688 2014-07-23] (Panda Security, S.L.)
R2 psqlWGE; C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe [436040 2013-01-08] (Pervasive Software Inc.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-07-24] (Panda Security, S.L.)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2014-06-23] (Apple Inc.) [File not signed]
S2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1325568 2014-06-23] (Research In Motion Limited) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201872 2012-11-23] (Realtek Semiconductor)
S3 Sage 50 SmartPosting 2014; C:\Program Files (x86)\Sage\Peachtree\SmartPostingService2014.exe [335664 2013-11-07] (Sage Software, Inc.)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-06-05] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-06-05] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2012-12-26] (Atheros)
S2 ZAPrivacyService; "C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 msvad_simple; C:\Windows\system32\drivers\povrtdev.sys [28528 2013-12-17] (MediaMall Technologies, Inc.)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [47360 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [160800 2014-07-24] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [120352 2014-07-24] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [106016 2014-07-24] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [60400 2014-03-25] (Panda Security, S.L.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-12-02] (BlackBerry Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-06-23] (Research in Motion Limited)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2013-11-22] (Synaptics Incorporated)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-06-05] (Microsoft Corporation)
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-21 20:43 - 2014-09-21 20:43 - 00025658 _____ () C:\Users\mbrandau\Downloads\FRST.txt
2014-09-21 20:42 - 2014-09-21 20:43 - 00000000 ____D () C:\FRST
2014-09-21 20:42 - 2014-09-21 20:42 - 02105856 _____ (Farbar) C:\Users\mbrandau\Downloads\FRST64.exe
2014-09-21 19:59 - 2014-09-21 19:59 - 00016458 _____ () C:\Users\mbrandau\Desktop\hijackthis 9.21.14
2014-09-21 19:45 - 2014-09-21 19:45 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-717003261-2532330135-182091199-1001
2014-09-20 19:32 - 2014-09-21 19:31 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\Idhuak
2014-09-19 22:01 - 2014-09-19 22:01 - 00001526 _____ () C:\Users\mbrandau\Desktop\HijackThis - Shortcut.lnk
2014-09-19 21:59 - 2014-09-19 21:59 - 00388608 _____ (Trend Micro Inc.) C:\Users\mbrandau\Downloads\HijackThis.exe
2014-09-19 21:50 - 2014-03-25 09:15 - 00060400 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2014-09-19 21:49 - 2014-09-19 21:49 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\Panda Security
2014-09-19 21:49 - 2014-09-19 21:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
2014-09-19 21:49 - 2014-09-19 21:49 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-09-19 21:47 - 2014-09-19 21:49 - 00000000 ____D () C:\ProgramData\Panda Security
2014-09-19 21:46 - 2014-09-19 21:46 - 01329312 _____ () C:\Users\mbrandau\Downloads\PANDAFREEAV.exe
2014-09-17 23:18 - 2014-09-18 19:01 - 00039820 _____ () C:\WINDOWS\system32\Drivers\fvstore.dat
2014-09-17 23:18 - 2014-09-17 23:18 - 00000000 ___HD () C:\VTRoot
2014-09-17 22:27 - 2014-09-19 21:38 - 01474832 _____ () C:\WINDOWS\system32\Drivers\sfi.dat
2014-09-17 22:26 - 2014-09-17 22:27 - 00000000 ____D () C:\Program Files\COMODO
2014-09-17 22:26 - 2014-09-17 22:26 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-09-17 22:22 - 2014-09-17 22:27 - 00000000 ____D () C:\ProgramData\Comodo
2014-09-17 22:20 - 2014-09-17 22:21 - 230403216 _____ (COMODO) C:\Users\mbrandau\Downloads\cispremium_installer_5997_92.exe
2014-09-17 21:47 - 2014-09-17 21:47 - 00008136 _____ () C:\Users\mbrandau\Downloads\FirstRow (1).lua
2014-09-17 21:10 - 2014-09-17 21:10 - 00008136 _____ () C:\Users\mbrandau\Downloads\FirstRow.lua
2014-09-17 20:57 - 2014-09-17 20:59 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\vlc
2014-09-17 20:57 - 2014-09-17 20:57 - 00001084 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-17 20:57 - 2014-09-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-17 20:57 - 2014-09-17 20:57 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-09-17 20:56 - 2014-09-17 20:56 - 24743106 _____ () C:\Users\mbrandau\Downloads\vlc-2.1.5-win32.exe
2014-09-17 20:52 - 2014-09-17 20:53 - 40614608 _____ () C:\Users\mbrandau\Downloads\vlc-2.1.5-win32.zip
2014-09-17 20:49 - 2014-09-17 20:50 - 67610856 _____ (MediaMall Technologies, Inc. ) C:\Users\mbrandau\Downloads\MyMediaSetup.3.10.3.exe
2014-09-17 20:44 - 2014-09-17 20:44 - 02647688 _____ (MediaMall Technologies, Inc.) C:\Users\mbrandau\Downloads\PlayLaterSetup.1.6.3.exe
2014-09-17 20:44 - 2014-09-17 20:44 - 00000983 _____ () C:\Users\Public\Desktop\PlayLater.lnk
2014-09-17 20:44 - 2014-09-17 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayLater
2014-09-17 20:31 - 2014-09-17 20:31 - 00002067 _____ () C:\Users\Public\Desktop\PlayOn.lnk
2014-09-17 20:31 - 2014-09-17 20:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayOn
2014-09-17 20:29 - 2014-09-21 19:33 - 00000000 ____D () C:\ProgramData\MediaMall
2014-09-17 20:29 - 2014-09-17 20:50 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2014-09-17 20:29 - 2014-09-17 20:44 - 00000000 ____D () C:\Program Files (x86)\MediaMall
2014-09-17 20:27 - 2014-09-17 20:28 - 67409128 _____ (MediaMall Technologies, Inc. ) C:\Users\mbrandau\Downloads\PlayOnSetup.3.10.3.exe
2014-09-16 21:59 - 2014-09-21 19:38 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-09-16 21:59 - 2014-09-16 22:00 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\Plex Media Server
2014-09-16 21:59 - 2014-09-16 21:59 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\Apple Computer
2014-09-16 21:59 - 2014-09-16 21:59 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\Apple Computer
2014-09-16 21:59 - 2014-09-16 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2014-09-16 21:58 - 2014-09-16 21:58 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-16 21:58 - 2014-09-16 21:58 - 00000000 ____D () C:\Program Files (x86)\Plex
2014-09-16 21:57 - 2014-09-16 21:57 - 62222680 _____ (Plex, Inc.) C:\Users\mbrandau\Downloads\Plex-Media-Server-0.9.914.531-7eef8c6-en-US (1).exe
2014-09-16 21:56 - 2014-09-16 21:56 - 62222680 _____ (Plex, Inc.) C:\Users\mbrandau\Downloads\Plex-Media-Server-0.9.914.531-7eef8c6-en-US.exe
2014-09-16 21:15 - 2014-09-16 21:15 - 00000029 _____ () C:\Users\mbrandau\Desktop\Wireless Router Info.txt
2014-09-16 18:22 - 2014-09-16 18:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-16 18:21 - 2014-09-16 18:21 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\mbrandau\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-15 19:49 - 2014-07-05 22:04 - 00428400 _____ (Network Tunnel Lab) C:\WINDOWS\SysWOW64\networkdlllsp.dll
2014-09-15 19:48 - 2014-09-20 07:11 - 00000000 ____D () C:\Program Files (x86)\Hide ALL IP
2014-09-15 19:48 - 2014-09-15 19:48 - 04061768 _____ (www.hideallip.com ) C:\Users\mbrandau\Desktop\hideallipsetup.exe
2014-09-15 19:48 - 2014-09-15 19:48 - 00001047 _____ () C:\Users\Public\Desktop\Hide ALL IP.lnk
2014-09-15 19:48 - 2014-09-15 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hide ALL IP
2014-09-15 18:53 - 2014-08-23 03:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-09-15 18:53 - 2014-08-23 00:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-09-15 18:53 - 2014-07-29 21:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-09-15 18:53 - 2014-07-29 01:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-09-15 18:52 - 2014-08-23 03:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-09-15 18:52 - 2014-08-23 02:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-09-15 18:52 - 2014-08-23 01:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-09-15 18:52 - 2014-08-23 00:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-09-15 18:52 - 2014-08-23 00:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-09-15 18:52 - 2014-08-23 00:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-09-15 18:52 - 2014-08-23 00:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-09-15 18:52 - 2014-07-24 11:20 - 21266336 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-09-15 18:52 - 2014-07-24 09:46 - 18760328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-09-15 18:52 - 2014-07-24 05:44 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-09-15 18:52 - 2014-07-24 05:16 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-09-15 18:52 - 2014-07-24 03:39 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-09-15 18:52 - 2014-07-24 03:30 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-09-15 18:51 - 2014-07-24 11:07 - 07424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-09-15 18:51 - 2014-07-24 11:03 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-09-15 18:51 - 2014-07-24 10:57 - 02515264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-09-15 18:51 - 2014-07-24 09:36 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-09-15 18:51 - 2014-07-24 04:53 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-09-15 18:51 - 2014-07-24 03:46 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-09-15 18:51 - 2014-07-24 03:43 - 02696704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-09-15 18:51 - 2014-07-24 03:38 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-09-15 18:51 - 2014-07-24 03:38 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-09-15 18:51 - 2014-06-14 02:03 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-09-15 18:51 - 2014-06-14 01:46 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-09-15 18:50 - 2014-07-24 11:28 - 00468288 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-09-15 18:50 - 2014-07-24 11:28 - 00419648 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-09-15 18:50 - 2014-07-24 11:28 - 00412992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-09-15 18:50 - 2014-07-24 11:28 - 00143680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-09-15 18:50 - 2014-07-24 11:23 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-09-15 18:50 - 2014-07-24 11:23 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-09-15 18:50 - 2014-07-24 11:20 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-09-15 18:50 - 2014-07-24 11:16 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-09-15 18:50 - 2014-07-24 11:16 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-09-15 18:50 - 2014-07-24 11:07 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-09-15 18:50 - 2014-07-24 11:05 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-09-15 18:50 - 2014-07-24 11:05 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-09-15 18:50 - 2014-07-24 11:05 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-09-15 18:50 - 2014-07-24 11:05 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-09-15 18:50 - 2014-07-24 11:03 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-09-15 18:50 - 2014-07-24 11:03 - 00818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-09-15 18:50 - 2014-07-24 11:03 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-09-15 18:50 - 2014-07-24 11:03 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-09-15 18:50 - 2014-07-24 11:03 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2014-09-15 18:50 - 2014-07-24 10:57 - 00475968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-09-15 18:50 - 2014-07-24 09:50 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-09-15 18:50 - 2014-07-24 09:48 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-09-15 18:50 - 2014-07-24 09:48 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-09-15 18:50 - 2014-07-24 09:46 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-09-15 18:50 - 2014-07-24 09:36 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-09-15 18:50 - 2014-07-24 09:36 - 00674512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-09-15 18:50 - 2014-07-24 09:36 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-09-15 18:50 - 2014-07-24 09:36 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2014-09-15 18:50 - 2014-07-24 07:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-09-15 18:50 - 2014-07-24 07:45 - 00076800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-09-15 18:50 - 2014-07-24 07:44 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-09-15 18:50 - 2014-07-24 07:43 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2014-09-15 18:50 - 2014-07-24 07:42 - 01200640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-09-15 18:50 - 2014-07-24 07:42 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-09-15 18:50 - 2014-07-24 07:42 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2014-09-15 18:50 - 2014-07-24 07:41 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2014-09-15 18:50 - 2014-07-24 07:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2014-09-15 18:50 - 2014-07-24 07:05 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2014-09-15 18:50 - 2014-07-24 07:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-09-15 18:50 - 2014-07-24 06:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2014-09-15 18:50 - 2014-07-24 06:20 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2014-09-15 18:50 - 2014-07-24 06:18 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-09-15 18:50 - 2014-07-24 06:10 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-09-15 18:50 - 2014-07-24 06:10 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-09-15 18:50 - 2014-07-24 06:10 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-09-15 18:50 - 2014-07-24 06:09 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-09-15 18:50 - 2014-07-24 06:06 - 00438272 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-09-15 18:50 - 2014-07-24 06:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-09-15 18:50 - 2014-07-24 05:53 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2014-09-15 18:50 - 2014-07-24 05:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-09-15 18:50 - 2014-07-24 05:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-09-15 18:50 - 2014-07-24 05:33 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2014-09-15 18:50 - 2014-07-24 05:24 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-09-15 18:50 - 2014-07-24 05:23 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-09-15 18:50 - 2014-07-24 05:13 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2014-09-15 18:50 - 2014-07-24 05:12 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-09-15 18:50 - 2014-07-24 05:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-09-15 18:50 - 2014-07-24 05:10 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-09-15 18:50 - 2014-07-24 05:09 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-09-15 18:50 - 2014-07-24 05:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-09-15 18:50 - 2014-07-24 05:02 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-09-15 18:50 - 2014-07-24 04:53 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-09-15 18:50 - 2014-07-24 04:49 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-09-15 18:50 - 2014-07-24 04:49 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-09-15 18:50 - 2014-07-24 04:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-09-15 18:50 - 2014-07-24 04:38 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-09-15 18:50 - 2014-07-24 04:32 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-09-15 18:50 - 2014-07-24 04:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-09-15 18:50 - 2014-07-24 04:29 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-15 18:50 - 2014-07-24 04:28 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2014-09-15 18:50 - 2014-07-24 04:27 - 00907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-09-15 18:50 - 2014-07-24 04:23 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-09-15 18:50 - 2014-07-24 04:22 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-09-15 18:50 - 2014-07-24 04:21 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-09-15 18:50 - 2014-07-24 04:21 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-09-15 18:50 - 2014-07-24 04:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2014-09-15 18:50 - 2014-07-24 04:19 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-09-15 18:50 - 2014-07-24 04:18 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-09-15 18:50 - 2014-07-24 04:16 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-09-15 18:50 - 2014-07-24 04:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2014-09-15 18:50 - 2014-07-24 04:15 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-09-15 18:50 - 2014-07-24 04:15 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-09-15 18:50 - 2014-07-24 04:10 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-09-15 18:50 - 2014-07-24 04:10 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-09-15 18:50 - 2014-07-24 04:10 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-09-15 18:50 - 2014-07-24 04:10 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-09-15 18:50 - 2014-07-24 04:08 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2014-09-15 18:50 - 2014-07-24 04:07 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-09-15 18:50 - 2014-07-24 04:05 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-09-15 18:50 - 2014-07-24 04:04 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-09-15 18:50 - 2014-07-24 04:02 - 03465216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-09-15 18:50 - 2014-07-24 04:01 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-09-15 18:50 - 2014-07-24 04:01 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2014-09-15 18:50 - 2014-07-24 03:54 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2014-09-15 18:50 - 2014-07-24 03:50 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-09-15 18:50 - 2014-07-24 03:50 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-09-15 18:50 - 2014-07-24 03:49 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2014-09-15 18:50 - 2014-07-24 03:47 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-09-15 18:50 - 2014-07-24 03:44 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-09-15 18:50 - 2014-07-24 03:33 - 03360768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-09-15 18:50 - 2014-07-24 03:28 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-09-15 18:50 - 2014-07-24 00:11 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-09-15 18:50 - 2014-07-24 00:11 - 00513544 _____ () C:\WINDOWS\system32\locale.nls
2014-09-15 18:50 - 2014-07-12 01:55 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2014-09-15 18:50 - 2014-07-12 00:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2014-09-15 18:50 - 2014-07-12 00:13 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-09-15 18:50 - 2014-07-04 06:29 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2014-09-15 18:50 - 2014-07-04 06:20 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-09-15 18:50 - 2014-07-04 06:06 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2014-09-15 18:50 - 2014-07-04 05:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-09-15 18:50 - 2014-07-04 05:27 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-09-15 18:50 - 2014-06-27 02:22 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-09-15 18:50 - 2014-06-25 20:32 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-09-15 18:50 - 2014-06-19 19:37 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-09-15 18:50 - 2014-06-18 22:13 - 00310080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-09-15 18:50 - 2014-06-05 10:00 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-09-15 18:50 - 2014-06-05 06:18 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-09-15 18:50 - 2014-06-05 05:42 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-09-15 18:50 - 2014-05-31 01:00 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2014-09-15 18:50 - 2014-05-31 00:18 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2014-09-15 18:50 - 2014-05-29 02:23 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-09-15 18:50 - 2014-05-29 01:25 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-09-15 18:50 - 2014-05-10 06:12 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-09-15 18:50 - 2014-05-10 04:46 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-09-15 18:50 - 2014-05-06 00:41 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-09-15 18:50 - 2014-05-05 20:55 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-09-15 18:50 - 2014-03-24 22:27 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-09-15 18:50 - 2014-03-24 22:27 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-09-15 18:50 - 2014-03-24 21:20 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-09-15 18:50 - 2014-03-24 21:20 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-09-15 18:49 - 2014-07-24 11:28 - 00280384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-09-15 18:49 - 2014-07-24 11:25 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-09-15 18:49 - 2014-07-24 11:20 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-09-15 18:49 - 2014-07-24 07:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2014-09-15 18:49 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2014-09-15 18:49 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL
2014-09-15 18:49 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2014-09-15 18:49 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2014-09-15 18:49 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2014-09-15 18:49 - 2014-07-24 07:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2014-09-15 18:49 - 2014-07-24 07:47 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-09-15 18:49 - 2014-07-24 07:41 - 00118272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2014-09-15 18:49 - 2014-07-24 07:33 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-09-15 18:49 - 2014-07-24 07:33 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-09-15 18:49 - 2014-07-24 07:22 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2014-09-15 18:49 - 2014-07-24 06:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2014-09-15 18:49 - 2014-07-24 06:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL
2014-09-15 18:49 - 2014-07-24 06:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2014-09-15 18:49 - 2014-07-24 06:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2014-09-15 18:49 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2014-09-15 18:49 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2014-09-15 18:49 - 2014-07-24 06:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2014-09-15 18:49 - 2014-07-24 06:33 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-09-15 18:49 - 2014-07-24 06:32 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2014-09-15 18:49 - 2014-07-24 06:12 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-09-15 18:49 - 2014-07-24 06:10 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2014-09-15 18:49 - 2014-07-24 05:42 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2014-09-15 18:49 - 2014-07-24 05:40 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-09-15 18:49 - 2014-07-24 05:32 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-09-15 18:49 - 2014-07-24 05:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-09-15 18:49 - 2014-07-24 05:27 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-09-15 18:49 - 2014-07-24 05:25 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-09-15 18:49 - 2014-07-24 05:21 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2014-09-15 18:49 - 2014-07-24 05:18 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2014-09-15 18:49 - 2014-07-24 05:14 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-09-15 18:49 - 2014-07-24 05:11 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2014-09-15 18:49 - 2014-07-24 05:04 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-09-15 18:49 - 2014-07-24 05:04 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-09-15 18:49 - 2014-07-24 04:58 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2014-09-15 18:49 - 2014-07-24 04:49 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-09-15 18:49 - 2014-07-24 04:49 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-09-15 18:49 - 2014-07-24 04:48 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-09-15 18:49 - 2014-07-24 04:47 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-09-15 18:49 - 2014-07-24 04:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2014-09-15 18:49 - 2014-07-24 04:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2014-09-15 18:49 - 2014-07-24 04:24 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-15 18:49 - 2014-07-24 04:18 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-09-15 18:49 - 2014-07-24 04:18 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-09-15 18:49 - 2014-07-24 04:15 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2014-09-15 18:49 - 2014-07-24 04:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-09-15 18:49 - 2014-07-24 04:12 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-15 18:49 - 2014-07-24 04:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-09-15 18:49 - 2014-07-24 04:06 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-09-15 18:49 - 2014-07-24 04:01 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-09-15 18:49 - 2014-07-24 04:00 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-09-15 18:49 - 2014-07-24 03:58 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-09-15 18:49 - 2014-07-24 03:58 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-09-15 18:49 - 2014-07-24 03:43 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-09-15 18:49 - 2014-07-24 03:43 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2014-09-15 18:49 - 2014-07-24 03:41 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-09-15 18:49 - 2014-07-12 01:23 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-09-15 18:49 - 2014-07-12 00:33 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-09-15 18:49 - 2014-07-09 19:19 - 00387391 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-09-15 18:49 - 2014-07-04 08:59 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-09-15 18:49 - 2014-07-04 06:00 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-09-15 18:49 - 2014-06-25 20:29 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2014-09-15 18:49 - 2014-06-07 08:46 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-09-15 18:49 - 2014-06-07 06:20 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-09-15 18:49 - 2014-05-29 01:20 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-09-15 18:49 - 2014-05-29 00:36 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-09-15 18:49 - 2014-05-26 03:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-09-14 23:40 - 2014-08-14 20:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-09-14 11:08 - 2014-09-14 11:08 - 00001398 _____ () C:\Users\mbrandau\Desktop\The Edge.lnk
2014-09-14 11:08 - 2014-09-14 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cerebra Software - The Edge
2014-09-14 11:07 - 2014-09-14 11:09 - 00000000 ____D () C:\EDGE
2014-09-14 11:03 - 2014-09-14 11:05 - 06931118 _____ (Cerebra Software Systems ) C:\Users\mbrandau\Downloads\Install-The-Edge-2014.exe
2014-09-14 11:00 - 2014-09-14 11:00 - 00001585 _____ () C:\Users\mbrandau\Desktop\The NFL Judge.lnk
2014-09-14 11:00 - 2014-09-14 11:00 - 00000000 ____D () C:\SPORTSJUDGE
2014-09-14 11:00 - 2014-09-14 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sports Judge - NFL Handicapper
2014-09-14 10:58 - 2014-09-14 10:58 - 02891944 _____ (Cerebra Software Systems ) C:\Users\mbrandau\Downloads\Install-The-NFL-Judge-2014.exe
2014-09-13 22:46 - 2014-09-13 22:46 - 00000761 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.txt
2014-09-13 22:34 - 2014-09-13 22:34 - 00033002 _____ () C:\Users\mbrandau\Downloads\Red 2 2013 (2).torrent
2014-09-13 22:34 - 2014-09-13 22:34 - 00033002 _____ () C:\Users\mbrandau\Downloads\Red 2 2013 (1).torrent
2014-09-13 22:33 - 2014-09-13 22:33 - 00030836 _____ () C:\Users\mbrandau\Downloads\red_2_2013_eng.dvd-r_(xvid).torrent
2014-09-13 22:31 - 2014-09-19 22:41 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\YjPack
2014-09-13 22:31 - 2014-09-19 22:40 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\URXmedia
2014-09-13 22:17 - 2014-09-13 22:17 - 00033005 _____ () C:\Users\mbrandau\Downloads\Red 2 2013.torrent
2014-09-12 20:32 - 2014-09-12 20:32 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-09-12 18:32 - 2014-08-15 22:40 - 23591424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-09-12 18:32 - 2014-08-15 22:04 - 17455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-09-12 18:32 - 2014-08-15 22:00 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-09-12 18:32 - 2014-08-15 22:00 - 02793984 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-09-12 18:32 - 2014-08-15 21:56 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-09-12 18:32 - 2014-08-15 21:54 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-09-12 18:32 - 2014-08-15 21:45 - 04232704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-09-12 18:32 - 2014-08-15 21:43 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-09-12 18:32 - 2014-08-15 21:32 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-09-12 18:32 - 2014-08-15 21:25 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-09-12 18:32 - 2014-08-15 21:22 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-09-12 18:32 - 2014-08-15 21:20 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-09-12 18:32 - 2014-08-15 21:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-09-12 18:32 - 2014-08-15 21:18 - 02185728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-09-12 18:32 - 2014-08-15 21:18 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-09-12 18:32 - 2014-08-15 21:11 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-09-12 18:32 - 2014-08-15 21:06 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-09-12 18:32 - 2014-08-15 21:05 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-09-12 18:32 - 2014-08-15 21:05 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-09-12 18:32 - 2014-08-15 21:03 - 02104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-09-12 18:32 - 2014-08-15 21:03 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-09-12 18:32 - 2014-08-15 20:58 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-12 18:32 - 2014-08-15 20:56 - 02310656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-09-12 18:32 - 2014-08-15 20:53 - 13588480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-09-12 18:32 - 2014-08-15 20:53 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-09-12 18:32 - 2014-08-15 20:53 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-09-12 18:32 - 2014-08-15 20:51 - 11769856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-09-12 18:32 - 2014-08-15 20:45 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-09-12 18:32 - 2014-08-15 20:44 - 02014208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-09-12 18:32 - 2014-08-15 20:44 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-09-12 18:32 - 2014-08-15 20:34 - 01447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-09-12 18:32 - 2014-08-15 20:20 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-09-12 18:32 - 2014-08-15 20:18 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-09-12 18:32 - 2014-08-15 20:14 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-09-12 18:32 - 2014-08-15 20:12 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-09-11 23:13 - 2014-07-23 23:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-09-11 23:13 - 2014-07-23 23:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-09-11 23:10 - 2014-09-04 22:36 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-09-11 23:10 - 2014-09-04 22:31 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-09-11 23:10 - 2014-09-04 20:48 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-09-11 23:10 - 2014-08-01 20:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-09-06 15:25 - 2014-09-06 15:25 - 00000000 ____D () C:\Program Files (x86)\Research In Motion Limited
2014-09-06 15:23 - 2014-09-06 15:24 - 00910336 _____ () C:\Users\mbrandau\Downloads\AppWorldInstaller-en.msi
2014-09-01 22:33 - 2014-09-01 22:33 - 00112128 _____ () C:\Users\mbrandau\Desktop\HSBC-2 200 Accounts.xls
2014-09-01 22:32 - 2014-09-01 22:32 - 00115200 _____ () C:\Users\mbrandau\Desktop\HSBC-1 200 Accounts.xls
2014-09-01 15:47 - 2014-09-01 15:48 - 00417824 _____ () C:\Users\mbrandau\Downloads\DellSystemDetect (7).exe
2014-09-01 13:25 - 2014-09-01 13:25 - 00000000 ____D () C:\Users\mbrandau\Downloads\Driver Toolkit 8.3
2014-09-01 13:01 - 2014-09-01 13:01 - 00000000 ____D () C:\ProgramData\PCDr
2014-09-01 13:01 - 2014-09-01 13:01 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows
2014-09-01 13:01 - 2014-09-01 13:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2014-09-01 13:01 - 2014-09-01 13:01 - 00000000 ____D () C:\Program Files\Dell Support Center
2014-09-01 13:00 - 2014-09-01 13:01 - 00000000 ____D () C:\Program Files\My Dell
2014-09-01 12:59 - 2014-09-01 13:10 - 00000000 ____D () C:\temp
2014-09-01 12:59 - 2014-09-01 12:59 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\PCDr
2014-08-31 19:58 - 2014-08-31 19:58 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2014-08-31 19:57 - 2014-08-31 19:58 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\Deployment
2014-08-31 19:57 - 2014-08-31 19:57 - 00417824 _____ () C:\Users\mbrandau\Downloads\DellSystemDetect (6).exe
2014-08-31 19:35 - 2014-08-31 19:35 - 02396224 _____ (Megaify Software ) C:\Users\mbrandau\Downloads\driver_setup (1).exe
2014-08-31 19:34 - 2014-08-31 19:34 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\DriverToolkit
2014-08-31 19:33 - 2014-08-31 19:33 - 02396224 _____ (Megaify Software ) C:\Users\mbrandau\Downloads\driver_setup.exe
2014-08-28 09:09 - 2014-08-22 20:42 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-25 15:06 - 2014-08-25 15:06 - 00051670 _____ () C:\Users\mbrandau\Desktop\For Sale Mixed Payday Loans CO 2010-2011 173 AC 96k Face W  Fees 138k - MASKED.xlsx
2014-08-25 15:03 - 2014-08-25 15:03 - 00062702 _____ () C:\Users\mbrandau\Desktop\For Sale Mixed CC's 2008 CO 247 Accounts 462k MASKED.xlsx
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-21 20:43 - 2014-09-21 20:43 - 00025658 _____ () C:\Users\mbrandau\Downloads\FRST.txt
2014-09-21 20:43 - 2014-09-21 20:42 - 00000000 ____D () C:\FRST
2014-09-21 20:42 - 2014-09-21 20:42 - 02105856 _____ (Farbar) C:\Users\mbrandau\Downloads\FRST64.exe
2014-09-21 20:02 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-09-21 19:59 - 2014-09-21 19:59 - 00016458 _____ () C:\Users\mbrandau\Desktop\hijackthis 9.21.14
2014-09-21 19:55 - 2014-06-05 00:27 - 01726153 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-21 19:52 - 2014-05-20 16:37 - 00000000 ____D () C:\Users\mbrandau\Documents\Outlook Files
2014-09-21 19:45 - 2014-09-21 19:45 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-717003261-2532330135-182091199-1001
2014-09-21 19:40 - 2014-05-19 23:12 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\VirtualStore
2014-09-21 19:39 - 2014-05-19 23:36 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-21 19:38 - 2014-09-16 21:59 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-09-21 19:38 - 2014-06-05 00:33 - 00000000 ___DO () C:\Users\mbrandau\OneDrive
2014-09-21 19:36 - 2014-03-18 05:54 - 00032016 _____ () C:\WINDOWS\PFRO.log
2014-09-21 19:36 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-21 19:36 - 2013-08-22 10:44 - 00540032 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-21 19:35 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-09-21 19:33 - 2014-09-17 20:29 - 00000000 ____D () C:\ProgramData\MediaMall
2014-09-21 19:31 - 2014-09-20 19:32 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\Idhuak
2014-09-20 07:11 - 2014-09-15 19:48 - 00000000 ____D () C:\Program Files (x86)\Hide ALL IP
2014-09-19 22:41 - 2014-09-13 22:31 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\YjPack
2014-09-19 22:40 - 2014-09-13 22:31 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\URXmedia
2014-09-19 22:01 - 2014-09-19 22:01 - 00001526 _____ () C:\Users\mbrandau\Desktop\HijackThis - Shortcut.lnk
2014-09-19 21:59 - 2014-09-19 21:59 - 00388608 _____ (Trend Micro Inc.) C:\Users\mbrandau\Downloads\HijackThis.exe
2014-09-19 21:49 - 2014-09-19 21:49 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\Panda Security
2014-09-19 21:49 - 2014-09-19 21:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
2014-09-19 21:49 - 2014-09-19 21:49 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-09-19 21:49 - 2014-09-19 21:47 - 00000000 ____D () C:\ProgramData\Panda Security
2014-09-19 21:46 - 2014-09-19 21:46 - 01329312 _____ () C:\Users\mbrandau\Downloads\PANDAFREEAV.exe
2014-09-19 21:38 - 2014-09-17 22:27 - 01474832 _____ () C:\WINDOWS\system32\Drivers\sfi.dat
2014-09-19 21:38 - 2014-05-20 18:13 - 00000716 _____ () C:\WINDOWS\pvsw.log
2014-09-19 21:34 - 2014-06-08 03:02 - 00000384 _____ () C:\WINDOWS\WinInit.Ini
2014-09-18 20:54 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-09-18 19:06 - 2014-03-18 06:03 - 00865448 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-09-18 19:01 - 2014-09-17 23:18 - 00039820 _____ () C:\WINDOWS\system32\Drivers\fvstore.dat
2014-09-18 01:30 - 2014-07-05 19:04 - 00001945 _____ () C:\Users\mbrandau\Desktop\DivX Movies.lnk
2014-09-18 01:30 - 2014-05-20 16:27 - 00001107 _____ () C:\Users\mbrandau\Desktop\µTorrent.lnk
2014-09-17 23:18 - 2014-09-17 23:18 - 00000000 ___HD () C:\VTRoot
2014-09-17 23:05 - 2014-06-28 17:03 - 00000000 ____D () C:\WINDOWS\AutoKMS
2014-09-17 22:28 - 2012-07-26 01:37 - 00000000 ____D () C:\Users\Default.migrated
2014-09-17 22:27 - 2014-09-17 22:26 - 00000000 ____D () C:\Program Files\COMODO
2014-09-17 22:27 - 2014-09-17 22:22 - 00000000 ____D () C:\ProgramData\Comodo
2014-09-17 22:26 - 2014-09-17 22:26 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-09-17 22:21 - 2014-09-17 22:20 - 230403216 _____ (COMODO) C:\Users\mbrandau\Downloads\cispremium_installer_5997_92.exe
2014-09-17 21:47 - 2014-09-17 21:47 - 00008136 _____ () C:\Users\mbrandau\Downloads\FirstRow (1).lua
2014-09-17 21:10 - 2014-09-17 21:10 - 00008136 _____ () C:\Users\mbrandau\Downloads\FirstRow.lua
2014-09-17 20:59 - 2014-09-17 20:57 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\vlc
2014-09-17 20:57 - 2014-09-17 20:57 - 00001084 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-17 20:57 - 2014-09-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-17 20:57 - 2014-09-17 20:57 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-09-17 20:56 - 2014-09-17 20:56 - 24743106 _____ () C:\Users\mbrandau\Downloads\vlc-2.1.5-win32.exe
2014-09-17 20:53 - 2014-09-17 20:52 - 40614608 _____ () C:\Users\mbrandau\Downloads\vlc-2.1.5-win32.zip
2014-09-17 20:50 - 2014-09-17 20:49 - 67610856 _____ (MediaMall Technologies, Inc. ) C:\Users\mbrandau\Downloads\MyMediaSetup.3.10.3.exe
2014-09-17 20:50 - 2014-09-17 20:29 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2014-09-17 20:44 - 2014-09-17 20:44 - 02647688 _____ (MediaMall Technologies, Inc.) C:\Users\mbrandau\Downloads\PlayLaterSetup.1.6.3.exe
2014-09-17 20:44 - 2014-09-17 20:44 - 00000983 _____ () C:\Users\Public\Desktop\PlayLater.lnk
2014-09-17 20:44 - 2014-09-17 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayLater
2014-09-17 20:44 - 2014-09-17 20:29 - 00000000 ____D () C:\Program Files (x86)\MediaMall
2014-09-17 20:32 - 2013-08-22 10:46 - 00293312 _____ () C:\WINDOWS\setupact.log
2014-09-17 20:31 - 2014-09-17 20:31 - 00002067 _____ () C:\Users\Public\Desktop\PlayOn.lnk
2014-09-17 20:31 - 2014-09-17 20:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayOn
2014-09-17 20:28 - 2014-09-17 20:27 - 67409128 _____ (MediaMall Technologies, Inc. ) C:\Users\mbrandau\Downloads\PlayOnSetup.3.10.3.exe
2014-09-17 18:28 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-09-17 03:20 - 2012-07-26 04:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-09-16 22:16 - 2012-07-26 03:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-16 22:00 - 2014-09-16 21:59 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\Plex Media Server
2014-09-16 21:59 - 2014-09-16 21:59 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\Apple Computer
2014-09-16 21:59 - 2014-09-16 21:59 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\Apple Computer
2014-09-16 21:59 - 2014-09-16 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2014-09-16 21:58 - 2014-09-16 21:58 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-16 21:58 - 2014-09-16 21:58 - 00000000 ____D () C:\Program Files (x86)\Plex
2014-09-16 21:57 - 2014-09-16 21:57 - 62222680 _____ (Plex, Inc.) C:\Users\mbrandau\Downloads\Plex-Media-Server-0.9.914.531-7eef8c6-en-US (1).exe
2014-09-16 21:56 - 2014-09-16 21:56 - 62222680 _____ (Plex, Inc.) C:\Users\mbrandau\Downloads\Plex-Media-Server-0.9.914.531-7eef8c6-en-US.exe
2014-09-16 21:15 - 2014-09-16 21:15 - 00000029 _____ () C:\Users\mbrandau\Desktop\Wireless Router Info.txt
2014-09-16 19:40 - 2014-05-20 16:27 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\Search Protection
2014-09-16 19:40 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-09-16 19:21 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-09-16 19:04 - 2014-05-22 14:08 - 00003929 ____H () C:\WINDOWS\SysWOW64\BTImages.dat
2014-09-16 18:22 - 2014-09-16 18:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-16 18:21 - 2014-09-16 18:21 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\mbrandau\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-16 06:50 - 2014-03-18 05:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-16 06:50 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-09-16 06:50 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-16 06:50 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-16 06:50 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-09-16 06:50 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-09-16 06:50 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-09-16 06:50 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-09-16 06:50 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-09-15 21:13 - 2014-05-22 13:36 - 00000128 _____ () C:\WINDOWS\SysWOW64\pdfl.dat
2014-09-15 20:12 - 2014-05-20 16:26 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\uTorrent
2014-09-15 19:48 - 2014-09-15 19:48 - 04061768 _____ (www.hideallip.com ) C:\Users\mbrandau\Desktop\hideallipsetup.exe
2014-09-15 19:48 - 2014-09-15 19:48 - 00001047 _____ () C:\Users\Public\Desktop\Hide ALL IP.lnk
2014-09-15 19:48 - 2014-09-15 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hide ALL IP
2014-09-14 12:24 - 2014-07-08 20:37 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-09-14 11:09 - 2014-09-14 11:07 - 00000000 ____D () C:\EDGE
2014-09-14 11:08 - 2014-09-14 11:08 - 00001398 _____ () C:\Users\mbrandau\Desktop\The Edge.lnk
2014-09-14 11:08 - 2014-09-14 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cerebra Software - The Edge
2014-09-14 11:05 - 2014-09-14 11:03 - 06931118 _____ (Cerebra Software Systems ) C:\Users\mbrandau\Downloads\Install-The-Edge-2014.exe
2014-09-14 11:00 - 2014-09-14 11:00 - 00001585 _____ () C:\Users\mbrandau\Desktop\The NFL Judge.lnk
2014-09-14 11:00 - 2014-09-14 11:00 - 00000000 ____D () C:\SPORTSJUDGE
2014-09-14 11:00 - 2014-09-14 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sports Judge - NFL Handicapper
2014-09-14 10:58 - 2014-09-14 10:58 - 02891944 _____ (Cerebra Software Systems ) C:\Users\mbrandau\Downloads\Install-The-NFL-Judge-2014.exe
2014-09-13 22:46 - 2014-09-13 22:46 - 00000761 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.txt
2014-09-12 20:32 - 2014-09-12 20:32 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-09-12 18:34 - 2014-05-20 17:29 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-12 18:33 - 2014-06-11 22:03 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-09-12 18:33 - 2014-06-11 22:03 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-09-12 18:32 - 2014-06-11 22:03 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-09-12 18:32 - 2014-06-11 22:03 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-09-12 18:32 - 2014-06-11 22:03 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-09-12 18:32 - 2014-06-11 22:03 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-09-12 18:32 - 2014-06-11 22:03 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-09-12 18:32 - 2014-06-11 22:03 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-09-12 18:32 - 2014-06-11 22:03 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-09-12 18:32 - 2014-06-11 22:03 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-09-12 18:32 - 2014-06-11 22:03 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-09-12 18:32 - 2014-06-11 22:03 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-09-12 18:32 - 2014-06-11 22:03 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-09-12 18:32 - 2014-06-11 22:03 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-09-12 18:32 - 2014-06-05 00:48 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-09-12 18:32 - 2014-06-05 00:48 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-09-12 18:32 - 2014-05-20 00:36 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-12 18:25 - 2014-05-20 00:36 - 101694776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-09-06 20:15 - 2013-08-22 10:46 - 00000262 _____ () C:\WINDOWS\setuperr.log
2014-09-06 15:25 - 2014-09-06 15:25 - 00000000 ____D () C:\Program Files (x86)\Research In Motion Limited
2014-09-06 15:24 - 2014-09-06 15:23 - 00910336 _____ () C:\Users\mbrandau\Downloads\AppWorldInstaller-en.msi
2014-09-04 22:36 - 2014-09-11 23:10 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-09-04 22:31 - 2014-09-11 23:10 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-09-04 20:48 - 2014-09-11 23:10 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-09-02 16:06 - 2013-08-22 11:38 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-09-02 16:06 - 2013-08-22 11:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-01 22:33 - 2014-09-01 22:33 - 00112128 _____ () C:\Users\mbrandau\Desktop\HSBC-2 200 Accounts.xls
2014-09-01 22:32 - 2014-09-01 22:32 - 00115200 _____ () C:\Users\mbrandau\Desktop\HSBC-1 200 Accounts.xls
2014-09-01 15:48 - 2014-09-01 15:47 - 00417824 _____ () C:\Users\mbrandau\Downloads\DellSystemDetect (7).exe
2014-09-01 13:25 - 2014-09-01 13:25 - 00000000 ____D () C:\Users\mbrandau\Downloads\Driver Toolkit 8.3
2014-09-01 13:23 - 2014-09-01 13:23 - 00001007 _____ () C:\Users\mbrandau\Downloads\[kickass.to]driver.toolkit.8.3.the.pirate.torrent
2014-09-01 13:10 - 2014-09-01 12:59 - 00000000 ____D () C:\temp
2014-09-01 13:01 - 2014-09-01 13:01 - 00000000 ____D () C:\ProgramData\PCDr
2014-09-01 13:01 - 2014-09-01 13:01 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows
2014-09-01 13:01 - 2014-09-01 13:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2014-09-01 13:01 - 2014-09-01 13:01 - 00000000 ____D () C:\Program Files\Dell Support Center
2014-09-01 13:01 - 2014-09-01 13:00 - 00000000 ____D () C:\Program Files\My Dell
2014-09-01 12:59 - 2014-09-01 12:59 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\PCDr
2014-08-31 19:58 - 2014-08-31 19:58 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2014-08-31 19:58 - 2014-08-31 19:57 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\Deployment
2014-08-31 19:57 - 2014-08-31 19:57 - 00417824 _____ () C:\Users\mbrandau\Downloads\DellSystemDetect (6).exe
2014-08-31 19:35 - 2014-08-31 19:35 - 02396224 _____ (Megaify Software ) C:\Users\mbrandau\Downloads\driver_setup (1).exe
2014-08-31 19:34 - 2014-08-31 19:34 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\DriverToolkit
2014-08-31 19:33 - 2014-08-31 19:33 - 02396224 _____ (Megaify Software ) C:\Users\mbrandau\Downloads\driver_setup.exe
2014-08-29 14:21 - 2014-05-20 16:37 - 00000000 ____D () C:\Users\mbrandau\Documents\Secret Shopper Scans
2014-08-27 18:43 - 2014-06-09 23:05 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\HpUpdate
2014-08-27 14:36 - 2014-07-23 19:09 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\Research In Motion
2014-08-25 15:06 - 2014-08-25 15:06 - 00051670 _____ () C:\Users\mbrandau\Desktop\For Sale Mixed Payday Loans CO 2010-2011 173 AC 96k Face W  Fees 138k - MASKED.xlsx
2014-08-25 15:03 - 2014-08-25 15:03 - 00062702 _____ () C:\Users\mbrandau\Desktop\For Sale Mixed CC's 2008 CO 247 Accounts 462k MASKED.xlsx
2014-08-23 03:48 - 2014-09-15 18:52 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-08-23 03:13 - 2014-09-15 18:53 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-08-23 02:10 - 2014-09-15 18:52 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-08-23 01:32 - 2014-09-15 18:52 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-08-23 00:44 - 2014-09-15 18:52 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-23 00:34 - 2014-09-15 18:52 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-08-23 00:33 - 2014-09-15 18:53 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-08-23 00:31 - 2014-09-15 18:52 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-23 00:20 - 2014-09-15 18:52 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-08-22 22:39 - 2014-05-20 15:07 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\RoboForm
2014-08-22 20:42 - 2014-08-28 09:09 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
 
Files to move or delete:
====================
C:\Users\mbrandau\Setup_BTW12.0.0.7850_Win8_USB_DELL_DW1704_WLAN_6.30.223.215_App230_20140226.exe
 
 
Some content of TEMP:
====================
C:\Users\mbrandau\AppData\Local\Temp\BlackBerryDeviceManager.exe
C:\Users\mbrandau\AppData\Local\Temp\BlackBerryLauncher.exe
C:\Users\mbrandau\AppData\Local\Temp\DesktopInstaller.exe
C:\Users\mbrandau\AppData\Local\Temp\tmp8CA7.exe
C:\Users\mbrandau\AppData\Local\Temp\UpdateFlashPlayer_7d0bbbcc.exe
C:\Users\mbrandau\AppData\Local\Temp\{C52D2BDE-FF32-40E2-BBFC-28D3C990C21A}.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-21 20:40
 
==================== End Of Log ============================
 
 
Addition:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-09-2014 01
Ran by mbrandau at 2014-09-21 20:44:46
Running from C:\Users\mbrandau\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Panda Free Antivirus (Enabled - Up to date) {5FD6C936-849B-5CE2-14BA-709E1D6FD1DA}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Free Antivirus (Enabled - Up to date) {E4B728D2-A2A1-536C-2E0A-4BEC66E89B67}
FW: Panda Firewall (Disabled) {67ED4813-CEF4-5DBA-3FE5-D9ABE3BC96A1}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32239 - BitTorrent Inc.)
ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.2146.41621 - ABBYY Software House)
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
BlackBerry Link (HKLM-x32\...\BlackBerry_10_Desktop) (Version: 1.2.3.56 - BlackBerry Ltd.)
BlackBerry Link (x32 Version: 1.2.3.56 - BlackBerry Ltd.) Hidden
BlackBerry World Browser Plugin (HKLM-x32\...\{291028F2-B4A3-4CFF-81E4-1EFB8AC829F7}) (Version: 10.3.070.20 - Research In Motion Limited)
Crystal Reports 2008 Runtime SP1 (HKLM-x32\...\{C484CC8D-03CF-4022-89C4-DB4F02E8A15B}) (Version: 12.1.0.882 - Business Objects)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.10.0.8 - Dell)
Dell Toolbar (HKLM-x32\...\{09B71986-2AC5-482d-B6CB-42EA34F4F85B}) (Version: 1.8.12.0 - )
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.0.1.0 - Synaptics Incorporated)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hide ALL IP 2014.09.06 (HKLM-x32\...\{02FC1980-2123-451F-8CB7-C9B60BE40717}_is1) (Version:  - www.hideallip.com)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)
HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{2BF5E9CC-C55D-4B0F-ACAF-FFE77F333CD8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50701 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50706 - Microsoft Corporation) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.03 - Panda Security)
Panda Devices Agent (x32 Version: 1.05.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 15.00.01.0000 - Panda Security)
Panda Free Antivirus (Version: 7.23.00.0000 - Panda Security) Hidden
PDS Pro Baseball 2014 version 1.5 (HKLM-x32\...\{FB4556AC-6AA4-4159-B42D-DBF1C0379BD6}_is1) (Version: 1.5 - PDS Sport)
Pervasive PSQL v11 Workgroup (32-bit) (x32 Version: 11.30.057 - Pervasive Software) Hidden
Pervasive PSQL v11 Workgroup (32-bit) SP3 (HKLM-x32\...\Pervasive PSQL v11 Workgroup (32-bit)) (Version: 11.30.057 - Pervasive Software)
PlayLater (HKLM-x32\...\{50634036-4C8B-4754-BC0D-BDCEDA089D34}) (Version: 1.6.3 - MediaMall Technologies, Inc.)
PlayOn (HKLM-x32\...\{C2232565-17C6-43BB-B0E0-FA443A59ACF2}) (Version: 3.10.3 - MediaMall Technologies, Inc.)
Plex Media Server (HKLM-x32\...\{9eb61479-6f2f-43c4-bfe8-12a7ea9d1acb}) (Version: 0.9.914 - Plex, Inc.)
Plex Media Server (x32 Version: 0.9.914 - Plex, Inc.) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.37 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6788 - Realtek Semiconductor Corp.)
RoboForm 7-9-9-1 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-9-1 - Siber Systems)
Sage 50 Accounting 2014 (HKLM-x32\...\InstallShield_{D2ADA6F5-F155-4A37-87CA-599E81F6C6C0}) (Version: 21.00.00 - Sage Software, Inc.)
Sage 50 Accounting 2014 (x32 Version: 21.00.00 - Sage Software, Inc.) Hidden
Sage 50 Accounting Tax Forms (x32 Version: 12.4.15 - Sage Software SB, Inc.) Hidden
Sage 50 Accounting Update (x32 Version: 19.01.001 - Sage Software, Inc.) Hidden
Sage Integration Services (HKLM-x32\...\Integration Services) (Version: 2.2.2240 - Sage Technology)
SAP Crystal Reports runtime engine for .NET Framework 4 (32-bit) (HKLM-x32\...\{AAD476D7-FC64-40BC-85EA-0C1FD98D8375}) (Version: 13.0.3.612 - SAP)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
The Edge Sporting Event analysis system (HKLM-x32\...\The Edge_is1) (Version:  - Cerebra Software Systems)
The Judge NFL Handicapping analysis system (HKLM-x32\...\The NFL Judge_is1) (Version:  - Cerebra Software Systems)
TomTom HOME 2.8.4.2596 (HKLM-x32\...\TomTom HOME) (Version: 2.8.4.2596 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-717003261-2532330135-182091199-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
 
==================== Restore Points  =========================
 
15-09-2014 23:06:28 Windows Update
17-09-2014 01:57:45 Plex Media Server
20-09-2014 01:32:49 Removed GeekBuddy.
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 09:25 - 2014-09-13 22:46 - 00001382 _RASH C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost
5.45.78.80 www.google-analytics.com.
5.45.78.80 google-analytics.com.
5.45.78.80 connect.facebook.net.
188.40.62.184 www.google-analytics.com.
188.40.62.184 google-analytics.com.
188.40.62.184 connect.facebook.net.
 
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {05404CA4-9AAC-4ADA-BA95-DFA32EE36ABD} - \Synaptics TouchPad Enhancements No Task File <==== ATTENTION
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0FA6CCF5-299D-4543-B23E-2BE135B2D3B5} - \User_Feed_Synchronization-{AFF0549D-2816-4AEB-BE53-4300B5940643} No Task File <==== ATTENTION
Task: {11FEC972-5181-4EDD-A4AA-FCFC28EE9459} - \Run RoboForm TaskBar Icon No Task File <==== ATTENTION
Task: {1E4801C3-A90E-4286-9DFD-19ECF1FBF42E} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4BB071E0-6697-45CA-9C3F-DB1E63C3F7AB} - \Open URL by RoboForm No Task File <==== ATTENTION
Task: {4E7DE7C3-3660-441F-87A7-AE64D212823B} - \PCDEventLauncherTask No Task File <==== ATTENTION
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6B91AFEF-4FA4-4FEC-ACCD-22CFC623A473} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-09-12] (Microsoft Corporation)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {75B1AFAE-D1A0-4F3D-B614-749CF06872DB} - \{CA9B2D4F-A7B3-4875-8264-2E5AD884265F} No Task File <==== ATTENTION
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {8598824B-3F4D-4147-9DB1-172D03999040} - \HPCustParticipation HP Officejet Pro 8600 No Task File <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A7349793-646C-4761-B8B4-5C517B6BBDFD} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {BF58E14B-1069-43E0-80DD-BB525A2FD9CD} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {BFD69D73-F07C-4657-BCFC-63AF303939D6} - \{AB7ACA9C-08EA-4028-8F1A-6B73298E3F1D} No Task File <==== ATTENTION
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D08F1AB1-8F5E-4779-937E-7A750E734C77} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E2ACF668-4308-4463-9ECA-B3DD4467FB01} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {E3BDCA69-0278-4D27-AE94-D673C4802877} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
 
==================== Loaded Modules (whitelisted) =============
 
2014-09-13 22:30 - 2014-09-13 22:30 - 03140096 _____ () C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll
2013-09-05 03:17 - 2013-09-05 03:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 18:23 - 2010-10-20 18:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-09-19 21:39 - 2014-09-19 21:39 - 02498560 _____ () C:\ProgramData\Microsoft\Secure\Icons\IconsCacheHelper.dll
2014-09-15 19:48 - 2014-05-12 09:55 - 00769904 _____ () C:\Program Files (x86)\Hide ALL IP\networktunnelx64helper.exe
2014-09-15 19:48 - 2013-07-17 09:41 - 00204144 _____ () C:\Program Files (x86)\Hide ALL IP\networkdllx64_l.dll
2014-09-15 19:48 - 2014-07-05 22:03 - 01185136 _____ () C:\Program Files (x86)\Hide ALL IP\networkdllx64.dll
2014-01-10 01:26 - 2014-01-10 01:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-06-24 09:37 - 2014-06-24 09:37 - 00661752 _____ () C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
2013-04-12 13:23 - 2013-04-12 13:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2014-09-15 19:48 - 2001-07-26 14:17 - 00692224 _____ () C:\Program Files (x86)\Hide ALL IP\libeay32.dll
2014-08-01 22:14 - 2014-08-01 22:14 - 00840840 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll
2014-08-01 22:14 - 2014-08-01 22:14 - 00051848 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll
2014-08-01 22:14 - 2014-08-01 22:14 - 00089224 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll
2014-08-01 22:14 - 2014-08-01 22:14 - 02100360 _____ () C:\Program Files (x86)\Plex\Plex Media Server\opencv_core249.dll
2014-08-01 22:14 - 2014-08-01 22:14 - 01923720 _____ () C:\Program Files (x86)\Plex\Plex Media Server\opencv_imgproc249.dll
2014-08-01 22:13 - 2014-08-01 22:13 - 07605400 _____ () C:\Program Files (x86)\Plex\Plex Media Server\avcodec-54.dll
2014-08-01 22:13 - 2014-08-01 22:13 - 01453720 _____ () C:\Program Files (x86)\Plex\Plex Media Server\avformat-54.dll
2014-08-01 22:13 - 2014-08-01 22:13 - 00202392 _____ () C:\Program Files (x86)\Plex\Plex Media Server\avutil-52.dll
2014-08-01 22:14 - 2014-08-01 22:14 - 00352920 _____ () C:\Program Files (x86)\Plex\Plex Media Server\swscale-2.dll
2014-08-01 22:14 - 2014-08-01 22:14 - 00507528 _____ () C:\Program Files (x86)\Plex\Plex Media Server\tag.dll
2014-08-01 22:14 - 2014-08-01 22:14 - 08495240 _____ () C:\Program Files (x86)\Plex\Plex Media Server\WebKit.dll
2014-08-01 22:14 - 2014-08-01 22:14 - 00073352 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll
2014-08-01 22:14 - 2014-08-01 22:14 - 00195720 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll
2014-08-01 22:13 - 2014-08-01 22:13 - 00952968 _____ () C:\Program Files (x86)\Plex\Plex Media Server\CFLite.dll
2014-08-01 22:14 - 2014-08-01 22:14 - 01291400 _____ () C:\Program Files (x86)\Plex\Plex Media Server\JavaScriptCore.dll
2014-08-01 22:13 - 2014-08-01 22:13 - 01038984 _____ () C:\Program Files (x86)\Plex\Plex Media Server\cairo.dll
2014-08-01 22:14 - 2014-08-01 22:14 - 00073352 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib1.dll
2014-01-10 01:28 - 2014-01-10 01:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-08-01 22:14 - 2014-08-01 22:14 - 00045192 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd
2014-08-01 22:14 - 2014-08-01 22:14 - 00028808 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd
2014-08-01 22:14 - 2014-08-01 22:14 - 00019080 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd
2014-08-01 22:14 - 2014-08-01 22:14 - 00035976 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd
2014-08-01 22:14 - 2014-08-01 22:14 - 00836744 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd
2014-08-01 22:14 - 2014-08-01 22:14 - 00062600 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll
2014-08-01 22:14 - 2014-08-01 22:14 - 00166024 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll
2014-08-01 22:14 - 2014-08-01 22:14 - 00192648 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd
2014-08-01 22:14 - 2014-08-01 22:14 - 00016520 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd
2014-08-01 22:14 - 2014-08-01 22:14 - 00056456 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\crypto.pyd
2014-08-01 22:14 - 2014-08-01 22:14 - 00018056 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\rand.pyd
2014-08-01 22:14 - 2014-08-01 22:14 - 00044680 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\SSL.pyd
2014-08-01 22:14 - 2014-08-01 22:14 - 00083080 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd
2014-08-01 22:14 - 2014-08-01 22:14 - 00111752 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd
2014-08-01 22:14 - 2014-08-01 22:14 - 00692360 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd
2014-09-12 18:48 - 2014-09-03 23:01 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-12 18:48 - 2014-09-03 23:01 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll
2014-09-12 18:48 - 2014-09-03 23:01 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-12 18:48 - 2014-09-03 23:01 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-12 18:48 - 2014-09-03 23:01 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
2013-09-05 03:14 - 2013-09-05 03:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-14 18:46 - 2013-02-14 18:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\mbrandau\OneDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
HKCU\...\StartupApproved\Run: => "URXmedia"
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/21/2014 07:38:42 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8
 
Error: (09/21/2014 07:38:41 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 
 
Error: (09/21/2014 07:38:41 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL8
 
Error: (09/21/2014 07:38:41 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll8
 
Error: (09/21/2014 07:38:41 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll8
 
Error: (09/21/2014 07:38:41 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
 
Error: (09/21/2014 06:47:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: xaylazx.exe, version: 3.2.10005.10005, time stamp: 0x541d9962
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc000041d
Fault offset: 0x027711ae
Faulting process id: 0x2630
Faulting application start time: 0xxaylazx.exe0
Faulting application path: xaylazx.exe1
Faulting module path: xaylazx.exe2
Report Id: xaylazx.exe3
Faulting package full name: xaylazx.exe4
Faulting package-relative application ID: xaylazx.exe5
 
Error: (09/21/2014 06:47:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: xaylazx.exe, version: 3.2.10005.10005, time stamp: 0x541d9962
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x027711ae
Faulting process id: 0x2630
Faulting application start time: 0xxaylazx.exe0
Faulting application path: xaylazx.exe1
Faulting module path: xaylazx.exe2
Report Id: xaylazx.exe3
Faulting package full name: xaylazx.exe4
Faulting package-relative application ID: xaylazx.exe5
 
Error: (09/20/2014 10:56:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: xaylazx.exe, version: 3.2.10005.10005, time stamp: 0x53d75949
Faulting module name: mshtml.dll, version: 11.0.9600.17278, time stamp: 0x53eebbe7
Exception code: 0xc0000005
Fault offset: 0x003d92cd
Faulting process id: 0x19e8
Faulting application start time: 0xxaylazx.exe0
Faulting application path: xaylazx.exe1
Faulting module path: xaylazx.exe2
Report Id: xaylazx.exe3
Faulting package full name: xaylazx.exe4
Faulting package-relative application ID: xaylazx.exe5
 
Error: (09/20/2014 00:44:56 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 580: ERROR: read_msg errno 0 (The operation completed successfully.)
 
 
System errors:
=============
Error: (09/21/2014 07:37:32 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (09/21/2014 07:36:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ZoneAlarm Privacy Service service failed to start due to the following error: 
%%2
 
Error: (09/21/2014 07:35:34 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the psqlWGE service.
 
Error: (09/21/2014 07:35:34 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MediaMall Server service.
 
Error: (09/21/2014 07:35:33 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FontCache3.0.0.0 service.
 
Error: (09/19/2014 09:50:22 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (09/19/2014 09:39:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ZoneAlarm Privacy Service service failed to start due to the following error: 
%%2
 
Error: (09/19/2014 07:06:43 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}LaptopmbrandauS-1-5-21-717003261-2532330135-182091199-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (09/19/2014 07:06:42 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}LaptopmbrandauS-1-5-21-717003261-2532330135-182091199-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (09/19/2014 07:06:42 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}LaptopmbrandauS-1-5-21-717003261-2532330135-182091199-1001LocalHost (Using LRPC)UnavailableUnavailable
 
 
Microsoft Office Sessions:
=========================
Error: (09/21/2014 07:38:42 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8
 
Error: (09/21/2014 07:38:41 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 
 
Error: (09/21/2014 07:38:41 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL8
 
Error: (09/21/2014 07:38:41 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll8
 
Error: (09/21/2014 07:38:41 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll8
 
Error: (09/21/2014 07:38:41 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
 
Error: (09/21/2014 06:47:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: xaylazx.exe3.2.10005.10005541d9962unknown0.0.0.000000000c000041d027711ae263001cfd5edfa6973a3C:\Users\mbrandau\AppData\Roaming\Idhuak\xaylazx.exeunknown425fcd6c-41e1-11e4-be91-bc855606bc5c
 
Error: (09/21/2014 06:47:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: xaylazx.exe3.2.10005.10005541d9962unknown0.0.0.000000000c0000005027711ae263001cfd5edfa6973a3C:\Users\mbrandau\AppData\Roaming\Idhuak\xaylazx.exeunknown3f949a83-41e1-11e4-be91-bc855606bc5c
 
Error: (09/20/2014 10:56:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: xaylazx.exe3.2.10005.1000553d75949mshtml.dll11.0.9600.1727853eebbe7c0000005003d92cd19e801cfd5479718c3e0C:\Users\mbrandau\AppData\Roaming\Idhuak\xaylazx.exeC:\Windows\SYSTEM32\mshtml.dlle56ffafa-413a-11e4-be91-bc855606bc5c
 
Error: (09/20/2014 00:44:56 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 580: ERROR: read_msg errno 0 (The operation completed successfully.)
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-09-19 21:30:32.225
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-19 21:12:44.028
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-19 21:06:36.880
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-19 20:50:35.691
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-19 20:04:54.715
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-19 19:35:05.187
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-19 19:12:30.594
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-19 19:07:02.751
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-19 06:38:59.014
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-18 22:19:02.819
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-3227U CPU @ 1.90GHz
Percentage of memory in use: 56%
Total physical RAM: 3977.27 MB
Available physical RAM: 1737.66 MB
Total Pagefile: 5577.27 MB
Available Pagefile: 1848.56 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:452.04 GB) (Free:322.68 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: FB7D9D02)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================


#4 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 PM

Posted 22 September 2014 - 04:04 AM

Hi,

there is more than one malware running on the system. Let's get rid of it:


Step 1

Please download this attached Attached File  fixlist.txt   1.8KB   7 downloads and save it in the same directory as FRST.
  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.


Step 2

Start FRST with administator privileges.
  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste this log in your next reply.


#5 mbrandau2018

mbrandau2018
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:19 AM

Posted 22 September 2014 - 11:49 AM

Here are the 2 logs, Fixlog then FRST.

 

FYI, as soon as computer rebooted, the Panda alert came up with a virus:  xaylazx.exe

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-09-2014 01
Ran by mbrandau at 2014-09-22 12:28:44 Run:1
Running from C:\Users\mbrandau\Downloads
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
CloseProcesses:
HKU\S-1-5-21-717003261-2532330135-182091199-1001\...\Run: [Ofics] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\mbrandau\AppData\Local\URXmedia\HuaweiIde90.dll
C:\Users\mbrandau\AppData\Local\URXmedia
HKU\S-1-5-21-717003261-2532330135-182091199-1001\...\Run: [URXmedia] => C:\Users\mbrandau\AppData\Local\URXmedia\tmp1BE4.exe [135168 2014-09-19] (Audacity Team )
HKU\S-1-5-21-717003261-2532330135-182091199-1001\...\Run: [Idzarylygi] => C:\Users\mbrandau\AppData\Roaming\Idhuak\xaylazx.exe [344576 2014-09-21] (Binary Fortress Software)
C:\Users\mbrandau\AppData\Roaming\Idhuak
HKU\S-1-5-21-717003261-2532330135-182091199-1001\...\Policies\Explorer: [Run] "C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\IEUpdate\chkdsk.exe"
C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\IEUpdate\chkdsk.exe
HKU\S-1-5-21-717003261-2532330135-182091199-1001\...\Command Processor: "C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\IEUpdate\WSManHTTPConfig.exe" <===== ATTENTION!
C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\IEUpdate\WSManHTTPConfig.exe
Startup: C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\resmon.lnk
ShortcutTarget: resmon.lnk -> C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\IEUpdate\resmon.exe (No File)
Startup: C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WSManHTTPConfig.lnk
ShortcutTarget: WSManHTTPConfig.lnk -> C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\IEUpdate\WSManHTTPConfig.exe (No File)
ShellIconOverlayIdentifiers: 1SecureIconsProvider -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll ()
C:\ProgramData\Microsoft\Secure
2014-09-13 22:31 - 2014-09-19 22:41 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\YjPack
Hosts:
EmptyTemp:
 
*****************
 
Processes closed successfully.
HKU\S-1-5-21-717003261-2532330135-182091199-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Ofics => Value not found.
C:\Users\mbrandau\AppData\Local\URXmedia => Moved successfully.
HKU\S-1-5-21-717003261-2532330135-182091199-1001\Software\Microsoft\Windows\CurrentVersion\Run\\URXmedia => value deleted successfully.
HKU\S-1-5-21-717003261-2532330135-182091199-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Idzarylygi => value deleted successfully.
C:\Users\mbrandau\AppData\Roaming\Idhuak => Moved successfully.
HKU\S-1-5-21-717003261-2532330135-182091199-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\Run => value deleted successfully.
"C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\IEUpdate\chkdsk.exe" => File/Directory not found.
HKU\S-1-5-21-717003261-2532330135-182091199-1001\Software\Microsoft\Command Processor\\AutoRun => value deleted successfully.
"C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\IEUpdate\WSManHTTPConfig.exe" => File/Directory not found.
C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\resmon.lnk => Moved successfully.
C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\IEUpdate\resmon.exe not found.
C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WSManHTTPConfig.lnk => Moved successfully.
C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\IEUpdate\WSManHTTPConfig.exe not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\1SecureIconsProvider" => Key deleted successfully.
"HKCR\CLSID\{FC9D8189-520A-4417-AED7-9EAC810C6FBA}" => Key deleted successfully.
 
"C:\ProgramData\Microsoft\Secure" directory move:
 
C:\ProgramData\Microsoft\Secure\Icons\IconsCacheHelper.dll => Moved successfully.
Could not move "C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll" => Scheduled to move on reboot.
C:\ProgramData\Microsoft\Secure\Icons\temp\tmp1BE4.exe => Moved successfully.
C:\ProgramData\Microsoft\Secure\Icons\temp\tmp1BE4.tmp => Moved successfully.
C:\ProgramData\Microsoft\Secure\Icons\temp\tmp2218.tmp => Moved successfully.
C:\ProgramData\Microsoft\Secure\Icons\temp\tmp2EE9.exe => Moved successfully.
C:\ProgramData\Microsoft\Secure\Icons\temp\tmp2EE9.tmp => Moved successfully.
C:\ProgramData\Microsoft\Secure\Icons\temp\tmp39A2.exe => Moved successfully.
C:\ProgramData\Microsoft\Secure\Icons\temp\tmp39A2.tmp => Moved successfully.
C:\ProgramData\Microsoft\Secure\Icons\temp\tmp3C67.exe => Moved successfully.
C:\ProgramData\Microsoft\Secure\Icons\temp\tmp3C67.tmp => Moved successfully.
C:\ProgramData\Microsoft\Secure\Icons\temp\tmp3CA6.tmp => Moved successfully.
C:\ProgramData\Microsoft\Secure\Icons\temp\tmp52BC.tmp => Moved successfully.
C:\ProgramData\Microsoft\Secure\Icons\temp\tmp7B39.tmp => Moved successfully.
C:\ProgramData\Microsoft\Secure\Icons\temp\tmp834A.tmp => Moved successfully.
C:\ProgramData\Microsoft\Secure\Icons\temp\tmp878.tmp => Moved successfully.
C:\ProgramData\Microsoft\Secure\Icons\temp\tmp8E31.tmp => Moved successfully.
C:\ProgramData\Microsoft\Secure\Icons\temp\tmpA527.exe => Moved successfully.
C:\ProgramData\Microsoft\Secure\Icons\temp\tmpA527.tmp => Moved successfully.
C:\ProgramData\Microsoft\Secure\Icons\temp\tmpB66C.tmp => Moved successfully.
C:\ProgramData\Microsoft\Secure\Icons\temp\tmpB85C.tmp => Moved successfully.
C:\ProgramData\Microsoft\Secure\Icons\temp\tmpBCFB.tmp => Moved successfully.
C:\ProgramData\Microsoft\Secure\Icons\temp\tmpDF1E.tmp => Moved successfully.
C:\ProgramData\Microsoft\Secure\Icons\temp\tmpEE30.tmp => Moved successfully.
C:\ProgramData\Microsoft\Secure\Icons\temp\tmpF42F.tmp => Moved successfully.
C:\ProgramData\Microsoft\Secure\Icons\temp\tmpF7F7.tmp => Moved successfully.
C:\ProgramData\Microsoft\Secure\Icons\temp\{2AF5E811-C13D-F09F-D8E5-50EC2AEDE632} => Moved successfully.
C:\ProgramData\Microsoft\Secure\Icons\temp\{AB27AF21-FBB0-7809-6A57-980AE990E2F7} => Moved successfully.
C:\ProgramData\Microsoft\Secure\Icons\temp\{B8EA0B16-557B-5263-D79A-A61D4BEF6D17} => Moved successfully.
C:\ProgramData\Microsoft\Secure\Icons\temp\{D98322D9-4172-6B9E-D92F-6A4A9C460205} => Moved successfully.
C:\ProgramData\Microsoft\Secure\Icons\CachedIcons\zepplauncher.mif => Moved successfully.
Could not move "C:\ProgramData\Microsoft\Secure" directory. => Scheduled to move on reboot.
 
C:\Users\mbrandau\AppData\Local\YjPack => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 4.1 GB temporary data.
 
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-09-22 12:31:52)<=
 
C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll => Is moved successfully.
C:\ProgramData\Microsoft\Secure => Is moved successfully.
 
==== End of Fixlog ====
 
 
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2014 01
Ran by mbrandau (administrator) on LAPTOP on 22-09-2014 12:35:02
Running from C:\Users\mbrandau\Downloads
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(www.hideallip.com) C:\Program Files (x86)\Hide ALL IP\LauncherService.exe
(MediaMall Technologies, Inc.) C:\Program Files (x86)\MediaMall\MediaMallServer.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Pervasive Software Inc.) C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Dell) C:\Users\mbrandau\AppData\Local\Apps\2.0\WPHLOW7R.VWE\HOREYTK3.DWD\dell..tion_0f612f649c4a10af_0005.000a_17ece8424e43daec\DellSystemDetect.exe
(www.hideallip.com) C:\Program Files (x86)\Hide ALL IP\HideALLIP.exe
() C:\Program Files (x86)\Hide ALL IP\networktunnelx64helper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
() C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
() C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6846096 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1253520 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2796272 2013-11-22] (Synaptics Incorporated)
HKLM-x32\...\Run: [PeachtreePrefetcher.exe] => C:\Program Files (x86)\Sage\Peachtree\PeachtreePrefetcher.exe [320816 2013-11-07] (Sage Software, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-28] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2014-03-18] (BlackBerry Limited)
HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4494848 2014-06-23] (Research In Motion Limited)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-07-24] (Panda Security, S.L.)
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\SysWOW64\userinit.exe,
HKU\S-1-5-21-717003261-2532330135-182091199-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [247728 2012-04-20] (TomTom)
HKU\S-1-5-21-717003261-2532330135-182091199-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [111320 2014-08-20] (Siber Systems)
HKU\S-1-5-21-717003261-2532330135-182091199-1001\...\Run: [Hide ALL IP] => C:\Program Files (x86)\Hide ALL IP\HideAllIP.exe [3612016 2014-09-20] (www.hideallip.com)
HKU\S-1-5-21-717003261-2532330135-182091199-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [4525192 2014-08-01] (Plex, Inc.)
HKU\S-1-5-21-717003261-2532330135-182091199-1001\...\Run: [DellSystemDetect] => C:\Users\mbrandau\AppData\Local\Apps\2.0\WPHLOW7R.VWE\HOREYTK3.DWD\dell..tion_0f612f649c4a10af_0005.000a_17ece8424e43daec\DellSystemDetect.exe [265280 2014-08-31] (Dell)
HKU\S-1-5-21-717003261-2532330135-182091199-1001\...\MountPoints2: {629906d4-0f9a-11e4-be83-bc855606bc5c} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL E:\start.exe
Startup: C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dism.lnk
ShortcutTarget: Dism.lnk -> C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\IEUpdate\Dism.exe (No File)
Startup: C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk
ShortcutTarget: Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7E6823CADA73CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
SearchScopes: HKCU - DefaultScope {5599DFD8-782B-43F7-80FA-E25816AE4E22} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=599486&p={searchTerms}
SearchScopes: HKCU - {5599DFD8-782B-43F7-80FA-E25816AE4E22} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=599486&p={searchTerms}
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: PlayOn -> {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} -> C:\Program Files (x86)\MediaMall\toolbar\pobho64.dll (MediaMall Technologies, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Dell Toolbar -> {09B71986-2AC5-482d-B6CB-42EA34F4F85B} -> C:\Program Files\Dell Printable Web\toolband.dll ()
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: PlayOn -> {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} -> C:\Program Files (x86)\MediaMall\toolbar\pobho.dll (MediaMall Technologies, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
Toolbar: HKLM - PlayOn - {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} - C:\Program Files (x86)\MediaMall\toolbar\pobho64.dll (MediaMall Technologies, Inc.)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKLM-x32 - Dell Toolbar - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll ()
Toolbar: HKLM-x32 - PlayOn - {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} - C:\Program Files (x86)\MediaMall\toolbar\pobho.dll (MediaMall Technologies, Inc.)
Toolbar: HKCU - &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
Winsock: Catalog5 05 C:\WINDOWS\SysWOW64\networkdlllsp.dll [428400] (Network Tunnel Lab)
Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\networkdlllsp.dll [428400] (Network Tunnel Lab)
Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\networkdlllsp.dll [428400] (Network Tunnel Lab)
Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\networkdlllsp.dll [428400] (Network Tunnel Lab)
Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\networkdlllsp.dll [428400] (Network Tunnel Lab)
Winsock: Catalog9 05 C:\WINDOWS\SysWOW64\networkdlllsp.dll [428400] (Network Tunnel Lab)
Winsock: Catalog9 06 C:\WINDOWS\SysWOW64\networkdlllsp.dll [428400] (Network Tunnel Lab)
Winsock: Catalog9 07 C:\WINDOWS\SysWOW64\networkdlllsp.dll [428400] (Network Tunnel Lab)
Tcpip\Parameters: [DhcpNameServer] 10.240.205.161 10.240.205.162
Tcpip\..\Interfaces\{04FD9815-B92F-4495-AA4E-8D0EBF7A78C3}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{15D2E35A-6E5C-4F8B-A57B-BA7BC4E0F1DD}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{765C4556-98AB-4D9E-B7E9-DCA1838B29BE}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{82B8064D-4CE7-478F-BC48-D7C128374746}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{980883E0-6428-47E9-B04D-4A94D5C89A1F}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{E1524FD5-30FE-4606-86C9-A7AC0BD7A13D}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{F54BF96C-D26B-4F4B-A7F1-B6337DA2B57B}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
 
FireFox:
========
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @playon.tv/PlayOnToolbar -> C:\Program Files (x86)\MediaMall\toolbar\npVT.dll (MediaMall Technologies, Inc.)
FF Plugin-x32: @rim.com/npappworld -> C:\Program Files (x86)\Research In Motion Limited\BlackBerry World Browser Plugin\npappworld.dll ()
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
 
Chrome: 
=======
CHR Profile: C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Printer Extension Manager Class) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-09-13]
CHR Extension: (Google Docs) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-19]
CHR Extension: (Google Drive) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-19]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-26]
CHR Extension: (YouTube) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-19]
CHR Extension: (Google Search) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-19]
CHR Extension: (High Contrast) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcfdncoelnlbldjfhinnjlhdjlikmph [2014-05-19]
CHR Extension: (AdBlock) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-19]
CHR Extension: (Open SEO Stats(Formerly: PageRank Status)) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdkkfheckcdppiaiabobmennhijkknn [2014-05-19]
CHR Extension: (PlayOn) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\lggaaajacmlhgbpldaboipiinndchjgm [2014-09-17]
CHR Extension: (Google Wallet) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-19]
CHR Extension: (Gmail) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-19]
CHR Extension: (RoboForm) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2014-05-20]
CHR Extension: (Space Planet) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppcocpoeoiajndepaaimnnglicichmbb [2014-05-19]
CHR HKLM-x32\...\Chrome\Extension: [lggaaajacmlhgbpldaboipiinndchjgm] - C:\Program Files (x86)\MediaMall\toolbar\ce.crx [2014-06-13]
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-05-20]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2014-03-18] (BlackBerry Limited) [File not signed]
R2 HideIPLaucherService; C:\Program Files (x86)\Hide ALL IP\LauncherService.exe [489328 2014-01-24] (www.hideallip.com)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-06-05] (Microsoft Corporation)
R2 MediaMall Server; C:\Program Files (x86)\MediaMall\MediaMallServer.exe [5813040 2014-09-09] (MediaMall Technologies, Inc.)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [141560 2014-07-24] (Panda Security, S.L.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-06-05] (Microsoft Corporation)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [61688 2014-07-23] (Panda Security, S.L.)
R2 psqlWGE; C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe [436040 2013-01-08] (Pervasive Software Inc.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-07-24] (Panda Security, S.L.)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2014-06-23] (Apple Inc.) [File not signed]
R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1325568 2014-06-23] (Research In Motion Limited) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201872 2012-11-23] (Realtek Semiconductor)
S3 Sage 50 SmartPosting 2014; C:\Program Files (x86)\Sage\Peachtree\SmartPostingService2014.exe [335664 2013-11-07] (Sage Software, Inc.)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-06-05] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-06-05] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2012-12-26] (Atheros)
S2 ZAPrivacyService; "C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 msvad_simple; C:\Windows\system32\drivers\povrtdev.sys [28528 2013-12-17] (MediaMall Technologies, Inc.)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [47360 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)
R0 PsBoot; C:\Windows\System32\Drivers\PsBoot.sys [40480 2014-03-11] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [160800 2014-07-24] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [120352 2014-07-24] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [106016 2014-07-24] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [60400 2014-03-25] (Panda Security, S.L.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-12-02] (BlackBerry Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-06-23] (Research in Motion Limited)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2013-11-22] (Synaptics Incorporated)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-06-05] (Microsoft Corporation)
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-22 12:33 - 2014-09-22 12:33 - 00000000 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.bak
2014-09-22 12:32 - 2014-03-11 11:48 - 00040480 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PsBoot.sys
2014-09-22 12:28 - 2014-09-22 12:28 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\Idhuak
2014-09-22 12:27 - 2014-09-22 12:27 - 00001846 _____ () C:\Users\mbrandau\Downloads\fixlist (1).txt
2014-09-22 12:27 - 2014-09-22 12:27 - 00001846 _____ () C:\Users\mbrandau\Desktop\fixlist.txt
2014-09-21 20:57 - 2014-09-22 12:28 - 00001488 _____ () C:\Users\mbrandau\Desktop\FRST64 - Shortcut.lnk
2014-09-21 20:56 - 2014-09-21 20:56 - 00084946 _____ () C:\Users\mbrandau\Desktop\FRST.txt
2014-09-21 20:50 - 2014-09-21 20:50 - 00040859 _____ () C:\Users\mbrandau\Desktop\Addition.txt
2014-09-21 20:44 - 2014-09-21 20:45 - 00040859 _____ () C:\Users\mbrandau\Downloads\Addition.txt
2014-09-21 20:43 - 2014-09-22 12:35 - 00024441 _____ () C:\Users\mbrandau\Downloads\FRST.txt
2014-09-21 20:42 - 2014-09-22 12:35 - 00000000 ____D () C:\FRST
2014-09-21 20:42 - 2014-09-21 20:42 - 02105856 _____ (Farbar) C:\Users\mbrandau\Downloads\FRST64.exe
2014-09-21 19:59 - 2014-09-21 19:59 - 00016458 _____ () C:\Users\mbrandau\Desktop\hijackthis 9.21.14
2014-09-19 22:01 - 2014-09-19 22:01 - 00001526 _____ () C:\Users\mbrandau\Desktop\HijackThis - Shortcut.lnk
2014-09-19 21:59 - 2014-09-19 21:59 - 00388608 _____ (Trend Micro Inc.) C:\Users\mbrandau\Downloads\HijackThis.exe
2014-09-19 21:50 - 2014-03-25 09:15 - 00060400 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2014-09-19 21:49 - 2014-09-19 21:49 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\Panda Security
2014-09-19 21:49 - 2014-09-19 21:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
2014-09-19 21:49 - 2014-09-19 21:49 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-09-19 21:47 - 2014-09-19 21:49 - 00000000 ____D () C:\ProgramData\Panda Security
2014-09-19 21:46 - 2014-09-19 21:46 - 01329312 _____ () C:\Users\mbrandau\Downloads\PANDAFREEAV.exe
2014-09-17 23:18 - 2014-09-18 19:01 - 00039820 _____ () C:\WINDOWS\system32\Drivers\fvstore.dat
2014-09-17 23:18 - 2014-09-17 23:18 - 00000000 ___HD () C:\VTRoot
2014-09-17 22:27 - 2014-09-19 21:38 - 01474832 _____ () C:\WINDOWS\system32\Drivers\sfi.dat
2014-09-17 22:26 - 2014-09-17 22:27 - 00000000 ____D () C:\Program Files\COMODO
2014-09-17 22:26 - 2014-09-17 22:26 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-09-17 22:22 - 2014-09-17 22:27 - 00000000 ____D () C:\ProgramData\Comodo
2014-09-17 22:20 - 2014-09-17 22:21 - 230403216 _____ (COMODO) C:\Users\mbrandau\Downloads\cispremium_installer_5997_92.exe
2014-09-17 21:47 - 2014-09-17 21:47 - 00008136 _____ () C:\Users\mbrandau\Downloads\FirstRow (1).lua
2014-09-17 21:10 - 2014-09-17 21:10 - 00008136 _____ () C:\Users\mbrandau\Downloads\FirstRow.lua
2014-09-17 20:57 - 2014-09-17 20:59 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\vlc
2014-09-17 20:57 - 2014-09-17 20:57 - 00001084 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-17 20:57 - 2014-09-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-17 20:57 - 2014-09-17 20:57 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-09-17 20:56 - 2014-09-17 20:56 - 24743106 _____ () C:\Users\mbrandau\Downloads\vlc-2.1.5-win32.exe
2014-09-17 20:52 - 2014-09-17 20:53 - 40614608 _____ () C:\Users\mbrandau\Downloads\vlc-2.1.5-win32.zip
2014-09-17 20:49 - 2014-09-17 20:50 - 67610856 _____ (MediaMall Technologies, Inc. ) C:\Users\mbrandau\Downloads\MyMediaSetup.3.10.3.exe
2014-09-17 20:44 - 2014-09-17 20:44 - 02647688 _____ (MediaMall Technologies, Inc.) C:\Users\mbrandau\Downloads\PlayLaterSetup.1.6.3.exe
2014-09-17 20:44 - 2014-09-17 20:44 - 00000983 _____ () C:\Users\Public\Desktop\PlayLater.lnk
2014-09-17 20:44 - 2014-09-17 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayLater
2014-09-17 20:31 - 2014-09-17 20:31 - 00002067 _____ () C:\Users\Public\Desktop\PlayOn.lnk
2014-09-17 20:31 - 2014-09-17 20:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayOn
2014-09-17 20:29 - 2014-09-22 12:31 - 00000000 ____D () C:\ProgramData\MediaMall
2014-09-17 20:29 - 2014-09-17 20:50 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2014-09-17 20:29 - 2014-09-17 20:44 - 00000000 ____D () C:\Program Files (x86)\MediaMall
2014-09-17 20:27 - 2014-09-17 20:28 - 67409128 _____ (MediaMall Technologies, Inc. ) C:\Users\mbrandau\Downloads\PlayOnSetup.3.10.3.exe
2014-09-16 21:59 - 2014-09-22 12:32 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-09-16 21:59 - 2014-09-16 22:00 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\Plex Media Server
2014-09-16 21:59 - 2014-09-16 21:59 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\Apple Computer
2014-09-16 21:59 - 2014-09-16 21:59 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\Apple Computer
2014-09-16 21:59 - 2014-09-16 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2014-09-16 21:58 - 2014-09-16 21:58 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-16 21:58 - 2014-09-16 21:58 - 00000000 ____D () C:\Program Files (x86)\Plex
2014-09-16 21:57 - 2014-09-16 21:57 - 62222680 _____ (Plex, Inc.) C:\Users\mbrandau\Downloads\Plex-Media-Server-0.9.914.531-7eef8c6-en-US (1).exe
2014-09-16 21:56 - 2014-09-16 21:56 - 62222680 _____ (Plex, Inc.) C:\Users\mbrandau\Downloads\Plex-Media-Server-0.9.914.531-7eef8c6-en-US.exe
2014-09-16 21:15 - 2014-09-16 21:15 - 00000029 _____ () C:\Users\mbrandau\Desktop\Wireless Router Info.txt
2014-09-16 18:22 - 2014-09-16 18:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-16 18:21 - 2014-09-16 18:21 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\mbrandau\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-15 19:49 - 2014-07-05 22:04 - 00428400 _____ (Network Tunnel Lab) C:\WINDOWS\SysWOW64\networkdlllsp.dll
2014-09-15 19:48 - 2014-09-20 07:11 - 00000000 ____D () C:\Program Files (x86)\Hide ALL IP
2014-09-15 19:48 - 2014-09-15 19:48 - 04061768 _____ (www.hideallip.com ) C:\Users\mbrandau\Desktop\hideallipsetup.exe
2014-09-15 19:48 - 2014-09-15 19:48 - 00001047 _____ () C:\Users\Public\Desktop\Hide ALL IP.lnk
2014-09-15 19:48 - 2014-09-15 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hide ALL IP
2014-09-15 18:53 - 2014-08-23 03:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-09-15 18:53 - 2014-08-23 00:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-09-15 18:53 - 2014-07-29 21:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-09-15 18:53 - 2014-07-29 01:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-09-15 18:52 - 2014-08-23 03:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-09-15 18:52 - 2014-08-23 02:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-09-15 18:52 - 2014-08-23 01:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-09-15 18:52 - 2014-08-23 00:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-09-15 18:52 - 2014-08-23 00:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-09-15 18:52 - 2014-08-23 00:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-09-15 18:52 - 2014-08-23 00:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-09-15 18:52 - 2014-07-24 11:20 - 21266336 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-09-15 18:52 - 2014-07-24 09:46 - 18760328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-09-15 18:52 - 2014-07-24 05:44 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-09-15 18:52 - 2014-07-24 05:16 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-09-15 18:52 - 2014-07-24 03:39 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-09-15 18:52 - 2014-07-24 03:30 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-09-15 18:51 - 2014-07-24 11:07 - 07424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-09-15 18:51 - 2014-07-24 11:03 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-09-15 18:51 - 2014-07-24 10:57 - 02515264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-09-15 18:51 - 2014-07-24 09:36 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-09-15 18:51 - 2014-07-24 04:53 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-09-15 18:51 - 2014-07-24 03:46 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-09-15 18:51 - 2014-07-24 03:43 - 02696704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-09-15 18:51 - 2014-07-24 03:38 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-09-15 18:51 - 2014-07-24 03:38 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-09-15 18:51 - 2014-06-14 02:03 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-09-15 18:51 - 2014-06-14 01:46 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-09-15 18:50 - 2014-07-24 11:28 - 00468288 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-09-15 18:50 - 2014-07-24 11:28 - 00419648 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-09-15 18:50 - 2014-07-24 11:28 - 00412992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-09-15 18:50 - 2014-07-24 11:28 - 00143680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-09-15 18:50 - 2014-07-24 11:23 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-09-15 18:50 - 2014-07-24 11:23 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-09-15 18:50 - 2014-07-24 11:20 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-09-15 18:50 - 2014-07-24 11:16 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-09-15 18:50 - 2014-07-24 11:16 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-09-15 18:50 - 2014-07-24 11:07 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-09-15 18:50 - 2014-07-24 11:05 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-09-15 18:50 - 2014-07-24 11:05 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-09-15 18:50 - 2014-07-24 11:05 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-09-15 18:50 - 2014-07-24 11:05 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-09-15 18:50 - 2014-07-24 11:03 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-09-15 18:50 - 2014-07-24 11:03 - 00818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-09-15 18:50 - 2014-07-24 11:03 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-09-15 18:50 - 2014-07-24 11:03 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-09-15 18:50 - 2014-07-24 11:03 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2014-09-15 18:50 - 2014-07-24 10:57 - 00475968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-09-15 18:50 - 2014-07-24 09:50 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-09-15 18:50 - 2014-07-24 09:48 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-09-15 18:50 - 2014-07-24 09:48 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-09-15 18:50 - 2014-07-24 09:46 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-09-15 18:50 - 2014-07-24 09:36 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-09-15 18:50 - 2014-07-24 09:36 - 00674512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-09-15 18:50 - 2014-07-24 09:36 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-09-15 18:50 - 2014-07-24 09:36 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2014-09-15 18:50 - 2014-07-24 07:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-09-15 18:50 - 2014-07-24 07:45 - 00076800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-09-15 18:50 - 2014-07-24 07:44 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-09-15 18:50 - 2014-07-24 07:43 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2014-09-15 18:50 - 2014-07-24 07:42 - 01200640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-09-15 18:50 - 2014-07-24 07:42 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-09-15 18:50 - 2014-07-24 07:42 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2014-09-15 18:50 - 2014-07-24 07:41 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2014-09-15 18:50 - 2014-07-24 07:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2014-09-15 18:50 - 2014-07-24 07:05 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2014-09-15 18:50 - 2014-07-24 07:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-09-15 18:50 - 2014-07-24 06:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2014-09-15 18:50 - 2014-07-24 06:20 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2014-09-15 18:50 - 2014-07-24 06:18 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-09-15 18:50 - 2014-07-24 06:10 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-09-15 18:50 - 2014-07-24 06:10 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-09-15 18:50 - 2014-07-24 06:10 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-09-15 18:50 - 2014-07-24 06:09 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-09-15 18:50 - 2014-07-24 06:06 - 00438272 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-09-15 18:50 - 2014-07-24 06:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-09-15 18:50 - 2014-07-24 05:53 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2014-09-15 18:50 - 2014-07-24 05:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-09-15 18:50 - 2014-07-24 05:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-09-15 18:50 - 2014-07-24 05:33 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2014-09-15 18:50 - 2014-07-24 05:24 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-09-15 18:50 - 2014-07-24 05:23 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-09-15 18:50 - 2014-07-24 05:13 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2014-09-15 18:50 - 2014-07-24 05:12 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-09-15 18:50 - 2014-07-24 05:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-09-15 18:50 - 2014-07-24 05:10 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-09-15 18:50 - 2014-07-24 05:09 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-09-15 18:50 - 2014-07-24 05:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-09-15 18:50 - 2014-07-24 05:02 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-09-15 18:50 - 2014-07-24 04:53 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-09-15 18:50 - 2014-07-24 04:49 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-09-15 18:50 - 2014-07-24 04:49 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-09-15 18:50 - 2014-07-24 04:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-09-15 18:50 - 2014-07-24 04:38 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-09-15 18:50 - 2014-07-24 04:32 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-09-15 18:50 - 2014-07-24 04:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-09-15 18:50 - 2014-07-24 04:29 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-15 18:50 - 2014-07-24 04:28 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2014-09-15 18:50 - 2014-07-24 04:27 - 00907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-09-15 18:50 - 2014-07-24 04:23 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-09-15 18:50 - 2014-07-24 04:22 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-09-15 18:50 - 2014-07-24 04:21 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-09-15 18:50 - 2014-07-24 04:21 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-09-15 18:50 - 2014-07-24 04:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2014-09-15 18:50 - 2014-07-24 04:19 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-09-15 18:50 - 2014-07-24 04:18 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-09-15 18:50 - 2014-07-24 04:16 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-09-15 18:50 - 2014-07-24 04:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2014-09-15 18:50 - 2014-07-24 04:15 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-09-15 18:50 - 2014-07-24 04:15 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-09-15 18:50 - 2014-07-24 04:10 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-09-15 18:50 - 2014-07-24 04:10 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-09-15 18:50 - 2014-07-24 04:10 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-09-15 18:50 - 2014-07-24 04:10 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-09-15 18:50 - 2014-07-24 04:08 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2014-09-15 18:50 - 2014-07-24 04:07 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-09-15 18:50 - 2014-07-24 04:05 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-09-15 18:50 - 2014-07-24 04:04 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-09-15 18:50 - 2014-07-24 04:02 - 03465216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-09-15 18:50 - 2014-07-24 04:01 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-09-15 18:50 - 2014-07-24 04:01 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2014-09-15 18:50 - 2014-07-24 03:54 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2014-09-15 18:50 - 2014-07-24 03:50 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-09-15 18:50 - 2014-07-24 03:50 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-09-15 18:50 - 2014-07-24 03:49 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2014-09-15 18:50 - 2014-07-24 03:47 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-09-15 18:50 - 2014-07-24 03:44 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-09-15 18:50 - 2014-07-24 03:33 - 03360768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-09-15 18:50 - 2014-07-24 03:28 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-09-15 18:50 - 2014-07-24 00:11 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-09-15 18:50 - 2014-07-24 00:11 - 00513544 _____ () C:\WINDOWS\system32\locale.nls
2014-09-15 18:50 - 2014-07-12 01:55 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2014-09-15 18:50 - 2014-07-12 00:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2014-09-15 18:50 - 2014-07-12 00:13 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-09-15 18:50 - 2014-07-04 06:29 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2014-09-15 18:50 - 2014-07-04 06:20 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-09-15 18:50 - 2014-07-04 06:06 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2014-09-15 18:50 - 2014-07-04 05:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-09-15 18:50 - 2014-07-04 05:27 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-09-15 18:50 - 2014-06-27 02:22 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-09-15 18:50 - 2014-06-25 20:32 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-09-15 18:50 - 2014-06-19 19:37 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-09-15 18:50 - 2014-06-18 22:13 - 00310080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-09-15 18:50 - 2014-06-05 10:00 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-09-15 18:50 - 2014-06-05 06:18 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-09-15 18:50 - 2014-06-05 05:42 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-09-15 18:50 - 2014-05-31 01:00 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2014-09-15 18:50 - 2014-05-31 00:18 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2014-09-15 18:50 - 2014-05-29 02:23 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-09-15 18:50 - 2014-05-29 01:25 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-09-15 18:50 - 2014-05-10 06:12 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-09-15 18:50 - 2014-05-10 04:46 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-09-15 18:50 - 2014-05-06 00:41 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-09-15 18:50 - 2014-05-05 20:55 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-09-15 18:50 - 2014-03-24 22:27 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-09-15 18:50 - 2014-03-24 22:27 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-09-15 18:50 - 2014-03-24 21:20 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-09-15 18:50 - 2014-03-24 21:20 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-09-15 18:49 - 2014-07-24 11:28 - 00280384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-09-15 18:49 - 2014-07-24 11:25 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-09-15 18:49 - 2014-07-24 11:20 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-09-15 18:49 - 2014-07-24 07:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2014-09-15 18:49 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2014-09-15 18:49 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL
2014-09-15 18:49 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2014-09-15 18:49 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2014-09-15 18:49 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2014-09-15 18:49 - 2014-07-24 07:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2014-09-15 18:49 - 2014-07-24 07:47 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-09-15 18:49 - 2014-07-24 07:41 - 00118272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2014-09-15 18:49 - 2014-07-24 07:33 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-09-15 18:49 - 2014-07-24 07:33 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-09-15 18:49 - 2014-07-24 07:22 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2014-09-15 18:49 - 2014-07-24 06:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2014-09-15 18:49 - 2014-07-24 06:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL
2014-09-15 18:49 - 2014-07-24 06:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2014-09-15 18:49 - 2014-07-24 06:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2014-09-15 18:49 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2014-09-15 18:49 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2014-09-15 18:49 - 2014-07-24 06:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2014-09-15 18:49 - 2014-07-24 06:33 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-09-15 18:49 - 2014-07-24 06:32 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2014-09-15 18:49 - 2014-07-24 06:12 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-09-15 18:49 - 2014-07-24 06:10 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2014-09-15 18:49 - 2014-07-24 05:42 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2014-09-15 18:49 - 2014-07-24 05:40 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-09-15 18:49 - 2014-07-24 05:32 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-09-15 18:49 - 2014-07-24 05:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-09-15 18:49 - 2014-07-24 05:27 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-09-15 18:49 - 2014-07-24 05:25 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-09-15 18:49 - 2014-07-24 05:21 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2014-09-15 18:49 - 2014-07-24 05:18 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2014-09-15 18:49 - 2014-07-24 05:14 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-09-15 18:49 - 2014-07-24 05:11 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2014-09-15 18:49 - 2014-07-24 05:04 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-09-15 18:49 - 2014-07-24 05:04 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-09-15 18:49 - 2014-07-24 04:58 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2014-09-15 18:49 - 2014-07-24 04:49 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-09-15 18:49 - 2014-07-24 04:49 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-09-15 18:49 - 2014-07-24 04:48 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-09-15 18:49 - 2014-07-24 04:47 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-09-15 18:49 - 2014-07-24 04:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2014-09-15 18:49 - 2014-07-24 04:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2014-09-15 18:49 - 2014-07-24 04:24 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-15 18:49 - 2014-07-24 04:18 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-09-15 18:49 - 2014-07-24 04:18 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-09-15 18:49 - 2014-07-24 04:15 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2014-09-15 18:49 - 2014-07-24 04:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-09-15 18:49 - 2014-07-24 04:12 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-15 18:49 - 2014-07-24 04:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-09-15 18:49 - 2014-07-24 04:06 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-09-15 18:49 - 2014-07-24 04:01 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-09-15 18:49 - 2014-07-24 04:00 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-09-15 18:49 - 2014-07-24 03:58 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-09-15 18:49 - 2014-07-24 03:58 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-09-15 18:49 - 2014-07-24 03:43 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-09-15 18:49 - 2014-07-24 03:43 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2014-09-15 18:49 - 2014-07-24 03:41 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-09-15 18:49 - 2014-07-12 01:23 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-09-15 18:49 - 2014-07-12 00:33 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-09-15 18:49 - 2014-07-09 19:19 - 00387391 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-09-15 18:49 - 2014-07-04 08:59 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-09-15 18:49 - 2014-07-04 06:00 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-09-15 18:49 - 2014-06-25 20:29 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2014-09-15 18:49 - 2014-06-07 08:46 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-09-15 18:49 - 2014-06-07 06:20 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-09-15 18:49 - 2014-05-29 01:20 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-09-15 18:49 - 2014-05-29 00:36 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-09-15 18:49 - 2014-05-26 03:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-09-14 23:40 - 2014-08-14 20:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-09-14 11:08 - 2014-09-14 11:08 - 00001398 _____ () C:\Users\mbrandau\Desktop\The Edge.lnk
2014-09-14 11:08 - 2014-09-14 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cerebra Software - The Edge
2014-09-14 11:07 - 2014-09-14 11:09 - 00000000 ____D () C:\EDGE
2014-09-14 11:03 - 2014-09-14 11:05 - 06931118 _____ (Cerebra Software Systems ) C:\Users\mbrandau\Downloads\Install-The-Edge-2014.exe
2014-09-14 11:00 - 2014-09-14 11:00 - 00001585 _____ () C:\Users\mbrandau\Desktop\The NFL Judge.lnk
2014-09-14 11:00 - 2014-09-14 11:00 - 00000000 ____D () C:\SPORTSJUDGE
2014-09-14 11:00 - 2014-09-14 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sports Judge - NFL Handicapper
2014-09-14 10:58 - 2014-09-14 10:58 - 02891944 _____ (Cerebra Software Systems ) C:\Users\mbrandau\Downloads\Install-The-NFL-Judge-2014.exe
2014-09-13 22:46 - 2014-09-21 22:57 - 00000761 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.txt
2014-09-13 22:34 - 2014-09-13 22:34 - 00033002 _____ () C:\Users\mbrandau\Downloads\Red 2 2013 (2).torrent
2014-09-13 22:34 - 2014-09-13 22:34 - 00033002 _____ () C:\Users\mbrandau\Downloads\Red 2 2013 (1).torrent
2014-09-13 22:33 - 2014-09-13 22:33 - 00030836 _____ () C:\Users\mbrandau\Downloads\red_2_2013_eng.dvd-r_(xvid).torrent
2014-09-13 22:17 - 2014-09-13 22:17 - 00033005 _____ () C:\Users\mbrandau\Downloads\Red 2 2013.torrent
2014-09-12 20:32 - 2014-09-12 20:32 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-09-12 18:32 - 2014-08-15 22:40 - 23591424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-09-12 18:32 - 2014-08-15 22:04 - 17455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-09-12 18:32 - 2014-08-15 22:00 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-09-12 18:32 - 2014-08-15 22:00 - 02793984 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-09-12 18:32 - 2014-08-15 21:56 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-09-12 18:32 - 2014-08-15 21:54 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-09-12 18:32 - 2014-08-15 21:45 - 04232704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-09-12 18:32 - 2014-08-15 21:43 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-09-12 18:32 - 2014-08-15 21:32 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-09-12 18:32 - 2014-08-15 21:25 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-09-12 18:32 - 2014-08-15 21:22 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-09-12 18:32 - 2014-08-15 21:20 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-09-12 18:32 - 2014-08-15 21:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-09-12 18:32 - 2014-08-15 21:18 - 02185728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-09-12 18:32 - 2014-08-15 21:18 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-09-12 18:32 - 2014-08-15 21:11 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-09-12 18:32 - 2014-08-15 21:06 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-09-12 18:32 - 2014-08-15 21:05 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-09-12 18:32 - 2014-08-15 21:05 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-09-12 18:32 - 2014-08-15 21:03 - 02104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-09-12 18:32 - 2014-08-15 21:03 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-09-12 18:32 - 2014-08-15 20:58 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-12 18:32 - 2014-08-15 20:56 - 02310656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-09-12 18:32 - 2014-08-15 20:53 - 13588480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-09-12 18:32 - 2014-08-15 20:53 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-09-12 18:32 - 2014-08-15 20:53 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-09-12 18:32 - 2014-08-15 20:51 - 11769856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-09-12 18:32 - 2014-08-15 20:45 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-09-12 18:32 - 2014-08-15 20:44 - 02014208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-09-12 18:32 - 2014-08-15 20:44 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-09-12 18:32 - 2014-08-15 20:34 - 01447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-09-12 18:32 - 2014-08-15 20:20 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-09-12 18:32 - 2014-08-15 20:18 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-09-12 18:32 - 2014-08-15 20:14 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-09-12 18:32 - 2014-08-15 20:12 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-09-11 23:13 - 2014-07-23 23:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-09-11 23:13 - 2014-07-23 23:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-09-11 23:10 - 2014-09-04 22:36 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-09-11 23:10 - 2014-09-04 22:31 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-09-11 23:10 - 2014-09-04 20:48 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-09-11 23:10 - 2014-08-01 20:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-09-06 15:25 - 2014-09-06 15:25 - 00000000 ____D () C:\Program Files (x86)\Research In Motion Limited
2014-09-06 15:23 - 2014-09-06 15:24 - 00910336 _____ () C:\Users\mbrandau\Downloads\AppWorldInstaller-en.msi
2014-09-01 22:33 - 2014-09-01 22:33 - 00112128 _____ () C:\Users\mbrandau\Desktop\HSBC-2 200 Accounts.xls
2014-09-01 22:32 - 2014-09-01 22:32 - 00115200 _____ () C:\Users\mbrandau\Desktop\HSBC-1 200 Accounts.xls
2014-09-01 15:47 - 2014-09-01 15:48 - 00417824 _____ () C:\Users\mbrandau\Downloads\DellSystemDetect (7).exe
2014-09-01 13:25 - 2014-09-01 13:25 - 00000000 ____D () C:\Users\mbrandau\Downloads\Driver Toolkit 8.3
2014-09-01 13:23 - 2014-09-01 13:23 - 00001007 _____ () C:\Users\mbrandau\Downloads\[kickass.to]driver.toolkit.8.3.the.pirate.torrent
2014-09-01 13:01 - 2014-09-01 13:01 - 00000000 ____D () C:\ProgramData\PCDr
2014-09-01 13:01 - 2014-09-01 13:01 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows
2014-09-01 13:01 - 2014-09-01 13:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2014-09-01 13:01 - 2014-09-01 13:01 - 00000000 ____D () C:\Program Files\Dell Support Center
2014-09-01 13:00 - 2014-09-01 13:01 - 00000000 ____D () C:\Program Files\My Dell
2014-09-01 12:59 - 2014-09-01 13:10 - 00000000 ____D () C:\temp
2014-09-01 12:59 - 2014-09-01 12:59 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\PCDr
2014-08-31 19:58 - 2014-08-31 19:58 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2014-08-31 19:57 - 2014-08-31 19:58 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\Deployment
2014-08-31 19:57 - 2014-08-31 19:57 - 00417824 _____ () C:\Users\mbrandau\Downloads\DellSystemDetect (6).exe
2014-08-31 19:35 - 2014-08-31 19:35 - 02396224 _____ (Megaify Software ) C:\Users\mbrandau\Downloads\driver_setup (1).exe
2014-08-31 19:34 - 2014-08-31 19:34 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\DriverToolkit
2014-08-31 19:33 - 2014-08-31 19:33 - 02396224 _____ (Megaify Software ) C:\Users\mbrandau\Downloads\driver_setup.exe
2014-08-28 09:09 - 2014-08-22 20:42 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-25 15:06 - 2014-08-25 15:06 - 00051670 _____ () C:\Users\mbrandau\Desktop\For Sale Mixed Payday Loans CO 2010-2011 173 AC 96k Face W  Fees 138k - MASKED.xlsx
2014-08-25 15:03 - 2014-08-25 15:03 - 00062702 _____ () C:\Users\mbrandau\Desktop\For Sale Mixed CC's 2008 CO 247 Accounts 462k MASKED.xlsx
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-22 12:35 - 2014-09-21 20:43 - 00024441 _____ () C:\Users\mbrandau\Downloads\FRST.txt
2014-09-22 12:35 - 2014-09-21 20:42 - 00000000 ____D () C:\FRST
2014-09-22 12:34 - 2014-05-19 23:36 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-22 12:33 - 2014-09-22 12:33 - 00000000 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.bak
2014-09-22 12:33 - 2014-06-05 00:33 - 00000000 ___DO () C:\Users\mbrandau\OneDrive
2014-09-22 12:32 - 2014-09-16 21:59 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-09-22 12:31 - 2014-09-17 20:29 - 00000000 ____D () C:\ProgramData\MediaMall
2014-09-22 12:31 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-22 12:30 - 2014-06-05 00:27 - 01773332 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-22 12:30 - 2014-03-18 05:54 - 00032892 _____ () C:\WINDOWS\PFRO.log
2014-09-22 12:30 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-09-22 12:28 - 2014-09-22 12:28 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\Idhuak
2014-09-22 12:28 - 2014-09-21 20:57 - 00001488 _____ () C:\Users\mbrandau\Desktop\FRST64 - Shortcut.lnk
2014-09-22 12:27 - 2014-09-22 12:27 - 00001846 _____ () C:\Users\mbrandau\Downloads\fixlist (1).txt
2014-09-22 12:27 - 2014-09-22 12:27 - 00001846 _____ () C:\Users\mbrandau\Desktop\fixlist.txt
2014-09-22 12:25 - 2014-05-20 16:37 - 00000000 ____D () C:\Users\mbrandau\Documents\Outlook Files
2014-09-22 00:00 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-09-21 22:57 - 2014-09-13 22:46 - 00000761 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.txt
2014-09-21 20:56 - 2014-09-21 20:56 - 00084946 _____ () C:\Users\mbrandau\Desktop\FRST.txt
2014-09-21 20:50 - 2014-09-21 20:50 - 00040859 _____ () C:\Users\mbrandau\Desktop\Addition.txt
2014-09-21 20:45 - 2014-09-21 20:44 - 00040859 _____ () C:\Users\mbrandau\Downloads\Addition.txt
2014-09-21 20:42 - 2014-09-21 20:42 - 02105856 _____ (Farbar) C:\Users\mbrandau\Downloads\FRST64.exe
2014-09-21 19:59 - 2014-09-21 19:59 - 00016458 _____ () C:\Users\mbrandau\Desktop\hijackthis 9.21.14
2014-09-21 19:40 - 2014-05-19 23:12 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\VirtualStore
2014-09-21 19:36 - 2013-08-22 10:44 - 00540032 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-20 07:11 - 2014-09-15 19:48 - 00000000 ____D () C:\Program Files (x86)\Hide ALL IP
2014-09-19 22:01 - 2014-09-19 22:01 - 00001526 _____ () C:\Users\mbrandau\Desktop\HijackThis - Shortcut.lnk
2014-09-19 21:59 - 2014-09-19 21:59 - 00388608 _____ (Trend Micro Inc.) C:\Users\mbrandau\Downloads\HijackThis.exe
2014-09-19 21:49 - 2014-09-19 21:49 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\Panda Security
2014-09-19 21:49 - 2014-09-19 21:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
2014-09-19 21:49 - 2014-09-19 21:49 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-09-19 21:49 - 2014-09-19 21:47 - 00000000 ____D () C:\ProgramData\Panda Security
2014-09-19 21:46 - 2014-09-19 21:46 - 01329312 _____ () C:\Users\mbrandau\Downloads\PANDAFREEAV.exe
2014-09-19 21:38 - 2014-09-17 22:27 - 01474832 _____ () C:\WINDOWS\system32\Drivers\sfi.dat
2014-09-19 21:38 - 2014-05-20 18:13 - 00000716 _____ () C:\WINDOWS\pvsw.log
2014-09-19 21:34 - 2014-06-08 03:02 - 00000384 _____ () C:\WINDOWS\WinInit.Ini
2014-09-18 20:54 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-09-18 19:06 - 2014-03-18 06:03 - 00865448 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-09-18 19:01 - 2014-09-17 23:18 - 00039820 _____ () C:\WINDOWS\system32\Drivers\fvstore.dat
2014-09-18 01:30 - 2014-07-05 19:04 - 00001945 _____ () C:\Users\mbrandau\Desktop\DivX Movies.lnk
2014-09-18 01:30 - 2014-05-20 16:27 - 00001107 _____ () C:\Users\mbrandau\Desktop\µTorrent.lnk
2014-09-17 23:18 - 2014-09-17 23:18 - 00000000 ___HD () C:\VTRoot
2014-09-17 23:05 - 2014-06-28 17:03 - 00000000 ____D () C:\WINDOWS\AutoKMS
2014-09-17 22:28 - 2012-07-26 01:37 - 00000000 ____D () C:\Users\Default.migrated
2014-09-17 22:27 - 2014-09-17 22:26 - 00000000 ____D () C:\Program Files\COMODO
2014-09-17 22:27 - 2014-09-17 22:22 - 00000000 ____D () C:\ProgramData\Comodo
2014-09-17 22:26 - 2014-09-17 22:26 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-09-17 22:21 - 2014-09-17 22:20 - 230403216 _____ (COMODO) C:\Users\mbrandau\Downloads\cispremium_installer_5997_92.exe
2014-09-17 21:47 - 2014-09-17 21:47 - 00008136 _____ () C:\Users\mbrandau\Downloads\FirstRow (1).lua
2014-09-17 21:10 - 2014-09-17 21:10 - 00008136 _____ () C:\Users\mbrandau\Downloads\FirstRow.lua
2014-09-17 20:59 - 2014-09-17 20:57 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\vlc
2014-09-17 20:57 - 2014-09-17 20:57 - 00001084 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-17 20:57 - 2014-09-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-17 20:57 - 2014-09-17 20:57 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-09-17 20:56 - 2014-09-17 20:56 - 24743106 _____ () C:\Users\mbrandau\Downloads\vlc-2.1.5-win32.exe
2014-09-17 20:53 - 2014-09-17 20:52 - 40614608 _____ () C:\Users\mbrandau\Downloads\vlc-2.1.5-win32.zip
2014-09-17 20:50 - 2014-09-17 20:49 - 67610856 _____ (MediaMall Technologies, Inc. ) C:\Users\mbrandau\Downloads\MyMediaSetup.3.10.3.exe
2014-09-17 20:50 - 2014-09-17 20:29 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2014-09-17 20:44 - 2014-09-17 20:44 - 02647688 _____ (MediaMall Technologies, Inc.) C:\Users\mbrandau\Downloads\PlayLaterSetup.1.6.3.exe
2014-09-17 20:44 - 2014-09-17 20:44 - 00000983 _____ () C:\Users\Public\Desktop\PlayLater.lnk
2014-09-17 20:44 - 2014-09-17 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayLater
2014-09-17 20:44 - 2014-09-17 20:29 - 00000000 ____D () C:\Program Files (x86)\MediaMall
2014-09-17 20:32 - 2013-08-22 10:46 - 00293312 _____ () C:\WINDOWS\setupact.log
2014-09-17 20:31 - 2014-09-17 20:31 - 00002067 _____ () C:\Users\Public\Desktop\PlayOn.lnk
2014-09-17 20:31 - 2014-09-17 20:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayOn
2014-09-17 20:28 - 2014-09-17 20:27 - 67409128 _____ (MediaMall Technologies, Inc. ) C:\Users\mbrandau\Downloads\PlayOnSetup.3.10.3.exe
2014-09-17 18:28 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-09-17 03:20 - 2012-07-26 04:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-09-16 22:16 - 2012-07-26 03:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-16 22:00 - 2014-09-16 21:59 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\Plex Media Server
2014-09-16 21:59 - 2014-09-16 21:59 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\Apple Computer
2014-09-16 21:59 - 2014-09-16 21:59 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\Apple Computer
2014-09-16 21:59 - 2014-09-16 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2014-09-16 21:58 - 2014-09-16 21:58 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-16 21:58 - 2014-09-16 21:58 - 00000000 ____D () C:\Program Files (x86)\Plex
2014-09-16 21:57 - 2014-09-16 21:57 - 62222680 _____ (Plex, Inc.) C:\Users\mbrandau\Downloads\Plex-Media-Server-0.9.914.531-7eef8c6-en-US (1).exe
2014-09-16 21:56 - 2014-09-16 21:56 - 62222680 _____ (Plex, Inc.) C:\Users\mbrandau\Downloads\Plex-Media-Server-0.9.914.531-7eef8c6-en-US.exe
2014-09-16 21:15 - 2014-09-16 21:15 - 00000029 _____ () C:\Users\mbrandau\Desktop\Wireless Router Info.txt
2014-09-16 19:40 - 2014-05-20 16:27 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\Search Protection
2014-09-16 19:40 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-09-16 19:21 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-09-16 19:04 - 2014-05-22 14:08 - 00003929 ____H () C:\WINDOWS\SysWOW64\BTImages.dat
2014-09-16 18:22 - 2014-09-16 18:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-16 18:21 - 2014-09-16 18:21 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\mbrandau\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-16 06:50 - 2014-03-18 05:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-16 06:50 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-09-16 06:50 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-16 06:50 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-16 06:50 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-09-16 06:50 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-09-16 06:50 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-09-16 06:50 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-09-16 06:50 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-09-15 21:13 - 2014-05-22 13:36 - 00000128 _____ () C:\WINDOWS\SysWOW64\pdfl.dat
2014-09-15 20:12 - 2014-05-20 16:26 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\uTorrent
2014-09-15 19:48 - 2014-09-15 19:48 - 04061768 _____ (www.hideallip.com ) C:\Users\mbrandau\Desktop\hideallipsetup.exe
2014-09-15 19:48 - 2014-09-15 19:48 - 00001047 _____ () C:\Users\Public\Desktop\Hide ALL IP.lnk
2014-09-15 19:48 - 2014-09-15 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hide ALL IP
2014-09-14 12:24 - 2014-07-08 20:37 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-09-14 11:09 - 2014-09-14 11:07 - 00000000 ____D () C:\EDGE
2014-09-14 11:08 - 2014-09-14 11:08 - 00001398 _____ () C:\Users\mbrandau\Desktop\The Edge.lnk
2014-09-14 11:08 - 2014-09-14 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cerebra Software - The Edge
2014-09-14 11:05 - 2014-09-14 11:03 - 06931118 _____ (Cerebra Software Systems ) C:\Users\mbrandau\Downloads\Install-The-Edge-2014.exe
2014-09-14 11:00 - 2014-09-14 11:00 - 00001585 _____ () C:\Users\mbrandau\Desktop\The NFL Judge.lnk
2014-09-14 11:00 - 2014-09-14 11:00 - 00000000 ____D () C:\SPORTSJUDGE
2014-09-14 11:00 - 2014-09-14 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sports Judge - NFL Handicapper
2014-09-14 10:58 - 2014-09-14 10:58 - 02891944 _____ (Cerebra Software Systems ) C:\Users\mbrandau\Downloads\Install-The-NFL-Judge-2014.exe
2014-09-12 20:32 - 2014-09-12 20:32 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-09-12 18:34 - 2014-05-20 17:29 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-12 18:33 - 2014-06-11 22:03 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-09-12 18:33 - 2014-06-11 22:03 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-09-12 18:32 - 2014-06-11 22:03 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-09-12 18:32 - 2014-06-11 22:03 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-09-12 18:32 - 2014-06-11 22:03 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-09-12 18:32 - 2014-06-11 22:03 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-09-12 18:32 - 2014-06-11 22:03 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-09-12 18:32 - 2014-06-11 22:03 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-09-12 18:32 - 2014-06-11 22:03 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-09-12 18:32 - 2014-06-11 22:03 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-09-12 18:32 - 2014-06-11 22:03 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-09-12 18:32 - 2014-06-11 22:03 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-09-12 18:32 - 2014-06-11 22:03 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-09-12 18:32 - 2014-06-11 22:03 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-09-12 18:32 - 2014-06-05 00:48 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-09-12 18:32 - 2014-06-05 00:48 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-09-12 18:32 - 2014-05-20 00:36 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-12 18:25 - 2014-05-20 00:36 - 101694776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-09-06 20:15 - 2013-08-22 10:46 - 00000262 _____ () C:\WINDOWS\setuperr.log
2014-09-06 15:25 - 2014-09-06 15:25 - 00000000 ____D () C:\Program Files (x86)\Research In Motion Limited
2014-09-06 15:24 - 2014-09-06 15:23 - 00910336 _____ () C:\Users\mbrandau\Downloads\AppWorldInstaller-en.msi
2014-09-04 22:36 - 2014-09-11 23:10 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-09-04 22:31 - 2014-09-11 23:10 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-09-04 20:48 - 2014-09-11 23:10 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-09-02 16:06 - 2013-08-22 11:38 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-09-02 16:06 - 2013-08-22 11:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-01 22:33 - 2014-09-01 22:33 - 00112128 _____ () C:\Users\mbrandau\Desktop\HSBC-2 200 Accounts.xls
2014-09-01 22:32 - 2014-09-01 22:32 - 00115200 _____ () C:\Users\mbrandau\Desktop\HSBC-1 200 Accounts.xls
2014-09-01 15:48 - 2014-09-01 15:47 - 00417824 _____ () C:\Users\mbrandau\Downloads\DellSystemDetect (7).exe
2014-09-01 13:25 - 2014-09-01 13:25 - 00000000 ____D () C:\Users\mbrandau\Downloads\Driver Toolkit 8.3
2014-09-01 13:10 - 2014-09-01 12:59 - 00000000 ____D () C:\temp
2014-09-01 13:01 - 2014-09-01 13:01 - 00000000 ____D () C:\ProgramData\PCDr
2014-09-01 13:01 - 2014-09-01 13:01 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows
2014-09-01 13:01 - 2014-09-01 13:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2014-09-01 13:01 - 2014-09-01 13:01 - 00000000 ____D () C:\Program Files\Dell Support Center
2014-09-01 13:01 - 2014-09-01 13:00 - 00000000 ____D () C:\Program Files\My Dell
2014-09-01 12:59 - 2014-09-01 12:59 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\PCDr
2014-08-31 19:58 - 2014-08-31 19:58 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2014-08-31 19:58 - 2014-08-31 19:57 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\Deployment
2014-08-31 19:57 - 2014-08-31 19:57 - 00417824 _____ () C:\Users\mbrandau\Downloads\DellSystemDetect (6).exe
2014-08-31 19:35 - 2014-08-31 19:35 - 02396224 _____ (Megaify Software ) C:\Users\mbrandau\Downloads\driver_setup (1).exe
2014-08-31 19:34 - 2014-08-31 19:34 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\DriverToolkit
2014-08-31 19:33 - 2014-08-31 19:33 - 02396224 _____ (Megaify Software ) C:\Users\mbrandau\Downloads\driver_setup.exe
2014-08-29 14:21 - 2014-05-20 16:37 - 00000000 ____D () C:\Users\mbrandau\Documents\Secret Shopper Scans
2014-08-27 18:43 - 2014-06-09 23:05 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\HpUpdate
2014-08-27 14:36 - 2014-07-23 19:09 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\Research In Motion
2014-08-25 15:06 - 2014-08-25 15:06 - 00051670 _____ () C:\Users\mbrandau\Desktop\For Sale Mixed Payday Loans CO 2010-2011 173 AC 96k Face W  Fees 138k - MASKED.xlsx
2014-08-25 15:03 - 2014-08-25 15:03 - 00062702 _____ () C:\Users\mbrandau\Desktop\For Sale Mixed CC's 2008 CO 247 Accounts 462k MASKED.xlsx
2014-08-23 03:48 - 2014-09-15 18:52 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-08-23 03:13 - 2014-09-15 18:53 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-08-23 02:10 - 2014-09-15 18:52 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-08-23 01:32 - 2014-09-15 18:52 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-08-23 00:44 - 2014-09-15 18:52 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-23 00:34 - 2014-09-15 18:52 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-08-23 00:33 - 2014-09-15 18:53 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-08-23 00:31 - 2014-09-15 18:52 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-23 00:20 - 2014-09-15 18:52 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
 
Files to move or delete:
====================
C:\Users\mbrandau\Setup_BTW12.0.0.7850_Win8_USB_DELL_DW1704_WLAN_6.30.223.215_App230_20140226.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-21 20:40
 
==================== End Of Log ============================


#6 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 PM

Posted 22 September 2014 - 01:43 PM

Next steps:


Step 1

Please download this attached Attached File  fixlist.txt   323bytes   3 downloads and save it in the same directory as FRST.
  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.


Step 2

Please download the ESET Online Scanner and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start esetsmartinstaller_enu.exe with administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log file is created at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
    Copy and paste the content of this log file in your next reply.
Note: Do not forget to re-enable your antivirus application after running the above scan!



Step 3

Start FRST with administator privileges.
  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste this log in your next reply.


#7 mbrandau2018

mbrandau2018
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:19 AM

Posted 22 September 2014 - 02:09 PM

Step 1 - completed:

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-09-2014 01
Ran by mbrandau at 2014-09-22 15:04:17 Run:2
Running from C:\Users\mbrandau\Downloads
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
CloseProcesses:
Startup: C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dism.lnk
ShortcutTarget: Dism.lnk -> C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\IEUpdate\Dism.exe (No File)
2014-09-22 12:28 - 2014-09-22 12:28 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\Idhuak
 
*****************
 
Processes closed successfully.
C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dism.lnk => Moved successfully.
C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\IEUpdate\Dism.exe not found.
C:\Users\mbrandau\AppData\Roaming\Idhuak => Moved successfully.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====


#8 mbrandau2018

mbrandau2018
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:19 AM

Posted 22 September 2014 - 05:50 PM

Step 2 completed:

 

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=07e76727b83ce44da33651e61d64de45
# engine=20247
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-09-22 08:51:00
# local_time=2014-09-22 04:51:00 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode_1='Panda Cloud Antivirus'
# compatibility_mode=1552 16777213 75 93 0 196693434 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 269102 8553745 0 0
# scanned=171507
# found=41
# cleaned=0
# scan_time=5493
sh=114A9B9972A5171C5235F5CCCD94DFA1449D1258 ft=1 fh=c71c0011b9230724 vn="a variant of Win64/Sathurbot.A trojan" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Microsoft\Secure\Icons\IconsCacheHelper.dll.xBAD"
sh=0029E3A1C130D90330FB7F5069E3F28DE03D86D3 ft=1 fh=23e02f0e88f43575 vn="Win32/Boaxxe.BT trojan" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Microsoft\Secure\Icons\temp\tmp1BE4.exe.xBAD"
sh=2E01FE28B7B7ED0113DFFCBFF7F6CBBEC1F832D4 ft=1 fh=577e3cd1f7e9285f vn="a variant of Generik.GDWASD trojan" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Microsoft\Secure\Icons\temp\tmp2EE9.exe.xBAD"
sh=20AC3583EA90151237A3C9F979E01F70E0222252 ft=1 fh=59b077eb7d92e276 vn="a variant of Win32/Injector.BMCW trojan" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Microsoft\Secure\Icons\temp\tmp39A2.exe.xBAD"
sh=F08D01E0D9443E872A9482E738AE602EACA68FA7 ft=1 fh=448c68acda0bb355 vn="Win32/Boaxxe.BR trojan" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Microsoft\Secure\Icons\temp\tmp3C67.exe.xBAD"
sh=9711E12F8475D82ED0D74FBBD6B2D82EEAF0CDFC ft=1 fh=d79da0b2ae0afc87 vn="a variant of Win32/Injector.BMBN trojan" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Microsoft\Secure\Icons\temp\tmpA527.exe.xBAD"
sh=0F56E95DA6EE949494740259AA80F62E59AB10FD ft=1 fh=73d968592655073b vn="a variant of Win32/Packed.Themida potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Users\mbrandau\AppData\Local\URXmedia\CNHW370S.DLL"
sh=0029E3A1C130D90330FB7F5069E3F28DE03D86D3 ft=1 fh=23e02f0e88f43575 vn="Win32/Boaxxe.BT trojan" ac=I fn="C:\FRST\Quarantine\C\Users\mbrandau\AppData\Local\URXmedia\tmp1BE4.exe"
sh=2E01FE28B7B7ED0113DFFCBFF7F6CBBEC1F832D4 ft=1 fh=577e3cd1f7e9285f vn="a variant of Generik.GDWASD trojan" ac=I fn="C:\FRST\Quarantine\C\Users\mbrandau\AppData\Local\URXmedia\tmp2EE9.exe"
sh=173C872E6DEB7BAEB7491F506CB9C767F1E286C1 ft=1 fh=5a9a8195b3375d17 vn="a variant of Win32/Packed.Themida potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Users\mbrandau\AppData\Local\YjPack\ADASM.DLL"
sh=018FA0203CC9AE1D20E8E5E11A36B1348F992CEC ft=1 fh=f66f1ffafc2b28ac vn="a variant of Win32/Kryptik.CLTP trojan" ac=I fn="C:\FRST\Quarantine\C\Users\mbrandau\AppData\Roaming\Idhuak\xaylazx.exe"
sh=018FA0203CC9AE1D20E8E5E11A36B1348F992CEC ft=1 fh=f66f1ffafc2b28ac vn="a variant of Win32/Kryptik.CLTP trojan" ac=I fn="C:\FRST\Quarantine\C\Users\mbrandau\AppData\Roaming\Idhuak\Idhuak\xaylazx.exe"
sh=018FA0203CC9AE1D20E8E5E11A36B1348F992CEC ft=1 fh=f66f1ffafc2b28ac vn="a variant of Win32/Kryptik.CLTP trojan" ac=I fn="C:\Program Files (x86)\Panda Security\Panda Security Protection\LostandFound\xaylazx.exe"
sh=39124F7BD6F91DA2179011F51AF1B068D6FEE8A9 ft=1 fh=c719b2fe67e3bb02 vn="a variant of Win32/Toolbar.Visicom.A potentially unwanted application" ac=I fn="C:\Program Files (x86)\Panda Security\Panda Security Protection\Tools\PandaSecurityTb.exe"
sh=F613AB81F9B962C8757B04B4EDF3FB74015A4685 ft=1 fh=32cf5abb11dd8dde vn="Win32/AdWare.1ClickDownload.AT application" ac=I fn="C:\ProgramData\Comodo\Cis\Quarantine\data\{134E9A30-D8E6-46B1-A5EC-73BF6E06278A}"
sh=114A9B9972A5171C5235F5CCCD94DFA1449D1258 ft=1 fh=c71c0011b9230724 vn="a variant of Win64/Sathurbot.A trojan" ac=I fn="C:\ProgramData\Comodo\Cis\Quarantine\data\{2FA5AC6B-F3BD-45DB-8A39-4546271C2EEE}"
sh=13EE8C9FCE6F74512DCD188CCA0655C5EDE37612 ft=1 fh=756c61b76c471ca8 vn="MSIL/HackKMS.A potentially unsafe application" ac=I fn="C:\ProgramData\Comodo\Cis\Quarantine\data\{616E64B8-E88B-4529-AE82-DE1AFE6FB04E}"
sh=114A9B9972A5171C5235F5CCCD94DFA1449D1258 ft=1 fh=c71c0011b9230724 vn="a variant of Win64/Sathurbot.A trojan" ac=I fn="C:\ProgramData\Comodo\Cis\Quarantine\data\{6DCF1EDF-A2EE-42D6-9B48-AFF2617C8D40}"
sh=C2F054857D884F2ED08FCFFA43087EB8998C0BF2 ft=1 fh=4ddbf806194b7b76 vn="a variant of Win32/Sefnit.DC trojan" ac=I fn="C:\ProgramData\Comodo\Cis\Quarantine\data\{7FAFA11A-B8DD-425C-B302-60E305D70E76}"
sh=1DF963EF86DA3D310F0AEC15FCDB310BE3B8E058 ft=1 fh=c71c0011ca013d1c vn="a variant of Win32/InstallCore.BY potentially unwanted application" ac=I fn="C:\ProgramData\Comodo\Cis\Quarantine\data\{BB6463AC-0676-4FF7-8631-141EAB76D0DB}"
sh=114A9B9972A5171C5235F5CCCD94DFA1449D1258 ft=1 fh=c71c0011b9230724 vn="a variant of Win64/Sathurbot.A trojan" ac=I fn="C:\ProgramData\Comodo\Cis\Quarantine\data\{CA45C92B-86EC-498F-BF49-18A6E444B2CE}"
sh=114A9B9972A5171C5235F5CCCD94DFA1449D1258 ft=1 fh=c71c0011b9230724 vn="a variant of Win64/Sathurbot.A trojan" ac=I fn="C:\ProgramData\Comodo\Cis\Quarantine\data\{EC7D742C-6AB0-4D84-81B5-DAD88A122012}"
sh=F613AB81F9B962C8757B04B4EDF3FB74015A4685 ft=1 fh=32cf5abb11dd8dde vn="Win32/AdWare.1ClickDownload.AT application" ac=I fn="C:\Users\All Users\Comodo\Cis\Quarantine\data\{134E9A30-D8E6-46B1-A5EC-73BF6E06278A}"
sh=114A9B9972A5171C5235F5CCCD94DFA1449D1258 ft=1 fh=c71c0011b9230724 vn="a variant of Win64/Sathurbot.A trojan" ac=I fn="C:\Users\All Users\Comodo\Cis\Quarantine\data\{2FA5AC6B-F3BD-45DB-8A39-4546271C2EEE}"
sh=13EE8C9FCE6F74512DCD188CCA0655C5EDE37612 ft=1 fh=756c61b76c471ca8 vn="MSIL/HackKMS.A potentially unsafe application" ac=I fn="C:\Users\All Users\Comodo\Cis\Quarantine\data\{616E64B8-E88B-4529-AE82-DE1AFE6FB04E}"
sh=114A9B9972A5171C5235F5CCCD94DFA1449D1258 ft=1 fh=c71c0011b9230724 vn="a variant of Win64/Sathurbot.A trojan" ac=I fn="C:\Users\All Users\Comodo\Cis\Quarantine\data\{6DCF1EDF-A2EE-42D6-9B48-AFF2617C8D40}"
sh=C2F054857D884F2ED08FCFFA43087EB8998C0BF2 ft=1 fh=4ddbf806194b7b76 vn="a variant of Win32/Sefnit.DC trojan" ac=I fn="C:\Users\All Users\Comodo\Cis\Quarantine\data\{7FAFA11A-B8DD-425C-B302-60E305D70E76}"
sh=1DF963EF86DA3D310F0AEC15FCDB310BE3B8E058 ft=1 fh=c71c0011ca013d1c vn="a variant of Win32/InstallCore.BY potentially unwanted application" ac=I fn="C:\Users\All Users\Comodo\Cis\Quarantine\data\{BB6463AC-0676-4FF7-8631-141EAB76D0DB}"
sh=114A9B9972A5171C5235F5CCCD94DFA1449D1258 ft=1 fh=c71c0011b9230724 vn="a variant of Win64/Sathurbot.A trojan" ac=I fn="C:\Users\All Users\Comodo\Cis\Quarantine\data\{CA45C92B-86EC-498F-BF49-18A6E444B2CE}"
sh=114A9B9972A5171C5235F5CCCD94DFA1449D1258 ft=1 fh=c71c0011b9230724 vn="a variant of Win64/Sathurbot.A trojan" ac=I fn="C:\Users\All Users\Comodo\Cis\Quarantine\data\{EC7D742C-6AB0-4D84-81B5-DAD88A122012}"
sh=E092037824B8B499E9858E26C10CC9BA37A8CFA6 ft=1 fh=31688d337319f944 vn="Win32/InstallMonetizer.AF potentially unwanted application" ac=I fn="C:\Users\mbrandau\Downloads\setup.exe"
sh=E092037824B8B499E9858E26C10CC9BA37A8CFA6 ft=1 fh=31688d337319f944 vn="Win32/InstallMonetizer.AF potentially unwanted application" ac=I fn="C:\Users\mbrandau\Downloads\Unconfirmed 844023.crdownload"
sh=A9D2B6DC6668EED798B9CD265597FE301996DBE8 ft=1 fh=c03f5a0eeeaf3edb vn="Win32/Toolbar.Conduit potentially unwanted application" ac=I fn="C:\Users\mbrandau\Downloads\ZASPSetupWeb_120_104_000.exe"
sh=BAFFE1ABD5EC99D55B283DF4E4ABC54C14D12594 ft=1 fh=418a01a7e16b5642 vn="Win32/Toolbar.Conduit potentially unwanted application" ac=I fn="C:\Users\mbrandau\Downloads\zaSuiteSetupWeb_110_780_000.exe"
sh=7B4F452ECFD82D21FF7BA490A479EA0F686A3086 ft=1 fh=5cd9cb0ea3ee43cb vn="Win32/Toolbar.Conduit potentially unwanted application" ac=I fn="C:\Users\mbrandau\Downloads\zaSuiteSetupWeb_120_104_000 (1).exe"
sh=7B4F452ECFD82D21FF7BA490A479EA0F686A3086 ft=1 fh=5cd9cb0ea3ee43cb vn="Win32/Toolbar.Conduit potentially unwanted application" ac=I fn="C:\Users\mbrandau\Downloads\zaSuiteSetupWeb_120_104_000 (2).exe"
sh=7B4F452ECFD82D21FF7BA490A479EA0F686A3086 ft=1 fh=5cd9cb0ea3ee43cb vn="Win32/Toolbar.Conduit potentially unwanted application" ac=I fn="C:\Users\mbrandau\Downloads\zaSuiteSetupWeb_120_104_000.exe"
sh=55DFE4DBA18A87AF6BE80FBA27100D060AAE27EC ft=1 fh=b857b90f54bbb9a9 vn="Win32/Toolbar.Conduit potentially unwanted application" ac=I fn="C:\Users\mbrandau\Downloads\zaSuiteSetupWeb_130_208_000.exe"
sh=5AC8530DBBE8648715C42870EC9A52733C8A9754 ft=1 fh=06a6bc7125767233 vn="Win32/Toolbar.Conduit potentially unwanted application" ac=I fn="C:\Users\mbrandau\Downloads\zaSuiteSetupWeb_131_211_000.exe"
sh=C8CC898AD85F25295B813B73FED1230A3B228307 ft=0 fh=0000000000000000 vn="a variant of Win32/Systweak potentially unwanted application" ac=I fn="C:\Users\mbrandau\Downloads\WinZip Pro 17.5 Build 10562 (32 - 64 bit) [ChingLiu]\winzip175-32.msi"
sh=FE119B70567ED077FC87AC9D5C678D468D1B4F15 ft=0 fh=0000000000000000 vn="a variant of Win32/Systweak potentially unwanted application" ac=I fn="C:\Users\mbrandau\Downloads\WinZip Pro 17.5 Build 10562 (32 - 64 bit) [ChingLiu]\winzip175-64.msi"


#9 mbrandau2018

mbrandau2018
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:19 AM

Posted 22 September 2014 - 05:59 PM

Step 3 completed:  

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2014 01
Ran by mbrandau (administrator) on LAPTOP on 22-09-2014 18:51:16
Running from C:\Users\mbrandau\Downloads
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(www.hideallip.com) C:\Program Files (x86)\Hide ALL IP\LauncherService.exe
(MediaMall Technologies, Inc.) C:\Program Files (x86)\MediaMall\MediaMallServer.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Pervasive Software Inc.) C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dell) C:\Users\mbrandau\AppData\Local\Apps\2.0\WPHLOW7R.VWE\HOREYTK3.DWD\dell..tion_0f612f649c4a10af_0005.000a_17ece8424e43daec\DellSystemDetect.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(www.hideallip.com) C:\Program Files (x86)\Hide ALL IP\HideALLIP.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
() C:\Program Files (x86)\Hide ALL IP\networktunnelx64helper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
() C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
() C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6846096 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1253520 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2796272 2013-11-22] (Synaptics Incorporated)
HKLM-x32\...\Run: [PeachtreePrefetcher.exe] => C:\Program Files (x86)\Sage\Peachtree\PeachtreePrefetcher.exe [320816 2013-11-07] (Sage Software, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-28] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2014-03-18] (BlackBerry Limited)
HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4494848 2014-06-23] (Research In Motion Limited)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-07-24] (Panda Security, S.L.)
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\SysWOW64\userinit.exe,
HKU\S-1-5-21-717003261-2532330135-182091199-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [247728 2012-04-20] (TomTom)
HKU\S-1-5-21-717003261-2532330135-182091199-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [111320 2014-08-20] (Siber Systems)
HKU\S-1-5-21-717003261-2532330135-182091199-1001\...\Run: [Hide ALL IP] => C:\Program Files (x86)\Hide ALL IP\HideAllIP.exe [3612016 2014-09-20] (www.hideallip.com)
HKU\S-1-5-21-717003261-2532330135-182091199-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [4525192 2014-08-01] (Plex, Inc.)
HKU\S-1-5-21-717003261-2532330135-182091199-1001\...\Run: [DellSystemDetect] => C:\Users\mbrandau\AppData\Local\Apps\2.0\WPHLOW7R.VWE\HOREYTK3.DWD\dell..tion_0f612f649c4a10af_0005.000a_17ece8424e43daec\DellSystemDetect.exe [265280 2014-08-31] (Dell)
HKU\S-1-5-21-717003261-2532330135-182091199-1001\...\MountPoints2: {629906d4-0f9a-11e4-be83-bc855606bc5c} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL E:\start.exe
Startup: C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk
ShortcutTarget: Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7E6823CADA73CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
SearchScopes: HKCU - DefaultScope {5599DFD8-782B-43F7-80FA-E25816AE4E22} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=599486&p={searchTerms}
SearchScopes: HKCU - {5599DFD8-782B-43F7-80FA-E25816AE4E22} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=599486&p={searchTerms}
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: PlayOn -> {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} -> C:\Program Files (x86)\MediaMall\toolbar\pobho64.dll (MediaMall Technologies, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Dell Toolbar -> {09B71986-2AC5-482d-B6CB-42EA34F4F85B} -> C:\Program Files\Dell Printable Web\toolband.dll ()
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: PlayOn -> {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} -> C:\Program Files (x86)\MediaMall\toolbar\pobho.dll (MediaMall Technologies, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
Toolbar: HKLM - PlayOn - {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} - C:\Program Files (x86)\MediaMall\toolbar\pobho64.dll (MediaMall Technologies, Inc.)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKLM-x32 - Dell Toolbar - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll ()
Toolbar: HKLM-x32 - PlayOn - {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} - C:\Program Files (x86)\MediaMall\toolbar\pobho.dll (MediaMall Technologies, Inc.)
Toolbar: HKCU - &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
Winsock: Catalog5 05 C:\WINDOWS\SysWOW64\networkdlllsp.dll [428400] (Network Tunnel Lab)
Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\networkdlllsp.dll [428400] (Network Tunnel Lab)
Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\networkdlllsp.dll [428400] (Network Tunnel Lab)
Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\networkdlllsp.dll [428400] (Network Tunnel Lab)
Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\networkdlllsp.dll [428400] (Network Tunnel Lab)
Winsock: Catalog9 05 C:\WINDOWS\SysWOW64\networkdlllsp.dll [428400] (Network Tunnel Lab)
Winsock: Catalog9 06 C:\WINDOWS\SysWOW64\networkdlllsp.dll [428400] (Network Tunnel Lab)
Winsock: Catalog9 07 C:\WINDOWS\SysWOW64\networkdlllsp.dll [428400] (Network Tunnel Lab)
Tcpip\Parameters: [DhcpNameServer] 167.206.13.180 167.206.13.181
Tcpip\..\Interfaces\{04FD9815-B92F-4495-AA4E-8D0EBF7A78C3}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{15D2E35A-6E5C-4F8B-A57B-BA7BC4E0F1DD}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{765C4556-98AB-4D9E-B7E9-DCA1838B29BE}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{82B8064D-4CE7-478F-BC48-D7C128374746}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{980883E0-6428-47E9-B04D-4A94D5C89A1F}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{E1524FD5-30FE-4606-86C9-A7AC0BD7A13D}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{E740BF0F-02A0-48A4-BFC8-B51594D14531}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{F54BF96C-D26B-4F4B-A7F1-B6337DA2B57B}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
 
FireFox:
========
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @playon.tv/PlayOnToolbar -> C:\Program Files (x86)\MediaMall\toolbar\npVT.dll (MediaMall Technologies, Inc.)
FF Plugin-x32: @rim.com/npappworld -> C:\Program Files (x86)\Research In Motion Limited\BlackBerry World Browser Plugin\npappworld.dll ()
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
 
Chrome: 
=======
CHR Profile: C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Printer Extension Manager Class) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-09-13]
CHR Extension: (Google Docs) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-19]
CHR Extension: (Google Drive) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-19]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-26]
CHR Extension: (YouTube) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-19]
CHR Extension: (Google Search) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-19]
CHR Extension: (High Contrast) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcfdncoelnlbldjfhinnjlhdjlikmph [2014-05-19]
CHR Extension: (AdBlock) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-19]
CHR Extension: (Open SEO Stats(Formerly: PageRank Status)) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdkkfheckcdppiaiabobmennhijkknn [2014-05-19]
CHR Extension: (PlayOn) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\lggaaajacmlhgbpldaboipiinndchjgm [2014-09-17]
CHR Extension: (Google Wallet) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-19]
CHR Extension: (Gmail) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-19]
CHR Extension: (RoboForm) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2014-05-20]
CHR Extension: (Space Planet) - C:\Users\mbrandau\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppcocpoeoiajndepaaimnnglicichmbb [2014-05-19]
CHR HKLM-x32\...\Chrome\Extension: [lggaaajacmlhgbpldaboipiinndchjgm] - C:\Program Files (x86)\MediaMall\toolbar\ce.crx [2014-06-13]
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-05-20]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2014-03-18] (BlackBerry Limited) [File not signed]
R2 HideIPLaucherService; C:\Program Files (x86)\Hide ALL IP\LauncherService.exe [489328 2014-01-24] (www.hideallip.com)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-06-05] (Microsoft Corporation)
R2 MediaMall Server; C:\Program Files (x86)\MediaMall\MediaMallServer.exe [5813040 2014-09-09] (MediaMall Technologies, Inc.)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [141560 2014-07-24] (Panda Security, S.L.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-06-05] (Microsoft Corporation)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [61688 2014-07-23] (Panda Security, S.L.)
R2 psqlWGE; C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe [436040 2013-01-08] (Pervasive Software Inc.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-07-24] (Panda Security, S.L.)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2014-06-23] (Apple Inc.) [File not signed]
R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1325568 2014-06-23] (Research In Motion Limited) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201872 2012-11-23] (Realtek Semiconductor)
S3 Sage 50 SmartPosting 2014; C:\Program Files (x86)\Sage\Peachtree\SmartPostingService2014.exe [335664 2013-11-07] (Sage Software, Inc.)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-06-05] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-06-05] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2012-12-26] (Atheros)
S2 ZAPrivacyService; "C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 msvad_simple; C:\Windows\system32\drivers\povrtdev.sys [28528 2013-12-17] (MediaMall Technologies, Inc.)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [47360 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [160800 2014-07-24] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [120352 2014-07-24] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [106016 2014-07-24] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [60400 2014-03-25] (Panda Security, S.L.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-12-02] (BlackBerry Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-06-23] (Research in Motion Limited)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2013-11-22] (Synaptics Incorporated)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-06-05] (Microsoft Corporation)
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
R4 PsBoot; system32\Drivers\PsBoot.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-22 15:11 - 2014-09-22 15:11 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-22 15:10 - 2014-09-22 15:10 - 02347384 _____ (ESET) C:\Users\mbrandau\Desktop\esetsmartinstaller_enu.exe
2014-09-22 15:09 - 2014-09-22 15:10 - 02347384 _____ (ESET) C:\Users\mbrandau\Downloads\esetsmartinstaller_enu.exe
2014-09-22 15:07 - 2014-09-22 15:07 - 00001171 _____ () C:\Users\mbrandau\Desktop\Fixlog.lnk
2014-09-22 12:46 - 2014-09-22 12:46 - 00083865 _____ () C:\Users\mbrandau\Desktop\FRST 9.22.14.txt
2014-09-22 12:40 - 2014-09-22 12:40 - 00084441 _____ () C:\Users\mbrandau\Downloads\FRST 9.22.14.txt
2014-09-22 12:37 - 2014-09-22 15:18 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-717003261-2532330135-182091199-1001
2014-09-22 12:33 - 2014-09-22 12:33 - 00000000 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.bak
2014-09-22 12:27 - 2014-09-22 15:03 - 00000323 _____ () C:\Users\mbrandau\Desktop\fixlist.txt
2014-09-22 12:27 - 2014-09-22 12:27 - 00001846 _____ () C:\Users\mbrandau\Downloads\fixlist (1).txt
2014-09-21 20:57 - 2014-09-22 12:28 - 00001488 _____ () C:\Users\mbrandau\Desktop\FRST64 - Shortcut.lnk
2014-09-21 20:56 - 2014-09-21 20:56 - 00084946 _____ () C:\Users\mbrandau\Desktop\FRST.txt
2014-09-21 20:50 - 2014-09-21 20:50 - 00040859 _____ () C:\Users\mbrandau\Desktop\Addition.txt
2014-09-21 20:44 - 2014-09-21 20:45 - 00040859 _____ () C:\Users\mbrandau\Downloads\Addition.txt
2014-09-21 20:43 - 2014-09-22 18:51 - 00024114 _____ () C:\Users\mbrandau\Downloads\FRST.txt
2014-09-21 20:42 - 2014-09-22 18:51 - 00000000 ____D () C:\FRST
2014-09-21 20:42 - 2014-09-21 20:42 - 02105856 _____ (Farbar) C:\Users\mbrandau\Downloads\FRST64.exe
2014-09-21 19:59 - 2014-09-21 19:59 - 00016458 _____ () C:\Users\mbrandau\Desktop\hijackthis 9.21.14
2014-09-19 22:01 - 2014-09-19 22:01 - 00001526 _____ () C:\Users\mbrandau\Desktop\HijackThis - Shortcut.lnk
2014-09-19 21:59 - 2014-09-19 21:59 - 00388608 _____ (Trend Micro Inc.) C:\Users\mbrandau\Downloads\HijackThis.exe
2014-09-19 21:50 - 2014-03-25 09:15 - 00060400 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2014-09-19 21:49 - 2014-09-19 21:49 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\Panda Security
2014-09-19 21:49 - 2014-09-19 21:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
2014-09-19 21:49 - 2014-09-19 21:49 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-09-19 21:47 - 2014-09-19 21:49 - 00000000 ____D () C:\ProgramData\Panda Security
2014-09-19 21:46 - 2014-09-19 21:46 - 01329312 _____ () C:\Users\mbrandau\Downloads\PANDAFREEAV.exe
2014-09-17 23:18 - 2014-09-18 19:01 - 00039820 _____ () C:\WINDOWS\system32\Drivers\fvstore.dat
2014-09-17 23:18 - 2014-09-17 23:18 - 00000000 ___HD () C:\VTRoot
2014-09-17 22:27 - 2014-09-19 21:38 - 01474832 _____ () C:\WINDOWS\system32\Drivers\sfi.dat
2014-09-17 22:26 - 2014-09-17 22:27 - 00000000 ____D () C:\Program Files\COMODO
2014-09-17 22:26 - 2014-09-17 22:26 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-09-17 22:22 - 2014-09-17 22:27 - 00000000 ____D () C:\ProgramData\Comodo
2014-09-17 22:20 - 2014-09-17 22:21 - 230403216 _____ (COMODO) C:\Users\mbrandau\Downloads\cispremium_installer_5997_92.exe
2014-09-17 21:47 - 2014-09-17 21:47 - 00008136 _____ () C:\Users\mbrandau\Downloads\FirstRow (1).lua
2014-09-17 21:10 - 2014-09-17 21:10 - 00008136 _____ () C:\Users\mbrandau\Downloads\FirstRow.lua
2014-09-17 20:57 - 2014-09-17 20:59 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\vlc
2014-09-17 20:57 - 2014-09-17 20:57 - 00001084 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-17 20:57 - 2014-09-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-17 20:57 - 2014-09-17 20:57 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-09-17 20:56 - 2014-09-17 20:56 - 24743106 _____ () C:\Users\mbrandau\Downloads\vlc-2.1.5-win32.exe
2014-09-17 20:52 - 2014-09-17 20:53 - 40614608 _____ () C:\Users\mbrandau\Downloads\vlc-2.1.5-win32.zip
2014-09-17 20:49 - 2014-09-17 20:50 - 67610856 _____ (MediaMall Technologies, Inc. ) C:\Users\mbrandau\Downloads\MyMediaSetup.3.10.3.exe
2014-09-17 20:44 - 2014-09-17 20:44 - 02647688 _____ (MediaMall Technologies, Inc.) C:\Users\mbrandau\Downloads\PlayLaterSetup.1.6.3.exe
2014-09-17 20:44 - 2014-09-17 20:44 - 00000983 _____ () C:\Users\Public\Desktop\PlayLater.lnk
2014-09-17 20:44 - 2014-09-17 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayLater
2014-09-17 20:31 - 2014-09-17 20:31 - 00002067 _____ () C:\Users\Public\Desktop\PlayOn.lnk
2014-09-17 20:31 - 2014-09-17 20:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayOn
2014-09-17 20:29 - 2014-09-22 15:06 - 00000000 ____D () C:\ProgramData\MediaMall
2014-09-17 20:29 - 2014-09-17 20:50 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2014-09-17 20:29 - 2014-09-17 20:44 - 00000000 ____D () C:\Program Files (x86)\MediaMall
2014-09-17 20:27 - 2014-09-17 20:28 - 67409128 _____ (MediaMall Technologies, Inc. ) C:\Users\mbrandau\Downloads\PlayOnSetup.3.10.3.exe
2014-09-16 21:59 - 2014-09-22 15:06 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-09-16 21:59 - 2014-09-16 22:00 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\Plex Media Server
2014-09-16 21:59 - 2014-09-16 21:59 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\Apple Computer
2014-09-16 21:59 - 2014-09-16 21:59 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\Apple Computer
2014-09-16 21:59 - 2014-09-16 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2014-09-16 21:58 - 2014-09-16 21:58 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-16 21:58 - 2014-09-16 21:58 - 00000000 ____D () C:\Program Files (x86)\Plex
2014-09-16 21:57 - 2014-09-16 21:57 - 62222680 _____ (Plex, Inc.) C:\Users\mbrandau\Downloads\Plex-Media-Server-0.9.914.531-7eef8c6-en-US (1).exe
2014-09-16 21:56 - 2014-09-16 21:56 - 62222680 _____ (Plex, Inc.) C:\Users\mbrandau\Downloads\Plex-Media-Server-0.9.914.531-7eef8c6-en-US.exe
2014-09-16 21:15 - 2014-09-16 21:15 - 00000029 _____ () C:\Users\mbrandau\Desktop\Wireless Router Info.txt
2014-09-16 18:22 - 2014-09-16 18:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-16 18:21 - 2014-09-16 18:21 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\mbrandau\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-15 19:49 - 2014-07-05 22:04 - 00428400 _____ (Network Tunnel Lab) C:\WINDOWS\SysWOW64\networkdlllsp.dll
2014-09-15 19:48 - 2014-09-20 07:11 - 00000000 ____D () C:\Program Files (x86)\Hide ALL IP
2014-09-15 19:48 - 2014-09-15 19:48 - 04061768 _____ (www.hideallip.com ) C:\Users\mbrandau\Desktop\hideallipsetup.exe
2014-09-15 19:48 - 2014-09-15 19:48 - 00001047 _____ () C:\Users\Public\Desktop\Hide ALL IP.lnk
2014-09-15 19:48 - 2014-09-15 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hide ALL IP
2014-09-15 18:53 - 2014-08-23 03:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-09-15 18:53 - 2014-08-23 00:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-09-15 18:53 - 2014-07-29 21:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-09-15 18:53 - 2014-07-29 01:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-09-15 18:52 - 2014-08-23 03:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-09-15 18:52 - 2014-08-23 02:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-09-15 18:52 - 2014-08-23 01:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-09-15 18:52 - 2014-08-23 00:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-09-15 18:52 - 2014-08-23 00:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-09-15 18:52 - 2014-08-23 00:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-09-15 18:52 - 2014-08-23 00:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-09-15 18:52 - 2014-07-24 11:20 - 21266336 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-09-15 18:52 - 2014-07-24 09:46 - 18760328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-09-15 18:52 - 2014-07-24 05:44 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-09-15 18:52 - 2014-07-24 05:16 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-09-15 18:52 - 2014-07-24 03:39 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-09-15 18:52 - 2014-07-24 03:30 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-09-15 18:51 - 2014-07-24 11:07 - 07424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-09-15 18:51 - 2014-07-24 11:03 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-09-15 18:51 - 2014-07-24 10:57 - 02515264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-09-15 18:51 - 2014-07-24 09:36 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-09-15 18:51 - 2014-07-24 04:53 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-09-15 18:51 - 2014-07-24 03:46 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-09-15 18:51 - 2014-07-24 03:43 - 02696704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-09-15 18:51 - 2014-07-24 03:38 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-09-15 18:51 - 2014-07-24 03:38 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-09-15 18:51 - 2014-06-14 02:03 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-09-15 18:51 - 2014-06-14 01:46 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-09-15 18:50 - 2014-07-24 11:28 - 00468288 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-09-15 18:50 - 2014-07-24 11:28 - 00419648 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-09-15 18:50 - 2014-07-24 11:28 - 00412992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-09-15 18:50 - 2014-07-24 11:28 - 00143680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-09-15 18:50 - 2014-07-24 11:23 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-09-15 18:50 - 2014-07-24 11:23 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-09-15 18:50 - 2014-07-24 11:20 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-09-15 18:50 - 2014-07-24 11:16 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-09-15 18:50 - 2014-07-24 11:16 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-09-15 18:50 - 2014-07-24 11:07 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-09-15 18:50 - 2014-07-24 11:05 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-09-15 18:50 - 2014-07-24 11:05 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-09-15 18:50 - 2014-07-24 11:05 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-09-15 18:50 - 2014-07-24 11:05 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-09-15 18:50 - 2014-07-24 11:03 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-09-15 18:50 - 2014-07-24 11:03 - 00818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-09-15 18:50 - 2014-07-24 11:03 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-09-15 18:50 - 2014-07-24 11:03 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-09-15 18:50 - 2014-07-24 11:03 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2014-09-15 18:50 - 2014-07-24 10:57 - 00475968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-09-15 18:50 - 2014-07-24 09:50 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-09-15 18:50 - 2014-07-24 09:48 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-09-15 18:50 - 2014-07-24 09:48 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-09-15 18:50 - 2014-07-24 09:46 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-09-15 18:50 - 2014-07-24 09:36 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-09-15 18:50 - 2014-07-24 09:36 - 00674512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-09-15 18:50 - 2014-07-24 09:36 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-09-15 18:50 - 2014-07-24 09:36 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2014-09-15 18:50 - 2014-07-24 07:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-09-15 18:50 - 2014-07-24 07:45 - 00076800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-09-15 18:50 - 2014-07-24 07:44 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-09-15 18:50 - 2014-07-24 07:43 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2014-09-15 18:50 - 2014-07-24 07:42 - 01200640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-09-15 18:50 - 2014-07-24 07:42 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-09-15 18:50 - 2014-07-24 07:42 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2014-09-15 18:50 - 2014-07-24 07:41 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2014-09-15 18:50 - 2014-07-24 07:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2014-09-15 18:50 - 2014-07-24 07:05 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2014-09-15 18:50 - 2014-07-24 07:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-09-15 18:50 - 2014-07-24 06:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2014-09-15 18:50 - 2014-07-24 06:20 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2014-09-15 18:50 - 2014-07-24 06:18 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-09-15 18:50 - 2014-07-24 06:10 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-09-15 18:50 - 2014-07-24 06:10 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-09-15 18:50 - 2014-07-24 06:10 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-09-15 18:50 - 2014-07-24 06:09 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-09-15 18:50 - 2014-07-24 06:06 - 00438272 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-09-15 18:50 - 2014-07-24 06:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-09-15 18:50 - 2014-07-24 05:53 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2014-09-15 18:50 - 2014-07-24 05:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-09-15 18:50 - 2014-07-24 05:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-09-15 18:50 - 2014-07-24 05:33 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2014-09-15 18:50 - 2014-07-24 05:24 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-09-15 18:50 - 2014-07-24 05:23 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-09-15 18:50 - 2014-07-24 05:13 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2014-09-15 18:50 - 2014-07-24 05:12 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-09-15 18:50 - 2014-07-24 05:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-09-15 18:50 - 2014-07-24 05:10 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-09-15 18:50 - 2014-07-24 05:09 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-09-15 18:50 - 2014-07-24 05:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-09-15 18:50 - 2014-07-24 05:02 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-09-15 18:50 - 2014-07-24 04:53 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-09-15 18:50 - 2014-07-24 04:49 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-09-15 18:50 - 2014-07-24 04:49 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-09-15 18:50 - 2014-07-24 04:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-09-15 18:50 - 2014-07-24 04:38 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-09-15 18:50 - 2014-07-24 04:32 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-09-15 18:50 - 2014-07-24 04:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-09-15 18:50 - 2014-07-24 04:29 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-15 18:50 - 2014-07-24 04:28 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2014-09-15 18:50 - 2014-07-24 04:27 - 00907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-09-15 18:50 - 2014-07-24 04:23 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-09-15 18:50 - 2014-07-24 04:22 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-09-15 18:50 - 2014-07-24 04:21 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-09-15 18:50 - 2014-07-24 04:21 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-09-15 18:50 - 2014-07-24 04:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2014-09-15 18:50 - 2014-07-24 04:19 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-09-15 18:50 - 2014-07-24 04:18 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-09-15 18:50 - 2014-07-24 04:16 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-09-15 18:50 - 2014-07-24 04:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2014-09-15 18:50 - 2014-07-24 04:15 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-09-15 18:50 - 2014-07-24 04:15 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-09-15 18:50 - 2014-07-24 04:10 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-09-15 18:50 - 2014-07-24 04:10 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-09-15 18:50 - 2014-07-24 04:10 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-09-15 18:50 - 2014-07-24 04:10 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-09-15 18:50 - 2014-07-24 04:08 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2014-09-15 18:50 - 2014-07-24 04:07 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-09-15 18:50 - 2014-07-24 04:05 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-09-15 18:50 - 2014-07-24 04:04 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-09-15 18:50 - 2014-07-24 04:02 - 03465216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-09-15 18:50 - 2014-07-24 04:01 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-09-15 18:50 - 2014-07-24 04:01 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2014-09-15 18:50 - 2014-07-24 03:54 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2014-09-15 18:50 - 2014-07-24 03:50 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-09-15 18:50 - 2014-07-24 03:50 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-09-15 18:50 - 2014-07-24 03:49 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2014-09-15 18:50 - 2014-07-24 03:47 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-09-15 18:50 - 2014-07-24 03:44 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-09-15 18:50 - 2014-07-24 03:33 - 03360768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-09-15 18:50 - 2014-07-24 03:28 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-09-15 18:50 - 2014-07-24 00:11 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-09-15 18:50 - 2014-07-24 00:11 - 00513544 _____ () C:\WINDOWS\system32\locale.nls
2014-09-15 18:50 - 2014-07-12 01:55 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2014-09-15 18:50 - 2014-07-12 00:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2014-09-15 18:50 - 2014-07-12 00:13 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-09-15 18:50 - 2014-07-04 06:29 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2014-09-15 18:50 - 2014-07-04 06:20 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-09-15 18:50 - 2014-07-04 06:06 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2014-09-15 18:50 - 2014-07-04 05:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-09-15 18:50 - 2014-07-04 05:27 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-09-15 18:50 - 2014-06-27 02:22 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-09-15 18:50 - 2014-06-25 20:32 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-09-15 18:50 - 2014-06-19 19:37 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-09-15 18:50 - 2014-06-18 22:13 - 00310080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-09-15 18:50 - 2014-06-05 10:00 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-09-15 18:50 - 2014-06-05 06:18 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-09-15 18:50 - 2014-06-05 05:42 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-09-15 18:50 - 2014-05-31 01:00 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2014-09-15 18:50 - 2014-05-31 00:18 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2014-09-15 18:50 - 2014-05-29 02:23 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-09-15 18:50 - 2014-05-29 01:25 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-09-15 18:50 - 2014-05-10 06:12 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-09-15 18:50 - 2014-05-10 04:46 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-09-15 18:50 - 2014-05-06 00:41 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-09-15 18:50 - 2014-05-05 20:55 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-09-15 18:50 - 2014-03-24 22:27 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-09-15 18:50 - 2014-03-24 22:27 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-09-15 18:50 - 2014-03-24 21:20 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-09-15 18:50 - 2014-03-24 21:20 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-09-15 18:49 - 2014-07-24 11:28 - 00280384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-09-15 18:49 - 2014-07-24 11:25 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-09-15 18:49 - 2014-07-24 11:20 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-09-15 18:49 - 2014-07-24 07:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2014-09-15 18:49 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2014-09-15 18:49 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL
2014-09-15 18:49 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2014-09-15 18:49 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2014-09-15 18:49 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2014-09-15 18:49 - 2014-07-24 07:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2014-09-15 18:49 - 2014-07-24 07:47 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-09-15 18:49 - 2014-07-24 07:41 - 00118272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2014-09-15 18:49 - 2014-07-24 07:33 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-09-15 18:49 - 2014-07-24 07:33 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-09-15 18:49 - 2014-07-24 07:22 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2014-09-15 18:49 - 2014-07-24 06:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2014-09-15 18:49 - 2014-07-24 06:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL
2014-09-15 18:49 - 2014-07-24 06:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2014-09-15 18:49 - 2014-07-24 06:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2014-09-15 18:49 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2014-09-15 18:49 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2014-09-15 18:49 - 2014-07-24 06:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2014-09-15 18:49 - 2014-07-24 06:33 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-09-15 18:49 - 2014-07-24 06:32 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2014-09-15 18:49 - 2014-07-24 06:12 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-09-15 18:49 - 2014-07-24 06:10 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2014-09-15 18:49 - 2014-07-24 05:42 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2014-09-15 18:49 - 2014-07-24 05:40 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-09-15 18:49 - 2014-07-24 05:32 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-09-15 18:49 - 2014-07-24 05:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-09-15 18:49 - 2014-07-24 05:27 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-09-15 18:49 - 2014-07-24 05:25 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-09-15 18:49 - 2014-07-24 05:21 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2014-09-15 18:49 - 2014-07-24 05:18 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2014-09-15 18:49 - 2014-07-24 05:14 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-09-15 18:49 - 2014-07-24 05:11 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2014-09-15 18:49 - 2014-07-24 05:04 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-09-15 18:49 - 2014-07-24 05:04 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-09-15 18:49 - 2014-07-24 04:58 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2014-09-15 18:49 - 2014-07-24 04:49 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-09-15 18:49 - 2014-07-24 04:49 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-09-15 18:49 - 2014-07-24 04:48 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-09-15 18:49 - 2014-07-24 04:47 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-09-15 18:49 - 2014-07-24 04:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2014-09-15 18:49 - 2014-07-24 04:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2014-09-15 18:49 - 2014-07-24 04:24 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-15 18:49 - 2014-07-24 04:18 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-09-15 18:49 - 2014-07-24 04:18 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-09-15 18:49 - 2014-07-24 04:15 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2014-09-15 18:49 - 2014-07-24 04:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-09-15 18:49 - 2014-07-24 04:12 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-15 18:49 - 2014-07-24 04:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-09-15 18:49 - 2014-07-24 04:06 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-09-15 18:49 - 2014-07-24 04:01 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-09-15 18:49 - 2014-07-24 04:00 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-09-15 18:49 - 2014-07-24 03:58 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-09-15 18:49 - 2014-07-24 03:58 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-09-15 18:49 - 2014-07-24 03:43 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-09-15 18:49 - 2014-07-24 03:43 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2014-09-15 18:49 - 2014-07-24 03:41 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-09-15 18:49 - 2014-07-12 01:23 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-09-15 18:49 - 2014-07-12 00:33 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-09-15 18:49 - 2014-07-09 19:19 - 00387391 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-09-15 18:49 - 2014-07-04 08:59 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-09-15 18:49 - 2014-07-04 06:00 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-09-15 18:49 - 2014-06-25 20:29 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2014-09-15 18:49 - 2014-06-07 08:46 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-09-15 18:49 - 2014-06-07 06:20 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-09-15 18:49 - 2014-05-29 01:20 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-09-15 18:49 - 2014-05-29 00:36 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-09-15 18:49 - 2014-05-26 03:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-09-14 23:40 - 2014-08-14 20:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-09-14 11:08 - 2014-09-14 11:08 - 00001398 _____ () C:\Users\mbrandau\Desktop\The Edge.lnk
2014-09-14 11:08 - 2014-09-14 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cerebra Software - The Edge
2014-09-14 11:07 - 2014-09-14 11:09 - 00000000 ____D () C:\EDGE
2014-09-14 11:03 - 2014-09-14 11:05 - 06931118 _____ (Cerebra Software Systems ) C:\Users\mbrandau\Downloads\Install-The-Edge-2014.exe
2014-09-14 11:00 - 2014-09-14 11:00 - 00001585 _____ () C:\Users\mbrandau\Desktop\The NFL Judge.lnk
2014-09-14 11:00 - 2014-09-14 11:00 - 00000000 ____D () C:\SPORTSJUDGE
2014-09-14 11:00 - 2014-09-14 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sports Judge - NFL Handicapper
2014-09-14 10:58 - 2014-09-14 10:58 - 02891944 _____ (Cerebra Software Systems ) C:\Users\mbrandau\Downloads\Install-The-NFL-Judge-2014.exe
2014-09-13 22:46 - 2014-09-21 22:57 - 00000761 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.txt
2014-09-12 20:32 - 2014-09-12 20:32 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-09-12 18:32 - 2014-08-15 22:40 - 23591424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-09-12 18:32 - 2014-08-15 22:04 - 17455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-09-12 18:32 - 2014-08-15 22:00 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-09-12 18:32 - 2014-08-15 22:00 - 02793984 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-09-12 18:32 - 2014-08-15 21:56 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-09-12 18:32 - 2014-08-15 21:54 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-09-12 18:32 - 2014-08-15 21:45 - 04232704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-09-12 18:32 - 2014-08-15 21:43 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-09-12 18:32 - 2014-08-15 21:32 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-09-12 18:32 - 2014-08-15 21:25 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-09-12 18:32 - 2014-08-15 21:22 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-09-12 18:32 - 2014-08-15 21:20 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-09-12 18:32 - 2014-08-15 21:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-09-12 18:32 - 2014-08-15 21:18 - 02185728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-09-12 18:32 - 2014-08-15 21:18 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-09-12 18:32 - 2014-08-15 21:11 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-09-12 18:32 - 2014-08-15 21:06 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-09-12 18:32 - 2014-08-15 21:05 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-09-12 18:32 - 2014-08-15 21:05 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-09-12 18:32 - 2014-08-15 21:03 - 02104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-09-12 18:32 - 2014-08-15 21:03 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-09-12 18:32 - 2014-08-15 20:58 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-12 18:32 - 2014-08-15 20:56 - 02310656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-09-12 18:32 - 2014-08-15 20:53 - 13588480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-09-12 18:32 - 2014-08-15 20:53 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-09-12 18:32 - 2014-08-15 20:53 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-09-12 18:32 - 2014-08-15 20:51 - 11769856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-09-12 18:32 - 2014-08-15 20:45 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-09-12 18:32 - 2014-08-15 20:44 - 02014208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-09-12 18:32 - 2014-08-15 20:44 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-09-12 18:32 - 2014-08-15 20:34 - 01447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-09-12 18:32 - 2014-08-15 20:20 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-09-12 18:32 - 2014-08-15 20:18 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-09-12 18:32 - 2014-08-15 20:14 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-09-12 18:32 - 2014-08-15 20:12 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-09-11 23:13 - 2014-07-23 23:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-09-11 23:13 - 2014-07-23 23:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-09-11 23:10 - 2014-09-04 22:36 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-09-11 23:10 - 2014-09-04 22:31 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-09-11 23:10 - 2014-09-04 20:48 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-09-11 23:10 - 2014-08-01 20:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-09-06 15:25 - 2014-09-06 15:25 - 00000000 ____D () C:\Program Files (x86)\Research In Motion Limited
2014-09-06 15:23 - 2014-09-06 15:24 - 00910336 _____ () C:\Users\mbrandau\Downloads\AppWorldInstaller-en.msi
2014-09-01 22:33 - 2014-09-01 22:33 - 00112128 _____ () C:\Users\mbrandau\Desktop\HSBC-2 200 Accounts.xls
2014-09-01 22:32 - 2014-09-01 22:32 - 00115200 _____ () C:\Users\mbrandau\Desktop\HSBC-1 200 Accounts.xls
2014-09-01 15:47 - 2014-09-01 15:48 - 00417824 _____ () C:\Users\mbrandau\Downloads\DellSystemDetect (7).exe
2014-09-01 13:25 - 2014-09-01 13:25 - 00000000 ____D () C:\Users\mbrandau\Downloads\Driver Toolkit 8.3
2014-09-01 13:23 - 2014-09-01 13:23 - 00001007 _____ () C:\Users\mbrandau\Downloads\[kickass.to]driver.toolkit.8.3.the.pirate.torrent
2014-09-01 13:01 - 2014-09-01 13:01 - 00000000 ____D () C:\ProgramData\PCDr
2014-09-01 13:01 - 2014-09-01 13:01 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows
2014-09-01 13:01 - 2014-09-01 13:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2014-09-01 13:01 - 2014-09-01 13:01 - 00000000 ____D () C:\Program Files\Dell Support Center
2014-09-01 13:00 - 2014-09-01 13:01 - 00000000 ____D () C:\Program Files\My Dell
2014-09-01 12:59 - 2014-09-01 13:10 - 00000000 ____D () C:\temp
2014-09-01 12:59 - 2014-09-01 12:59 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\PCDr
2014-08-31 19:58 - 2014-08-31 19:58 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2014-08-31 19:57 - 2014-08-31 19:58 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\Deployment
2014-08-31 19:57 - 2014-08-31 19:57 - 00417824 _____ () C:\Users\mbrandau\Downloads\DellSystemDetect (6).exe
2014-08-31 19:35 - 2014-08-31 19:35 - 02396224 _____ (Megaify Software ) C:\Users\mbrandau\Downloads\driver_setup (1).exe
2014-08-31 19:34 - 2014-08-31 19:34 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\DriverToolkit
2014-08-31 19:33 - 2014-08-31 19:33 - 02396224 _____ (Megaify Software ) C:\Users\mbrandau\Downloads\driver_setup.exe
2014-08-28 09:09 - 2014-08-22 20:42 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-25 15:06 - 2014-08-25 15:06 - 00051670 _____ () C:\Users\mbrandau\Desktop\For Sale Mixed Payday Loans CO 2010-2011 173 AC 96k Face W  Fees 138k - MASKED.xlsx
2014-08-25 15:03 - 2014-08-25 15:03 - 00062702 _____ () C:\Users\mbrandau\Desktop\For Sale Mixed CC's 2008 CO 247 Accounts 462k MASKED.xlsx
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-22 18:51 - 2014-09-21 20:43 - 00024114 _____ () C:\Users\mbrandau\Downloads\FRST.txt
2014-09-22 18:51 - 2014-09-21 20:42 - 00000000 ____D () C:\FRST
2014-09-22 18:44 - 2014-06-05 00:33 - 00000000 __RDO () C:\Users\mbrandau\OneDrive
2014-09-22 18:44 - 2014-06-05 00:27 - 01807007 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-22 16:46 - 2014-05-20 16:37 - 00000000 ____D () C:\Users\mbrandau\Documents\Outlook Files
2014-09-22 16:00 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-09-22 15:18 - 2014-09-22 12:37 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-717003261-2532330135-182091199-1001
2014-09-22 15:11 - 2014-09-22 15:11 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-22 15:10 - 2014-09-22 15:10 - 02347384 _____ (ESET) C:\Users\mbrandau\Desktop\esetsmartinstaller_enu.exe
2014-09-22 15:10 - 2014-09-22 15:09 - 02347384 _____ (ESET) C:\Users\mbrandau\Downloads\esetsmartinstaller_enu.exe
2014-09-22 15:08 - 2014-05-19 23:36 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-22 15:07 - 2014-09-22 15:07 - 00001171 _____ () C:\Users\mbrandau\Desktop\Fixlog.lnk
2014-09-22 15:06 - 2014-09-17 20:29 - 00000000 ____D () C:\ProgramData\MediaMall
2014-09-22 15:06 - 2014-09-16 21:59 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-09-22 15:05 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-22 15:04 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-09-22 15:03 - 2014-09-22 12:27 - 00000323 _____ () C:\Users\mbrandau\Desktop\fixlist.txt
2014-09-22 14:52 - 2014-05-20 16:26 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\uTorrent
2014-09-22 12:46 - 2014-09-22 12:46 - 00083865 _____ () C:\Users\mbrandau\Desktop\FRST 9.22.14.txt
2014-09-22 12:40 - 2014-09-22 12:40 - 00084441 _____ () C:\Users\mbrandau\Downloads\FRST 9.22.14.txt
2014-09-22 12:33 - 2014-09-22 12:33 - 00000000 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.bak
2014-09-22 12:30 - 2014-03-18 05:54 - 00032892 _____ () C:\WINDOWS\PFRO.log
2014-09-22 12:28 - 2014-09-21 20:57 - 00001488 _____ () C:\Users\mbrandau\Desktop\FRST64 - Shortcut.lnk
2014-09-22 12:27 - 2014-09-22 12:27 - 00001846 _____ () C:\Users\mbrandau\Downloads\fixlist (1).txt
2014-09-21 22:57 - 2014-09-13 22:46 - 00000761 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.txt
2014-09-21 20:56 - 2014-09-21 20:56 - 00084946 _____ () C:\Users\mbrandau\Desktop\FRST.txt
2014-09-21 20:50 - 2014-09-21 20:50 - 00040859 _____ () C:\Users\mbrandau\Desktop\Addition.txt
2014-09-21 20:45 - 2014-09-21 20:44 - 00040859 _____ () C:\Users\mbrandau\Downloads\Addition.txt
2014-09-21 20:42 - 2014-09-21 20:42 - 02105856 _____ (Farbar) C:\Users\mbrandau\Downloads\FRST64.exe
2014-09-21 19:59 - 2014-09-21 19:59 - 00016458 _____ () C:\Users\mbrandau\Desktop\hijackthis 9.21.14
2014-09-21 19:40 - 2014-05-19 23:12 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\VirtualStore
2014-09-21 19:36 - 2013-08-22 10:44 - 00540032 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-20 07:11 - 2014-09-15 19:48 - 00000000 ____D () C:\Program Files (x86)\Hide ALL IP
2014-09-19 22:01 - 2014-09-19 22:01 - 00001526 _____ () C:\Users\mbrandau\Desktop\HijackThis - Shortcut.lnk
2014-09-19 21:59 - 2014-09-19 21:59 - 00388608 _____ (Trend Micro Inc.) C:\Users\mbrandau\Downloads\HijackThis.exe
2014-09-19 21:49 - 2014-09-19 21:49 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\Panda Security
2014-09-19 21:49 - 2014-09-19 21:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
2014-09-19 21:49 - 2014-09-19 21:49 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-09-19 21:49 - 2014-09-19 21:47 - 00000000 ____D () C:\ProgramData\Panda Security
2014-09-19 21:46 - 2014-09-19 21:46 - 01329312 _____ () C:\Users\mbrandau\Downloads\PANDAFREEAV.exe
2014-09-19 21:38 - 2014-09-17 22:27 - 01474832 _____ () C:\WINDOWS\system32\Drivers\sfi.dat
2014-09-19 21:38 - 2014-05-20 18:13 - 00000716 _____ () C:\WINDOWS\pvsw.log
2014-09-19 21:34 - 2014-06-08 03:02 - 00000384 _____ () C:\WINDOWS\WinInit.Ini
2014-09-18 20:54 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-09-18 19:06 - 2014-03-18 06:03 - 00865448 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-09-18 19:01 - 2014-09-17 23:18 - 00039820 _____ () C:\WINDOWS\system32\Drivers\fvstore.dat
2014-09-18 01:30 - 2014-07-05 19:04 - 00001945 _____ () C:\Users\mbrandau\Desktop\DivX Movies.lnk
2014-09-18 01:30 - 2014-05-20 16:27 - 00001107 _____ () C:\Users\mbrandau\Desktop\µTorrent.lnk
2014-09-17 23:18 - 2014-09-17 23:18 - 00000000 ___HD () C:\VTRoot
2014-09-17 23:05 - 2014-06-28 17:03 - 00000000 ____D () C:\WINDOWS\AutoKMS
2014-09-17 22:28 - 2012-07-26 01:37 - 00000000 ____D () C:\Users\Default.migrated
2014-09-17 22:27 - 2014-09-17 22:26 - 00000000 ____D () C:\Program Files\COMODO
2014-09-17 22:27 - 2014-09-17 22:22 - 00000000 ____D () C:\ProgramData\Comodo
2014-09-17 22:26 - 2014-09-17 22:26 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-09-17 22:21 - 2014-09-17 22:20 - 230403216 _____ (COMODO) C:\Users\mbrandau\Downloads\cispremium_installer_5997_92.exe
2014-09-17 21:47 - 2014-09-17 21:47 - 00008136 _____ () C:\Users\mbrandau\Downloads\FirstRow (1).lua
2014-09-17 21:10 - 2014-09-17 21:10 - 00008136 _____ () C:\Users\mbrandau\Downloads\FirstRow.lua
2014-09-17 20:59 - 2014-09-17 20:57 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\vlc
2014-09-17 20:57 - 2014-09-17 20:57 - 00001084 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-17 20:57 - 2014-09-17 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-17 20:57 - 2014-09-17 20:57 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-09-17 20:56 - 2014-09-17 20:56 - 24743106 _____ () C:\Users\mbrandau\Downloads\vlc-2.1.5-win32.exe
2014-09-17 20:53 - 2014-09-17 20:52 - 40614608 _____ () C:\Users\mbrandau\Downloads\vlc-2.1.5-win32.zip
2014-09-17 20:50 - 2014-09-17 20:49 - 67610856 _____ (MediaMall Technologies, Inc. ) C:\Users\mbrandau\Downloads\MyMediaSetup.3.10.3.exe
2014-09-17 20:50 - 2014-09-17 20:29 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2014-09-17 20:44 - 2014-09-17 20:44 - 02647688 _____ (MediaMall Technologies, Inc.) C:\Users\mbrandau\Downloads\PlayLaterSetup.1.6.3.exe
2014-09-17 20:44 - 2014-09-17 20:44 - 00000983 _____ () C:\Users\Public\Desktop\PlayLater.lnk
2014-09-17 20:44 - 2014-09-17 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayLater
2014-09-17 20:44 - 2014-09-17 20:29 - 00000000 ____D () C:\Program Files (x86)\MediaMall
2014-09-17 20:32 - 2013-08-22 10:46 - 00293312 _____ () C:\WINDOWS\setupact.log
2014-09-17 20:31 - 2014-09-17 20:31 - 00002067 _____ () C:\Users\Public\Desktop\PlayOn.lnk
2014-09-17 20:31 - 2014-09-17 20:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayOn
2014-09-17 20:28 - 2014-09-17 20:27 - 67409128 _____ (MediaMall Technologies, Inc. ) C:\Users\mbrandau\Downloads\PlayOnSetup.3.10.3.exe
2014-09-17 18:28 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-09-17 03:20 - 2012-07-26 04:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-09-16 22:16 - 2012-07-26 03:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-16 22:00 - 2014-09-16 21:59 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\Plex Media Server
2014-09-16 21:59 - 2014-09-16 21:59 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\Apple Computer
2014-09-16 21:59 - 2014-09-16 21:59 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\Apple Computer
2014-09-16 21:59 - 2014-09-16 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2014-09-16 21:58 - 2014-09-16 21:58 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-16 21:58 - 2014-09-16 21:58 - 00000000 ____D () C:\Program Files (x86)\Plex
2014-09-16 21:57 - 2014-09-16 21:57 - 62222680 _____ (Plex, Inc.) C:\Users\mbrandau\Downloads\Plex-Media-Server-0.9.914.531-7eef8c6-en-US (1).exe
2014-09-16 21:56 - 2014-09-16 21:56 - 62222680 _____ (Plex, Inc.) C:\Users\mbrandau\Downloads\Plex-Media-Server-0.9.914.531-7eef8c6-en-US.exe
2014-09-16 21:15 - 2014-09-16 21:15 - 00000029 _____ () C:\Users\mbrandau\Desktop\Wireless Router Info.txt
2014-09-16 19:40 - 2014-05-20 16:27 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\Search Protection
2014-09-16 19:40 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-09-16 19:21 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-09-16 19:04 - 2014-05-22 14:08 - 00003929 ____H () C:\WINDOWS\SysWOW64\BTImages.dat
2014-09-16 18:22 - 2014-09-16 18:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-16 18:21 - 2014-09-16 18:21 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\mbrandau\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-16 06:50 - 2014-03-18 05:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-16 06:50 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-09-16 06:50 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-16 06:50 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-16 06:50 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-09-16 06:50 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-09-16 06:50 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-09-16 06:50 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-09-16 06:50 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-09-15 21:13 - 2014-05-22 13:36 - 00000128 _____ () C:\WINDOWS\SysWOW64\pdfl.dat
2014-09-15 19:48 - 2014-09-15 19:48 - 04061768 _____ (www.hideallip.com ) C:\Users\mbrandau\Desktop\hideallipsetup.exe
2014-09-15 19:48 - 2014-09-15 19:48 - 00001047 _____ () C:\Users\Public\Desktop\Hide ALL IP.lnk
2014-09-15 19:48 - 2014-09-15 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hide ALL IP
2014-09-14 12:24 - 2014-07-08 20:37 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-09-14 11:09 - 2014-09-14 11:07 - 00000000 ____D () C:\EDGE
2014-09-14 11:08 - 2014-09-14 11:08 - 00001398 _____ () C:\Users\mbrandau\Desktop\The Edge.lnk
2014-09-14 11:08 - 2014-09-14 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cerebra Software - The Edge
2014-09-14 11:05 - 2014-09-14 11:03 - 06931118 _____ (Cerebra Software Systems ) C:\Users\mbrandau\Downloads\Install-The-Edge-2014.exe
2014-09-14 11:00 - 2014-09-14 11:00 - 00001585 _____ () C:\Users\mbrandau\Desktop\The NFL Judge.lnk
2014-09-14 11:00 - 2014-09-14 11:00 - 00000000 ____D () C:\SPORTSJUDGE
2014-09-14 11:00 - 2014-09-14 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sports Judge - NFL Handicapper
2014-09-14 10:58 - 2014-09-14 10:58 - 02891944 _____ (Cerebra Software Systems ) C:\Users\mbrandau\Downloads\Install-The-NFL-Judge-2014.exe
2014-09-12 20:32 - 2014-09-12 20:32 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-09-12 18:34 - 2014-05-20 17:29 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-12 18:33 - 2014-06-11 22:03 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-09-12 18:33 - 2014-06-11 22:03 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-09-12 18:32 - 2014-06-11 22:03 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-09-12 18:32 - 2014-06-11 22:03 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-09-12 18:32 - 2014-06-11 22:03 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-09-12 18:32 - 2014-06-11 22:03 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-09-12 18:32 - 2014-06-11 22:03 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-09-12 18:32 - 2014-06-11 22:03 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-09-12 18:32 - 2014-06-11 22:03 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-09-12 18:32 - 2014-06-11 22:03 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-09-12 18:32 - 2014-06-11 22:03 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-09-12 18:32 - 2014-06-11 22:03 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-09-12 18:32 - 2014-06-11 22:03 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-09-12 18:32 - 2014-06-11 22:03 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-09-12 18:32 - 2014-06-05 00:48 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-09-12 18:32 - 2014-06-05 00:48 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-09-12 18:32 - 2014-05-20 00:36 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-12 18:25 - 2014-05-20 00:36 - 101694776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-09-06 20:15 - 2013-08-22 10:46 - 00000262 _____ () C:\WINDOWS\setuperr.log
2014-09-06 15:25 - 2014-09-06 15:25 - 00000000 ____D () C:\Program Files (x86)\Research In Motion Limited
2014-09-06 15:24 - 2014-09-06 15:23 - 00910336 _____ () C:\Users\mbrandau\Downloads\AppWorldInstaller-en.msi
2014-09-04 22:36 - 2014-09-11 23:10 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-09-04 22:31 - 2014-09-11 23:10 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-09-04 20:48 - 2014-09-11 23:10 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-09-02 16:06 - 2013-08-22 11:38 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-09-02 16:06 - 2013-08-22 11:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-01 22:33 - 2014-09-01 22:33 - 00112128 _____ () C:\Users\mbrandau\Desktop\HSBC-2 200 Accounts.xls
2014-09-01 22:32 - 2014-09-01 22:32 - 00115200 _____ () C:\Users\mbrandau\Desktop\HSBC-1 200 Accounts.xls
2014-09-01 15:48 - 2014-09-01 15:47 - 00417824 _____ () C:\Users\mbrandau\Downloads\DellSystemDetect (7).exe
2014-09-01 13:25 - 2014-09-01 13:25 - 00000000 ____D () C:\Users\mbrandau\Downloads\Driver Toolkit 8.3
2014-09-01 13:10 - 2014-09-01 12:59 - 00000000 ____D () C:\temp
2014-09-01 13:01 - 2014-09-01 13:01 - 00000000 ____D () C:\ProgramData\PCDr
2014-09-01 13:01 - 2014-09-01 13:01 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows
2014-09-01 13:01 - 2014-09-01 13:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2014-09-01 13:01 - 2014-09-01 13:01 - 00000000 ____D () C:\Program Files\Dell Support Center
2014-09-01 13:01 - 2014-09-01 13:00 - 00000000 ____D () C:\Program Files\My Dell
2014-09-01 12:59 - 2014-09-01 12:59 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\PCDr
2014-08-31 19:58 - 2014-08-31 19:58 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2014-08-31 19:58 - 2014-08-31 19:57 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\Deployment
2014-08-31 19:57 - 2014-08-31 19:57 - 00417824 _____ () C:\Users\mbrandau\Downloads\DellSystemDetect (6).exe
2014-08-31 19:35 - 2014-08-31 19:35 - 02396224 _____ (Megaify Software ) C:\Users\mbrandau\Downloads\driver_setup (1).exe
2014-08-31 19:34 - 2014-08-31 19:34 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\DriverToolkit
2014-08-31 19:33 - 2014-08-31 19:33 - 02396224 _____ (Megaify Software ) C:\Users\mbrandau\Downloads\driver_setup.exe
2014-08-29 14:21 - 2014-05-20 16:37 - 00000000 ____D () C:\Users\mbrandau\Documents\Secret Shopper Scans
2014-08-27 18:43 - 2014-06-09 23:05 - 00000000 ____D () C:\Users\mbrandau\AppData\Roaming\HpUpdate
2014-08-27 14:36 - 2014-07-23 19:09 - 00000000 ____D () C:\Users\mbrandau\AppData\Local\Research In Motion
2014-08-25 15:06 - 2014-08-25 15:06 - 00051670 _____ () C:\Users\mbrandau\Desktop\For Sale Mixed Payday Loans CO 2010-2011 173 AC 96k Face W  Fees 138k - MASKED.xlsx
2014-08-25 15:03 - 2014-08-25 15:03 - 00062702 _____ () C:\Users\mbrandau\Desktop\For Sale Mixed CC's 2008 CO 247 Accounts 462k MASKED.xlsx
2014-08-23 03:48 - 2014-09-15 18:52 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-08-23 03:13 - 2014-09-15 18:53 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-08-23 02:10 - 2014-09-15 18:52 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-08-23 01:32 - 2014-09-15 18:52 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-08-23 00:44 - 2014-09-15 18:52 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-23 00:34 - 2014-09-15 18:52 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-08-23 00:33 - 2014-09-15 18:53 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-08-23 00:31 - 2014-09-15 18:52 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-23 00:20 - 2014-09-15 18:52 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
 
Files to move or delete:
====================
C:\Users\mbrandau\Setup_BTW12.0.0.7850_Win8_USB_DELL_DW1704_WLAN_6.30.223.215_App230_20140226.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-22 15:18
 
==================== End Of Log ============================


#10 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 PM

Posted 22 September 2014 - 07:14 PM

Very good, no more active malware has been found - just a lot of stuff that has been quarantined by your antivirus software or FRST.

That's it! Your logs look clean to me at the moment.
We're gonna clean up everything now and in the end I'll provide you with a list of security tips so you hopefully will not need our help anymore in the future.


My help is free for everybody.
If you want to support me fighting against malware or buy me a beer for the assistance you received, then you can consider a donation: btn_donate_SM.gif.
Thank you!



Clean Up

Now we remove all the tools we used (including their logs and quarantine folders), restore your settings and delete old and infected system restorepoints:
  • You can uninstall programs that you had to install (e.g. MBAM or ESET Onlinescanner) in the control panel if you so wish.
  • Download DelFix (by Xplode) and save it to your Desktop.
    • Close all running programs and start delfix.exe.
    • Make sure that all available options are checked.
    • Click on Run
    • DelFix should remove all our tools and delete itself afterwards. I don't need the log file.
  • If there is still something left you can delete it manually.


Tips

I recommend to read and follow the "16 simple and easy ways to keep your computer safe and secure on the Internet" (Link) by Lawrence Abrams.

#11 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 PM

Posted 29 September 2014 - 09:22 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users