Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I live in constant fear every time I restart my computer. PLEASE end my nightmar


  • This topic is locked This topic is locked
15 replies to this topic

#1 Leeland

Leeland

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:15 PM

Posted 26 September 2014 - 12:39 PM

Mod Edit: Moved to Virus, Trojan, Spyware, and Malware Removal Logs ~~ boopme

I discovered after moving to San Diego 3 weeks ago that I have a trojan/rookit like macilous program on my computer upon restarting.
 
At the time I was running windows 7.
 
Symptoms were:
 
Hidden Desktop Icons and Boot up lag/black screen
 
After a week of trying to fix it I gave up and reformatted while also upgrading to windows 8.1. (This was a full reformat)
 
I had the same issues though not nearly as bad since this 'virus' was tailored for Windows 7. (I guess?)
 
My screen would remain blank of coloured (w.e colour I picked upon installation) after the Windows 8 loading icon. (I would never make it to the login screen)
 
And if I refreshed and got my system up again- I could not let Windows 8 go into sleep mode because the taskbar would be locked after waking it back up. If I ran any games they would sometimes freeze the PC whereas they used to run fine.
 
So I would either: Engage reaper mode and refresh, or reboot in Safe Mode with networking. I've run several different sorts of scans- but I will do w.e is asked.
 
I originally thought I was having a driver issue on Windows 8- so I reinstalled windows 7 last night. I am having issues restarting PC and it's literally a 'fingers crossed' everytime kind of deal. I had to run safe mode and Roguekiller just to get back to normal windows. Though this problem never truly seems to go away.
 
So I've run RogueKiller again just to show you guys what I get EVERY time I run the scan- and I'd really like some help figuring this elegant bastard out.
 
">http://2qasprn.jpg

Edited by boopme, 26 September 2014 - 01:21 PM.


BC AdBot (Login to Remove)

 


#2 Leeland

Leeland
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:15 PM

Posted 26 September 2014 - 11:30 PM

Still hoping for help.



#3 Leeland

Leeland
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:15 PM

Posted 27 September 2014 - 05:39 AM

Oi. Justice Bump



#4 Leeland

Leeland
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:15 PM

Posted 28 September 2014 - 02:25 AM

zzzzz



#5 Leeland

Leeland
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:15 PM

Posted 28 September 2014 - 04:54 PM

wtf



#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,578 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:15 PM

Posted 30 September 2014 - 07:01 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

I understand that you now are operating with the Windows 7. I suggest you do not try to install windows 8 until this problem is solved.

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).
  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.
POST THE LOG FOR MY REVIEW.

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.
To attach a file select the "More Reply Option" and follow the instructions.

How is the computer running?

#7 Leeland

Leeland
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:15 PM

Posted 01 October 2014 - 01:48 PM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

I understand that you now are operating with the Windows 7. I suggest you do not try to install windows 8 until this problem is solved.

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).

  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.
POST THE LOG FOR MY REVIEW.

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

===



How is the computer running?

 

 

 

I attempted to install and run Malwarebytes- however this continues to happen.

http://i61.tinypic.com/346pe1t.jpg

Last night and the day before when I awoke (not letting computer sleep or power down) the was an error message telling me that my version of Windows 7's key was invalid (though it's on the side of my machine, a Lenovo desktop) I just exit from this dialogue- and continue using the computer. But other than this virus- I am unsure or what would happen if I tried it restart- perhaps it would not let me use Windows 7 unless I repaid for a key..?


Edited by Leeland, 01 October 2014 - 01:49 PM.


#8 Leeland

Leeland
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:15 PM

Posted 01 October 2014 - 02:14 PM

 

===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).

 

 

# AdwCleaner v3.310 - Report created 24/09/2014 at 23:54:14

 

# Updated 12/09/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Leeland - PCPLEASE
# Running from : C:\Users\Leeland\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17278
 
 
-\\ Mozilla Firefox v32.0.3 (x86 en-US)
 
[ File : C:\Users\Leeland\AppData\Roaming\Mozilla\Firefox\Profiles\w2aqx5es.default\prefs.js ]
 
 
*************************
 
AdwCleaner[R0].txt - [659 octets] - [24/09/2014 23:54:14]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [718 octets] ##########
# AdwCleaner v3.311 - Report created 01/10/2014 at 11:51:53
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Leeland - LEELAND-PC
# Running from : C:\Users\Leeland\Downloads\adwcleaner_3.311.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17280
 
 
-\\ Google Chrome v37.0.2062.124
 
[ File : C:\Users\Leeland\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [1473 octets] - [24/09/2014 23:54:14]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1533 octets] ##########


#9 Leeland

Leeland
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:15 PM

Posted 01 October 2014 - 02:19 PM

===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.
To attach a file select the "More Reply Option" and follow the instructions.

How is the computer running?

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-10-2014
Ran by Leeland (administrator) on LEELAND-PC on 01-10-2014 12:15:58
Running from C:\Users\Leeland\Downloads
Loaded Profile: Leeland (Available profiles: Leeland)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Microsoft Corporation) C:\Windows\System32\calc.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
() C:\Users\Leeland\Downloads\adwcleaner_3.311.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2461504 2014-09-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xCA45F3452AD9CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\Leeland\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Leeland\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-25]
CHR Extension: (Google Docs) - C:\Users\Leeland\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-25]
CHR Extension: (Google Drive) - C:\Users\Leeland\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Leeland\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-25]
CHR Extension: (YouTube) - C:\Users\Leeland\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-25]
CHR Extension: (Google Search) - C:\Users\Leeland\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-25]
CHR Extension: (Google Sheets) - C:\Users\Leeland\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-25]
CHR Extension: (Google Wallet) - C:\Users\Leeland\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-25]
CHR Extension: (Gmail) - C:\Users\Leeland\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-25]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-09-16] (NVIDIA Corporation)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-09-26] (SurfRight B.V.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-09-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19440960 2014-09-16] (NVIDIA Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20288 2014-09-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [34808 2014-10-01] ()
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-01 12:15 - 2014-10-01 12:16 - 00007408 _____ () C:\Users\Leeland\Downloads\FRST.txt
2014-10-01 12:15 - 2014-10-01 12:15 - 02108928 _____ (Farbar) C:\Users\Leeland\Downloads\FRST64.exe
2014-10-01 12:15 - 2014-10-01 12:15 - 00000000 ____D () C:\FRST
2014-10-01 11:51 - 2014-10-01 11:51 - 01375089 _____ () C:\Users\Leeland\Downloads\adwcleaner_3.311.exe
2014-09-26 10:07 - 2014-10-01 11:39 - 00000000 ____D () C:\Users\Leeland\AppData\Local\CrashDumps
2014-09-26 09:36 - 2014-09-26 09:46 - 00000000 ____D () C:\Users\Leeland\Desktop\mbar
2014-09-26 09:36 - 2014-09-26 09:46 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-09-26 09:35 - 2014-09-26 09:36 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Leeland\Downloads\mbar-1.07.0.1012.exe
2014-09-26 09:33 - 2014-10-01 11:23 - 00034808 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-09-26 09:33 - 2014-09-26 09:33 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-09-26 09:32 - 2014-09-26 09:32 - 04893784 _____ () C:\Users\Leeland\Downloads\RogueKiller.exe
2014-09-26 09:18 - 2014-09-26 09:18 - 11194928 _____ (SurfRight B.V.) C:\Users\Leeland\Downloads\HitmanPro_x64.exe
2014-09-26 09:18 - 2014-09-26 09:18 - 00001893 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-09-26 09:18 - 2014-09-26 09:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-09-26 09:18 - 2014-09-26 09:18 - 00000000 ____D () C:\Program Files\HitmanPro
2014-09-26 09:17 - 2014-09-26 09:23 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-09-26 09:17 - 2014-09-26 09:17 - 10280824 _____ (SurfRight B.V.) C:\Users\Leeland\Downloads\hitmanpro.exe
2014-09-26 09:13 - 2014-09-26 09:13 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Leeland\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-09-26 09:10 - 2014-09-26 09:10 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Leeland\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-26 09:10 - 2014-09-26 09:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-26 08:21 - 2014-09-26 08:21 - 13087456 _____ (Microsoft Corporation) C:\Users\Leeland\Downloads\Silverlight_x64.exe
2014-09-26 08:21 - 2014-09-26 08:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-26 08:21 - 2014-09-26 08:21 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-26 08:21 - 2014-09-26 08:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-26 04:14 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-09-26 04:05 - 2014-09-26 04:05 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-26 04:05 - 2014-09-26 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-26 04:05 - 2014-09-26 04:05 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-26 04:05 - 2014-09-26 04:05 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-26 04:05 - 2014-09-26 04:05 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-26 04:05 - 2014-09-26 04:05 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-26 04:05 - 2014-09-26 04:05 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-09-26 04:05 - 2014-09-26 04:05 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-09-26 04:05 - 2014-09-26 04:05 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-09-26 04:05 - 2014-09-26 04:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-09-26 04:05 - 2014-09-26 04:05 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-09-26 04:05 - 2014-09-26 04:05 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-09-26 04:05 - 2014-09-26 04:05 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-09-26 04:05 - 2014-09-26 04:05 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-09-26 04:05 - 2014-09-26 04:05 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-26 04:05 - 2014-09-26 04:05 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-26 04:05 - 2014-09-26 04:05 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-26 04:05 - 2014-09-26 04:05 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-09-26 04:05 - 2014-09-26 04:05 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-09-26 04:05 - 2014-09-26 04:05 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-09-26 04:05 - 2014-09-26 04:05 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-09-26 04:05 - 2014-09-26 04:05 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-09-26 04:05 - 2014-09-26 04:05 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-09-26 04:05 - 2014-09-26 04:05 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-09-26 04:05 - 2014-09-26 04:05 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-26 04:05 - 2014-09-26 04:05 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-09-26 04:05 - 2014-09-26 04:05 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-26 04:05 - 2014-09-26 04:05 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-09-26 04:05 - 2014-09-26 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-26 04:03 - 2014-09-26 04:03 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-09-26 04:03 - 2014-09-26 04:03 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-09-26 04:03 - 2014-09-26 04:03 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-09-26 04:03 - 2014-09-26 04:03 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-09-26 04:03 - 2014-09-26 04:03 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-09-26 04:03 - 2014-09-26 04:03 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-09-26 04:02 - 2014-09-26 04:02 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-09-26 04:02 - 2014-09-26 04:02 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-09-26 03:56 - 2014-09-26 03:56 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-09-26 03:54 - 2014-09-26 03:54 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-09-26 03:54 - 2014-09-26 03:54 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-09-26 03:53 - 2014-09-26 04:14 - 00013754 _____ () C:\Windows\IE11_main.log
2014-09-26 03:11 - 2014-08-29 13:01 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-26 03:09 - 2012-02-29 23:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-09-26 03:09 - 2012-02-29 23:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-09-26 03:09 - 2012-02-29 22:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2014-09-26 03:01 - 2014-06-30 15:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-09-26 03:01 - 2014-06-30 15:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-09-26 03:01 - 2014-06-05 23:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-09-26 03:01 - 2014-06-05 23:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-09-26 03:01 - 2014-03-09 14:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-09-26 03:01 - 2014-03-09 14:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-09-26 03:01 - 2014-03-09 14:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-09-26 03:01 - 2014-03-09 14:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-09-26 01:48 - 2014-09-26 01:48 - 00000000 ____D () C:\Users\Leeland\AppData\Roaming\LolClient
2014-09-26 01:47 - 2014-09-26 01:47 - 00000000 ____D () C:\Users\Leeland\AppData\Roaming\Macromedia
2014-09-26 01:33 - 2014-09-26 01:33 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-09-26 01:32 - 2014-09-26 10:05 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-26 01:32 - 2014-09-13 16:48 - 00073872 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-09-26 01:32 - 2014-09-13 16:48 - 00060560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-09-26 01:32 - 2014-09-13 14:53 - 06890696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-09-26 01:32 - 2014-09-13 14:53 - 03529872 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-09-26 01:32 - 2014-09-13 14:53 - 00934216 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-09-26 01:32 - 2014-09-13 14:53 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-09-26 01:32 - 2014-09-13 14:53 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-09-26 01:32 - 2014-09-13 13:13 - 00613696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-09-26 01:32 - 2014-09-11 08:37 - 03961833 _____ () C:\Windows\system32\nvcoproc.bin
2014-09-26 01:31 - 2014-09-16 21:51 - 01538880 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-09-26 01:31 - 2014-09-16 21:51 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-09-26 01:31 - 2014-09-16 21:51 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 31887680 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 24552592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 20589536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 19954520 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 18106152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 16875856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 14026304 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 13939272 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 13157696 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-09-26 01:31 - 2014-09-13 16:48 - 11392576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 11330776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 04287296 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 04008592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 03223120 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 02838424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434411.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434411.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 00984424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 00957584 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 00925896 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 00919240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 00894096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 00867528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 00501064 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 00417096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 00393024 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 00348304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-09-26 01:31 - 2014-09-13 16:48 - 00026956 _____ () C:\Windows\system32\nvinfo.pb
2014-09-26 01:19 - 2011-12-16 01:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-09-26 01:19 - 2011-12-16 00:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2014-09-26 01:19 - 2011-04-08 23:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-09-26 01:19 - 2011-04-08 22:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-09-26 01:18 - 2014-03-24 19:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-26 01:18 - 2014-03-24 19:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-26 01:18 - 2013-07-04 05:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-09-26 01:18 - 2013-07-04 04:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-09-26 01:18 - 2013-02-14 23:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-09-26 01:18 - 2013-02-14 23:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-09-26 01:18 - 2013-02-14 23:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-09-26 01:18 - 2013-02-14 21:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-09-26 01:18 - 2013-02-14 21:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-09-26 01:18 - 2013-02-14 20:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-09-26 01:18 - 2011-06-15 03:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-09-26 01:18 - 2011-06-15 03:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-09-26 01:18 - 2011-06-15 03:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-09-26 01:18 - 2011-06-15 03:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-09-26 01:18 - 2011-06-15 01:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2014-09-26 01:18 - 2011-06-15 01:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2014-09-26 01:18 - 2011-06-15 01:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2014-09-26 01:18 - 2011-06-15 01:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2014-09-26 01:18 - 2011-06-15 01:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2014-09-26 01:17 - 2013-07-08 22:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-09-26 01:17 - 2013-07-08 21:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-09-26 01:17 - 2011-10-25 22:25 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-09-26 01:17 - 2011-10-25 22:25 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-26 01:17 - 2011-10-25 21:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-09-26 01:17 - 2011-10-25 21:32 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-26 01:17 - 2010-12-23 03:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-09-26 01:17 - 2010-12-23 03:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-09-26 01:17 - 2010-12-23 03:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-09-26 01:17 - 2010-12-22 22:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2014-09-26 01:17 - 2010-12-22 22:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2014-09-26 01:17 - 2010-12-22 22:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2014-09-26 01:16 - 2011-07-08 19:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-09-26 01:16 - 2011-04-26 19:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-09-26 01:16 - 2011-04-26 19:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-09-26 01:15 - 2011-11-16 23:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-09-26 01:15 - 2011-11-16 22:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2014-09-26 01:14 - 2014-04-24 19:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-09-26 01:14 - 2014-04-24 19:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-09-26 01:14 - 2014-01-28 19:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-09-26 01:14 - 2014-01-28 19:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-09-26 01:14 - 2013-10-05 13:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-09-26 01:14 - 2013-10-05 12:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-09-26 01:14 - 2013-07-08 22:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-09-26 01:14 - 2013-07-08 22:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-09-26 01:14 - 2013-07-08 21:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-09-26 01:14 - 2013-07-08 21:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-09-26 01:13 - 2014-04-04 19:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-26 01:13 - 2014-04-04 19:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-09-26 01:13 - 2013-11-26 04:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-09-26 01:13 - 2013-10-18 19:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-09-26 01:13 - 2013-10-18 18:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-09-26 01:13 - 2013-04-12 07:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-09-26 01:12 - 2014-06-17 19:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-09-26 01:12 - 2014-06-17 18:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-09-26 01:12 - 2014-06-06 03:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-09-26 01:12 - 2014-06-06 02:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-09-26 01:12 - 2014-03-26 07:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-09-26 01:12 - 2014-03-26 07:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-09-26 01:12 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-09-26 01:12 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-09-26 01:12 - 2014-03-26 07:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-09-26 01:12 - 2014-03-26 07:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-09-26 01:12 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-09-26 01:12 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-09-26 01:12 - 2013-11-26 18:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-09-26 01:12 - 2013-11-26 18:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-09-26 01:12 - 2013-11-26 18:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-09-26 01:12 - 2013-11-26 18:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-09-26 01:12 - 2013-11-26 18:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-09-26 01:12 - 2013-11-26 18:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-09-26 01:12 - 2013-10-03 19:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-09-26 01:12 - 2013-10-03 18:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-09-26 01:12 - 2013-06-05 22:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-09-26 01:12 - 2013-06-05 22:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-09-26 01:12 - 2013-06-05 22:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-09-26 01:12 - 2013-06-05 22:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-09-26 01:12 - 2013-06-05 21:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-09-26 01:12 - 2013-06-05 21:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-09-26 01:12 - 2013-06-05 21:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-09-26 01:12 - 2013-06-05 20:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-09-26 01:12 - 2013-06-05 20:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-09-26 01:12 - 2013-06-05 20:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-09-26 01:12 - 2011-03-10 23:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-09-26 01:12 - 2011-03-10 23:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-09-26 01:12 - 2011-03-10 22:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2014-09-26 01:12 - 2011-03-10 22:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2014-09-26 01:11 - 2013-07-25 02:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-09-26 01:11 - 2013-07-25 01:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-09-26 01:10 - 2014-09-26 01:10 - 00001347 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-09-26 01:10 - 2013-02-11 21:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-09-26 01:09 - 2014-05-29 23:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-09-26 01:09 - 2013-07-12 03:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-09-26 01:09 - 2013-07-02 21:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-09-26 01:09 - 2013-07-02 21:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-09-26 01:09 - 2013-06-25 15:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-09-26 01:09 - 2012-11-28 15:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-09-26 01:09 - 2012-11-28 15:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-09-26 01:09 - 2012-11-28 15:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-09-26 01:09 - 2012-04-25 22:41 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-09-26 01:09 - 2012-04-25 22:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-09-26 01:09 - 2012-04-25 22:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-09-26 01:08 - 2014-06-03 03:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-26 01:08 - 2014-06-03 03:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-26 01:08 - 2014-06-03 03:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-09-26 01:08 - 2014-06-03 03:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-09-26 01:08 - 2014-06-03 02:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-09-26 01:08 - 2014-06-03 02:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-26 01:08 - 2014-06-03 02:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-09-26 01:08 - 2013-02-26 22:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-09-26 01:08 - 2012-11-01 22:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-09-26 01:08 - 2012-11-01 22:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-09-26 01:08 - 2011-03-02 23:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-09-26 01:08 - 2011-03-02 23:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-09-26 01:08 - 2011-03-02 23:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-09-26 01:08 - 2011-03-02 22:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-09-26 01:08 - 2011-03-02 22:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2014-09-26 01:07 - 2014-03-04 02:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-09-26 01:07 - 2014-03-04 02:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-09-26 01:07 - 2014-03-04 02:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-09-26 01:07 - 2014-03-04 02:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-09-26 01:07 - 2014-03-04 02:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-09-26 01:07 - 2014-03-04 02:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-09-26 01:07 - 2014-03-04 02:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-09-26 01:07 - 2014-03-04 02:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-09-26 01:07 - 2014-03-04 02:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-09-26 01:07 - 2014-03-04 02:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-09-26 01:07 - 2014-03-04 02:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-09-26 01:07 - 2014-03-04 02:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-09-26 01:07 - 2014-03-04 02:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-09-26 01:07 - 2014-03-04 02:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-09-26 01:07 - 2014-03-04 02:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-09-26 01:07 - 2014-03-04 02:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-09-26 01:07 - 2014-03-04 02:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-09-26 01:07 - 2014-03-04 02:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-09-26 01:07 - 2014-03-04 02:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-09-26 01:07 - 2014-03-04 02:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-09-26 01:07 - 2013-08-01 19:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-09-26 01:07 - 2013-08-01 19:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-09-26 01:07 - 2013-08-01 18:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-09-26 01:07 - 2013-08-01 17:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-09-26 01:07 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-09-26 01:07 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-09-26 01:07 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-09-26 01:07 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-09-26 01:07 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-09-26 01:07 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-09-26 01:06 - 2014-09-26 01:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-09-26 01:06 - 2014-09-26 01:33 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-09-26 01:06 - 2014-09-26 01:10 - 00000000 ____D () C:\Users\Leeland\AppData\Local\NVIDIA Corporation
2014-09-26 01:06 - 2014-09-26 01:10 - 00000000 ____D () C:\Users\Leeland\AppData\Local\NVIDIA
2014-09-26 01:06 - 2014-09-26 01:06 - 00771962 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-26 01:06 - 2014-09-16 19:10 - 02799784 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-09-26 01:06 - 2014-09-16 19:10 - 02193560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-09-26 01:06 - 2014-09-16 19:10 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-09-26 01:06 - 2014-09-16 19:10 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-09-26 01:04 - 2014-06-15 19:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-26 01:04 - 2013-06-14 21:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-09-26 01:04 - 2013-04-09 23:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-09-26 01:04 - 2012-04-27 20:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-09-26 01:04 - 2012-03-17 00:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-09-26 01:04 - 2011-08-16 22:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-09-26 01:04 - 2011-08-16 22:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-09-26 01:04 - 2011-08-16 21:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-09-26 01:04 - 2011-08-16 21:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2014-09-26 01:04 - 2011-04-28 20:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-09-26 01:04 - 2011-04-28 20:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-09-26 01:04 - 2011-04-28 20:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-09-26 01:04 - 2011-02-03 04:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-09-26 01:03 - 2013-07-25 19:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-09-26 01:03 - 2013-07-25 18:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-09-26 01:03 - 2012-09-25 15:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-09-26 01:03 - 2012-09-25 15:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-09-26 01:03 - 2011-02-05 10:10 - 00642944 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-09-26 01:03 - 2011-02-05 10:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2014-09-26 01:03 - 2011-02-05 10:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2014-09-26 01:03 - 2011-02-05 10:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2014-09-26 01:03 - 2011-02-05 10:06 - 00605552 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-09-26 01:03 - 2011-02-05 10:06 - 00566208 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-09-26 01:03 - 2011-02-05 10:06 - 00518672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-09-26 01:02 - 2013-04-25 22:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-09-26 01:02 - 2013-04-25 21:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-09-26 01:02 - 2012-11-22 20:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-09-26 01:02 - 2011-05-24 04:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-09-26 01:02 - 2011-05-24 03:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2014-09-26 01:02 - 2011-05-24 03:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2014-09-26 01:02 - 2011-05-24 03:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2014-09-26 01:02 - 2011-05-24 03:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-09-26 01:01 - 2014-03-04 02:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-09-26 01:01 - 2014-03-04 02:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-09-26 01:01 - 2014-03-04 02:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-09-26 01:01 - 2014-03-04 02:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-09-26 01:01 - 2014-03-04 02:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-09-26 01:01 - 2014-03-04 02:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-09-26 01:01 - 2014-03-04 02:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-09-26 01:01 - 2014-03-04 02:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-09-26 01:01 - 2014-03-04 02:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-09-26 01:01 - 2014-03-04 01:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-09-26 01:01 - 2014-03-04 01:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-09-26 01:01 - 2013-08-01 19:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-09-26 01:01 - 2013-08-01 19:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 19:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 19:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 19:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 18:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 18:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-09-26 01:01 - 2013-08-01 17:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 17:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 17:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-09-26 01:01 - 2013-08-01 17:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-09-26 01:01 - 2013-07-20 03:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-09-26 01:01 - 2013-07-20 03:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-09-26 01:01 - 2012-07-04 15:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-09-26 01:01 - 2012-07-04 15:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-09-26 01:01 - 2012-07-04 15:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-09-26 01:01 - 2012-07-04 14:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-09-26 01:01 - 2012-07-04 14:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-09-26 01:01 - 2011-05-02 22:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-09-26 01:01 - 2011-05-02 21:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-09-26 01:01 - 2011-02-12 04:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-09-26 01:00 - 2014-07-06 19:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-26 01:00 - 2014-07-06 19:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-26 01:00 - 2014-07-06 18:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-26 01:00 - 2014-07-06 18:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-26 01:00 - 2014-07-06 18:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-26 01:00 - 2014-04-11 19:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-09-26 01:00 - 2014-04-11 19:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-09-26 01:00 - 2014-04-11 19:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-09-26 01:00 - 2014-04-11 19:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-09-26 01:00 - 2014-04-11 19:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-09-26 01:00 - 2014-04-11 19:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-09-26 01:00 - 2014-03-04 02:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-09-26 01:00 - 2014-03-04 02:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-09-26 01:00 - 2014-03-04 02:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-09-26 01:00 - 2014-03-04 02:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-09-26 01:00 - 2014-03-04 02:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-09-26 01:00 - 2014-03-04 02:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-09-26 01:00 - 2014-03-04 02:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-09-26 01:00 - 2014-03-04 02:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-09-26 01:00 - 2014-03-04 02:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-09-26 01:00 - 2014-03-04 02:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-09-26 01:00 - 2013-10-11 19:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-09-26 01:00 - 2013-10-11 19:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-09-26 01:00 - 2013-10-11 19:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-09-26 01:00 - 2013-10-11 19:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-09-26 01:00 - 2013-10-11 18:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-09-26 01:00 - 2013-10-11 18:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-09-26 01:00 - 2013-10-11 18:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-09-26 01:00 - 2013-10-11 18:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-09-26 01:00 - 2013-09-24 19:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-09-26 01:00 - 2013-09-24 18:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-09-26 01:00 - 2013-07-04 05:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-09-26 01:00 - 2013-05-12 22:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-09-26 01:00 - 2013-05-12 20:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-09-26 01:00 - 2013-05-12 20:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-09-26 01:00 - 2013-05-12 20:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-09-26 00:59 - 2014-09-26 00:59 - 00000000 ____D () C:\ProgramData\Riot Games
2014-09-26 00:59 - 2014-08-22 19:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-26 00:59 - 2014-08-22 18:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-09-26 00:59 - 2014-08-22 17:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-26 00:59 - 2012-05-13 22:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-09-26 00:59 - 2011-08-26 22:37 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-09-26 00:59 - 2011-08-26 22:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-09-26 00:59 - 2011-08-26 21:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-09-26 00:59 - 2011-08-26 21:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-09-26 00:59 - 2011-02-22 21:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-09-26 00:58 - 2014-07-13 19:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-09-26 00:58 - 2014-07-13 18:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-09-26 00:58 - 2013-10-11 19:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-09-26 00:58 - 2013-10-11 19:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-09-26 00:58 - 2013-10-11 19:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-09-26 00:58 - 2013-10-11 19:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-09-26 00:58 - 2013-10-11 19:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-09-26 00:58 - 2012-06-05 23:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-09-26 00:58 - 2012-06-05 22:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2014-09-26 00:58 - 2012-02-16 23:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-09-26 00:58 - 2012-02-16 22:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-09-26 00:58 - 2012-02-16 21:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-09-26 00:58 - 2011-10-14 23:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-09-26 00:58 - 2011-10-14 22:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-09-26 00:48 - 2011-11-19 07:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-09-26 00:48 - 2011-11-19 07:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-09-26 00:48 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-09-26 00:48 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-09-26 00:48 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-09-26 00:48 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-09-26 00:48 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-09-26 00:47 - 2014-09-04 12:14 - 00038048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-09-26 00:47 - 2014-09-04 12:14 - 00034976 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-09-26 00:47 - 2014-09-04 12:14 - 00032416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-09-26 00:46 - 2014-09-26 00:47 - 31646288 _____ (NVIDIA Corporation) C:\Users\Leeland\Downloads\GeForce_Experience_v2.1.2.0.exe
2014-09-26 00:46 - 2014-09-26 00:46 - 00001613 _____ () C:\Users\Public\Desktop\League of Legends.lnk
2014-09-26 00:46 - 2014-09-26 00:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-09-26 00:42 - 2014-09-26 00:43 - 27864920 _____ (Riot Games) C:\Users\Leeland\Downloads\LeagueofLegends_NA_Installer_9_15_2014.exe
2014-09-26 00:07 - 2014-09-26 01:33 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-09-26 00:07 - 2014-09-26 01:32 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-09-25 23:57 - 2014-09-25 23:57 - 00000000 __SHD () C:\Users\Leeland\AppData\Local\EmieUserList
2014-09-25 23:57 - 2014-09-25 23:57 - 00000000 __SHD () C:\Users\Leeland\AppData\Local\EmieSiteList
2014-09-25 23:45 - 2014-09-26 00:58 - 00000000 ____D () C:\Users\Leeland\AppData\Roaming\Riot Games
2014-09-25 23:42 - 2014-09-25 23:42 - 00000000 ____D () C:\Users\Leeland\AppData\Roaming\Adobe
2014-09-25 19:08 - 2014-09-25 18:30 - 00000000 ____D () C:\Windows\Panther
2014-09-25 18:57 - 2014-09-26 03:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-25 18:56 - 2014-09-25 18:56 - 00000000 ____D () C:\Windows.old.000
2014-09-25 18:41 - 2014-09-26 00:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-25 18:41 - 2014-09-25 18:41 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-25 18:37 - 2014-10-01 11:42 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-25 18:37 - 2014-09-30 18:42 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-25 18:37 - 2014-09-25 18:41 - 00000000 ____D () C:\Users\Leeland\AppData\Local\Google
2014-09-25 18:37 - 2014-09-25 18:41 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-25 18:37 - 2014-09-25 18:37 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-25 18:37 - 2014-09-25 18:37 - 00003644 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-25 18:36 - 2014-09-25 18:37 - 00000000 ____D () C:\Users\Leeland\AppData\Local\Deployment
2014-09-25 18:36 - 2014-09-25 18:36 - 00057560 _____ () C:\Users\Leeland\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-25 18:36 - 2014-09-25 18:36 - 00000000 ____D () C:\Users\Leeland\AppData\Local\Apps\2.0
2014-09-25 18:31 - 2014-09-26 10:06 - 00001413 _____ () C:\Users\Leeland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-25 18:31 - 2014-09-25 18:31 - 00000000 ____D () C:\Users\Leeland\AppData\Local\VirtualStore
2014-09-25 18:31 - 2014-05-14 09:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-25 18:31 - 2014-05-14 09:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-25 18:31 - 2014-05-14 09:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-25 18:31 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-25 18:31 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-09-25 18:31 - 2014-05-14 09:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-25 18:31 - 2014-05-14 09:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-25 18:31 - 2014-05-14 09:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-25 18:31 - 2014-05-14 09:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-09-25 18:31 - 2014-05-14 09:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-25 18:31 - 2014-05-14 09:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-25 18:31 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-09-25 18:31 - 2014-05-14 09:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-25 18:31 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-09-25 18:30 - 2014-09-26 00:41 - 00000000 ____D () C:\Users\Leeland
2014-09-25 18:30 - 2014-09-26 00:39 - 00000000 ___RD () C:\Users\Leeland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-25 18:30 - 2014-09-26 00:39 - 00000000 ___RD () C:\Users\Leeland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-25 18:30 - 2014-09-25 18:30 - 00000020 ___SH () C:\Users\Leeland\ntuser.ini
2014-09-25 18:30 - 2014-09-25 18:30 - 00000000 __SHD () C:\Recovery
2014-09-25 18:22 - 2014-09-25 18:22 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-09-25 18:22 - 2014-09-25 18:22 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-09-25 18:22 - 2014-09-25 18:22 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-09-25 18:21 - 2014-09-30 18:22 - 01882216 _____ () C:\Windows\WindowsUpdate.log
2014-09-25 18:19 - 2014-09-25 18:19 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-09-25 03:38 - 2014-09-26 09:24 - 00000000 ____D () C:\Windows.old
2014-09-25 03:28 - 2014-09-25 03:00 - 00000000 ___HD () C:\$SysReset
2014-09-24 23:54 - 2014-10-01 11:53 - 00000000 ____D () C:\AdwCleaner
2014-09-13 01:48 - 2014-09-26 00:38 - 00000000 ____D () C:\Riot Games
2014-09-10 22:18 - 2014-09-22 08:10 - 00000000 _____ () C:\Recovery.txt
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-01 12:07 - 2009-07-13 21:45 - 00020864 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-01 12:07 - 2009-07-13 21:45 - 00020864 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-26 13:15 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-09-26 10:11 - 2009-07-13 22:13 - 00778150 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-26 10:05 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-26 10:05 - 2009-07-13 21:51 - 00024329 _____ () C:\Windows\setupact.log
2014-09-26 08:54 - 2009-07-13 21:45 - 00265552 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-26 08:51 - 2010-11-21 00:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-26 08:51 - 2009-07-13 22:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-09-26 08:51 - 2009-07-13 22:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-09-26 08:51 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-09-26 08:51 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-09-26 08:51 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-09-26 08:51 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-09-26 08:51 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-26 08:51 - 2009-07-13 20:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-09-26 01:32 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\Help
2014-09-26 00:39 - 2010-11-21 00:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-09-26 00:39 - 2009-07-13 22:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-26 00:39 - 2009-07-13 22:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2014-09-26 00:39 - 2009-07-13 20:20 - 00000000 __RSD () C:\Windows\Media
2014-09-26 00:39 - 2009-07-13 20:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-09-26 00:39 - 2009-07-13 20:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-26 00:39 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\AppCompat
2014-09-26 00:38 - 2009-07-13 20:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-26 00:38 - 2009-07-13 20:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-09-26 00:37 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\registration
2014-09-25 19:08 - 2009-07-13 22:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-09-25 19:08 - 2009-07-13 22:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-09-25 18:30 - 2010-11-20 19:50 - 00000000 ____D () C:\Users\Administrator
2014-09-25 18:30 - 2009-07-13 22:32 - 00000000 ____D () C:\Windows\system32\restore
2014-09-25 18:30 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\Recovery
2014-09-25 18:22 - 2009-07-13 21:46 - 00002790 _____ () C:\Windows\DtcInstall.log
2014-09-25 18:22 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\sysprep
 
Some content of TEMP:
====================
C:\Users\Leeland\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-26 13:08
 
==================== End Of Log ============================
 
ADDITION
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-10-2014
Ran by Leeland at 2014-10-01 12:16:43
Running from C:\Users\Leeland\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.225 - SurfRight B.V.)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.11 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.11 - NVIDIA Corporation)
NVIDIA Control Panel 344.11 (Version: 344.11 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA GeForce Experience Service (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.11 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.162.1274 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 2.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.14.0702 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA ShadowPlay 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.25 (Version: 1.2.25 - NVIDIA Corporation) Hidden
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
26-09-2014 07:24:09 Installed Microsoft Visual C++ 2005 Redistributable (x64)
26-09-2014 07:31:39 Restore Operation
26-09-2014 07:43:39 Installed Microsoft Visual C++ 2005 Redistributable (x64)
26-09-2014 07:45:02 Installed Microsoft Visual C++ 2005 Redistributable
26-09-2014 07:46:07 Installed League of Legends
26-09-2014 07:46:33 Installed DirectX
26-09-2014 07:58:25 Windows Update
26-09-2014 08:06:53 Installed DirectX
26-09-2014 10:00:31 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {716FD626-9275-444B-97A0-19E1EBD18A70} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-25] (Google Inc.)
Task: {9AADA1C0-598D-43F5-8B16-FDADDB160C6F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-25] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-09-26 01:32 - 2014-09-13 14:53 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-10-01 11:51 - 2014-10-01 11:51 - 01375089 _____ () C:\Users\Leeland\Downloads\adwcleaner_3.311.exe
2014-09-25 18:41 - 2014-09-22 21:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-25 18:41 - 2014-09-22 21:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-25 18:41 - 2014-09-22 21:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-25 18:41 - 2014-09-22 21:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-25 18:41 - 2014-09-22 21:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
2014-09-25 18:41 - 2014-09-22 21:07 - 14891848 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-2519091941-3575047517-877853365-500 - Administrator - Disabled)
Guest (S-1-5-21-2519091941-3575047517-877853365-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2519091941-3575047517-877853365-1002 - Limited - Enabled)
Leeland (S-1-5-21-2519091941-3575047517-877853365-1001 - Administrator - Enabled) => C:\Users\Leeland
 
==================== Faulty Device Manager Devices =============
 
Name: Network Controller
Description: Network Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/01/2014 11:39:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x910
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (09/26/2014 10:12:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0xb08
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (09/26/2014 09:17:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0xf84
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (09/26/2014 01:13:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0xa54
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (09/26/2014 00:02:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x1d8
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (09/26/2014 11:03:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x13ac
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (09/26/2014 10:06:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/26/2014 10:06:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x8f0
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (09/26/2014 09:17:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x3c4
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (09/26/2014 09:12:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x448
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
 
System errors:
=============
Error: (10/01/2014 11:23:03 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Windows\System32\drivers\TrueSight.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (09/26/2014 10:27:21 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Windows\System32\drivers\TrueSight.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (09/26/2014 10:05:36 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (09/26/2014 10:00:36 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (09/26/2014 10:00:36 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (09/26/2014 10:00:36 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (09/26/2014 09:58:30 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (09/26/2014 09:58:30 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (09/26/2014 09:58:30 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (09/26/2014 09:53:30 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office Sessions:
=========================
Error: (10/01/2014 11:39:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd91001cfdda6ff6ec966C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll41a590f3-499a-11e4-b49e-1078d295feed
 
Error: (09/26/2014 10:12:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdb0801cfda11911ed9b5C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dlld1d22fe6-4604-11e4-b49e-1078d295feed
 
Error: (09/26/2014 09:17:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdf8401cfda09e785c714C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll2755e5e2-45fd-11e4-b49e-1078d295feed
 
Error: (09/26/2014 01:13:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fda5401cfd9c664979f08C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dlla45b6197-45b9-11e4-b49e-1078d295feed
 
Error: (09/26/2014 00:02:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd1d801cfd9bc63f64576C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dlla3c13410-45af-11e4-b49e-1078d295feed
 
Error: (09/26/2014 11:03:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd13ac01cfd9b434dc9778C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll741974ce-45a7-11e4-b49e-1078d295feed
 
Error: (09/26/2014 10:06:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/26/2014 10:06:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd8f001cfd9ac17f3062bC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll7f20d79a-459f-11e4-b49e-1078d295feed
 
Error: (09/26/2014 09:17:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd3c401cfd9a549400bd7C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll91f07b9a-4598-11e4-b0be-1078d295feed
 
Error: (09/26/2014 09:12:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd44801cfd9a4a13428fdC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dlle9c06e69-4597-11e4-b0be-1078d295feed
 
 
==================== Memory info =========================== 
 
Processor: AMD Athlon™ II X2 255 Processor
Percentage of memory in use: 28%
Total physical RAM: 8190.05 MB
Available physical RAM: 5841.23 MB
Total Pagefile: 16378.28 MB
Available Pagefile: 13962.91 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:465.42 GB) (Free:391.8 GB) NTFS
Drive e: () (Removable) (Total:3.74 GB) (Free:3.13 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: FB372026)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.4 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================


#10 nasdaq

nasdaq

  • Malware Response Team
  • 39,578 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:15 PM

Posted 02 October 2014 - 07:30 AM

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.

start
() C:\Users\Leeland\Downloads\adwcleaner_3.311.exe
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [34808 2014-10-01] ()
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.

===

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.

If the site is busy or not available use this mirror site:
http://www.bleepingcomputer.com/download/securitycheck/

How is the computer running now?

#11 Leeland

Leeland
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:15 PM

Posted 02 October 2014 - 12:23 PM

Before I do this- I have some questions. Will I be able to restart without safe mode?

 

Also when I look for FRST I find it under 'localcomputer' but it is its own folder- it's located IN a folder. I saved it IN the FRST folder. Is that incorrect?



#12 nasdaq

nasdaq

  • Malware Response Team
  • 39,578 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:15 PM

Posted 02 October 2014 - 12:41 PM

Your FRST logs shows that you are running the toold from the

C:\Users\Leeland\Downloads folder. Place the fixlist.txt in that folder and run FRST there there.

The other FRST folder should be empty. You can delete it.
===

Before I do this- I have some questions. Will I be able to restart without safe mode?


Can you restart the computer in normal mode?

#13 nasdaq

nasdaq

  • Malware Response Team
  • 39,578 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:15 PM

Posted 08 October 2014 - 08:50 AM

Are you still with me?

#14 Leeland

Leeland
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:15 PM

Posted 11 October 2014 - 01:51 PM

I placed the file in the download folder as instructed- but there was no fixitlog to collect. Tell me the proper place to put the file.

 

I was very happy that my computer restarted with no hiccups- only time will tell if it was luck.

 

Also something else I have noticed- whenever I try to install programs like Open Office- I get Internal Error 1359, I cannot find a fix for this.



#15 nasdaq

nasdaq

  • Malware Response Team
  • 39,578 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:15 PM

Posted 12 October 2014 - 07:54 AM

I placed the file in the download folder as instructed- but there was no fixitlog to collect. Tell me the proper place to put the file.

I was very happy that my computer restarted with no hiccups- only time will tell if it was luck

Forget about it.
===
 

Also something else I have noticed- whenever I try to install programs like Open Office- I get Internal Error 1359,


Fix these registry entries.


Following steps involve registry editing. Please create new restore point before proceeding!!!
How to:
XP - http://support.microsoft.com/kb/948247
Vista and Seven - http://windows.microsoft.com/en-gb/windows7/create-a-restore-point
Windows 8 - http://www.eightforums.com/tutorials/4690-restore-point-create-windows-8-a.html

Download this program to your desktop.
Tweaking.com - Windows Repair
http://www.bleepingcomputer.com/download/windows-repair-all-in-one-portable/


Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark the following options only.

01 - Reset Registry Permissions
02 - Reset File Permissions
03 - Reset Service permissions
05 - Repair WMI
06 - Repair Windows Firewall
10 - Remove Policies Set By Infections
21 - Repair MSI (Windows Installer)
26 - Restore Important Windows Services
27 - Set Windows Services to Default Startup
  • Checkmark Restart System When Finished option
  • click the Start button
  • System should restart after repair
p..s
If you get to install Open Office beware that it will installed some PUP (Potentially Unwanted Program) installed without your consent.

I suggest you run the AdwCleaner tool when the installation is completed.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users