Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware/Virus SJSTNY/Java/Various others


  • This topic is locked This topic is locked
27 replies to this topic

#1 thepokey

thepokey

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:09:37 PM

Posted 13 October 2014 - 03:53 AM

Hi Guys,

 

Firstly I apologise for no DDS log, when I downloaded the DDS link via the preparation guide and try to run it I get a message saying "DDS is not meant to run in 'Compatibility Mode' the program shall now exit" ... so I'm not sure what that is or why it won't run but I'm happy to supply a DDS log if I can get some direction on how to get around that?

 

I should point out first I am pretty crap with computers, so I would really appreciate any help be done step by step as if talking to an idiot haha

 

As for the problem itself it just seemed to come up from nowhere. Whenever I go to various sites I get pop-up box messages generally trying to tell me that something is wrong with my PC and an automatic redirection happens.There doesn't seem to be any sort of pattern as to what sets it off. Sometimes I'll go to the local news paper website and it'll be fine, other times a box will pop-up. As for what the actual pop-up boxes say, there seems to be a variety of them with small variations such as:

 

CrRUnDp.jpg

and

JN70uJG.jpg

 

The sjstny one is common but the numbers in front of it (el96) often change. Other ones include telling me that certain software like Java is out of date, but then instead redirects to sites like:

 

411GBg3.jpg

 

Which is definitely not legit since the website is nothing to do with google or java but is instead: http://www.bwikrnwk56.com/

 

So that's just the basic idea of what the issue is. As far as what I have done so far:

 

I've googled various fixes for it but none of the steps seem to really match anything I can do/find. For example, they say to go into chrome settings and delete extensions and have screenshots of what you should see when you go there, but when i do that there is nothing listed in the extensions at all. Likewise they say to start off by going into control panel and/or task manager and deleting certain files or stop certain programs running, but there doesn't seem to be any sort of variation of the files/programs they are telling me to delete which is in my add/remove program or task manager. 

I have downloaded various any virus/malware programs (full version of malwarebytes, trial version of cloud system booster and CCleaner) all of which find things when I run them but after doing a clean out nothing seems to change. In short, I don't really know what exactly I am looking for on my computer to delete and any guides I find tell me to delete things which just aren't present where they say they should be on my PC.

 

I *really* want to avoid having to do a whole format because I'm just about to hit the crazy period of uni with major assignments and exams and need my PC and can't really afford the time of getting everything back properly working after a format (I probably will do this at the end of the year though), but as it is right now the internet is just a hassle to use. So I'm hoping there is something else I can do? 

 

Again sorry I couldn't provide a DDS log, but as I say, if someone can let me know how to get around that problem with it then I definitely will. I hope what I've supplied is enough info for people to know what virus this is. Happy to give more info if I can.  Really appreciate some help guys, thank you! :)



BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:37 AM

Posted 13 October 2014 - 08:14 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

  • Important: To help me reviewing your logs, please post them in code boxes. You can create them by clicking on the <>-symbol on top of the reply window.

 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
  
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 
 
Scan with Gmer rootkit scanner

Please download Gmer from here by clicking on the "Download EXE" Button.
  • Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Show All ( should be unchecked by default )
  • Leave everything else as it is.
  • Close all other running programs as well as your Browser.
  • Click the Scan button & wait for it to finish.
  • Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop.
  • Please post the content of the ark.txt here.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop
  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please attach this file to your next reply.
 


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 thepokey

thepokey
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:09:37 PM

Posted 13 October 2014 - 09:18 AM

Thanks so much for helping me TB-Psychotic! 

 

I hope this is what you wanted, the logs are long but I'll post them as follows. Only thing is, with the TDSS scan, I can't find where it created the log file anywhere on my PC. It does say that nothing malicious was found though. So what I have done is just copied and pasted the contents of the report of scan, which I assume is just what the log would have anyways?



#4 thepokey

thepokey
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:09:37 PM

Posted 13 October 2014 - 09:21 AM

FRST.txt 



Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-10-2014 02
Ran by E (administrator) on TUCKERBOX on 14-10-2014 00:43:16
Running from C:\Users\E\Downloads
Loaded Profile: E (Available profiles: E & UpdatusUser & DefaultAppPool)
Platform: Windows 8.1 Pro (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Lavasoft Limited) C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(GFI Software) C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Dropbox, Inc.) C:\Users\E\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Applian Technologies, Inc.) C:\Program Files (x86)\Freecorder\FLVSrvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(BitTorrent Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-29] (Nullsoft, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [554408 2013-05-16] (Lavasoft)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Freecorder FLV Service] => C:\Program Files (x86)\Freecorder\FLVSrvc.exe [167936 2011-03-24] (Applian Technologies, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-3017090963-2871392586-185075185-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1938112 2014-09-23] (Valve Corporation)
HKU\S-1-5-21-3017090963-2871392586-185075185-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272624 2013-02-06] (Microsoft Corporation)
HKU\S-1-5-21-3017090963-2871392586-185075185-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3017090963-2871392586-185075185-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3017090963-2871392586-185075185-1001\...\Run: [CloudSystemBooster] => C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe [527544 2014-08-20] (Anvisoft)
HKU\S-1-5-21-3017090963-2871392586-185075185-1001\...\Policies\Explorer: [NoInstrumentation] 0
Startup: C:\Users\E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\E\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ninemsn.com.au/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46FC80FBE84FCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-AU,en-GB;q=0.7,en;q=0.3
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://qtinstall.apple.com/qtactivex/qtplugin.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks:  - {AEB6717E-7E19-11d0-97EE-00C04FD91972} -  No File [ ]
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\E\AppData\Roaming\Mozilla\Firefox\Profiles\be6db0x5.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [hotfix@mozilla.org] - C:\Users\E\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix
FF Extension: Mozilla hotfix - C:\Users\E\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix [2013-09-01]
FF HKCU\...\Firefox\Extensions: [hotfix@mozilla.org] - C:\Users\E\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe

Chrome: 
=======
CHR Profile: C:\Users\E\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Ad-Aware Service; C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [1236336 2013-06-13] (Lavasoft Limited)
R2 AnviCsbSvc; C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe [42680 2014-08-20] (Anvisoft)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
S3 DAUpdaterSvc; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2013-12-13] (BioWare)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-09-25] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S2 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-09-25] (Microsoft Corporation)
R2 SBAMSvc; C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [3677000 2012-09-20] (GFI Software)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-10-13] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [546304 2014-10-13] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-09-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-09-25] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-06-26] (GFI Software)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-13] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-12] (CACE Technologies, Inc.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-09-25] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-09-25] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-14 00:43 - 2014-10-14 00:43 - 00017961 _____ () C:\Users\E\Downloads\FRST.txt
2014-10-14 00:43 - 2014-10-14 00:43 - 00000000 ____D () C:\FRST
2014-10-14 00:41 - 2014-10-14 00:41 - 02110464 _____ (Farbar) C:\Users\E\Downloads\FRST64.exe
2014-10-13 19:34 - 2014-10-13 19:34 - 00688992 _____ (Swearware) C:\Users\E\Downloads\dds.com
2014-10-13 17:07 - 2014-10-13 17:07 - 00000000 ___HD () C:\OneDriveTemp
2014-10-13 17:07 - 2014-10-13 17:07 - 00000000 ____D () C:\Users\E\OneDrive
2014-10-13 17:04 - 2014-10-13 17:04 - 00001442 _____ () C:\Users\E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-13 17:04 - 2014-10-13 17:04 - 00000020 ___SH () C:\Users\E\ntuser.ini
2014-10-13 14:35 - 2014-10-14 00:00 - 00000000 ___DC () C:\WINDOWS\Panther
2014-10-13 14:34 - 2014-10-13 14:34 - 00000000 ____D () C:\Windows.old
2014-10-13 14:31 - 2014-10-13 14:31 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-10-13 14:29 - 2014-10-13 14:29 - 00000000 ____D () C:\WINDOWS\SysWOW64\BestPractices
2014-10-13 14:29 - 2014-10-13 14:29 - 00000000 ____D () C:\WINDOWS\system32\BestPractices
2014-10-13 14:29 - 2014-10-13 14:29 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-10-13 14:29 - 2014-10-13 14:29 - 00000000 ____D () C:\Program Files\MSBuild
2014-10-13 14:29 - 2014-10-13 14:29 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-10-13 14:29 - 2014-10-13 03:55 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-10-13 14:29 - 2014-10-13 03:49 - 00000000 ____D () C:\inetpub
2014-10-13 14:29 - 2013-08-03 15:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-10-13 14:29 - 2013-08-03 15:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-10-13 14:29 - 2013-08-03 15:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-10-13 14:28 - 2013-08-03 15:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-10-13 14:28 - 2013-08-03 15:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-10-13 14:28 - 2013-08-03 15:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-10-13 04:07 - 2014-10-13 04:07 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-10-13 03:51 - 2014-10-13 03:51 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-10-13 03:51 - 2014-10-13 03:51 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-10-13 03:51 - 2014-10-13 03:51 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-10-13 03:46 - 2014-10-13 03:46 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-10-13 03:45 - 2014-10-13 17:07 - 00000000 ____D () C:\Users\E
2014-10-13 03:45 - 2014-10-13 04:02 - 00000000 ____D () C:\Users\DefaultAppPool
2014-10-13 03:45 - 2014-10-13 03:46 - 00000000 ___RD () C:\Users\E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-13 03:45 - 2014-10-13 03:46 - 00000000 ___RD () C:\Users\E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-13 03:45 - 2014-10-13 03:45 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-13 03:45 - 2014-10-13 03:45 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-13 03:45 - 2014-10-13 03:45 - 00000000 ___RD () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-13 03:45 - 2014-10-13 03:45 - 00000000 ___RD () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-13 03:45 - 2014-09-25 03:30 - 00000369 _____ () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-10-13 03:45 - 2014-09-25 03:30 - 00000369 _____ () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-10-13 03:45 - 2014-09-25 03:30 - 00000369 _____ () C:\Users\E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-10-13 03:45 - 2014-09-25 03:30 - 00000369 _____ () C:\Users\E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-10-13 03:45 - 2014-09-25 03:30 - 00000369 _____ () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-10-13 03:45 - 2014-09-25 03:30 - 00000369 _____ () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-10-13 03:45 - 2013-08-23 02:36 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-13 03:45 - 2013-08-23 02:36 - 00000000 ___RD () C:\Users\E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-13 03:45 - 2013-08-23 02:36 - 00000000 ___RD () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-13 03:45 - 2013-08-23 02:36 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-13 03:45 - 2013-08-23 02:36 - 00000000 ____D () C:\Users\E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-13 03:45 - 2013-08-23 02:36 - 00000000 ____D () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-13 03:44 - 2014-10-13 04:07 - 00040008 _____ () C:\WINDOWS\diagwrn.xml
2014-10-13 03:44 - 2014-10-13 04:07 - 00040008 _____ () C:\WINDOWS\diagerr.xml
2014-10-13 03:42 - 2014-10-13 03:46 - 00027489 _____ () C:\WINDOWS\iis.log
2014-10-13 03:42 - 2014-10-13 03:42 - 00958256 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-10-13 03:39 - 2014-10-13 21:29 - 00220679 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-13 03:39 - 2014-10-13 03:58 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-13 03:39 - 2014-10-13 03:50 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-10-13 03:39 - 2014-10-13 03:49 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-10-13 03:39 - 2014-10-13 03:39 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-10-13 03:39 - 2014-07-03 05:55 - 06783776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-10-13 03:39 - 2014-07-03 05:55 - 03522392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-10-13 03:39 - 2014-07-03 05:55 - 02559960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-10-13 03:39 - 2014-07-03 05:55 - 00935368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-10-13 03:39 - 2014-07-03 05:55 - 00386520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-10-13 03:39 - 2014-07-03 05:55 - 00062808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-10-13 03:39 - 2014-07-02 21:14 - 03826628 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-10-13 03:38 - 2014-10-13 03:38 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-10-13 03:01 - 2014-10-13 04:07 - 00006486 _____ () C:\WINDOWS\comsetup.log
2014-10-12 23:28 - 2014-10-13 03:21 - 00165002 _____ () C:\WINDOWS\WindowsUpdate (1).log
2014-10-12 21:09 - 2014-10-12 21:09 - 00000222 _____ () C:\Users\E\Desktop\Middle-earth Shadow of Mordor.url
2014-10-10 02:53 - 2014-10-10 02:53 - 00000000 ____D () C:\Users\E\AppData\Local\Anvisoft
2014-10-10 02:05 - 2014-10-13 03:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
2014-10-10 02:05 - 2014-10-10 02:05 - 16513448 _____ (Anvisoft) C:\Users\E\Downloads\csbsetup (1).exe
2014-10-10 02:05 - 2014-10-10 02:05 - 00001272 _____ () C:\Users\Public\Desktop\Cloud System Booster.lnk
2014-10-02 05:17 - 2014-10-13 03:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPUB File Reader
2014-10-02 05:17 - 2014-10-02 05:17 - 00001093 _____ () C:\Users\Public\Desktop\EPUB File Reader.lnk
2014-10-02 05:17 - 2014-10-02 05:17 - 00000000 ____D () C:\Program Files (x86)\EPUB File Reader
2014-10-02 05:16 - 2014-10-02 05:16 - 01533901 _____ ( ) C:\Users\E\Downloads\epubfilereader_setup.exe
2014-09-29 03:47 - 2014-09-29 03:47 - 00000000 ____D () C:\Users\E\Documents\My EndNote Library.Data
2014-09-29 03:47 - 2014-09-29 03:47 - 00000000 _____ () C:\Users\E\Documents\My EndNote Library.enl
2014-09-29 03:46 - 2014-10-13 03:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EndNote
2014-09-29 03:46 - 2014-09-29 03:50 - 00000000 ____D () C:\Users\E\AppData\Roaming\EndNote
2014-09-29 03:46 - 2014-09-29 03:46 - 00000000 ____D () C:\Users\Public\Documents\EndNote
2014-09-29 03:45 - 2014-09-29 03:46 - 00000000 ____D () C:\ProgramData\Thomson.ResearchSoft.Installers
2014-09-29 03:45 - 2014-09-29 03:46 - 00000000 ____D () C:\Program Files (x86)\EndNote X7
2014-09-29 03:42 - 2014-09-29 03:42 - 00000000 ____D () C:\Users\E\Downloads\EndNote X7 v17.0.1.7212 Incl Crack-EAT- [MUMBAI]
2014-09-29 03:18 - 2014-09-29 03:23 - 89395496 _____ () C:\Users\E\Downloads\ENX7Inst.exe
2014-09-29 02:02 - 2014-10-13 03:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-29 02:02 - 2014-09-29 02:02 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-09-29 02:02 - 2014-09-29 02:02 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-09-29 02:02 - 2014-09-29 02:02 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-09-29 02:02 - 2014-09-29 02:02 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-09-29 02:00 - 2014-09-29 02:00 - 00918440 _____ (Oracle Corporation) C:\Users\E\Downloads\chromeinstall-7u67.exe
2014-09-29 02:00 - 2014-09-29 02:00 - 00001766 _____ () C:\Users\E\Downloads\Inquisit (1).jnlp
2014-09-25 07:40 - 2014-10-13 02:57 - 00000000 ___HD () C:\$Windows.~BT
2014-09-25 06:04 - 2014-09-25 05:37 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-09-25 06:04 - 2014-09-25 05:37 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-25 05:59 - 2014-09-25 05:59 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-09-25 05:59 - 2014-09-25 05:59 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Embedded Lockdown Manager
2014-09-25 05:59 - 2014-09-25 05:59 - 00000000 ____D () C:\Program Files\Embedded Lockdown Manager
2014-09-25 05:55 - 2014-09-25 05:55 - 00146559 _____ () C:\WINDOWS\system32\EmbeddedLockdown.msc
2014-09-25 05:53 - 2014-09-25 05:53 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-09-25 05:53 - 2014-09-25 05:53 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-09-25 05:53 - 2014-09-25 05:53 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-09-25 05:50 - 2014-09-25 05:50 - 02374816 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-09-25 05:50 - 2014-09-25 05:50 - 02088648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-09-25 05:46 - 2014-09-25 05:46 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-09-25 05:46 - 2014-09-25 05:46 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-09-25 05:46 - 2014-09-25 05:46 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-09-25 05:46 - 2014-09-25 05:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-09-25 05:46 - 2014-09-25 05:46 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-09-25 05:43 - 2014-09-25 05:43 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-09-25 05:43 - 2014-09-25 05:43 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-09-25 05:40 - 2014-09-25 05:40 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-09-25 05:40 - 2014-09-25 05:40 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-09-25 05:40 - 2014-09-25 05:40 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-09-25 05:24 - 2014-09-25 05:24 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-09-25 05:24 - 2014-09-25 05:24 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-09-25 05:18 - 2014-09-25 05:18 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-09-25 05:18 - 2014-09-25 05:18 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-09-25 05:18 - 2014-09-25 05:18 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-09-25 05:15 - 2014-09-25 05:15 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-09-25 05:15 - 2014-09-25 05:15 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-09-25 05:15 - 2014-09-25 05:15 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-09-25 05:12 - 2014-09-25 05:12 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\lockscreencn.dll
2014-09-25 05:07 - 2014-09-25 05:07 - 00373080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-09-25 04:54 - 2014-09-25 04:54 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-09-25 04:54 - 2014-09-25 04:54 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-09-25 04:54 - 2014-09-25 04:54 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-09-25 04:54 - 2014-09-25 04:54 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-09-25 04:54 - 2014-09-25 04:54 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-09-25 04:54 - 2014-09-25 04:54 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-09-25 04:48 - 2014-09-25 04:48 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-09-25 04:48 - 2014-09-25 04:48 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-09-25 04:48 - 2014-09-25 04:48 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-09-25 04:45 - 2014-09-25 04:45 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-09-25 04:45 - 2014-09-25 04:45 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-09-25 04:45 - 2014-09-25 04:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-09-25 04:45 - 2014-09-25 04:45 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-09-25 04:45 - 2014-09-25 04:45 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-09-25 04:45 - 2014-09-25 04:45 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-09-25 04:45 - 2014-09-25 04:45 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-09-25 04:45 - 2014-09-25 04:45 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-09-25 04:40 - 2014-09-25 04:40 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-09-25 04:35 - 2014-09-25 04:35 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-09-25 04:26 - 2014-09-25 04:26 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-09-25 04:26 - 2014-09-25 04:26 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-09-25 04:26 - 2014-09-25 04:26 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-09-25 04:26 - 2014-09-25 04:26 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-09-25 04:26 - 2014-09-25 04:26 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-09-25 04:26 - 2014-09-25 04:26 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-09-25 04:26 - 2014-09-25 04:26 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-09-25 04:23 - 2014-09-25 04:23 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-09-25 04:23 - 2014-09-25 04:23 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-09-25 04:23 - 2014-09-25 04:23 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-09-25 04:23 - 2014-09-25 04:23 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-09-25 04:23 - 2014-09-25 04:23 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-09-25 04:23 - 2014-09-25 04:23 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-09-25 04:23 - 2014-09-25 04:23 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-09-25 04:23 - 2014-09-25 04:23 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00275800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-09-25 04:23 - 2014-09-25 04:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-09-25 04:23 - 2014-09-25 04:23 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-09-25 04:23 - 2014-09-25 04:23 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscfgwmi.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xusb22.sys
2014-09-25 04:23 - 2014-09-25 04:23 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-09-25 04:23 - 2014-09-25 04:23 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-09-25 04:19 - 2014-09-25 04:19 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-09-25 04:19 - 2014-09-25 04:19 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-09-25 04:19 - 2014-09-25 04:19 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-09-25 04:19 - 2014-09-25 04:19 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-09-25 04:17 - 2014-09-25 04:17 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-09-25 04:17 - 2014-09-25 04:17 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-09-25 04:13 - 2014-09-25 04:13 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-09-25 04:13 - 2014-09-25 04:13 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-09-25 04:09 - 2014-09-25 04:09 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-09-25 04:09 - 2014-09-25 04:09 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-09-25 04:09 - 2014-09-25 04:09 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-09-25 03:56 - 2014-09-25 03:56 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 01112536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-09-25 03:56 - 2014-09-25 03:56 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00836096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-09-25 03:56 - 2014-09-25 03:56 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-09-25 03:56 - 2014-09-25 03:56 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AdmTmpl.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AdmTmpl.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-09-25 03:56 - 2014-09-25 03:56 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-09-25 03:56 - 2014-09-25 03:56 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-09-25 03:56 - 2014-09-25 03:56 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-09-25 03:56 - 2014-09-25 03:56 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-09-25 03:56 - 2014-09-25 03:56 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-09-25 03:56 - 2014-09-25 03:56 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-09-25 03:56 - 2014-09-25 03:56 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-09-25 03:56 - 2014-09-25 03:56 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfg.exe
2014-09-25 03:56 - 2014-09-25 03:56 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-09-25 03:56 - 2014-09-25 03:56 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2014-09-25 03:56 - 2014-09-25 03:56 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-09-25 03:56 - 2014-09-25 03:56 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2014-09-25 03:56 - 2014-09-25 03:56 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-09-25 03:56 - 2014-09-25 03:56 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-09-25 03:56 - 2014-09-25 03:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 21266336 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 18760328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 13292544 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 11794944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 07424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-09-25 03:39 - 2014-09-25 03:39 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 03465216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 03360768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 02696704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-09-25 03:39 - 2014-09-25 03:39 - 02515264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-09-25 03:39 - 2014-09-25 03:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-09-25 03:39 - 2014-09-25 03:39 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-09-25 03:39 - 2014-09-25 03:39 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-09-25 03:39 - 2014-09-25 03:39 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-09-25 03:39 - 2014-09-25 03:39 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-09-25 03:39 - 2014-09-25 03:39 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-09-25 03:39 - 2014-09-25 03:39 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmcsnap.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-09-25 03:39 - 2014-09-25 03:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00674512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-09-25 03:39 - 2014-09-25 03:39 - 00513544 _____ () C:\WINDOWS\system32\locale.nls
2014-09-25 03:39 - 2014-09-25 03:39 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-09-25 03:39 - 2014-09-25 03:39 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00475968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00468288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-09-25 03:39 - 2014-09-25 03:39 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00438272 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-09-25 03:39 - 2014-09-25 03:39 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00419648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00412992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00387391 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-09-25 03:39 - 2014-09-25 03:39 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-09-25 03:39 - 2014-09-25 03:39 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-09-25 03:39 - 2014-09-25 03:39 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00310080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00280384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-09-25 03:39 - 2014-09-25 03:39 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ppcsnap.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-09-25 03:39 - 2014-09-25 03:39 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2014-09-25 03:39 - 2014-09-25 03:39 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2014-09-25 03:39 - 2014-09-25 03:39 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-09-25 03:39 - 2014-09-25 03:39 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-09-25 03:39 - 2014-09-25 03:39 - 00180056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00149312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00143680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-09-25 03:39 - 2014-09-25 03:39 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00089944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-09-25 03:39 - 2014-09-25 03:39 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-09-25 03:39 - 2014-09-25 03:39 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2014-09-25 03:39 - 2014-09-25 03:39 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2014-09-25 03:39 - 2014-09-25 03:39 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2014-09-25 03:39 - 2014-09-25 03:39 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL
2014-09-25 03:39 - 2014-09-25 03:39 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2014-09-25 03:39 - 2014-09-25 03:39 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2014-09-25 03:39 - 2014-09-25 03:39 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2014-09-25 03:39 - 2014-09-25 03:39 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2014-09-25 03:39 - 2014-09-25 03:39 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL
2014-09-25 03:39 - 2014-09-25 03:39 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2014-09-25 03:39 - 2014-09-25 03:39 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2014-09-25 03:39 - 2014-09-25 03:39 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2014-09-25 03:39 - 2014-09-25 03:39 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2014-09-25 03:39 - 2014-09-25 03:39 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2014-09-25 03:30 - 2014-09-25 03:30 - 13933568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 11776000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 11742720 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 08946688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 03596800 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 03494912 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 03394384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 03312128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 02862592 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 02825216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 02811392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 02566656 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 02544128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 02537472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 02428928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 02368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 02288640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 02165760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01929608 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01767440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01757184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01653352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01640960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01621504 _____ (Microsoft Corporation) C:\WINDOWS\system32\RacEngn.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01581968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01576960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 01496576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01474104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01445616 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01435304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01428480 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 01392640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01290688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01283584 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 01258496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RacEngn.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01227776 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01224192 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01215832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01206000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 01192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01163264 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01162752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01152512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2014-09-25 03:30 - 2014-09-25 03:30 - 01147904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01136128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2014-09-25 03:30 - 2014-09-25 03:30 - 01132032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\perftrack.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01077944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01067080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01063976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 01011712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01011280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00994136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2014-09-25 03:30 - 2014-09-25 03:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00943104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00935424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00934856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00924504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2014-09-25 03:30 - 2014-09-25 03:30 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00902144 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00883184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00876544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00813568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00800552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00797696 _____ (Microsoft Corporation) C:\WINDOWS\system32\PurchaseWindowsLicense.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00796928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00761792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00669896 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2014-09-25 03:30 - 2014-09-25 03:30 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00650736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\riched20.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\OobeFldr.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OobeFldr.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00628224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00617472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsdyn.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\recimg.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfrgui.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dfrgui.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00526304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmIndexer.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2014-09-25 03:30 - 2014-09-25 03:30 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00506120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.ContentPrefetchTask.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00484864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceCenter.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2014-09-25 03:30 - 2014-09-25 03:30 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00461176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx
2014-09-25 03:30 - 2014-09-25 03:30 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appmgr.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00407536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\provsvc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00397824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2014-09-25 03:30 - 2014-09-25 03:30 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WLanConn.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00391512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00391008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DfpCommon.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00372360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgr.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\livessp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwizeng.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\srchadmin.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provsvc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00317584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srchadmin.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdprint.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00289752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmdskmgr.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsku.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00262335 _____ () C:\WINDOWS\system32\dfpinc.dat
2014-09-25 03:30 - 2014-09-25 03:30 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdprint.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00251504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powrprof.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00249688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2014-09-25 03:30 - 2014-09-25 03:30 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00244848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\miutils.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionQueue.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cleanmgr.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cleanmgr.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00209160 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\aelupsvc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmdskmgr.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCoreConfProv.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2014-09-25 03:30 - 2014-09-25 03:30 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00188464 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgrade.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\korwbrkr.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\miutils.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncui.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00170952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ocsetapi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ocsetapi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-09-25 03:30 - 2014-09-25 03:30 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsClassExtension.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitagent.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00153600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\diskpart.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-09-25 03:30 - 2014-09-25 03:30 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2014-09-25 03:30 - 2014-09-25 03:30 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-09-25 03:30 - 2014-09-25 03:30 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00140456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00139600 _____ () C:\WINDOWS\system32\systemsf.ebd
2014-09-25 03:30 - 2014-09-25 03:30 - 00139464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\diskpart.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\netid.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsutil.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msched.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00131168 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-power-events.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2014-09-25 03:30 - 2014-09-25 03:30 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContent.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WorkFoldersRes.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersRes.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fsutil.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\scavengeui.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AltTab.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\RestoreOptIn.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00100197 _____ () C:\WINDOWS\SysWOW64\RacRules.xml
2014-09-25 03:30 - 2014-09-25 03:30 - 00100197 _____ () C:\WINDOWS\system32\RacRules.xml
2014-09-25 03:30 - 2014-09-25 03:30 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netid.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-09-25 03:30 - 2014-09-25 03:30 - 00096088 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedapplauncher.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\spcompat.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeResults.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00089848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RestoreOptIn.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00089848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2014-09-25 03:30 - 2014-09-25 03:30 - 00083120 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhost.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Utilman.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00080048 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostex.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00079496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2014-09-25 03:30 - 2014-09-25 03:30 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00071888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2014-09-25 03:30 - 2014-09-25 03:30 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhevents.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Renewal.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConfigureExpandedStorage.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrTasks.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AepRoam.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys
2014-09-25 03:30 - 2014-09-25 03:30 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftp.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAConn.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00050053 _____ () C:\WINDOWS\system32\srms.dat
2014-09-25 03:30 - 2014-09-25 03:30 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ftp.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00044936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00043408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\f3ahvoas.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00041320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00038680 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00036200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserAccountBroker.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfp.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00029912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserAccountBroker.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofTasks.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbrand.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentHost.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsvcctl.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofUtil.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\energytask.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxshared.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\slpts.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\finger.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slpts.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msshooks.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\finger.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00011109 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-09-25 03:30 - 2014-09-25 03:30 - 00011109 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-09-25 03:30 - 2014-09-25 03:30 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msshooks.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00008192 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-private-l1-1-1.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00007762 _____ () C:\WINDOWS\SysWOW64\connectedsearch-suggestions.searchconnector-ms
2014-09-25 03:30 - 2014-09-25 03:30 - 00007762 _____ () C:\WINDOWS\system32\connectedsearch-suggestions.searchconnector-ms
2014-09-25 03:30 - 2014-09-25 03:30 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\shimeng.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00007130 _____ () C:\WINDOWS\SysWOW64\connectedsearch-zeroinput.searchconnector-ms
2014-09-25 03:30 - 2014-09-25 03:30 - 00007130 _____ () C:\WINDOWS\system32\connectedsearch-zeroinput.searchconnector-ms
2014-09-25 03:30 - 2014-09-25 03:30 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2014-09-25 03:30 - 2014-09-25 03:30 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-session-winsta-l1-1-0.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-private-l1-1-0.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-networking-wcmapi-l1-1-0.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-kernel32-package-l1-1-1.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00002440 ___RS () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk
2014-09-25 03:30 - 2014-09-25 03:30 - 00002255 _____ () C:\WINDOWS\SysWOW64\WimBootCompress.ini
2014-09-25 03:30 - 2014-09-25 03:30 - 00002255 _____ () C:\WINDOWS\system32\WimBootCompress.ini
2014-09-25 03:30 - 2014-09-25 03:30 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-09-25 03:30 - 2014-09-25 03:30 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-09-25 03:30 - 2014-09-25 03:30 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-09-25 03:30 - 2014-09-25 03:30 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-09-25 03:29 - 2014-09-25 03:29 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 03085824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 01943536 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 01927600 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 01791752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 01727760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 01369736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 01341440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 01017936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 01000424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00825344 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00753664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00745328 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00578952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00552632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00551256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2014-09-25 03:29 - 2014-09-25 03:29 - 00539992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2014-09-25 03:29 - 2014-09-25 03:29 - 00531128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\riched20.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00490136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00424280 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00422968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00410568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-09-25 03:29 - 2014-09-25 03:29 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2014-09-25 03:29 - 2014-09-25 03:29 - 00369288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00345552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-09-25 03:29 - 2014-09-25 03:29 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\system32\powrprof.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2014-09-25 03:29 - 2014-09-25 03:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-09-25 03:29 - 2014-09-25 03:29 - 00232896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\PkgMgr.exe
2014-09-25 03:29 - 2014-09-25 03:29 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PkgMgr.exe
2014-09-25 03:29 - 2014-09-25 03:29 - 00194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00189784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2014-09-25 03:29 - 2014-09-25 03:29 - 00175960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VerifierExt.sys
2014-09-25 03:29 - 2014-09-25 03:29 - 00171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00171864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_8086.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00152848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00151384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-09-25 03:29 - 2014-09-25 03:29 - 00148824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-09-25 03:29 - 2014-09-25 03:29 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\korwbrkr.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00142576 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2014-09-25 03:29 - 2014-09-25 03:29 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-09-25 03:29 - 2014-09-25 03:29 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imm32.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00137344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2014-09-25 03:29 - 2014-09-25 03:29 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SSShim.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00105864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2014-09-25 03:29 - 2014-09-25 03:29 - 00094560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-09-25 03:29 - 2014-09-25 03:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2014-09-25 03:29 - 2014-09-25 03:29 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Utilman.exe
2014-09-25 03:29 - 2014-09-25 03:29 - 00066904 _____ (Microsoft Corporation) C:\WINDOWS\system32\PSHED.DLL
2014-09-25 03:29 - 2014-09-25 03:29 - 00057176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2014-09-25 03:29 - 2014-09-25 03:29 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-09-25 03:29 - 2014-09-25 03:29 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2014-09-25 03:29 - 2014-09-25 03:29 - 00033056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2014-09-25 03:29 - 2014-09-25 03:29 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\f3ahvoas.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-09-25 03:29 - 2014-09-25 03:29 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\clrhost.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clrhost.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00008192 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-1.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-session-winsta-l1-1-0.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-0.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-kernel32-package-l1-1-1.dll
2014-09-25 03:21 - 2014-10-13 04:04 - 00992588 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-09-25 03:15 - 2014-09-25 03:15 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-09-25 03:15 - 2014-09-25 03:15 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-09-25 03:11 - 2014-09-25 03:39 - 02406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2014-09-25 02:58 - 2013-08-22 17:51 - 00036235 _____ () C:\WINDOWS\Professional.xml
2014-09-25 02:57 - 2014-10-13 03:55 - 00000000 ____D () C:\WINDOWS\ShellNew
2014-09-25 02:57 - 2014-09-25 05:59 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-25 02:57 - 2014-09-25 02:57 - 02176000 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 02129408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsCpl.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 02119680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsCpl.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmclient.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 01230848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSh.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 01165824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDistSh.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00935424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmclient.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCacheProvider.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00788480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mblctr.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmscan.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\csc.sys
2014-09-25 02:57 - 2014-09-25 02:57 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrptadm.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmscan.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SnippingTool.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrptadm.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\StikyNot.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCleaner.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscobj.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrpUxNativeSnapIn.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00304128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SrpUxNativeSnapIn.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppIdPolicyEngineApi.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00291808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpendp.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\umrdp.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\srm.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srm.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmstormod.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00267528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpendp.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddputils.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SNTSearch.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppIdPolicyEngineApi.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuditNativeSnapIn.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2014-09-25 02:57 - 2014-09-25 02:57 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuditNativeSnapIn.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddpchunk.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationSettings.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDist.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmstormod.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscobj.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2014-09-25 02:57 - 2014-09-25 02:57 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\hwrreg.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\appmgmts.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistWSDDiscoProv.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmshell.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDist.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveprompt.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinput.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgmts.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00147439 _____ () C:\WINDOWS\SysWOW64\gpedit.msc
2014-09-25 02:57 - 2014-09-25 02:57 - 00147439 _____ () C:\WINDOWS\system32\gpedit.msc
2014-09-25 02:57 - 2014-09-25 02:57 - 00146389 _____ () C:\WINDOWS\system32\printmanagement.msc
2014-09-25 02:57 - 2014-09-25 02:57 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\CscMig.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddptrace.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\adrclient.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbusr.sys
2014-09-25 02:57 - 2014-09-25 02:57 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmshell.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00120458 _____ () C:\WINDOWS\system32\secpol.msc
2014-09-25 02:57 - 2014-09-25 02:57 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\baaupdate.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adrclient.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerWizardElev.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerWizard.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\auditpolmsg.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\auditpolmsg.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00090464 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeyboardFilterSvc.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmlib.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmlib.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmtrace.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2014-09-25 02:57 - 2014-09-25 02:57 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DFDWiz.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuditPolicyGPInterop.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintBrmUi.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmtrace.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsp.sys
2014-09-25 02:57 - 2014-09-25 02:57 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpcivsp.sys
2014-09-25 02:57 - 2014-09-25 02:57 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddp_ps.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuditPolicyGPInterop.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistHttpTrans.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2014-09-25 02:57 - 2014-09-25 02:57 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\RotMgr.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfdts.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00043566 _____ () C:\WINDOWS\SysWOW64\rsop.msc
2014-09-25 02:57 - 2014-09-25 02:57 - 00043566 _____ () C:\WINDOWS\system32\rsop.msc
2014-09-25 02:57 - 2014-09-25 02:57 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hwrcomp.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistAD.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00040288 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeyboardFilterCore.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00039264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmbeddedAppLauncherConfig.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00037216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\terminpt.sys
2014-09-25 02:57 - 2014-09-25 02:57 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vid.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00034144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KeyboardFilterCore.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\srm_ps.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\qwinsta.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00027488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2014-09-25 02:57 - 2014-09-25 02:57 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorPerformanceEvents.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\qprocess.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msg.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jnwmon.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\quser.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tskill.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\qappsrv.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\chgport.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsdiscon.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscon.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00022272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbldfltr.sys
2014-09-25 02:57 - 2014-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetppui.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\rwinsta.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoff.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\chgusr.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\chglogon.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srm_ps.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\reset.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\change.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\query.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspiper.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeSysprep.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00000000 __SHD () C:\WINDOWS\BitLockerDiscoveryVolumeContents
2014-09-25 02:57 - 2014-09-25 02:57 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
2014-09-25 02:57 - 2014-09-25 02:57 - 00000000 ____D () C:\WINDOWS\SKB
2014-09-25 02:35 - 2014-10-13 03:55 - 00000000 ____D () C:\WINDOWS\en-GB
2014-09-25 02:35 - 2014-10-13 03:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-09-25 02:35 - 2014-10-13 03:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-09-25 02:35 - 2014-10-13 03:51 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-09-25 02:35 - 2014-09-25 02:35 - 00000000 ____D () C:\WINDOWS\SysWOW64\winrm
2014-09-25 02:35 - 2014-09-25 02:35 - 00000000 ____D () C:\WINDOWS\SysWOW64\slmgr
2014-09-25 02:35 - 2014-09-25 02:35 - 00000000 ____D () C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2014-09-25 02:35 - 2014-09-25 02:35 - 00000000 ____D () C:\WINDOWS\SysWOW64\Drivers\en-GB
2014-09-25 02:35 - 2014-09-25 02:35 - 00000000 ____D () C:\WINDOWS\SysWOW64\0409
2014-09-25 02:35 - 2014-09-25 02:35 - 00000000 ____D () C:\WINDOWS\system32\winrm
2014-09-25 02:35 - 2014-09-25 02:35 - 00000000 ____D () C:\WINDOWS\system32\slmgr
2014-09-25 02:35 - 2014-09-25 02:35 - 00000000 ____D () C:\WINDOWS\system32\Printing_Admin_Scripts
2014-09-25 02:35 - 2014-09-25 02:35 - 00000000 ____D () C:\WINDOWS\system32\Drivers\en-GB
2014-09-25 02:35 - 2014-09-25 02:35 - 00000000 ____D () C:\WINDOWS\system32\0409
2014-09-24 19:08 - 2014-10-13 03:38 - 00002478 _____ () C:\WINDOWS\PFRO.log
2014-09-24 04:30 - 2014-10-13 03:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-09-24 04:30 - 2014-09-24 04:30 - 00002764 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-09-24 04:30 - 2014-09-24 04:30 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-24 04:30 - 2014-09-24 04:30 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-24 04:28 - 2014-09-24 04:28 - 00000000 ____D () C:\Users\E\Downloads\CCleaner Professional & Business v4.14.4707 - [MUMBAI-TPB]
2014-09-24 04:22 - 2014-10-13 03:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-09-24 04:22 - 2014-09-24 04:22 - 00001077 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-09-24 04:22 - 2014-09-24 04:22 - 00000000 ____D () C:\Users\E\AppData\Local\VS Revo Group
2014-09-24 04:22 - 2014-09-24 04:22 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-09-24 04:22 - 2014-09-24 04:22 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-09-24 04:22 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2014-09-24 04:20 - 2014-09-24 04:20 - 00000000 ____D () C:\Users\E\Downloads\Revo Uninstaller Pro 3.0.8 Final (32-64 Bit)
2014-09-24 04:16 - 2014-09-24 04:22 - 00000000 ____D () C:\Users\E\AppData\Local\Adobe Tool
2014-09-24 04:15 - 2014-09-24 04:15 - 00000000 ____D () C:\Users\E\Downloads\Adobe Tool 3.7
2014-09-24 03:22 - 2014-09-24 03:22 - 00000000 ____D () C:\Users\E\AppData\Roaming\PDAppFlex
2014-09-24 03:20 - 2014-09-24 03:20 - 00760080 _____ () C:\Users\E\Downloads\xperia.zip
2014-09-24 03:20 - 2013-08-03 19:37 - 00016288 _____ () C:\Users\E\Downloads\Xperia.ttf
2014-09-24 00:49 - 2014-09-24 00:49 - 00021516 _____ () C:\Users\E\Downloads\unlearn2.ttf
2014-09-23 06:11 - 2014-09-23 06:11 - 00016401 _____ () C:\Users\E\Downloads\Various Artists - Mississippi Delta Blues Jam In Memphis Volume 1 - 1993 (CD - FLAC - Lossless).torrent
2014-09-23 06:10 - 2014-09-23 06:10 - 00059103 _____ () C:\Users\E\Downloads\Axel Küstner & Siegfried Christmann - Living Country Blues - 1999 (CD - MP3 - V0 (VBR)).torrent
2014-09-23 02:50 - 2014-09-23 02:50 - 00046781 _____ () C:\Users\E\Downloads\Franz Ferdinand - Live at Forest National Club, Brussels - 2014 (CD - MP3 - V0 (VBR)).torrent
2014-09-23 02:50 - 2014-09-23 02:50 - 00020193 _____ () C:\Users\E\Downloads\Franz Ferdinand - Live 2014 (14.03.2014 Roundhouse, London) - 2014 (CD - MP3 - V0 (VBR)).torrent
2014-09-20 22:20 - 2014-09-20 22:20 - 00009922 _____ () C:\Users\E\Downloads\Rev.S01E01.HDTV.XviD-BiA.[eztv].torrent
2014-09-20 21:45 - 2014-09-20 21:45 - 00014517 _____ () C:\Users\E\Downloads\In the Loop.2009.DVD.XviD.AVI.186443.torrent
2014-09-16 02:18 - 2014-09-16 02:18 - 06057862 _____ (Tim Kosse) C:\Users\E\Downloads\FileZilla_3.9.0.5_win32-setup.exe
2014-09-14 21:16 - 2014-10-13 03:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-09-14 21:14 - 2014-10-02 08:48 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-14 21:14 - 2014-09-14 21:14 - 01054896 _____ (Microsoft Corporation) C:\Users\E\Downloads\Setup.X86.en-US_O365ProPlusRetail_a06f8af0-e055-4370-9650-72be0ba3c1f0_TX_PR_.exe
2014-09-14 19:53 - 2014-10-13 03:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-14 19:53 - 2014-09-14 19:53 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-14 19:52 - 2014-09-14 19:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-14 19:52 - 2014-09-14 19:53 - 00000000 ____D () C:\Program Files\iTunes
2014-09-14 19:52 - 2014-09-14 19:52 - 00000000 ____D () C:\Program Files\iPod

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-14 00:44 - 2012-11-20 00:17 - 00000000 ____D () C:\Users\E\AppData\Roaming\uTorrent
2014-10-14 00:29 - 2012-11-22 18:34 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-10-14 00:15 - 2012-11-19 23:35 - 00000908 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-14 00:00 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-13 21:11 - 2014-04-10 22:42 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-13 21:11 - 2013-09-01 22:55 - 00000000 ____D () C:\Users\E\Documents\WB Games
2014-10-13 21:11 - 2012-11-20 00:03 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-13 20:08 - 2012-11-19 22:50 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3017090963-2871392586-185075185-1001
2014-10-13 19:15 - 2012-11-19 23:35 - 00000904 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-13 17:12 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-13 17:06 - 2013-05-29 19:50 - 00000000 ___RD () C:\Users\E\Dropbox
2014-10-13 17:06 - 2013-05-29 19:48 - 00000000 ____D () C:\Users\E\AppData\Roaming\Dropbox
2014-10-13 17:06 - 2012-11-19 22:43 - 00000000 ____D () C:\Users\E\AppData\Local\Packages
2014-10-13 14:34 - 2013-08-23 02:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-10-13 14:29 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\inetsrv
2014-10-13 14:29 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2014-10-13 14:29 - 2013-08-22 22:25 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2014-10-13 14:29 - 2013-08-22 22:22 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2014-10-13 14:29 - 2013-08-22 22:19 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2014-10-13 14:29 - 2013-08-22 22:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2014-10-13 14:29 - 2013-08-22 22:18 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2014-10-13 14:29 - 2013-08-22 21:03 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2014-10-13 14:29 - 2013-08-22 14:58 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2014-10-13 14:29 - 2013-08-22 14:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2014-10-13 14:29 - 2013-08-22 14:53 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2014-10-13 14:29 - 2013-08-22 14:53 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2014-10-13 14:29 - 2013-08-22 14:51 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2014-10-13 14:29 - 2013-08-22 13:54 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2014-10-13 04:09 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-13 04:07 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-10-13 04:07 - 2013-08-23 01:46 - 00381328 _____ () C:\WINDOWS\setupact.log
2014-10-13 04:07 - 2013-08-23 01:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-13 04:04 - 2013-08-23 02:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-10-13 04:04 - 2013-08-23 02:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-10-13 03:58 - 2013-08-23 01:44 - 05101448 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-13 03:55 - 2014-08-07 01:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-10-13 03:55 - 2014-06-27 07:11 - 00000000 ____D () C:\Users\E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SoulseekQt
2014-10-13 03:55 - 2014-06-02 04:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freecorder
2014-10-13 03:55 - 2014-05-19 04:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio
2014-10-13 03:55 - 2014-04-10 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-13 03:55 - 2014-03-02 00:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-10-13 03:55 - 2014-02-23 22:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-10-13 03:55 - 2014-02-15 04:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLAC
2014-10-13 03:55 - 2014-02-15 01:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy
2014-10-13 03:55 - 2014-01-05 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlacSquisher
2014-10-13 03:55 - 2013-10-26 22:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Audio Extractor
2014-10-13 03:55 - 2013-09-09 21:13 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-10-13 03:55 - 2013-09-09 21:13 - 00000000 ____D () C:\WINDOWS\en
2014-10-13 03:55 - 2013-09-09 21:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2014-10-13 03:55 - 2013-08-23 00:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-13 03:55 - 2013-08-23 00:25 - 00008192 ___SH () C:\WINDOWS\system32\config\ELAM
2014-10-13 03:55 - 2013-06-26 03:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-10-13 03:55 - 2013-05-29 19:49 - 00000000 ____D () C:\Users\E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-10-13 03:55 - 2013-04-27 23:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-13 03:55 - 2013-03-12 02:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics
2014-10-13 03:55 - 2013-01-27 23:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm
2014-10-13 03:55 - 2012-12-30 02:37 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-10-13 03:55 - 2012-12-23 23:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
2014-10-13 03:55 - 2012-12-15 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2014-10-13 03:55 - 2012-12-05 05:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArtMoney SE
2014-10-13 03:55 - 2012-12-04 06:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-10-13 03:55 - 2012-11-22 18:39 - 00000000 ____D () C:\Users\E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-10-13 03:55 - 2012-11-20 06:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4Musics FLAC to MP3 Converter
2014-10-13 03:55 - 2012-11-20 04:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2014-10-13 03:55 - 2012-11-20 00:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2014-10-13 03:55 - 2012-11-20 00:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-10-13 03:55 - 2012-11-20 00:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-10-13 03:55 - 2012-11-20 00:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-10-13 03:55 - 2012-11-19 23:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-10-13 03:55 - 2012-11-19 23:50 - 00000000 ____D () C:\Users\E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-10-13 03:55 - 2012-11-19 23:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-10-13 03:55 - 2012-11-19 23:48 - 00000000 ____D () C:\Users\E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Detector Plug-in
2014-10-13 03:55 - 2012-11-19 23:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2014-10-13 03:55 - 2012-11-19 23:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-13 03:51 - 2013-12-15 04:16 - 00000000 ____D () C:\WINDOWS\SysWOW64\AGEIA
2014-10-13 03:51 - 2013-09-09 21:07 - 00000000 ____D () C:\WINDOWS\SysWOW64\xlive
2014-10-13 03:51 - 2013-08-23 02:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log
2014-10-13 03:51 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-10-13 03:51 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-10-13 03:51 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-10-13 03:51 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2014-10-13 03:51 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\en-GB
2014-10-13 03:51 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-10-13 03:51 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-10-13 03:51 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-10-13 03:51 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2014-10-13 03:51 - 2013-08-23 00:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-10-13 03:51 - 2012-07-26 16:37 - 00000000 ____D () C:\Users\Default.migrated
2014-10-13 03:50 - 2013-09-01 22:52 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2014-10-13 03:50 - 2013-08-23 02:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-10-13 03:50 - 2013-08-23 02:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-10-13 03:50 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\Resources
2014-10-13 03:50 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\Help
2014-10-13 03:50 - 2012-12-16 19:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2014-10-13 03:50 - 2012-11-19 22:43 - 00000000 ____D () C:\ProgramData\PRICache
2014-10-13 03:49 - 2013-12-04 02:28 - 00000000 ____D () C:\Program Files\ASUS
2014-10-13 03:49 - 2013-08-23 02:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-10-13 03:49 - 2013-08-23 02:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-10-13 03:46 - 2014-06-19 23:11 - 00000000 ____D () C:\Users\E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-10-13 03:46 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-10-13 03:46 - 2012-07-26 19:12 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-10-13 03:42 - 2013-08-23 00:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-10-13 03:42 - 2012-08-12 12:40 - 00000000 __SHD () C:\Recovery
2014-10-13 03:38 - 2013-08-23 00:36 - 00000000 __RHD () C:\Users\Default
2014-10-13 02:42 - 2012-07-26 19:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-10-13 02:00 - 2012-11-20 00:38 - 00000000 ____D () C:\Users\E\AppData\Local\Adobe
2014-10-12 21:09 - 2012-12-16 19:37 - 00280064 ___SH () C:\Users\E\Desktop\Thumbs.db
2014-10-12 12:00 - 2013-06-26 03:34 - 00001868 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-10-10 02:58 - 2014-02-23 22:28 - 00000000 ____D () C:\Users\E\AppData\Roaming\FileZilla
2014-10-10 02:10 - 2014-08-07 01:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-10 02:10 - 2013-07-17 20:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer
2014-10-10 02:05 - 2013-09-08 20:24 - 00000000 ____D () C:\Program Files (x86)\Anvisoft
2014-10-07 16:54 - 2012-11-19 23:57 - 00000000 ____D () C:\Users\E\AppData\Local\Last.fm
2014-10-04 09:20 - 2014-08-30 09:54 - 00055109 _____ () C:\Users\E\Desktop\New Text Document (4).txt
2014-10-03 11:56 - 2014-08-30 09:55 - 00000004 _____ () C:\Users\E\AppData\Roaming\appdataFr2.bin
2014-09-29 02:02 - 2014-01-21 22:22 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-29 02:02 - 2013-02-21 02:55 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-27 04:08 - 2014-02-23 22:27 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-09-25 06:07 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-09-25 06:05 - 2013-08-23 01:46 - 00005446 _____ () C:\WINDOWS\vmgcoinstall.log
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\zh-HK
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\uk-UA
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\tr-TR
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\th-TH
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\sr-Latn-RS
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\sl-SI
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\sk-SK
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\ro-RO
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\lv-LV
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\lt-LT
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\hr-HR
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\he-IL
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\et-EE
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\bg-BG
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\ar-SA
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\zh-HK
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\uk-UA
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\tr-TR
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\th-TH
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\sl-SI
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\sk-SK
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\ro-RO
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\lv-LV
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\lt-LT
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\hr-HR
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\he-IL
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\et-EE
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\bg-BG
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\ar-SA
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-09-25 05:59 - 2013-08-23 00:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2014-09-25 05:59 - 2013-08-23 00:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-09-25 05:59 - 2013-08-23 00:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-09-25 05:59 - 2013-08-23 00:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-09-25 05:59 - 2013-08-23 00:36 - 00000000 ____D () C:\WINDOWS\servicing
2014-09-25 05:58 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2014-09-25 05:58 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-09-25 05:58 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2014-09-25 05:58 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-09-25 05:58 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-09-25 02:57 - 2013-08-23 02:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-25 02:57 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\security
2014-09-25 02:35 - 2013-08-23 02:36 - 00000000 ___SD () C:\WINDOWS\system32\dsc
2014-09-25 02:35 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Com
2014-09-25 02:35 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\Com
2014-09-25 02:35 - 2013-08-23 02:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-09-25 02:35 - 2013-08-23 02:36 - 00000000 ____D () C:\Program Files\Common Files\System
2014-09-25 02:35 - 2013-08-23 02:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-09-24 21:36 - 2012-07-26 18:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-24 05:29 - 2012-11-20 00:44 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-09-24 05:29 - 2012-11-20 00:44 - 00000000 ____D () C:\Program Files\Adobe
2014-09-24 05:28 - 2012-11-20 00:41 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-24 04:50 - 2012-11-19 22:43 - 00000000 ____D () C:\Users\E\AppData\Roaming\Adobe
2014-09-24 04:44 - 2012-11-20 00:40 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-23 23:54 - 2014-02-24 03:19 - 00000600 _____ () C:\Users\E\AppData\Local\PUTTY.RND
2014-09-23 20:40 - 2013-05-29 19:50 - 00001006 _____ () C:\Users\E\Desktop\Dropbox.lnk
2014-09-17 03:50 - 2014-02-15 01:56 - 00000000 ____D () C:\EAC
2014-09-14 22:09 - 2014-08-30 04:45 - 00000000 ____D () C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-14 21:18 - 2012-11-20 00:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-09-14 21:15 - 2012-11-19 22:43 - 00000000 ____D () C:\Users\E\AppData\Local\VirtualStore
2014-09-14 19:53 - 2012-11-19 23:56 - 00000000 ____D () C:\Program Files (x86)\iTunes

Some content of TEMP:
====================
C:\Users\E\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmps_pja5.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-13 03:38

==================== End Of Log ============================

 


Edited by thepokey, 13 October 2014 - 09:22 AM.


#5 thepokey

thepokey
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:09:37 PM

Posted 13 October 2014 - 09:24 AM

Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-10-2014 02
Ran by E at 2014-10-14 00:44:18
Running from C:\Users\E\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Lavasoft Ad-Aware (Disabled - Up to date) {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Lavasoft Ad-Aware (Disabled - Up to date) {5BB89C30-6480-BC7C-9F17-199BD76F557A}
FW: Lavasoft Ad-Aware (Disabled) {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.2.0 - )
4Musics FLAC to MP3 Converter 4.0 (HKLM-x32\...\4Musics FLAC to MP3 Converter 4.0 Shareware_is1) (Version:  - NeSoft)
Ad-Aware Antivirus (HKLM-x32\...\{944167EA-7F89-4705-8DCD-1D63B53141B0}) (Version: 10.5.3.4405 - Lavasoft)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.05 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArtMoney SE v7.40.2 (HKLM-x32\...\ArtMoney SE_is1) (Version: 7.40.2 - System SoftLab)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Batman: Arkham City™ GOTY (HKLM-x32\...\GFWL_{57520FA0-DF38-46A1-8046-3B1000008500}) (Version: 1.0.0000.133 - WB Games)
Batman: Arkham City™ GOTY (x32 Version: 1.0.0000.133 - WB Games) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CamStudio (HKLM-x32\...\CamStudio) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Cloud System Booster (HKLM-x32\...\Cloud System Booster) (Version: 3.5 - Anvisoft)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
Dragon Age: Origins - Ultimate Edition (HKLM-x32\...\Steam App 47810) (Version:  - BioWare)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
DVD Audio Extractor 7.1.2 (HKLM-x32\...\DVD Audio Extractor_is1) (Version:  - Computer Application Studio)
EndNote X7 (HKLM-x32\...\{86B3F2D6-AC2B-0017-8AE1-F2F77F781B0C}) (Version: 17.0.1.7212 - Thomson Reuters)
EPUB File Reader (HKLM-x32\...\{818C5857-5C74-4CAC-9F43-E5597086852D}_is1) (Version:  - )
Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
FLAC 1.2.1b (remove only) (HKLM-x32\...\FLAC) (Version: 1.2.1b - Xiph.org)
FlacSquisher 1.2.0 (HKLM-x32\...\FlacSquisher) (Version: 1.2.0 - FlacSquisher)
Freecorder 5 (HKLM-x32\...\Freecorder5.11) (Version: 5.11 - Applian Technologies Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 32.0.1700.107 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.0 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
IBM SPSS Statistics 21 (HKLM\...\{1E26B9C2-ED08-4EEA-83C8-A786502B41E5}) (Version: 21.0.0.0 - IBM Corp)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
K-Lite Codec Pack 8.7.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.7.0 - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Last.fm Scrobbler 2.1.33 (HKLM-x32\...\LastFM_is1) (Version:  - Last.fm)
LAV Filters 0.51.3 (HKLM-x32\...\lavfilters_is1) (Version: 0.51.3 - Hendrik Leppkes)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Medieval II: Total War (HKLM-x32\...\Steam App 4700) (Version:  - The Creative Assembly)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4649.1003 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ Run Time  Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version:  - Monolith Productions, Inc.)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Mp3tag v2.53 (HKLM-x32\...\Mp3tag) (Version: v2.53 - Florian Heidenreich)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA 3D Vision Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Control Panel 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.154.1150 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version:  - Thomson Reuters)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SimCity 4 Deluxe (HKLM-x32\...\Steam App 24780) (Version:  - EA - Maxis)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SoulseekQt (HKLM-x32\...\SoulseekQt) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Supreme Commander (HKLM-x32\...\Steam App 9350) (Version:  - Gas Powered Games)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version:  - Telltale Games)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZip 17.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D7}) (Version: 17.0.10283 - WinZip Computing, S.L. )
Wondershare PDF to Word (Build 3.5.0) (HKLM-x32\...\{DE718DF0-3874-4873-9BC3-3A94944C916E}_is1) (Version: 3.5.0 - Wondershare Software)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3017090963-2871392586-185075185-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\E\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3017090963-2871392586-185075185-1001_Classes\CLSID\{3560575F-7C2D-48AE-AB45-DAD430A95EBE}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-3017090963-2871392586-185075185-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\E\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3017090963-2871392586-185075185-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\E\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3017090963-2871392586-185075185-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\E\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3017090963-2871392586-185075185-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\E\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3017090963-2871392586-185075185-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\E\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3017090963-2871392586-185075185-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\E\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3017090963-2871392586-185075185-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\E\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3017090963-2871392586-185075185-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\E\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3017090963-2871392586-185075185-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\E\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3017090963-2871392586-185075185-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\E\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3017090963-2871392586-185075185-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\E\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3017090963-2871392586-185075185-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\E\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 16:26 - 2014-09-24 04:16 - 00001952 ___RA C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com 3dns.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.adobe.com activate.wip.adobe.com 
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com adobe-dns.adobe.com 
127.0.0.1 adobeereg.com crl.verisign.net ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com 
127.0.0.1 lm.licenses.adobe.com lmlicenses.wip4.adobe.com na2m-pr.licenses.adobe.com ood.opsource.net practivate.adobe practivate.adobe.com practivate.adobe.ipp practivate.adobe.newoa practivate.adobe.ntp 
127.0.0.1 wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com wwis-dubc1-vip60.adobe.com www.adobeereg.com www.wip.adobe.com www.wip1.adobe.com 
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com cmdls.adobe.com na1r.services.adobe.com prod-rel-ffc-ccm.oobesaas.adobe.com 


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0088B22B-8FC6-4909-9D79-E3F2BF970A90} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-09-26] (Microsoft Corporation)
Task: {035792A1-D4EF-4A78-BF9A-AA9628C281A3} - System32\Tasks\Microsoft\Windows\Setup\SetupCleanupTask
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0AD061FA-4825-452A-8B2D-EE206501CA69} - System32\Tasks\RDReminder => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1A608752-1349-45C9-BD6F-3280DAEADC3C} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {1BEB037C-641C-4E61-A61B-2E1960675C2F} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {285E8E70-E07D-491E-B8D7-6C40B9386A3F} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-thepokey@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {3119B0FA-1D75-4423-8564-15048425E249} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-09-25] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3A12A225-863E-408A-BBCD-CB7464072CCF} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-09-26] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4DDAFE20-1ACB-4F76-AF88-937673559453} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-19] (Google Inc.)
Task: {59B245E2-D387-4603-BD70-6D3AC6B6D624} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6EC990F5-31E1-4CF1-ADBA-2416FF576F2E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-09-11] (Microsoft Corporation)
Task: {70055D2E-D207-4940-9DE2-92E8DD16158B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-19] (Google Inc.)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7ECD14B7-4AAB-4592-9CA3-31B54A94D694} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-09-26] (Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {C50B3EA8-01C6-4C98-9179-BC9E9EB8FD1B} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher.exe [2013-06-13] (Lavasoft Limited)
Task: {C7C4CA5F-00F6-4639-9FFE-4B23C296E426} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-12] (Microsoft Corporation)
Task: {CF99003B-3335-4516-AE51-1C2B6CB5B0D9} - \Dealply No Task File <==== ATTENTION
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E092CC58-ED49-4586-8344-AFD1DB1A5C3A} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EEC452A5-5117-4FAC-8D17-473492C809E1} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {F1FC99CE-8734-40BA-95FB-87CEE5FD2B99} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-21] (Piriform Ltd)
Task: {FCD98F7C-9A0A-4EA6-AE23-2F54E7CCB170} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-10-13 03:39 - 2014-07-03 05:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-09-14 21:14 - 2014-05-20 10:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-09-14 21:20 - 2014-09-26 07:33 - 08894120 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:40 - 2010-01-21 01:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-05-02 06:29 - 2014-05-02 06:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-06-26 03:39 - 2014-06-20 07:08 - 00192376 _____ () C:\Program Files (x86)\Ad-Aware Antivirus\Definitions\libBase64.dll
2013-06-26 03:39 - 2014-06-20 07:08 - 00180088 _____ () C:\Program Files (x86)\Ad-Aware Antivirus\Definitions\libMachoUniv.dll
2014-09-14 21:15 - 2014-09-26 07:33 - 08894120 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2010-01-09 20:18 - 2010-01-09 20:18 - 04254560 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:34 - 2010-01-21 01:34 - 08793952 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-10-13 17:06 - 2014-10-13 17:06 - 00043008 _____ () c:\users\e\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmps_pja5.dll
2013-08-24 06:01 - 2013-08-24 06:01 - 25100288 _____ () C:\Users\E\AppData\Roaming\Dropbox\bin\libcef.dll
2014-02-04 13:11 - 2014-02-02 10:41 - 00715592 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libglesv2.dll
2014-02-04 13:11 - 2014-02-02 10:41 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libegl.dll
2014-02-04 13:11 - 2014-02-02 10:42 - 04055368 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll
2014-02-04 13:11 - 2014-02-02 10:42 - 00399688 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
2014-02-04 13:11 - 2014-02-02 10:41 - 01634632 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
2014-09-01 02:06 - 2014-08-22 05:15 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-09-01 02:06 - 2014-08-22 05:15 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-09-01 02:06 - 2014-08-22 05:15 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2013-03-12 17:10 - 2014-09-04 06:28 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-25 00:40 - 2014-09-23 15:32 - 02226880 _____ () C:\Program Files (x86)\Steam\video.dll
2014-09-01 02:06 - 2014-08-22 05:15 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-09-01 02:06 - 2014-08-22 05:15 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2012-11-20 00:05 - 2014-09-23 15:32 - 00679616 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2012-11-20 00:05 - 2014-09-05 10:29 - 34589376 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\E\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "AdobeCS5.5ServiceManager"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "Ad-Aware Antivirus"
HKLM\...\StartupApproved\Run32: => "Ad-Aware Browsing Protection"
HKLM\...\StartupApproved\Run32: => "Search Protection"
HKCU\...\StartupApproved\StartupFolder: => "OneNote 2010 Screen Clipper and Launcher.lnk"
HKCU\...\StartupApproved\Run: => "Steam"
HKCU\...\StartupApproved\Run: => "CloudSystemBooster"
HKCU\...\StartupApproved\Run: => "Optimizer Pro"
HKCU\...\StartupApproved\Run: => "msnmsgr"

========================= Accounts: ==========================

Administrator (S-1-5-21-3017090963-2871392586-185075185-500 - Administrator - Disabled)
E (S-1-5-21-3017090963-2871392586-185075185-1001 - Administrator - Enabled) => C:\Users\E
Guest (S-1-5-21-3017090963-2871392586-185075185-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3017090963-2871392586-185075185-1007 - Limited - Enabled)
UpdatusUser (S-1-5-21-3017090963-2871392586-185075185-1004 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/13/2014 05:04:48 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (3560) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Error: (10/13/2014 05:04:38 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (4036) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Error: (10/10/2014 02:17:44 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: TUCKERBOX)
Description: App Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo did not launch within its allotted time.

Error: (10/09/2014 03:01:47 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.

Error: (10/09/2014 03:00:24 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (10/08/2014 03:01:35 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.

Error: (10/08/2014 03:00:26 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (10/07/2014 03:01:40 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.

Error: (10/07/2014 03:00:20 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (10/06/2014 03:01:45 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.


System errors:
=============
Error: (10/13/2014 06:11:44 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk2\DR2, has a bad block.

Error: (10/13/2014 04:08:08 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The BranchCache service terminated with the following service-specific error: 
%%1260

Error: (10/13/2014 04:08:03 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (10/13/2014 04:07:38 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error: 
%%1058

Error: (10/13/2014 04:07:38 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error: 
%%1058

Error: (10/13/2014 04:07:38 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error: 
%%1058

Error: (10/13/2014 04:07:36 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error: 
%%1058

Error: (10/13/2014 04:07:36 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error: 
%%1058

Error: (10/13/2014 04:07:36 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error: 
%%1058

Error: (10/13/2014 04:07:36 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error: 
%%1058


Microsoft Office Sessions:
=========================
Error: (10/13/2014 05:04:48 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail3560WindowsMail0:

Error: (10/13/2014 05:04:38 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail4036WindowsMail0:

Error: (10/10/2014 02:17:44 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: TUCKERBOX)
Description: Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo

Error: (10/09/2014 03:01:47 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: c:\program files\WinZip\adxloader.dll.Manifestc:\program files\WinZip\adxloader.dll.Manifest2

Error: (10/09/2014 03:00:24 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1

Error: (10/08/2014 03:01:35 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: c:\program files\WinZip\adxloader.dll.Manifestc:\program files\WinZip\adxloader.dll.Manifest2

Error: (10/08/2014 03:00:26 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1

Error: (10/07/2014 03:01:40 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: c:\program files\WinZip\adxloader.dll.Manifestc:\program files\WinZip\adxloader.dll.Manifest2

Error: (10/07/2014 03:00:20 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1

Error: (10/06/2014 03:01:45 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: c:\program files\WinZip\adxloader.dll.Manifestc:\program files\WinZip\adxloader.dll.Manifest2


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 25%
Total physical RAM: 16335.79 MB
Available physical RAM: 12138.32 MB
Total Pagefile: 19279.79 MB
Available Pagefile: 13808.4 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.92 GB) (Free:1194.27 GB) NTFS
Drive d: (MIDDLE_EARTH_SOM_D5) (CDROM) (Total:2.08 GB) (Free:0 GB) UDF
Drive e: (Elements) (Fixed) (Total:931.28 GB) (Free:216.2 GB) FAT32
Drive f: (Seagate Expansion Drive) (Fixed) (Total:1863.01 GB) (Free:865.95 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 5042E78B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: E8900690)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=0C)

========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: E1AFE29B)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End Of Log ============================

ark.txt

GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-10-14 01:12:07
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000030 ST2000DM001-9YN164 rev.CC4B 1863.02GB
Running: o9ywe6n9.exe; Driver: C:\Users\E\AppData\Local\Temp\uftyrpoc.sys


---- Threads - GMER 2.1 ----

Thread   C:\WINDOWS\system32\csrss.exe [572:8964]                                                                                                                                                                                                                    fffff960008d2b90
---- Processes - GMER 2.1 ----

Library  C:\Users\E\AppData\Local\FLVService\lib\FLVSrvLib.dll (*** suspicious ***) @ C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [3856] (FLV Service Library for Freecorder/Applian Technologies, Inc.)(2014-06-01 17:00:13)     0000000010000000
Library  C:\Users\E\AppData\Local\FLVService\lib\FLVSrvLib.dll (*** suspicious ***) @ C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [4560] (FLV Service Library for Freecorder/Applian Technologies, Inc.)(2014-06-01 17:00:13)  0000000003b70000
Library  C:\Users\E\AppData\Local\FLVService\lib\FLVSrvLib.dll (*** suspicious ***) @ C:\Users\E\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460] (FLV Service Library for Freecorder/Applian Technologies, Inc.)(2014-06-01 17:00:13)                                 0000000000a30000
Library  C:\Users\E\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll (*** suspicious ***) @ C:\Users\E\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460](2014-09-13 00:20:58)                                                                                               0000000003d90000
Library  c:\users\e\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmps_pja5.dll (*** suspicious ***) @ C:\Users\E\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460](2014-10-13 06:06:12)                                                 00000000041f0000
Library  C:\Users\E\AppData\Roaming\Dropbox\bin\libcef.dll (*** suspicious ***) @ C:\Users\E\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460]                                                                                                                          00000000687e0000
Library  C:\Users\E\AppData\Roaming\Dropbox\bin\icudt.dll (*** suspicious ***) @ C:\Users\E\AppData\Roaming\Dropbox\bin\Dropbox.exe [2460] (ICU Data DLL/The ICU Project)(2013-08-23 19:01:42)                                                                       0000000067e50000
Library  C:\Users\E\AppData\Local\FLVService\lib\FLVSrvLib.dll (*** suspicious ***) @ C:\Program Files (x86)\Winamp\winampa.exe [5336] (FLV Service Library for Freecorder/Applian Technologies, Inc.)(2014-06-01 17:00:13)                                          0000000010000000
Library  C:\Users\E\AppData\Local\FLVService\lib\FLVSrvLib.dll (*** suspicious ***) @ C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [6116] (FLV Service Library for Freecorder/Applian Technologies, Inc.)(2014-06-01 17:00:13)                     0000000010000000
Library  C:\Users\E\AppData\Local\FLVService\lib\FLVSrvLib.dll (*** suspicious ***) @ C:\Program Files (x86)\Freecorder\FLVSrvc.exe [5936] (FLV Service Library for Freecorder/Applian Technologies, Inc.)(2014-06-01 17:00:13)                                      0000000010000000
Library  C:\Users\E\AppData\Local\FLVService\lib\FLVSrvLib.dll (*** suspicious ***) @ C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [5840] (FLV Service Library for Freecorder/Applian Technologies, Inc.)(2014-06-01 17:00:13)                   0000000010000000
Library  C:\Users\E\AppData\Local\FLVService\lib\FLVSrvLib.dll (*** suspicious ***) @ C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe [5760] (FLV Service Library for Freecorder/Applian Technologies, Inc.)(2014-06-01 17:00:13)          0000000010000000
Library  C:\Users\E\AppData\Local\FLVService\lib\FLVSrvLib.dll (*** suspicious ***) @ C:\Program Files (x86)\uTorrent\uTorrent.exe [3876] (FLV Service Library for Freecorder/Applian Technologies, Inc.)(2014-06-01 17:00:13)                                       0000000010000000
Library  C:\Users\E\AppData\Local\FLVService\lib\FLVSrvLib.dll (*** suspicious ***) @ C:\Program Files (x86)\Steam\steam.exe [7536] (FLV Service Library for Freecorder/Applian Technologies, Inc.)(2014-06-01 17:00:13)                                             0000000010000000
Library  C:\Users\E\AppData\Local\FLVService\lib\FLVSrvLib.dll (*** suspicious ***) @ C:\Program Files (x86)\Steam\bin\steamwebhelper.exe [7540] (FLV Service Library for Freecorder/Applian Technologies, Inc.)(2014-06-01 17:00:13)                                0000000010000000

---- Registry - GMER 2.1 ----

Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed                                                                                                                                                                           -337986033
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Teredo\PreviousState\4c-60-de-7c-16-c8@TeredoAddress                                                                                                                                                        2001:0:5ef5:79fb:3cfa:1a92:8d39:bc90
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Teredo\PreviousState\4c-60-de-7c-16-c8@ClientLocalPort                                                                                                                                                      58733
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Teredo\PreviousState\4c-60-de-7c-16-c8@AddressCreationTimestamp                                                                                                                                             0xD1 0xFC 0x4B 0x0A ...
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Teredo\PreviousState\4c-60-de-7c-16-c8@UPnPExternalPort                                                                                                                                                     58733
Reg      HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch                                                                                                                                                                                            11
Reg      HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@Rw                                                                                                                                                                                                          0x64 0x62 0x03 0x00 ...
Reg      HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@RwMask                                                                                                                                                                                                      0x64 0x62 0x03 0x00 ...
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore@Count                                                                                                                                              15
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\iexplore@Count                                                                                                                                              15
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@WindowsBandwidthBucketCounter                                                                                                                                                        2258164
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastWindowsBandwidthBucketDrainTime                                                                                                                                                  0xA6 0x48 0xD3 0x9F ...
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@WindowsRequestBucketCounter                                                                                                                                                          572
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastWindowsRequestBucketDrainTime                                                                                                                                                    0xA8 0x43 0x1B 0xFF ...
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@WindowsLargeRequestBucketCounter                                                                                                                                                     473
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastWindowsLargeRequestBucketDrainTime                                                                                                                                               0xA8 0x43 0x1B 0xFF ...
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@OtherBandwidthBucketCounter                                                                                                                                                          14578
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@OtherRequestBucketCounter                                                                                                                                                            4270
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastOtherRequestBucketDrainTime                                                                                                                                                      0xA8 0x43 0x1B 0xFF ...
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@GlobalBandwidthBucketCounter                                                                                                                                                         6156105
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@GlobalRequestBucketCounter                                                                                                                                                           7765
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastGlobalRequestBucketDrainTime                                                                                                                                                     0xA8 0x43 0x1B 0xFF ...
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@RoamingSyncToken                                                                                                                                                                     LM%3d63548800820490%3bID%3dA0F1FFAE2E2330BC!316%3bLR%3d63548801015300%3bEP%3d4%3bTD%3dTrue%3bSO%3d0
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastUploadTime                                                                                                                                                                       0x45 0xB9 0xCB 0xD5 ...

---- EOF - GMER 2.1 ----


TDSS report:

01:12:59.0036 0x15a0  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
01:13:04.0208 0x15a0  ============================================================
01:13:04.0208 0x15a0  Current date / time: 2014/10/14 01:13:04.0208
01:13:04.0208 0x15a0  SystemInfo:
01:13:04.0208 0x15a0  
01:13:04.0208 0x15a0  OS Version: 6.3.9600 ServicePack: 0.0
01:13:04.0208 0x15a0  Product type: Workstation
01:13:04.0208 0x15a0  ComputerName: TUCKERBOX
01:13:04.0208 0x15a0  UserName: E
01:13:04.0208 0x15a0  Windows directory: C:\WINDOWS
01:13:04.0208 0x15a0  System windows directory: C:\WINDOWS
01:13:04.0208 0x15a0  Running under WOW64
01:13:04.0208 0x15a0  Processor architecture: Intel x64
01:13:04.0208 0x15a0  Number of processors: 8
01:13:04.0208 0x15a0  Page size: 0x1000
01:13:04.0208 0x15a0  Boot type: Normal boot
01:13:04.0208 0x15a0  ============================================================
01:13:04.0474 0x15a0  KLMD registered as C:\WINDOWS\system32\drivers\96006177.sys
01:13:05.0271 0x15a0  System UUID: {2B83E361-E77A-8D4C-2955-9DFEEF62FACF}
01:13:05.0662 0x15a0  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:13:05.0662 0x15a0  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
01:13:05.0677 0x15a0  Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1115E00 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
01:13:05.0677 0x15a0  ============================================================
01:13:05.0677 0x15a0  \Device\Harddisk0\DR0:
01:13:05.0677 0x15a0  MBR partitions:
01:13:05.0677 0x15a0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
01:13:05.0677 0x15a0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE8DD5800
01:13:05.0677 0x15a0  \Device\Harddisk1\DR1:
01:13:05.0677 0x15a0  MBR partitions:
01:13:05.0677 0x15a0  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x74705982
01:13:05.0677 0x15a0  \Device\Harddisk2\DR2:
01:13:05.0708 0x15a0  MBR partitions:
01:13:05.0708 0x15a0  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07000
01:13:05.0708 0x15a0  ============================================================
01:13:05.0755 0x15a0  C: <-> \Device\Harddisk0\DR0\Partition2
01:13:05.0755 0x15a0  E: <-> \Device\Harddisk1\DR1\Partition1
01:13:05.0818 0x15a0  F: <-> \Device\Harddisk2\DR2\Partition1
01:13:05.0818 0x15a0  ============================================================
01:13:05.0818 0x15a0  Initialize success
01:13:05.0818 0x15a0  ============================================================
01:13:16.0897 0x1b10  ============================================================
01:13:16.0897 0x1b10  Scan started
01:13:16.0897 0x1b10  Mode: Manual; 
01:13:16.0897 0x1b10  ============================================================
01:13:16.0897 0x1b10  KSN ping started
01:13:19.0335 0x1b10  KSN ping finished: true
01:13:21.0819 0x1b10  ================ Scan system memory ========================
01:13:21.0819 0x1b10  System memory - ok
01:13:21.0819 0x1b10  ================ Scan services =============================
01:13:22.0007 0x1b10  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
01:13:22.0007 0x1b10  1394ohci - ok
01:13:22.0038 0x1b10  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
01:13:22.0038 0x1b10  3ware - ok
01:13:22.0069 0x1b10  [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
01:13:22.0085 0x1b10  ACPI - ok
01:13:22.0101 0x1b10  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
01:13:22.0101 0x1b10  acpiex - ok
01:13:22.0116 0x1b10  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
01:13:22.0116 0x1b10  acpipagr - ok
01:13:22.0148 0x1b10  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
01:13:22.0148 0x1b10  AcpiPmi - ok
01:13:22.0148 0x1b10  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
01:13:22.0148 0x1b10  acpitime - ok
01:13:22.0241 0x1b10  [ AE1671A3C798A3467DE5E7DD12179803, 102DCD7552F27AB8B55C61601208705538F60AFDB81F8C3D0A82F575DDCF808A ] Ad-Aware Service C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
01:13:22.0273 0x1b10  Ad-Aware Service - ok
01:13:22.0351 0x1b10  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
01:13:22.0351 0x1b10  AdobeARMservice - ok
01:13:22.0444 0x1b10  [ FBB312C9DA3863673EC18F4AE4101778, 4E9AAE7C700E485C17FDFCC9100A79784673B006D00D4D4CE8F1DB617D25C864 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
01:13:22.0444 0x1b10  AdobeFlashPlayerUpdateSvc - ok
01:13:22.0491 0x1b10  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
01:13:22.0507 0x1b10  ADP80XX - ok
01:13:22.0538 0x1b10  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
01:13:22.0538 0x1b10  AeLookupSvc - ok
01:13:22.0554 0x1b10  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
01:13:22.0569 0x1b10  AFD - ok
01:13:22.0569 0x1b10  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
01:13:22.0585 0x1b10  agp440 - ok
01:13:22.0585 0x1b10  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
01:13:22.0601 0x1b10  ahcache - ok
01:13:22.0632 0x1b10  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\WINDOWS\System32\alg.exe
01:13:22.0632 0x1b10  ALG - ok
01:13:22.0632 0x1b10  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
01:13:22.0632 0x1b10  AmdK8 - ok
01:13:22.0648 0x1b10  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
01:13:22.0648 0x1b10  AmdPPM - ok
01:13:22.0648 0x1b10  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
01:13:22.0663 0x1b10  amdsata - ok
01:13:22.0663 0x1b10  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
01:13:22.0663 0x1b10  amdsbs - ok
01:13:22.0679 0x1b10  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
01:13:22.0679 0x1b10  amdxata - ok
01:13:22.0710 0x1b10  [ F37E6B72325C00FCB0F9ECACEE54BE7D, 34EA02244017D061892F4D20E379681C3F0E6CF87EF075C608C53BAECCE7280A ] AnviCsbSvc      C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
01:13:22.0710 0x1b10  AnviCsbSvc - ok
01:13:22.0788 0x1b10  [ 9DCB42905F1EBF9CEC57EE5DF0BDA965, 4C888AAD0DDE01565FD7FBB6B70A500158CF2E4CECF9ADD4AFD302A993587269 ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
01:13:22.0788 0x1b10  AppHostSvc - ok
01:13:22.0804 0x1b10  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
01:13:22.0804 0x1b10  AppID - ok
01:13:22.0835 0x1b10  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
01:13:22.0851 0x1b10  AppIDSvc - ok
01:13:22.0866 0x1b10  [ 8D6F535461F6CFF75A8ADDF83024C904, F2A97EC4A6284F28B685A3CE2D450F61E75EE8692D718A6AA352D5734BBBAD7B ] Appinfo         C:\WINDOWS\System32\appinfo.dll
01:13:22.0866 0x1b10  Appinfo - ok
01:13:22.0944 0x1b10  [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
01:13:22.0944 0x1b10  Apple Mobile Device - ok
01:13:22.0976 0x1b10  [ 8176FBA685178FB0F52D46693474FA50, 69FE3692C7FE24289A479ADD74F2C782B59A099B7B07FE5ACFC4DA899E40BFDE ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
01:13:22.0976 0x1b10  AppMgmt - ok
01:13:23.0023 0x1b10  [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
01:13:23.0038 0x1b10  AppReadiness - ok
01:13:23.0085 0x1b10  [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
01:13:23.0132 0x1b10  AppXSvc - ok
01:13:23.0148 0x1b10  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
01:13:23.0163 0x1b10  arcsas - ok
01:13:23.0288 0x1b10  [ AA2E8C6B8D7EA7BAF04C988801927F48, 4B82043F1B9C67CDCDC71102F7AEE05EEA8F9775A5CB33AE80F4DCDB42521C40 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
01:13:23.0288 0x1b10  aspnet_state - ok
01:13:23.0304 0x1b10  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
01:13:23.0319 0x1b10  atapi - ok
01:13:23.0335 0x1b10  [ 886767FD022213F7885416134E9082E5, E248D82210FBEBF62C23EBEC74A976B2D1A4E62D3B7638D95B2574B77BA05DD0 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
01:13:23.0351 0x1b10  AudioEndpointBuilder - ok
01:13:23.0398 0x1b10  [ 79B134ECE836B406B212E28C24011538, 1B875DD23CCAD8A2759DCDBCDCF3DE14231B9DB5EEC8E84FE081E41A52A047A1 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
01:13:23.0429 0x1b10  Audiosrv - ok
01:13:23.0444 0x1b10  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
01:13:23.0444 0x1b10  AxInstSV - ok
01:13:23.0476 0x1b10  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
01:13:23.0491 0x1b10  b06bdrv - ok
01:13:23.0507 0x1b10  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
01:13:23.0507 0x1b10  BasicDisplay - ok
01:13:23.0507 0x1b10  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
01:13:23.0507 0x1b10  BasicRender - ok
01:13:23.0523 0x1b10  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
01:13:23.0523 0x1b10  bcmfn2 - ok
01:13:23.0554 0x1b10  [ 5BD3A2351BEFCAC8757626271F8EFA89, 6508673210129CF7EFCA93EC7874208FAD361E37814EB4FE9E0EC034E73D5F16 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
01:13:23.0569 0x1b10  BDESVC - ok
01:13:23.0585 0x1b10  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
01:13:23.0585 0x1b10  Beep - ok
01:13:23.0632 0x1b10  [ BBE15881FE11BE37112F8320C41DAFB9, 5CE92563628812FF6E00556D8E2DAD6ADCAAF0F4C3B90123F1D98ED6E3BB6DAD ] BFE             C:\WINDOWS\System32\bfe.dll
01:13:23.0648 0x1b10  BFE - ok
01:13:23.0710 0x1b10  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\WINDOWS\System32\qmgr.dll
01:13:23.0726 0x1b10  BITS - ok
01:13:23.0773 0x1b10  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
01:13:23.0773 0x1b10  Bonjour Service - ok
01:13:23.0773 0x1b10  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
01:13:23.0773 0x1b10  bowser - ok
01:13:23.0804 0x1b10  [ F2559A492AF8D653D1F47ADABA4C3E97, 77347915FB433023769699DFC9511F54E69C7FC7AB75F57FDC1A58E64A7126DE ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
01:13:23.0819 0x1b10  BrokerInfrastructure - ok
01:13:23.0851 0x1b10  [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser         C:\WINDOWS\System32\browser.dll
01:13:23.0851 0x1b10  Browser - ok
01:13:23.0851 0x1b10  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
01:13:23.0866 0x1b10  BthAvrcpTg - ok
01:13:23.0898 0x1b10  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
01:13:23.0898 0x1b10  BthHFEnum - ok
01:13:23.0913 0x1b10  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
01:13:23.0913 0x1b10  bthhfhid - ok
01:13:23.0913 0x1b10  [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
01:13:23.0929 0x1b10  BTHMODEM - ok
01:13:23.0944 0x1b10  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\WINDOWS\system32\bthserv.dll
01:13:23.0944 0x1b10  bthserv - ok
01:13:23.0960 0x1b10  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
01:13:23.0960 0x1b10  cdfs - ok
01:13:23.0960 0x1b10  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
01:13:23.0960 0x1b10  cdrom - ok
01:13:23.0991 0x1b10  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
01:13:23.0991 0x1b10  CertPropSvc - ok
01:13:24.0007 0x1b10  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
01:13:24.0007 0x1b10  circlass - ok
01:13:24.0007 0x1b10  [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
01:13:24.0023 0x1b10  CLFS - ok
01:13:24.0163 0x1b10  [ EDAD3D6932E4CB7D92F19FEE0238C29D, 8AE3F923CDBBF08ABB401B53D7E743DBD91C64E28AB7A17D7BAB1EF585A8FE4F ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
01:13:24.0242 0x1b10  ClickToRunSvc - ok
01:13:24.0242 0x1b10  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
01:13:24.0242 0x1b10  CmBatt - ok
01:13:24.0257 0x1b10  [ 1CD3A907D64D08F49208DA00B69BF35E, ABBD70FFCA0DE2274D855AFC08BF7BC0AA6D44EFC9FDBF7DF44B73CD5C210E28 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
01:13:24.0273 0x1b10  CNG - ok
01:13:24.0273 0x1b10  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
01:13:24.0273 0x1b10  CompositeBus - ok
01:13:24.0273 0x1b10  COMSysApp - ok
01:13:24.0288 0x1b10  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
01:13:24.0288 0x1b10  condrv - ok
01:13:24.0304 0x1b10  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
01:13:24.0304 0x1b10  CryptSvc - ok
01:13:24.0320 0x1b10  [ EE2F3C0D6ADBC975D6B621EC15ACF4E2, D158C0FACA6344BCD77616EC3D23212F9FD76D7D0C834ACA51998B80162106D5 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
01:13:24.0320 0x1b10  CSC - ok
01:13:24.0367 0x1b10  [ 936D9E2871CEEFF6A33695D98374367B, C30D42E870F196C4FA20AF95C7B9D9C9C5414D6DDE71268F88C3FC5BF372E61B ] CscService      C:\WINDOWS\System32\cscsvc.dll
01:13:24.0382 0x1b10  CscService - ok
01:13:24.0398 0x1b10  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
01:13:24.0398 0x1b10  dam - ok
01:13:24.0492 0x1b10  [ 914A7156B0C0F10BE645A02E13F576B2, C8686CE4DD9C457D56D5535307FD210AE057BFF94AC59665681DA6CF46DBE2E8 ] DAUpdaterSvc    C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
01:13:24.0492 0x1b10  DAUpdaterSvc - ok
01:13:24.0523 0x1b10  [ 7AF9DAC504FBD047CBC3E64AE52C92BF, CA8F9564733DED4C3895CF7150BB254995D66889E6BE08D6654E4F897E4FF7A4 ] dc3d            C:\WINDOWS\System32\drivers\dc3d.sys
01:13:24.0523 0x1b10  dc3d - ok
01:13:24.0570 0x1b10  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
01:13:24.0585 0x1b10  DcomLaunch - ok
01:13:24.0632 0x1b10  [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
01:13:24.0632 0x1b10  defragsvc - ok
01:13:24.0679 0x1b10  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll
01:13:24.0679 0x1b10  DeviceAssociationService - ok
01:13:24.0726 0x1b10  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
01:13:24.0726 0x1b10  DeviceInstall - ok
01:13:24.0726 0x1b10  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
01:13:24.0726 0x1b10  Dfsc - ok
01:13:24.0742 0x1b10  [ 8B107F55FD61654A6C9F1B819AEC5FC4, 773B1B9D3583F17B7C89BDE1EC4487ABB0AE039DF4583F8746460425443DA291 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
01:13:24.0757 0x1b10  Dhcp - ok
01:13:24.0757 0x1b10  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
01:13:24.0757 0x1b10  disk - ok
01:13:24.0773 0x1b10  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
01:13:24.0773 0x1b10  dmvsc - ok
01:13:24.0773 0x1b10  [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
01:13:24.0773 0x1b10  Dnscache - ok
01:13:24.0820 0x1b10  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
01:13:24.0820 0x1b10  dot3svc - ok
01:13:24.0851 0x1b10  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\WINDOWS\system32\dps.dll
01:13:24.0851 0x1b10  DPS - ok
01:13:24.0867 0x1b10  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
01:13:24.0867 0x1b10  drmkaud - ok
01:13:24.0882 0x1b10  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
01:13:24.0882 0x1b10  DsmSvc - ok
01:13:24.0929 0x1b10  [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
01:13:24.0960 0x1b10  DXGKrnl - ok
01:13:24.0992 0x1b10  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
01:13:25.0007 0x1b10  Eaphost - ok
01:13:25.0101 0x1b10  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
01:13:25.0210 0x1b10  ebdrv - ok
01:13:25.0257 0x1b10  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\WINDOWS\System32\lsass.exe
01:13:25.0257 0x1b10  EFS - ok
01:13:25.0273 0x1b10  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
01:13:25.0273 0x1b10  EhStorClass - ok
01:13:25.0289 0x1b10  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
01:13:25.0289 0x1b10  EhStorTcgDrv - ok
01:13:25.0289 0x1b10  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
01:13:25.0289 0x1b10  ErrDev - ok
01:13:25.0335 0x1b10  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\WINDOWS\system32\es.dll
01:13:25.0335 0x1b10  EventSystem - ok
01:13:25.0351 0x1b10  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
01:13:25.0367 0x1b10  exfat - ok
01:13:25.0367 0x1b10  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
01:13:25.0367 0x1b10  fastfat - ok
01:13:25.0398 0x1b10  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\WINDOWS\system32\fxssvc.exe
01:13:25.0414 0x1b10  Fax - ok
01:13:25.0429 0x1b10  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
01:13:25.0429 0x1b10  fdc - ok
01:13:25.0460 0x1b10  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
01:13:25.0460 0x1b10  fdPHost - ok
01:13:25.0492 0x1b10  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
01:13:25.0492 0x1b10  FDResPub - ok
01:13:25.0507 0x1b10  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
01:13:25.0507 0x1b10  fhsvc - ok
01:13:25.0523 0x1b10  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
01:13:25.0523 0x1b10  FileInfo - ok
01:13:25.0539 0x1b10  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
01:13:25.0539 0x1b10  Filetrace - ok
01:13:25.0554 0x1b10  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
01:13:25.0554 0x1b10  flpydisk - ok
01:13:25.0570 0x1b10  [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
01:13:25.0570 0x1b10  FltMgr - ok
01:13:25.0648 0x1b10  [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache       C:\WINDOWS\system32\FntCache.dll
01:13:25.0664 0x1b10  FontCache - ok
01:13:25.0726 0x1b10  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:13:25.0742 0x1b10  FontCache3.0.0.0 - ok
01:13:25.0757 0x1b10  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
01:13:25.0757 0x1b10  FsDepends - ok
01:13:25.0757 0x1b10  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
01:13:25.0757 0x1b10  Fs_Rec - ok
01:13:25.0789 0x1b10  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
01:13:25.0789 0x1b10  fvevol - ok
01:13:25.0804 0x1b10  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
01:13:25.0804 0x1b10  FxPPM - ok
01:13:25.0804 0x1b10  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
01:13:25.0820 0x1b10  gagp30kx - ok
01:13:25.0851 0x1b10  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
01:13:25.0851 0x1b10  GEARAspiWDM - ok
01:13:25.0867 0x1b10  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
01:13:25.0867 0x1b10  gencounter - ok
01:13:25.0898 0x1b10  [ 4EA5458FCA8518344686C543749365B1, 52D4D2392C80A4C57C74B09FE04E9DFF6CB01521F03132EB7523BE52B8BF7A50 ] gfiark          C:\WINDOWS\system32\drivers\gfiark.sys
01:13:25.0898 0x1b10  gfiark - ok
01:13:25.0914 0x1b10  [ 14908F4F9005C29DE8F5587E271390EE, 43DDFA99F52467F91019DB858989F111EBE48A2BED8D43EA2C15D1FD3C104489 ] gfibto          C:\WINDOWS\system32\drivers\gfibto.sys
01:13:25.0914 0x1b10  gfibto - ok
01:13:25.0929 0x1b10  [ 5B1EDAFD02AEA9345C24F0B6537CC8A0, D36D4F20756D19CF0A4C6CD0FDB678F7D79D1AC66D62F55845DFE7E7CB433A2B ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
01:13:25.0929 0x1b10  GPIOClx0101 - ok
01:13:25.0976 0x1b10  [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
01:13:26.0023 0x1b10  gpsvc - ok
01:13:26.0070 0x1b10  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:13:26.0085 0x1b10  gupdate - ok
01:13:26.0085 0x1b10  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:13:26.0085 0x1b10  gupdatem - ok
01:13:26.0101 0x1b10  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
01:13:26.0101 0x1b10  HdAudAddService - ok
01:13:26.0117 0x1b10  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
01:13:26.0117 0x1b10  HDAudBus - ok
01:13:26.0132 0x1b10  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
01:13:26.0132 0x1b10  HidBatt - ok
01:13:26.0132 0x1b10  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
01:13:26.0148 0x1b10  HidBth - ok
01:13:26.0148 0x1b10  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
01:13:26.0148 0x1b10  hidi2c - ok
01:13:26.0164 0x1b10  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
01:13:26.0164 0x1b10  HidIr - ok
01:13:26.0179 0x1b10  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\WINDOWS\system32\hidserv.dll
01:13:26.0179 0x1b10  hidserv - ok
01:13:26.0179 0x1b10  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
01:13:26.0179 0x1b10  HidUsb - ok
01:13:26.0211 0x1b10  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
01:13:26.0211 0x1b10  hkmsvc - ok
01:13:26.0257 0x1b10  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
01:13:26.0257 0x1b10  HomeGroupListener - ok
01:13:26.0289 0x1b10  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
01:13:26.0289 0x1b10  HomeGroupProvider - ok
01:13:26.0320 0x1b10  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
01:13:26.0320 0x1b10  HpSAMD - ok
01:13:26.0351 0x1b10  [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
01:13:26.0367 0x1b10  HTTP - ok
01:13:26.0367 0x1b10  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
01:13:26.0367 0x1b10  hwpolicy - ok
01:13:26.0398 0x1b10  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
01:13:26.0398 0x1b10  hyperkbd - ok
01:13:26.0414 0x1b10  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
01:13:26.0414 0x1b10  HyperVideo - ok
01:13:26.0429 0x1b10  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
01:13:26.0445 0x1b10  i8042prt - ok
01:13:26.0461 0x1b10  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
01:13:26.0461 0x1b10  iaLPSSi_GPIO - ok
01:13:26.0461 0x1b10  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
01:13:26.0461 0x1b10  iaLPSSi_I2C - ok
01:13:26.0507 0x1b10  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
01:13:26.0507 0x1b10  iaStorAV - ok
01:13:26.0523 0x1b10  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
01:13:26.0523 0x1b10  iaStorV - ok
01:13:26.0523 0x1b10  IEEtwCollectorService - ok
01:13:26.0570 0x1b10  [ CFE7F0267B0C3077042FF291949B5546, 7B8C432632D0210119BFF57D4994F2B8F75307A9D6867353AF93BBA3F561595B ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
01:13:26.0601 0x1b10  IKEEXT - ok
01:13:26.0617 0x1b10  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
01:13:26.0617 0x1b10  intelide - ok
01:13:26.0632 0x1b10  [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
01:13:26.0632 0x1b10  intelpep - ok
01:13:26.0632 0x1b10  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
01:13:26.0648 0x1b10  intelppm - ok
01:13:26.0664 0x1b10  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
01:13:26.0664 0x1b10  IpFilterDriver - ok
01:13:26.0711 0x1b10  [ 1670A274ED1A815311BA33CD27B0D0E8, 28378D3908DCFA2C0E8FCF83E5AFEF643C89BBB285FA0F1692FE576AEA2F4E45 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
01:13:26.0726 0x1b10  iphlpsvc - ok
01:13:26.0726 0x1b10  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
01:13:26.0726 0x1b10  IPMIDRV - ok
01:13:26.0726 0x1b10  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
01:13:26.0742 0x1b10  IPNAT - ok
01:13:26.0773 0x1b10  [ 635F7587F7576AA14871B850EB95BFB8, 75CB8F4D511964BB9104E93EF31D2DDF1227DACE1EDB9DE25AE9719835B6C34B ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
01:13:26.0804 0x1b10  iPod Service - ok
01:13:26.0804 0x1b10  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
01:13:26.0804 0x1b10  IRENUM - ok
01:13:26.0820 0x1b10  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
01:13:26.0820 0x1b10  isapnp - ok
01:13:26.0851 0x1b10  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
01:13:26.0851 0x1b10  iScsiPrt - ok
01:13:26.0851 0x1b10  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
01:13:26.0851 0x1b10  kbdclass - ok
01:13:26.0851 0x1b10  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
01:13:26.0851 0x1b10  kbdhid - ok
01:13:26.0867 0x1b10  [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr        C:\WINDOWS\system32\drivers\kbldfltr.sys
01:13:26.0867 0x1b10  kbldfltr - ok
01:13:26.0867 0x1b10  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
01:13:26.0867 0x1b10  kdnic - ok
01:13:26.0882 0x1b10  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\WINDOWS\system32\lsass.exe
01:13:26.0882 0x1b10  KeyIso - ok
01:13:26.0898 0x1b10  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
01:13:26.0898 0x1b10  KSecDD - ok
01:13:26.0914 0x1b10  [ F88CC88F4A6D8476F1664E805CA18CC2, 2C61EE5EEA4FD45AA3FA927CC16E34EF90BD44324EAB14198AF65C3A27617991 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
01:13:26.0914 0x1b10  KSecPkg - ok
01:13:26.0914 0x1b10  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
01:13:26.0914 0x1b10  ksthunk - ok
01:13:26.0945 0x1b10  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
01:13:26.0945 0x1b10  KtmRm - ok
01:13:26.0976 0x1b10  [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
01:13:26.0992 0x1b10  LanmanServer - ok
01:13:27.0023 0x1b10  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
01:13:27.0023 0x1b10  LanmanWorkstation - ok
01:13:27.0070 0x1b10  [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
01:13:27.0070 0x1b10  lfsvc - ok
01:13:27.0070 0x1b10  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
01:13:27.0070 0x1b10  lltdio - ok
01:13:27.0086 0x1b10  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
01:13:27.0101 0x1b10  lltdsvc - ok
01:13:27.0117 0x1b10  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
01:13:27.0117 0x1b10  lmhosts - ok
01:13:27.0133 0x1b10  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
01:13:27.0133 0x1b10  LSI_SAS - ok
01:13:27.0133 0x1b10  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
01:13:27.0148 0x1b10  LSI_SAS2 - ok
01:13:27.0148 0x1b10  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
01:13:27.0148 0x1b10  LSI_SAS3 - ok
01:13:27.0164 0x1b10  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
01:13:27.0164 0x1b10  LSI_SSS - ok
01:13:27.0195 0x1b10  [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM             C:\WINDOWS\System32\lsm.dll
01:13:27.0195 0x1b10  LSM - ok
01:13:27.0211 0x1b10  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
01:13:27.0211 0x1b10  luafv - ok
01:13:27.0242 0x1b10  [ F92B0E478C0FAA6D6661E6E977247E60, 8B26B57C2C60C98CD6273ACA126B2CD0356ADB13A59FEC12882357A6B973123C ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
01:13:27.0242 0x1b10  MBAMProtector - ok
01:13:27.0320 0x1b10  [ D84AEA3F3329D622DFC1297DDDF6163B, 316FE56CC30ED1473A917253F46B79EAA12F4ABD5B4B1ADB03929DFEE940F577 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
01:13:27.0351 0x1b10  MBAMScheduler - ok
01:13:27.0367 0x1b10  [ 4F45ED469906494F9BF754E476390DBD, D8FF6AFD73D8C191F5732DF9737E6F83B2B52B06A3A6CD4CC6EAC9464CBB2772 ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
01:13:27.0383 0x1b10  MBAMService - ok
01:13:27.0429 0x1b10  [ 8A50D5304E6AE48664CF5838EC32F647, C76943FABEE1B5E1B641AA610668CCD4227E2C4B191DD30B79D3AB31A9E8B5BE ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
01:13:27.0429 0x1b10  MBAMSwissArmy - ok
01:13:27.0429 0x1b10  [ 0664F6335F108F38FE08C3CA747311EE, 04C5F31C57573DC4ABFC609D3F7C589835CE5C528AF5EE07FB25E35F72DF98A4 ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
01:13:27.0445 0x1b10  MBAMWebAccessControl - ok
01:13:27.0461 0x1b10  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
01:13:27.0461 0x1b10  megasas - ok
01:13:27.0492 0x1b10  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
01:13:27.0508 0x1b10  megasr - ok
01:13:27.0539 0x1b10  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
01:13:27.0539 0x1b10  MEIx64 - ok
01:13:27.0601 0x1b10  Microsoft SharePoint Workspace Audit Service - ok
01:13:27.0633 0x1b10  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\WINDOWS\system32\mmcss.dll
01:13:27.0633 0x1b10  MMCSS - ok
01:13:27.0648 0x1b10  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
01:13:27.0648 0x1b10  Modem - ok
01:13:27.0648 0x1b10  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
01:13:27.0664 0x1b10  monitor - ok
01:13:27.0664 0x1b10  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
01:13:27.0664 0x1b10  mouclass - ok
01:13:27.0664 0x1b10  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
01:13:27.0664 0x1b10  mouhid - ok
01:13:27.0679 0x1b10  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
01:13:27.0695 0x1b10  mountmgr - ok
01:13:27.0742 0x1b10  [ 4E9D8041D352A33332FD6F59A3A78B03, D4E6229B07EF9866993EEE4F6223DC7F1FF1108273FE14A3DC74E65C181DE56A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
01:13:27.0758 0x1b10  MozillaMaintenance - ok
01:13:27.0758 0x1b10  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
01:13:27.0773 0x1b10  mpsdrv - ok
01:13:27.0804 0x1b10  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
01:13:27.0820 0x1b10  MpsSvc - ok
01:13:27.0836 0x1b10  [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
01:13:27.0851 0x1b10  MRxDAV - ok
01:13:27.0867 0x1b10  [ 0696F66E4D423793951A60562F794D14, E808E4E160C019F2F10762758F48C4565037974775CD267DF06B8B4A2CE26705 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
01:13:27.0883 0x1b10  mrxsmb - ok
01:13:27.0898 0x1b10  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
01:13:27.0898 0x1b10  mrxsmb10 - ok
01:13:27.0898 0x1b10  [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
01:13:27.0914 0x1b10  mrxsmb20 - ok
01:13:27.0929 0x1b10  [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
01:13:27.0929 0x1b10  MsBridge - ok
01:13:27.0961 0x1b10  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
01:13:27.0976 0x1b10  MSDTC - ok
01:13:27.0976 0x1b10  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
01:13:27.0976 0x1b10  Msfs - ok
01:13:27.0992 0x1b10  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
01:13:27.0992 0x1b10  msgpiowin32 - ok
01:13:28.0008 0x1b10  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
01:13:28.0008 0x1b10  mshidkmdf - ok
01:13:28.0023 0x1b10  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
01:13:28.0023 0x1b10  mshidumdf - ok
01:13:28.0023 0x1b10  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
01:13:28.0023 0x1b10  msisadrv - ok
01:13:28.0054 0x1b10  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
01:13:28.0054 0x1b10  MSiSCSI - ok
01:13:28.0054 0x1b10  msiserver - ok
01:13:28.0070 0x1b10  [ D22AE5313F6B7EFDDD8C117B5501F4A3, 1937EEE33BF9C4485F172B10FB17AEF3F3B8978371307F49C3338D74D96A8389 ] MsKeyboardFilter C:\WINDOWS\System32\KeyboardFilterSvc.dll
01:13:28.0070 0x1b10  MsKeyboardFilter - ok
01:13:28.0101 0x1b10  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
01:13:28.0101 0x1b10  MSKSSRV - ok
01:13:28.0101 0x1b10  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
01:13:28.0101 0x1b10  MsLldp - ok
01:13:28.0117 0x1b10  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
01:13:28.0117 0x1b10  MSPCLOCK - ok
01:13:28.0133 0x1b10  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
01:13:28.0133 0x1b10  MSPQM - ok
01:13:28.0133 0x1b10  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
01:13:28.0148 0x1b10  MsRPC - ok
01:13:28.0148 0x1b10  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
01:13:28.0148 0x1b10  mssmbios - ok
01:13:28.0164 0x1b10  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
01:13:28.0164 0x1b10  MSTEE - ok
01:13:28.0180 0x1b10  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
01:13:28.0180 0x1b10  MTConfig - ok
01:13:28.0180 0x1b10  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
01:13:28.0180 0x1b10  Mup - ok
01:13:28.0195 0x1b10  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
01:13:28.0195 0x1b10  mvumis - ok
01:13:28.0226 0x1b10  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\WINDOWS\system32\qagentRT.dll
01:13:28.0226 0x1b10  napagent - ok
01:13:28.0242 0x1b10  [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
01:13:28.0258 0x1b10  NativeWifiP - ok
01:13:28.0289 0x1b10  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
01:13:28.0289 0x1b10  NcaSvc - ok
01:13:28.0305 0x1b10  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
01:13:28.0305 0x1b10  NcbService - ok
01:13:28.0305 0x1b10  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
01:13:28.0305 0x1b10  NcdAutoSetup - ok
01:13:28.0336 0x1b10  [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
01:13:28.0367 0x1b10  NDIS - ok
01:13:28.0383 0x1b10  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
01:13:28.0383 0x1b10  NdisCap - ok
01:13:28.0383 0x1b10  [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
01:13:28.0398 0x1b10  NdisImPlatform - ok
01:13:28.0398 0x1b10  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
01:13:28.0398 0x1b10  NdisTapi - ok
01:13:28.0414 0x1b10  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
01:13:28.0414 0x1b10  Ndisuio - ok
01:13:28.0414 0x1b10  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
01:13:28.0414 0x1b10  NdisVirtualBus - ok
01:13:28.0430 0x1b10  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
01:13:28.0430 0x1b10  NdisWan - ok
01:13:28.0445 0x1b10  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
01:13:28.0445 0x1b10  NdisWanLegacy - ok
01:13:28.0445 0x1b10  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
01:13:28.0445 0x1b10  NDProxy - ok
01:13:28.0476 0x1b10  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
01:13:28.0476 0x1b10  Ndu - ok
01:13:28.0476 0x1b10  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
01:13:28.0476 0x1b10  NetBIOS - ok
01:13:28.0492 0x1b10  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
01:13:28.0492 0x1b10  NetBT - ok
01:13:28.0508 0x1b10  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\WINDOWS\system32\lsass.exe
01:13:28.0508 0x1b10  Netlogon - ok
01:13:28.0523 0x1b10  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\WINDOWS\System32\netman.dll
01:13:28.0539 0x1b10  Netman - ok
01:13:28.0586 0x1b10  [ 500059CAF5B8A6C47D2E46B7BC2B27AE, EA6787B7CC119B32C3E16AE336D776C4EC5DD347E62983ADD754BD038BFC23E3 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
01:13:28.0586 0x1b10  NetMsmqActivator - ok
01:13:28.0601 0x1b10  [ 500059CAF5B8A6C47D2E46B7BC2B27AE, EA6787B7CC119B32C3E16AE336D776C4EC5DD347E62983ADD754BD038BFC23E3 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
01:13:28.0601 0x1b10  NetPipeActivator - ok
01:13:28.0648 0x1b10  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
01:13:28.0664 0x1b10  netprofm - ok
01:13:28.0726 0x1b10  [ E32D07CDCEB656AD11E15F121393C6CA, 5241FA2552B2CB875AD114E2EAAEA5ADD5C0385688AE42B09A943BEC89F0AC8A ] netr28x         C:\WINDOWS\system32\DRIVERS\netr28x.sys
01:13:28.0773 0x1b10  netr28x - ok
01:13:28.0805 0x1b10  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:13:28.0805 0x1b10  NetTcpActivator - ok
01:13:28.0805 0x1b10  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:13:28.0805 0x1b10  NetTcpPortSharing - ok
01:13:28.0820 0x1b10  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys
01:13:28.0820 0x1b10  netvsc - ok
01:13:28.0851 0x1b10  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
01:13:28.0851 0x1b10  NlaSvc - ok
01:13:28.0883 0x1b10  [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] npf             C:\WINDOWS\system32\drivers\npf.sys
01:13:28.0883 0x1b10  npf - ok
01:13:28.0883 0x1b10  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
01:13:28.0883 0x1b10  Npfs - ok
01:13:28.0883 0x1b10  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
01:13:28.0883 0x1b10  npsvctrig - ok
01:13:28.0914 0x1b10  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\WINDOWS\system32\nsisvc.dll
01:13:28.0914 0x1b10  nsi - ok
01:13:28.0914 0x1b10  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
01:13:28.0914 0x1b10  nsiproxy - ok
01:13:28.0961 0x1b10  [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
01:13:29.0008 0x1b10  Ntfs - ok
01:13:29.0023 0x1b10  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
01:13:29.0023 0x1b10  Null - ok
01:13:29.0039 0x1b10  [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
01:13:29.0039 0x1b10  NVHDA - ok
01:13:29.0289 0x1b10  [ 2232AE1BB51A96A7381A2CA17DF12E24, 4813E27BC14EB3CBD55AF89B098EA5C8DA4C7FF0B6CCB7AACFC43BC0E578C988 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
01:13:29.0508 0x1b10  nvlddmkm - ok
01:13:29.0539 0x1b10  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
01:13:29.0539 0x1b10  nvraid - ok
01:13:29.0555 0x1b10  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
01:13:29.0555 0x1b10  nvstor - ok
01:13:29.0586 0x1b10  [ 2C8DD5A34A81715865D66D7AF39362A6, 62F9D873127921EE2EAA80B73E8994C4BF6DA7EEDACAEA030B8D58E086FD3850 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
01:13:29.0601 0x1b10  nvsvc - ok
01:13:29.0680 0x1b10  [ 4789E020D2617046862D1790FC235FF6, FCFD56DF2CADA830E7B2D4B91D5A9D2FE783B1396CBA124000765168FA5B6574 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
01:13:29.0695 0x1b10  nvUpdatusService - ok
01:13:29.0711 0x1b10  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
01:13:29.0711 0x1b10  nv_agp - ok
01:13:29.0773 0x1b10  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:13:29.0789 0x1b10  ose - ok
01:13:29.0930 0x1b10  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
01:13:30.0039 0x1b10  osppsvc - ok
01:13:30.0070 0x1b10  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
01:13:30.0086 0x1b10  p2pimsvc - ok
01:13:30.0117 0x1b10  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
01:13:30.0117 0x1b10  p2psvc - ok
01:13:30.0133 0x1b10  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
01:13:30.0149 0x1b10  Parport - ok
01:13:30.0149 0x1b10  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
01:13:30.0149 0x1b10  partmgr - ok
01:13:30.0180 0x1b10  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
01:13:30.0180 0x1b10  PcaSvc - ok
01:13:30.0195 0x1b10  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
01:13:30.0195 0x1b10  pci - ok
01:13:30.0211 0x1b10  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
01:13:30.0211 0x1b10  pciide - ok
01:13:30.0227 0x1b10  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
01:13:30.0227 0x1b10  pcmcia - ok
01:13:30.0227 0x1b10  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
01:13:30.0227 0x1b10  pcw - ok
01:13:30.0227 0x1b10  [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
01:13:30.0227 0x1b10  pdc - ok
01:13:30.0274 0x1b10  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
01:13:30.0289 0x1b10  PEAUTH - ok
01:13:30.0320 0x1b10  [ 084DE525DFE82AE7453DD527390FA110, 8216AE63AE740D97204CDED6543B66FC1FB55DB86D42FBA0EC629361C40F9EC0 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
01:13:30.0367 0x1b10  PeerDistSvc - ok
01:13:30.0430 0x1b10  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
01:13:30.0430 0x1b10  PerfHost - ok
01:13:30.0508 0x1b10  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\WINDOWS\system32\pla.dll
01:13:30.0524 0x1b10  pla - ok
01:13:30.0555 0x1b10  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
01:13:30.0555 0x1b10  PlugPlay - ok
01:13:30.0586 0x1b10  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
01:13:30.0586 0x1b10  PNRPAutoReg - ok
01:13:30.0586 0x1b10  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
01:13:30.0602 0x1b10  PNRPsvc - ok
01:13:30.0633 0x1b10  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
01:13:30.0633 0x1b10  PolicyAgent - ok
01:13:30.0649 0x1b10  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\WINDOWS\system32\umpo.dll
01:13:30.0649 0x1b10  Power - ok
01:13:30.0774 0x1b10  [ C0B3AD50136FE57C2548BD75CAC49DA2, B5661CE7631C5D1B1C50F36EE66AF6DF2E9E69DA1D9BA7C852E74D206F72D8DB ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
01:13:30.0836 0x1b10  PrintNotify - ok
01:13:30.0852 0x1b10  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
01:13:30.0852 0x1b10  Processor - ok
01:13:30.0867 0x1b10  [ EF1F8B57323E5D3FC6A0A25F98F90DBC, F50E81151604DCD59BB647FD6767C1631AE48B5FCA6D3423C4E32535C94D6369 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
01:13:30.0867 0x1b10  ProfSvc - ok
01:13:30.0883 0x1b10  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
01:13:30.0883 0x1b10  Psched - ok
01:13:30.0899 0x1b10  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\WINDOWS\system32\qwave.dll
01:13:30.0914 0x1b10  QWAVE - ok
01:13:30.0930 0x1b10  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
01:13:30.0930 0x1b10  QWAVEdrv - ok
01:13:30.0945 0x1b10  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
01:13:30.0945 0x1b10  RasAcd - ok
01:13:30.0961 0x1b10  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
01:13:30.0961 0x1b10  RasAuto - ok
01:13:30.0992 0x1b10  [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan          C:\WINDOWS\System32\rasmans.dll
01:13:31.0008 0x1b10  RasMan - ok
01:13:31.0024 0x1b10  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
01:13:31.0039 0x1b10  RasPppoe - ok
01:13:31.0055 0x1b10  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
01:13:31.0070 0x1b10  rdbss - ok
01:13:31.0086 0x1b10  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
01:13:31.0086 0x1b10  rdpbus - ok
01:13:31.0102 0x1b10  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
01:13:31.0117 0x1b10  RDPDR - ok
01:13:31.0133 0x1b10  [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
01:13:31.0149 0x1b10  RdpVideoMiniport - ok
01:13:31.0149 0x1b10  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
01:13:31.0164 0x1b10  rdyboost - ok
01:13:31.0196 0x1b10  [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
01:13:31.0227 0x1b10  ReFS - ok
01:13:31.0258 0x1b10  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
01:13:31.0258 0x1b10  RemoteAccess - ok
01:13:31.0289 0x1b10  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
01:13:31.0305 0x1b10  RemoteRegistry - ok
01:13:31.0336 0x1b10  [ 9C3AC71A9934B884FAC567A8807E9C4D, 0B6B2970098E3C21E1E54A25785544903E8CD415B527FCEF86ABC7B33BEC83E7 ] Revoflt         C:\WINDOWS\system32\DRIVERS\revoflt.sys
01:13:31.0336 0x1b10  Revoflt - ok
01:13:31.0336 0x1b10  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
01:13:31.0336 0x1b10  RpcEptMapper - ok
01:13:31.0367 0x1b10  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\WINDOWS\system32\locator.exe
01:13:31.0367 0x1b10  RpcLocator - ok
01:13:31.0414 0x1b10  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
01:13:31.0430 0x1b10  RpcSs - ok
01:13:31.0430 0x1b10  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
01:13:31.0430 0x1b10  rspndr - ok
01:13:31.0461 0x1b10  [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
01:13:31.0461 0x1b10  RTL8168 - ok
01:13:31.0477 0x1b10  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
01:13:31.0508 0x1b10  s3cap - ok
01:13:31.0539 0x1b10  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\WINDOWS\system32\lsass.exe
01:13:31.0539 0x1b10  SamSs - ok
01:13:31.0696 0x1b10  [ 99FC1599F89A80216E41175B8CA44D89, 20306278CF081E58002D6ADCC07CA65D7651C8D059392337562612EDFAC5BEB5 ] SBAMSvc         C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
01:13:31.0774 0x1b10  SBAMSvc - ok
01:13:31.0805 0x1b10  [ 8F19D62B04081C0BFF1E8D6F26220A28, 40A6D50C5EBCF62A114168A9A93C9B39A00BD6C8359F365B7B697CBB24C33D36 ] sbapifs         C:\WINDOWS\system32\DRIVERS\sbapifs.sys
01:13:31.0805 0x1b10  sbapifs - ok
01:13:31.0805 0x1b10  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
01:13:31.0805 0x1b10  sbp2port - ok
01:13:31.0836 0x1b10  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
01:13:31.0836 0x1b10  SCardSvr - ok
01:13:31.0836 0x1b10  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
01:13:31.0836 0x1b10  ScDeviceEnum - ok
01:13:31.0867 0x1b10  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
01:13:31.0867 0x1b10  scfilter - ok
01:13:31.0899 0x1b10  [ A95838FFFAEAA7500263D491575F7E0C, FEB79ECAE6D9AB0C29D9AFE12F60502A8357B3A382C0FACF4C6DA4852B6ECFA4 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
01:13:31.0946 0x1b10  Schedule - ok
01:13:31.0977 0x1b10  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
01:13:31.0977 0x1b10  SCPolicySvc - ok
01:13:31.0992 0x1b10  [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
01:13:31.0992 0x1b10  sdbus - ok
01:13:32.0008 0x1b10  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
01:13:32.0008 0x1b10  sdstor - ok
01:13:32.0008 0x1b10  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
01:13:32.0008 0x1b10  secdrv - ok
01:13:32.0024 0x1b10  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\WINDOWS\system32\seclogon.dll
01:13:32.0024 0x1b10  seclogon - ok
01:13:32.0039 0x1b10  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\WINDOWS\System32\sens.dll
01:13:32.0039 0x1b10  SENS - ok
01:13:32.0055 0x1b10  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
01:13:32.0055 0x1b10  SensrSvc - ok
01:13:32.0055 0x1b10  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
01:13:32.0071 0x1b10  SerCx - ok
01:13:32.0086 0x1b10  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
01:13:32.0086 0x1b10  SerCx2 - ok
01:13:32.0086 0x1b10  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
01:13:32.0086 0x1b10  Serenum - ok
01:13:32.0086 0x1b10  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
01:13:32.0086 0x1b10  Serial - ok
01:13:32.0117 0x1b10  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
01:13:32.0117 0x1b10  sermouse - ok
01:13:32.0117 0x1b10  [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
01:13:32.0133 0x1b10  SessionEnv - ok
01:13:32.0133 0x1b10  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
01:13:32.0133 0x1b10  sfloppy - ok
01:13:32.0180 0x1b10  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
01:13:32.0180 0x1b10  SharedAccess - ok
01:13:32.0211 0x1b10  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
01:13:32.0242 0x1b10  ShellHWDetection - ok
01:13:32.0258 0x1b10  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
01:13:32.0258 0x1b10  SiSRaid2 - ok
01:13:32.0258 0x1b10  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
01:13:32.0274 0x1b10  SiSRaid4 - ok
01:13:32.0321 0x1b10  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
01:13:32.0321 0x1b10  SkypeUpdate - ok
01:13:32.0336 0x1b10  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\WINDOWS\System32\smphost.dll
01:13:32.0336 0x1b10  smphost - ok
01:13:32.0367 0x1b10  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
01:13:32.0383 0x1b10  SNMPTRAP - ok
01:13:32.0399 0x1b10  [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
01:13:32.0399 0x1b10  spaceport - ok
01:13:32.0446 0x1b10  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
01:13:32.0446 0x1b10  SpbCx - ok
01:13:32.0461 0x1b10  [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler         C:\WINDOWS\System32\spoolsv.exe
01:13:32.0477 0x1b10  Spooler - ok
01:13:32.0617 0x1b10  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
01:13:32.0727 0x1b10  sppsvc - ok
01:13:32.0727 0x1b10  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
01:13:32.0742 0x1b10  srv - ok
01:13:32.0789 0x1b10  [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
01:13:32.0821 0x1b10  srv2 - ok
01:13:32.0821 0x1b10  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
01:13:32.0821 0x1b10  srvnet - ok
01:13:32.0836 0x1b10  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
01:13:32.0836 0x1b10  SSDPSRV - ok
01:13:32.0852 0x1b10  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
01:13:32.0852 0x1b10  SstpSvc - ok
01:13:32.0899 0x1b10  [ AFE32AFD30464FC59CB8E88DC72F66FA, 24644F8AA47E61B98EF867BE18A9BE383822D64F3AADF2ED35E42FBFBA7B340F ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
01:13:32.0899 0x1b10  Steam Client Service - ok
01:13:32.0977 0x1b10  [ 5A19667A580B1CE886EAF968B9743F45, 0A9EBE4057A0A6EF4732623794C2416A6BD8B87356DA46652BD92762505F57C7 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
01:13:32.0977 0x1b10  Stereo Service - ok
01:13:32.0992 0x1b10  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
01:13:33.0008 0x1b10  stexstor - ok
01:13:33.0039 0x1b10  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
01:13:33.0055 0x1b10  stisvc - ok
01:13:33.0071 0x1b10  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
01:13:33.0071 0x1b10  storahci - ok
01:13:33.0102 0x1b10  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
01:13:33.0102 0x1b10  storflt - ok
01:13:33.0117 0x1b10  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
01:13:33.0117 0x1b10  stornvme - ok
01:13:33.0133 0x1b10  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
01:13:33.0133 0x1b10  StorSvc - ok
01:13:33.0149 0x1b10  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
01:13:33.0149 0x1b10  storvsc - ok
01:13:33.0164 0x1b10  [ 03618F935379614837F915D04C45FC0E, 9CC0CBA7AFC58E7F921C13FA3F5269714F1F827535A311E11EA48689C4D539DE ] storvsp         C:\WINDOWS\System32\drivers\storvsp.sys
01:13:33.0164 0x1b10  storvsp - ok
01:13:33.0164 0x1b10  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\WINDOWS\system32\svsvc.dll
01:13:33.0164 0x1b10  svsvc - ok
01:13:33.0180 0x1b10  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
01:13:33.0180 0x1b10  swenum - ok
01:13:33.0258 0x1b10  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
01:13:33.0274 0x1b10  SwitchBoard - ok
01:13:33.0321 0x1b10  [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv           C:\WINDOWS\System32\swprv.dll
01:13:33.0336 0x1b10  swprv - ok
01:13:33.0367 0x1b10  [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain         C:\WINDOWS\system32\sysmain.dll
01:13:33.0399 0x1b10  SysMain - ok
01:13:33.0399 0x1b10  [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
01:13:33.0414 0x1b10  SystemEventsBroker - ok
01:13:33.0446 0x1b10  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
01:13:33.0446 0x1b10  TabletInputService - ok
01:13:33.0477 0x1b10  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
01:13:33.0492 0x1b10  TapiSrv - ok
01:13:33.0555 0x1b10  [ FEBAA7D782E30882FFF1CBCBBE8AD467, B54333F52CF901CADB3B71334BFAFA63C508A0F7EA7E700C5578FC20D780403E ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
01:13:33.0602 0x1b10  Tcpip - ok
01:13:33.0649 0x1b10  [ FEBAA7D782E30882FFF1CBCBBE8AD467, B54333F52CF901CADB3B71334BFAFA63C508A0F7EA7E700C5578FC20D780403E ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
01:13:33.0680 0x1b10  TCPIP6 - ok
01:13:33.0696 0x1b10  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
01:13:33.0696 0x1b10  tcpipreg - ok
01:13:33.0696 0x1b10  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
01:13:33.0696 0x1b10  tdx - ok
01:13:33.0711 0x1b10  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
01:13:33.0711 0x1b10  terminpt - ok
01:13:33.0742 0x1b10  [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService     C:\WINDOWS\System32\termsrv.dll
01:13:33.0774 0x1b10  TermService - ok
01:13:33.0805 0x1b10  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\WINDOWS\system32\themeservice.dll
01:13:33.0805 0x1b10  Themes - ok
01:13:33.0836 0x1b10  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
01:13:33.0836 0x1b10  THREADORDER - ok
01:13:33.0867 0x1b10  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
01:13:33.0867 0x1b10  TimeBroker - ok
01:13:33.0899 0x1b10  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
01:13:33.0899 0x1b10  TPM - ok
01:13:33.0930 0x1b10  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
01:13:33.0930 0x1b10  TrkWks - ok
01:13:33.0977 0x1b10  [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
01:13:33.0992 0x1b10  TrustedInstaller - ok
01:13:34.0008 0x1b10  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
01:13:34.0008 0x1b10  TsUsbFlt - ok
01:13:34.0024 0x1b10  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
01:13:34.0024 0x1b10  TsUsbGD - ok
01:13:34.0039 0x1b10  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
01:13:34.0039 0x1b10  tunnel - ok
01:13:34.0055 0x1b10  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
01:13:34.0055 0x1b10  uagp35 - ok
01:13:34.0055 0x1b10  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
01:13:34.0071 0x1b10  UASPStor - ok
01:13:34.0071 0x1b10  [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
01:13:34.0086 0x1b10  UCX01000 - ok
01:13:34.0086 0x1b10  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
01:13:34.0102 0x1b10  udfs - ok
01:13:34.0102 0x1b10  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
01:13:34.0102 0x1b10  UEFI - ok
01:13:34.0149 0x1b10  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
01:13:34.0149 0x1b10  UI0Detect - ok
01:13:34.0165 0x1b10  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
01:13:34.0165 0x1b10  uliagpkx - ok
01:13:34.0180 0x1b10  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
01:13:34.0180 0x1b10  umbus - ok
01:13:34.0196 0x1b10  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
01:13:34.0196 0x1b10  UmPass - ok
01:13:34.0227 0x1b10  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
01:13:34.0227 0x1b10  UmRdpService - ok
01:13:34.0274 0x1b10  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\WINDOWS\System32\upnphost.dll
01:13:34.0290 0x1b10  upnphost - ok
01:13:34.0290 0x1b10  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
01:13:34.0290 0x1b10  usbccgp - ok
01:13:34.0336 0x1b10  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
01:13:34.0352 0x1b10  usbcir - ok
01:13:34.0368 0x1b10  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
01:13:34.0368 0x1b10  usbehci - ok
01:13:34.0383 0x1b10  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
01:13:34.0399 0x1b10  usbhub - ok
01:13:34.0399 0x1b10  [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
01:13:34.0415 0x1b10  USBHUB3 - ok
01:13:34.0415 0x1b10  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
01:13:34.0415 0x1b10  usbohci - ok
01:13:34.0430 0x1b10  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
01:13:34.0430 0x1b10  usbprint - ok
01:13:34.0446 0x1b10  [ EA23453240137F6773174E0D93F61A69, 579AD09FB428C2BB8B4055128620A7AADD1B606C1EA44B87A01D69A84232A5D9 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
01:13:34.0446 0x1b10  USBSTOR - ok
01:13:34.0461 0x1b10  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
01:13:34.0461 0x1b10  usbuhci - ok
01:13:34.0461 0x1b10  [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
01:13:34.0461 0x1b10  USBXHCI - ok
01:13:34.0477 0x1b10  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
01:13:34.0477 0x1b10  VaultSvc - ok
01:13:34.0477 0x1b10  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
01:13:34.0493 0x1b10  vdrvroot - ok
01:13:34.0524 0x1b10  [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds             C:\WINDOWS\System32\vds.exe
01:13:34.0540 0x1b10  vds - ok
01:13:34.0571 0x1b10  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
01:13:34.0571 0x1b10  VerifierExt - ok
01:13:34.0586 0x1b10  [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
01:13:34.0602 0x1b10  vhdmp - ok
01:13:34.0618 0x1b10  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
01:13:34.0618 0x1b10  viaide - ok
01:13:34.0633 0x1b10  [ 3CE922E34DB12D9F3C0EA856BC09687C, E50A1885FBC775E49614989ECFEA4ACBBDDA16AF459CC5361EED9E23CC7CD42C ] Vid             C:\WINDOWS\System32\drivers\Vid.sys
01:13:34.0633 0x1b10  Vid - ok
01:13:34.0649 0x1b10  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
01:13:34.0649 0x1b10  vmbus - ok
01:13:34.0665 0x1b10  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
01:13:34.0665 0x1b10  VMBusHID - ok
01:13:34.0665 0x1b10  [ 68F8C26DEA2D42E8DEC0778943433C80, 81E8F9D62815F94952CEEABD0689473CC330F7890F66872DCD35A43C06ED33CD ] vmbusr          C:\WINDOWS\System32\drivers\vmbusr.sys
01:13:34.0665 0x1b10  vmbusr - ok
01:13:34.0711 0x1b10  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
01:13:34.0711 0x1b10  vmicguestinterface - ok
01:13:34.0727 0x1b10  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
01:13:34.0727 0x1b10  vmicheartbeat - ok
01:13:34.0743 0x1b10  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
01:13:34.0743 0x1b10  vmickvpexchange - ok
01:13:34.0758 0x1b10  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
01:13:34.0758 0x1b10  vmicrdv - ok
01:13:34.0774 0x1b10  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
01:13:34.0774 0x1b10  vmicshutdown - ok
01:13:34.0790 0x1b10  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
01:13:34.0790 0x1b10  vmictimesync - ok
01:13:34.0805 0x1b10  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
01:13:34.0805 0x1b10  vmicvss - ok
01:13:34.0805 0x1b10  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
01:13:34.0805 0x1b10  volmgr - ok
01:13:34.0821 0x1b10  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
01:13:34.0821 0x1b10  volmgrx - ok
01:13:34.0821 0x1b10  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
01:13:34.0836 0x1b10  volsnap - ok
01:13:34.0852 0x1b10  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
01:13:34.0852 0x1b10  vpci - ok
01:13:34.0852 0x1b10  [ ADBE96C33D1A5BB1BBAF90B4BC84F523, 6E9C9ED3D51E4B6E494D42ECA6F824AD86D676C12C39BBE6B8BD96366BCB02DA ] vpcivsp         C:\WINDOWS\System32\drivers\vpcivsp.sys
01:13:34.0852 0x1b10  vpcivsp - ok
01:13:34.0868 0x1b10  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
01:13:34.0868 0x1b10  vsmraid - ok
01:13:34.0915 0x1b10  [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS             C:\WINDOWS\system32\vssvc.exe
01:13:34.0946 0x1b10  VSS - ok
01:13:34.0961 0x1b10  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
01:13:34.0977 0x1b10  VSTXRAID - ok
01:13:34.0993 0x1b10  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
01:13:34.0993 0x1b10  vwifibus - ok
01:13:34.0993 0x1b10  [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
01:13:34.0993 0x1b10  vwififlt - ok
01:13:35.0008 0x1b10  [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
01:13:35.0008 0x1b10  vwifimp - ok
01:13:35.0040 0x1b10  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\WINDOWS\system32\w32time.dll
01:13:35.0055 0x1b10  W32Time - ok
01:13:35.0102 0x1b10  [ 8E553C859C83784DEC08B10AFC3EAC92, 41D8DBA1500DBD3AC9783169ACF545805EF05069F12866238992A30794369254 ] w3logsvc        C:\WINDOWS\system32\inetsrv\w3logsvc.dll
01:13:35.0102 0x1b10  w3logsvc - ok
01:13:35.0149 0x1b10  [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] W3SVC           C:\WINDOWS\system32\inetsrv\iisw3adm.dll
01:13:35.0165 0x1b10  W3SVC - ok
01:13:35.0180 0x1b10  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
01:13:35.0180 0x1b10  WacomPen - ok
01:13:35.0196 0x1b10  [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] WAS             C:\WINDOWS\system32\inetsrv\iisw3adm.dll
01:13:35.0211 0x1b10  WAS - ok
01:13:35.0258 0x1b10  [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
01:13:35.0290 0x1b10  wbengine - ok
01:13:35.0305 0x1b10  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
01:13:35.0305 0x1b10  WbioSrvc - ok
01:13:35.0321 0x1b10  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
01:13:35.0321 0x1b10  Wcmsvc - ok
01:13:35.0336 0x1b10  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
01:13:35.0336 0x1b10  wcncsvc - ok
01:13:35.0352 0x1b10  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
01:13:35.0352 0x1b10  WcsPlugInService - ok
01:13:35.0352 0x1b10  [ F5D4FA3E1F4879C361FFF3855259D2C2, 48C60FE4AAB011E2250157506FF0624031BFA346F8F2F8C6DFDF6F3CAA4F3F42 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
01:13:35.0352 0x1b10  WdBoot - ok
01:13:35.0383 0x1b10  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
01:13:35.0399 0x1b10  Wdf01000 - ok
01:13:35.0399 0x1b10  [ 019CC610AD95FF47EAD7C08B7A683B96, BB9D42F8ED90ECA2E7B8C906E06A1EA859FAD9BD1B3492BB1E28C0D00004812A ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
01:13:35.0415 0x1b10  WdFilter - ok
01:13:35.0415 0x1b10  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
01:13:35.0415 0x1b10  WdiServiceHost - ok
01:13:35.0415 0x1b10  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
01:13:35.0415 0x1b10  WdiSystemHost - ok
01:13:35.0430 0x1b10  [ 6CC1BB8F6851A262E2E824F0E92D5EEF, 45A88A984179BBA38C1F4434C4D6C2823C1FE6AFBE8CB0F656DAE0092D1D5611 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
01:13:35.0430 0x1b10  WdNisDrv - ok
01:13:35.0461 0x1b10  WdNisSvc - ok
01:13:35.0477 0x1b10  [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient       C:\WINDOWS\System32\webclnt.dll
01:13:35.0477 0x1b10  WebClient - ok
01:13:35.0493 0x1b10  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
01:13:35.0493 0x1b10  Wecsvc - ok
01:13:35.0508 0x1b10  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
01:13:35.0508 0x1b10  WEPHOSTSVC - ok
01:13:35.0508 0x1b10  [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
01:13:35.0508 0x1b10  wercplsupport - ok
01:13:35.0524 0x1b10  [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
01:13:35.0524 0x1b10  WerSvc - ok
01:13:35.0540 0x1b10  [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
01:13:35.0540 0x1b10  WFPLWFS - ok
01:13:35.0540 0x1b10  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
01:13:35.0540 0x1b10  WiaRpc - ok
01:13:35.0555 0x1b10  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
01:13:35.0555 0x1b10  WIMMount - ok
01:13:35.0571 0x1b10  WinDefend - ok
01:13:35.0602 0x1b10  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
01:13:35.0633 0x1b10  WinHttpAutoProxySvc - ok
01:13:35.0696 0x1b10  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
01:13:35.0696 0x1b10  Winmgmt - ok
01:13:35.0774 0x1b10  [ C8D6344BDE2691A196E61C0D3372EAB7, FF8EB79D8A7E298343C22B83276FF68293D08A9DA438BB22600BEFC4CA93A91D ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
01:13:35.0836 0x1b10  WinRM - ok
01:13:35.0883 0x1b10  [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
01:13:35.0930 0x1b10  WlanSvc - ok
01:13:35.0961 0x1b10  [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
01:13:35.0977 0x1b10  wlidsvc - ok
01:13:36.0008 0x1b10  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
01:13:36.0008 0x1b10  WmiAcpi - ok
01:13:36.0024 0x1b10  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
01:13:36.0040 0x1b10  wmiApSrv - ok
01:13:36.0071 0x1b10  WMPNetworkSvc - ok
01:13:36.0086 0x1b10  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
01:13:36.0102 0x1b10  Wof - ok
01:13:36.0149 0x1b10  [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
01:13:36.0180 0x1b10  workfolderssvc - ok
01:13:36.0196 0x1b10  [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
01:13:36.0196 0x1b10  wpcfltr - ok
01:13:36.0212 0x1b10  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
01:13:36.0212 0x1b10  WPCSvc - ok
01:13:36.0227 0x1b10  [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
01:13:36.0227 0x1b10  WPDBusEnum - ok
01:13:36.0243 0x1b10  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
01:13:36.0243 0x1b10  WpdUpFltr - ok
01:13:36.0243 0x1b10  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
01:13:36.0243 0x1b10  ws2ifsl - ok
01:13:36.0258 0x1b10  [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
01:13:36.0274 0x1b10  wscsvc - ok
01:13:36.0274 0x1b10  WSearch - ok
01:13:36.0383 0x1b10  [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService       C:\WINDOWS\System32\WSService.dll
01:13:36.0446 0x1b10  WSService - ok
01:13:36.0540 0x1b10  [ D24002EB2F4A8A04897703067E81CC5D, 03806198D26DD7BA3E27EFE0911B49E5B48CAD8A05EC4F56AF45CF1E3FAD6916 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
01:13:36.0587 0x1b10  wuauserv - ok
01:13:36.0587 0x1b10  [ 2FEAE33E9B2B56104596E1BA444405A9, 0A142F50E06F6224B9CB36B3CE62BE0B36DE8B8DB9F9E05D287DFB884CC7826E ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
01:13:36.0587 0x1b10  WudfPf - ok
01:13:36.0633 0x1b10  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
01:13:36.0633 0x1b10  WUDFRd - ok
01:13:36.0665 0x1b10  [ BB73CBC65AABC4EA0A5C6A1474A0A743, D644B3C6A7202CADDADB3B68FE1B2A7C76B023FE58F667EED4D538C1F4A65D64 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
01:13:36.0665 0x1b10  wudfsvc - ok
01:13:36.0680 0x1b10  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
01:13:36.0680 0x1b10  WUDFWpdFs - ok
01:13:36.0727 0x1b10  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
01:13:36.0743 0x1b10  WwanSvc - ok
01:13:36.0774 0x1b10  [ A0F661902AFCAAD77CC2ED3894927A10, 0DCD860F7F4029EBFE1F409BA23CC8BAA55BC22084C81940FF170B665E4804BD ] xusb22          C:\WINDOWS\System32\drivers\xusb22.sys
01:13:36.0774 0x1b10  xusb22 - ok
01:13:36.0790 0x1b10  ================ Scan global ===============================
01:13:36.0821 0x1b10  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
01:13:36.0837 0x1b10  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll
01:13:36.0852 0x1b10  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
01:13:36.0883 0x1b10  [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe
01:13:36.0899 0x1b10  [ Global ] - ok
01:13:36.0899 0x1b10  ================ Scan MBR ==================================
01:13:36.0899 0x1b10  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
01:13:37.0055 0x1b10  \Device\Harddisk0\DR0 - ok
01:13:37.0571 0x1b10  [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk1\DR1
01:13:37.0571 0x1b10  \Device\Harddisk1\DR1 - ok
01:13:37.0587 0x1b10  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
01:13:37.0712 0x1b10  \Device\Harddisk2\DR2 - ok
01:13:37.0712 0x1b10  ================ Scan VBR ==================================
01:13:37.0712 0x1b10  [ E9089E1D855A6AC4DFD9745FA8F56F3F ] \Device\Harddisk0\DR0\Partition1
01:13:37.0759 0x1b10  \Device\Harddisk0\DR0\Partition1 - ok
01:13:37.0759 0x1b10  [ 3B40393E3615ACE3A1711764B82937ED ] \Device\Harddisk0\DR0\Partition2
01:13:37.0852 0x1b10  \Device\Harddisk0\DR0\Partition2 - ok
01:13:37.0852 0x1b10  [ 125B40DD8FC21850692B6FE507655E0F ] \Device\Harddisk1\DR1\Partition1
01:13:37.0915 0x1b10  \Device\Harddisk1\DR1\Partition1 - ok
01:13:37.0915 0x1b10  [ B4AFAEF5280D70FBB65877E57A8B1334 ] \Device\Harddisk2\DR2\Partition1
01:13:37.0993 0x1b10  \Device\Harddisk2\DR2\Partition1 - ok
01:13:37.0993 0x1b10  ================ Scan generic autorun ======================
01:13:38.0056 0x1b10  [ 1315C5C5C54CE2AA37A155F97027DB59, 70CDA6AE7FF4FD08FAD931477C524957952EDC89985696FD988B9786A349C565 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
01:13:38.0071 0x1b10  AdobeAAMUpdater-1.0 - ok
01:13:38.0103 0x1b10  [ 3B01B800A43CF3FAF5AAA78315BC2148, C6868579F19FAD74FF347B7CCF35E8807724EF34B5885464F2BC46F9B6B39648 ] C:\Program Files (x86)\Winamp\winampa.exe
01:13:38.0103 0x1b10  WinampAgent - ok
01:13:38.0149 0x1b10  [ 545676F48851A5C65A38CAE5B5518C95, F7CD893B8198AA22347CB96A61C258217FA0A1B1CC1733784B5FD84A7B208264 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
01:13:38.0149 0x1b10  APSDaemon - ok
01:13:38.0181 0x1b10  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
01:13:38.0196 0x1b10  SwitchBoard - ok
01:13:38.0274 0x1b10  [ E1636F57581CAB5D995FD54D2991EF57, BB6B3D005054D386D596A4BA4D9D2F1284D7C845C1CD5EE63775B4569559E0EB ] C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe
01:13:38.0306 0x1b10  AdobeCS5.5ServiceManager - ok
01:13:38.0353 0x1b10  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
01:13:38.0368 0x1b10  Adobe ARM - ok
01:13:38.0431 0x1b10  [ 54CB57442F5AC8BA5E98A7745D455C18, 362A87B8D5B7F5258301A6D5CD78D046F32DFD8826A2FDF6A0006A5695B389B3 ] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
01:13:38.0446 0x1b10  Ad-Aware Browsing Protection - ok
01:13:38.0478 0x1b10  [ EBC0E8C0A4DDA2C32A7D5863462A321A, 2F410138DB66D0219254339F1F098E401CEDAA032596F1F67BC54F394256FC68 ] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
01:13:38.0478 0x1b10  amd_dc_opt - ok
01:13:38.0571 0x1b10  [ FE157C8114B6D6FEBEEB5884D4933CF8, BA94B3E09524E062618DBDC2889AD2721B6D1D074380410275480476CAB38770 ] C:\Program Files (x86)\Steam\steam.exe
01:13:38.0603 0x1b10  Steam - ok
01:13:38.0743 0x1b10  [ 42CEC6B2C91B153832E88B29741553D7, D35E72176392720C3640F96972E1139D44C1E50421F060677B57179A46E963DD ] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
01:13:38.0837 0x1b10  msnmsgr - ok
01:13:38.0868 0x1b10  [ 48C3EBD6D5E52AFCB1A0FA9B7F9802FA, 4F2E27AA8305FFC94F65C65C5FDB8462C92ED02A7B37627404382C3CAB65AC59 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
01:13:38.0868 0x1b10  iCloudServices - ok
01:13:38.0899 0x1b10  [ 799BCC829F48F19C5689478179060435, 495C6E363982F7BE1785A46C12ED4AC99E0AF98F340F1CE3C55D39EBE6FE33AA ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
01:13:38.0899 0x1b10  ApplePhotoStreams - ok
01:13:38.0931 0x1b10  [ E9582DB4C3BC3CBB3FD8A2FE6CC14D14, D4E0A9BAD51359BF91C59502C53FF4C26A058850AB946D5F1A85F267C84C1507 ] C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe
01:13:38.0946 0x1b10  CloudSystemBooster - ok
01:13:39.0009 0x1b10  [ 2A65AE735E0C439762072787AD61FA07, 19E4A96924BBD51F45DD5D34D18B16D614779F508B3DF5895DF2218043BEF0E0 ] C:\Program Files (x86)\Windows Mail\wab.exe
01:13:39.0009 0x1b10  WAB Migrate - ok
01:13:39.0024 0x1b10  [ 2A65AE735E0C439762072787AD61FA07, 19E4A96924BBD51F45DD5D34D18B16D614779F508B3DF5895DF2218043BEF0E0 ] C:\Program Files (x86)\Windows Mail\wab.exe
01:13:39.0040 0x1b10  WAB Migrate - ok
01:13:39.0040 0x1b10  Waiting for KSN requests completion. In queue: 85
01:13:40.0056 0x1b10  Waiting for KSN requests completion. In queue: 85
01:13:41.0056 0x1b10  Waiting for KSN requests completion. In queue: 85
01:13:42.0197 0x1b10  AV detected via SS2: Lavasoft Ad-Aware, C:\Program Files (x86)\Ad-Aware Antivirus\SBAMWSC.EXE ( 10.5.3.4405 ), 0x40000 ( disabled : updated )
01:13:42.0197 0x1b10  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )
01:13:42.0197 0x1b10  FW detected via SS2: Lavasoft Ad-Aware, C:\Program Files (x86)\Ad-Aware Antivirus\SBAMWSC.EXE ( 10.5.3.4405 ), 0x40010 ( disabled )
01:13:42.0197 0x1b10  Win FW state via NFP2: enabled
01:13:44.0900 0x1b10  ============================================================
01:13:44.0900 0x1b10  Scan finished
01:13:44.0900 0x1b10  ============================================================
01:13:44.0900 0x09b0  Detected object count: 0
01:13:44.0900 0x09b0  Actual detected object count: 0



#6 thepokey

thepokey
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:09:37 PM

Posted 13 October 2014 - 10:31 AM

I should mention the latest strange thing that has happened. Since I ran those tests, the malwarebytes program I have has suddenly stopped working properly. It now tells me that it is unable to load the anti-root kit driver error 20025 and as such the "real time protection" and rootkit scan apparently won't work.



#7 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:37 AM

Posted 14 October 2014 - 03:10 AM

Your logs show obvious signs of having cracked software on your system. This is the main reason your computer is infected. Visiting cracksites/warezsites - and other questionable/illegal sites is always a risk.

Even a single click on the site can drop multiple forms of very serious malware, many of which disable your onboard protection, and System Restore.

If you install the cracked software, you are running executable files from these dubious, unknown sources. You are in effect giving these sources access to information on your hard disk, and potential control over the operation of your computer.

Additionally, cracked programs are illegal. Referring to the Forum Rules which you should have read at the time of Registering at this forum, this forum does not support illegal activity. As such, be advised that any request for assistance in removing malware may go unanswered, or may be discontinued, if the cracked (illegal) software is still present on the machine

Having said that we can help you clean your machine this time BUT this would be a ONCE ONLY offer on the understanding that all cracks are removed. This would apply not only here but at many other Malware Support forums if you were to appear again with cracks onboard, as many of us analysts work at multiple support sites. Please remove all cracked software and illegally obtained copyrighted material you have on the system so we may continue with the clean up.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#8 thepokey

thepokey
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:09:37 PM

Posted 14 October 2014 - 03:48 AM

Cheers, would appreciate that!

Just out of interest, besides photoshop, what else is cracked? I know I attempted to crack photoshop and SPSS since I needed them for uni and there's no way I can afford that as a student, but the crack failed so I was going to delete it anyways and just use the versions on campus. But besides that, can't think of anything else that I have that is cracked? I know I got a lot of freeware stuff which can sometimes cause potential risks, but can't think off the top of my head of other cracked stuff.

#9 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:37 AM

Posted 14 October 2014 - 04:01 AM

Please remove any cracked files, for example:

 

2014-09-29 03:42 - 2014-09-29 03:42 - 00000000 ____D () C:\Users\E\Downloads\EndNote X7 v17.0.1.7212 Incl Crack-EAT- [MUMBAI]

 

As well, please uninstall any cracked software. Some entries show that at least your adobe software is cracked.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#10 thepokey

thepokey
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:09:37 PM

Posted 14 October 2014 - 04:06 AM

Ah forgot about endnote, didn't work either. But what Adobe is cracked besides photoshop? Any other Adobe software I have would have been downloaded from their official site.

This is why I ask what is cracked as I am not sure myself if there is anything I have missed out (such as endnote). Endnote included, that's only 3 programs I can think of.

#11 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:37 AM

Posted 14 October 2014 - 04:51 AM

Remove this software and provide new logs with FRST, when ready:

 

 

Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#12 thepokey

thepokey
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:09:37 PM

Posted 14 October 2014 - 04:57 AM

No probs, I can remove photoshop easy enough - do you want new logs of everything or just of the FRST? I assume nothing else would change in the others besides the absence of photoshop really?

#13 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:37 AM

Posted 14 October 2014 - 04:58 AM

Please rescan with FRST (create a new addition.txt as well) and post the logs.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#14 thepokey

thepokey
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Local time:09:37 PM

Posted 14 October 2014 - 06:10 AM

Ok, uninstalled and deleted both versions of photoshop as well as endnote so that should be all. Here's the FRST rescan:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-10-2014 02
Ran by E (administrator) on TUCKERBOX on 14-10-2014 22:00:00
Running from C:\Users\E\Downloads
Loaded Profile: E (Available profiles: E & UpdatusUser & DefaultAppPool)
Platform: Windows 8.1 Pro (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Lavasoft Limited) C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Dropbox, Inc.) C:\Users\E\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Applian Technologies, Inc.) C:\Program Files (x86)\Freecorder\FLVSrvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(GFI Software) C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Last.fm) C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(BitTorrent Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-29] (Nullsoft, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [554408 2013-05-16] (Lavasoft)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Freecorder FLV Service] => C:\Program Files (x86)\Freecorder\FLVSrvc.exe [167936 2011-03-24] (Applian Technologies, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-3017090963-2871392586-185075185-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1938112 2014-09-23] (Valve Corporation)
HKU\S-1-5-21-3017090963-2871392586-185075185-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272624 2013-02-06] (Microsoft Corporation)
HKU\S-1-5-21-3017090963-2871392586-185075185-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3017090963-2871392586-185075185-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3017090963-2871392586-185075185-1001\...\Run: [CloudSystemBooster] => C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe [527544 2014-08-20] (Anvisoft)
HKU\S-1-5-21-3017090963-2871392586-185075185-1001\...\Policies\Explorer: [NoInstrumentation] 0
Startup: C:\Users\E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\E\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ninemsn.com.au/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46FC80FBE84FCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-AU,en-GB;q=0.7,en;q=0.3
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://qtinstall.apple.com/qtactivex/qtplugin.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks:  - {AEB6717E-7E19-11d0-97EE-00C04FD91972} -  No File [ ]
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\E\AppData\Roaming\Mozilla\Firefox\Profiles\be6db0x5.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [hotfix@mozilla.org] - C:\Users\E\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix
FF Extension: Mozilla hotfix - C:\Users\E\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix [2013-09-01]
FF HKCU\...\Firefox\Extensions: [hotfix@mozilla.org] - C:\Users\E\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe

Chrome: 
=======
CHR Profile: C:\Users\E\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Ad-Aware Service; C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [1236336 2013-06-13] (Lavasoft Limited)
R2 AnviCsbSvc; C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe [42680 2014-08-20] (Anvisoft)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
S3 DAUpdaterSvc; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2013-12-13] (BioWare)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-09-25] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
S2 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-09-25] (Microsoft Corporation)
R2 SBAMSvc; C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [3677000 2012-09-20] (GFI Software)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-10-13] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [546304 2014-10-13] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-09-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-09-25] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-06-26] (GFI Software)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-10-01] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-12] (CACE Technologies, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-09-25] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-09-25] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)


2014-10-14 02:22 - 2014-10-14 02:22 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-10-14 01:12 - 2014-10-14 01:12 - 00011560 _____ () C:\Users\E\Desktop\ark.txt
2014-10-14 00:56 - 2014-10-14 00:56 - 00000000 ____D () C:\Users\E\Downloads\tdsskiller
2014-10-14 00:55 - 2014-10-14 00:55 - 04161313 _____ () C:\Users\E\Downloads\tdsskiller.zip
2014-10-14 00:52 - 2014-10-14 00:52 - 00380416 _____ () C:\Users\E\Downloads\o9ywe6n9.exe
2014-10-14 00:44 - 2014-10-14 00:44 - 00045516 _____ () C:\Users\E\Downloads\Addition.txt
2014-10-14 00:43 - 2014-10-14 22:00 - 00016599 _____ () C:\Users\E\Downloads\FRST.txt
2014-10-14 00:43 - 2014-10-14 22:00 - 00000000 ____D () C:\FRST
2014-10-14 00:41 - 2014-10-14 00:41 - 02110464 _____ (Farbar) C:\Users\E\Downloads\FRST64.exe
2014-10-13 19:34 - 2014-10-13 19:34 - 00688992 _____ (Swearware) C:\Users\E\Downloads\dds.com
2014-10-13 17:07 - 2014-10-14 02:29 - 00000000 ____D () C:\Users\E\OneDrive
2014-10-13 17:04 - 2014-10-13 17:04 - 00001442 _____ () C:\Users\E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-13 17:04 - 2014-10-13 17:04 - 00000020 ___SH () C:\Users\E\ntuser.ini
2014-10-13 14:35 - 2014-10-14 00:00 - 00000000 ___DC () C:\WINDOWS\Panther
2014-10-13 14:34 - 2014-10-13 14:34 - 00000000 ____D () C:\Windows.old
2014-10-13 14:31 - 2014-10-13 14:31 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-10-13 14:29 - 2014-10-13 14:29 - 00000000 ____D () C:\WINDOWS\SysWOW64\BestPractices
2014-10-13 14:29 - 2014-10-13 14:29 - 00000000 ____D () C:\WINDOWS\system32\BestPractices
2014-10-13 14:29 - 2014-10-13 14:29 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-10-13 14:29 - 2014-10-13 14:29 - 00000000 ____D () C:\Program Files\MSBuild
2014-10-13 14:29 - 2014-10-13 14:29 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-10-13 14:29 - 2014-10-13 03:55 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-10-13 14:29 - 2014-10-13 03:49 - 00000000 ____D () C:\inetpub
2014-10-13 14:29 - 2013-08-03 15:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-10-13 14:29 - 2013-08-03 15:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-10-13 14:29 - 2013-08-03 15:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-10-13 14:28 - 2013-08-03 15:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-10-13 14:28 - 2013-08-03 15:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-10-13 14:28 - 2013-08-03 15:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-10-13 04:07 - 2014-10-13 04:07 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-10-13 03:51 - 2014-10-13 03:51 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-10-13 03:51 - 2014-10-13 03:51 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-10-13 03:51 - 2014-10-13 03:51 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-10-13 03:46 - 2014-10-13 03:46 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-10-13 03:45 - 2014-10-14 02:27 - 00000000 ____D () C:\Users\E
2014-10-13 03:45 - 2014-10-13 04:02 - 00000000 ____D () C:\Users\DefaultAppPool
2014-10-13 03:45 - 2014-10-13 03:46 - 00000000 ___RD () C:\Users\E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-13 03:45 - 2014-10-13 03:46 - 00000000 ___RD () C:\Users\E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-13 03:45 - 2014-10-13 03:45 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-13 03:45 - 2014-10-13 03:45 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-13 03:45 - 2014-10-13 03:45 - 00000000 ___RD () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-13 03:45 - 2014-10-13 03:45 - 00000000 ___RD () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-13 03:45 - 2014-09-25 03:30 - 00000369 _____ () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-10-13 03:45 - 2014-09-25 03:30 - 00000369 _____ () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-10-13 03:45 - 2014-09-25 03:30 - 00000369 _____ () C:\Users\E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-10-13 03:45 - 2014-09-25 03:30 - 00000369 _____ () C:\Users\E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-10-13 03:45 - 2014-09-25 03:30 - 00000369 _____ () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-10-13 03:45 - 2014-09-25 03:30 - 00000369 _____ () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-10-13 03:45 - 2013-08-23 02:36 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-13 03:45 - 2013-08-23 02:36 - 00000000 ___RD () C:\Users\E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-13 03:45 - 2013-08-23 02:36 - 00000000 ___RD () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-13 03:45 - 2013-08-23 02:36 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-13 03:45 - 2013-08-23 02:36 - 00000000 ____D () C:\Users\E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-13 03:45 - 2013-08-23 02:36 - 00000000 ____D () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-13 03:44 - 2014-10-13 04:07 - 00040008 _____ () C:\WINDOWS\diagwrn.xml
2014-10-13 03:44 - 2014-10-13 04:07 - 00040008 _____ () C:\WINDOWS\diagerr.xml
2014-10-13 03:42 - 2014-10-13 03:46 - 00027489 _____ () C:\WINDOWS\iis.log
2014-10-13 03:42 - 2014-10-13 03:42 - 00958256 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-10-13 03:39 - 2014-10-14 21:49 - 01727259 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-13 03:39 - 2014-10-14 02:27 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-13 03:39 - 2014-10-13 03:50 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-10-13 03:39 - 2014-10-13 03:49 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-10-13 03:39 - 2014-10-13 03:39 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-10-13 03:39 - 2014-07-03 05:55 - 06783776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-10-13 03:39 - 2014-07-03 05:55 - 03522392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-10-13 03:39 - 2014-07-03 05:55 - 02559960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-10-13 03:39 - 2014-07-03 05:55 - 00935368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-10-13 03:39 - 2014-07-03 05:55 - 00386520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-10-13 03:39 - 2014-07-03 05:55 - 00062808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-10-13 03:39 - 2014-07-02 21:14 - 03826628 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-10-13 03:38 - 2014-10-13 03:38 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-10-13 03:01 - 2014-10-13 04:07 - 00006486 _____ () C:\WINDOWS\comsetup.log
2014-10-12 23:28 - 2014-10-13 03:21 - 00165002 _____ () C:\WINDOWS\WindowsUpdate (1).log
2014-10-12 21:09 - 2014-10-12 21:09 - 00000222 _____ () C:\Users\E\Desktop\Middle-earth Shadow of Mordor.url
2014-10-10 02:53 - 2014-10-10 02:53 - 00000000 ____D () C:\Users\E\AppData\Local\Anvisoft
2014-10-10 02:05 - 2014-10-13 03:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
2014-10-10 02:05 - 2014-10-10 02:05 - 16513448 _____ (Anvisoft) C:\Users\E\Downloads\csbsetup (1).exe
2014-10-10 02:05 - 2014-10-10 02:05 - 00001272 _____ () C:\Users\Public\Desktop\Cloud System Booster.lnk
2014-10-02 05:17 - 2014-10-13 03:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPUB File Reader
2014-10-02 05:17 - 2014-10-02 05:17 - 00001093 _____ () C:\Users\Public\Desktop\EPUB File Reader.lnk
2014-10-02 05:17 - 2014-10-02 05:17 - 00000000 ____D () C:\Program Files (x86)\EPUB File Reader
2014-10-02 05:16 - 2014-10-02 05:16 - 01533901 _____ ( ) C:\Users\E\Downloads\epubfilereader_setup.exe
2014-09-29 02:02 - 2014-10-13 03:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-29 02:02 - 2014-09-29 02:02 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-09-29 02:02 - 2014-09-29 02:02 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-09-29 02:02 - 2014-09-29 02:02 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-09-29 02:02 - 2014-09-29 02:02 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-09-29 02:00 - 2014-09-29 02:00 - 00918440 _____ (Oracle Corporation) C:\Users\E\Downloads\chromeinstall-7u67.exe
2014-09-29 02:00 - 2014-09-29 02:00 - 00001766 _____ () C:\Users\E\Downloads\Inquisit (1).jnlp
2014-09-25 07:40 - 2014-10-13 02:57 - 00000000 ___HD () C:\$Windows.~BT
2014-09-25 06:04 - 2014-09-25 05:37 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-09-25 06:04 - 2014-09-25 05:37 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-25 05:59 - 2014-09-25 05:59 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-09-25 05:59 - 2014-09-25 05:59 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Embedded Lockdown Manager
2014-09-25 05:59 - 2014-09-25 05:59 - 00000000 ____D () C:\Program Files\Embedded Lockdown Manager
2014-09-25 05:55 - 2014-09-25 05:55 - 00146559 _____ () C:\WINDOWS\system32\EmbeddedLockdown.msc
2014-09-25 05:53 - 2014-09-25 05:53 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-09-25 05:53 - 2014-09-25 05:53 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-09-25 05:53 - 2014-09-25 05:53 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-09-25 05:50 - 2014-09-25 05:50 - 02374816 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-09-25 05:50 - 2014-09-25 05:50 - 02088648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-09-25 05:46 - 2014-09-25 05:46 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-09-25 05:46 - 2014-09-25 05:46 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-09-25 05:46 - 2014-09-25 05:46 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-09-25 05:46 - 2014-09-25 05:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-09-25 05:46 - 2014-09-25 05:46 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-09-25 05:43 - 2014-09-25 05:43 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-09-25 05:43 - 2014-09-25 05:43 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-09-25 05:40 - 2014-09-25 05:40 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-09-25 05:40 - 2014-09-25 05:40 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-09-25 05:40 - 2014-09-25 05:40 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-09-25 05:24 - 2014-09-25 05:24 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-09-25 05:24 - 2014-09-25 05:24 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-09-25 05:18 - 2014-09-25 05:18 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-09-25 05:18 - 2014-09-25 05:18 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-09-25 05:18 - 2014-09-25 05:18 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-09-25 05:15 - 2014-09-25 05:15 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-09-25 05:15 - 2014-09-25 05:15 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-09-25 05:15 - 2014-09-25 05:15 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-09-25 05:12 - 2014-09-25 05:12 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\lockscreencn.dll
2014-09-25 05:07 - 2014-09-25 05:07 - 00373080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-09-25 04:54 - 2014-09-25 04:54 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-09-25 04:54 - 2014-09-25 04:54 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-09-25 04:54 - 2014-09-25 04:54 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-09-25 04:54 - 2014-09-25 04:54 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-09-25 04:54 - 2014-09-25 04:54 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-09-25 04:54 - 2014-09-25 04:54 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-09-25 04:48 - 2014-09-25 04:48 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-09-25 04:48 - 2014-09-25 04:48 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-09-25 04:48 - 2014-09-25 04:48 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-09-25 04:45 - 2014-09-25 04:45 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-09-25 04:45 - 2014-09-25 04:45 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-09-25 04:45 - 2014-09-25 04:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-09-25 04:45 - 2014-09-25 04:45 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-09-25 04:45 - 2014-09-25 04:45 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-09-25 04:45 - 2014-09-25 04:45 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-09-25 04:45 - 2014-09-25 04:45 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-09-25 04:45 - 2014-09-25 04:45 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-09-25 04:45 - 2014-09-25 04:45 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-09-25 04:40 - 2014-09-25 04:40 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-09-25 04:35 - 2014-09-25 04:35 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-09-25 04:26 - 2014-09-25 04:26 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-09-25 04:26 - 2014-09-25 04:26 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-09-25 04:26 - 2014-09-25 04:26 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-09-25 04:26 - 2014-09-25 04:26 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-09-25 04:26 - 2014-09-25 04:26 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-09-25 04:26 - 2014-09-25 04:26 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-09-25 04:26 - 2014-09-25 04:26 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-09-25 04:23 - 2014-09-25 04:23 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-09-25 04:23 - 2014-09-25 04:23 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-09-25 04:23 - 2014-09-25 04:23 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-09-25 04:23 - 2014-09-25 04:23 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-09-25 04:23 - 2014-09-25 04:23 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-09-25 04:23 - 2014-09-25 04:23 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-09-25 04:23 - 2014-09-25 04:23 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-09-25 04:23 - 2014-09-25 04:23 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00275800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-09-25 04:23 - 2014-09-25 04:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-09-25 04:23 - 2014-09-25 04:23 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-09-25 04:23 - 2014-09-25 04:23 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscfgwmi.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xusb22.sys
2014-09-25 04:23 - 2014-09-25 04:23 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-09-25 04:23 - 2014-09-25 04:23 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-09-25 04:23 - 2014-09-25 04:23 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-09-25 04:19 - 2014-09-25 04:19 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-09-25 04:19 - 2014-09-25 04:19 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-09-25 04:19 - 2014-09-25 04:19 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-09-25 04:19 - 2014-09-25 04:19 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-09-25 04:17 - 2014-09-25 04:17 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-09-25 04:17 - 2014-09-25 04:17 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-09-25 04:13 - 2014-09-25 04:13 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-09-25 04:13 - 2014-09-25 04:13 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-09-25 04:09 - 2014-09-25 04:09 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-09-25 04:09 - 2014-09-25 04:09 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-09-25 04:09 - 2014-09-25 04:09 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-09-25 03:56 - 2014-09-25 03:56 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 01112536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-09-25 03:56 - 2014-09-25 03:56 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00836096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-09-25 03:56 - 2014-09-25 03:56 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-09-25 03:56 - 2014-09-25 03:56 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AdmTmpl.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AdmTmpl.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-09-25 03:56 - 2014-09-25 03:56 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-09-25 03:56 - 2014-09-25 03:56 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-09-25 03:56 - 2014-09-25 03:56 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-09-25 03:56 - 2014-09-25 03:56 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-09-25 03:56 - 2014-09-25 03:56 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-09-25 03:56 - 2014-09-25 03:56 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-09-25 03:56 - 2014-09-25 03:56 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-09-25 03:56 - 2014-09-25 03:56 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfg.exe
2014-09-25 03:56 - 2014-09-25 03:56 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-09-25 03:56 - 2014-09-25 03:56 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2014-09-25 03:56 - 2014-09-25 03:56 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-09-25 03:56 - 2014-09-25 03:56 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2014-09-25 03:56 - 2014-09-25 03:56 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-09-25 03:56 - 2014-09-25 03:56 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-09-25 03:56 - 2014-09-25 03:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-09-25 03:56 - 2014-09-25 03:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 21266336 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 18760328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 13292544 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 11794944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 07424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-09-25 03:39 - 2014-09-25 03:39 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 03465216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 03360768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 02696704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-09-25 03:39 - 2014-09-25 03:39 - 02515264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-09-25 03:39 - 2014-09-25 03:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-09-25 03:39 - 2014-09-25 03:39 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-09-25 03:39 - 2014-09-25 03:39 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-09-25 03:39 - 2014-09-25 03:39 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-09-25 03:39 - 2014-09-25 03:39 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-09-25 03:39 - 2014-09-25 03:39 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-09-25 03:39 - 2014-09-25 03:39 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmcsnap.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-09-25 03:39 - 2014-09-25 03:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00674512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-09-25 03:39 - 2014-09-25 03:39 - 00513544 _____ () C:\WINDOWS\system32\locale.nls
2014-09-25 03:39 - 2014-09-25 03:39 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-09-25 03:39 - 2014-09-25 03:39 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00475968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00468288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-09-25 03:39 - 2014-09-25 03:39 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00438272 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-09-25 03:39 - 2014-09-25 03:39 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00419648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00412992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00387391 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-09-25 03:39 - 2014-09-25 03:39 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-09-25 03:39 - 2014-09-25 03:39 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-09-25 03:39 - 2014-09-25 03:39 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00310080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00280384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-09-25 03:39 - 2014-09-25 03:39 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ppcsnap.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-09-25 03:39 - 2014-09-25 03:39 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2014-09-25 03:39 - 2014-09-25 03:39 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2014-09-25 03:39 - 2014-09-25 03:39 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-09-25 03:39 - 2014-09-25 03:39 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-09-25 03:39 - 2014-09-25 03:39 - 00180056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00149312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00143680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-09-25 03:39 - 2014-09-25 03:39 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00089944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-09-25 03:39 - 2014-09-25 03:39 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-09-25 03:39 - 2014-09-25 03:39 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-09-25 03:39 - 2014-09-25 03:39 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-09-25 03:39 - 2014-09-25 03:39 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2014-09-25 03:39 - 2014-09-25 03:39 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2014-09-25 03:39 - 2014-09-25 03:39 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2014-09-25 03:39 - 2014-09-25 03:39 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL
2014-09-25 03:39 - 2014-09-25 03:39 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2014-09-25 03:39 - 2014-09-25 03:39 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2014-09-25 03:39 - 2014-09-25 03:39 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2014-09-25 03:39 - 2014-09-25 03:39 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2014-09-25 03:39 - 2014-09-25 03:39 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL
2014-09-25 03:39 - 2014-09-25 03:39 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2014-09-25 03:39 - 2014-09-25 03:39 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2014-09-25 03:39 - 2014-09-25 03:39 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2014-09-25 03:39 - 2014-09-25 03:39 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2014-09-25 03:39 - 2014-09-25 03:39 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2014-09-25 03:30 - 2014-09-25 03:30 - 13933568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 11776000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 11742720 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 08946688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 03596800 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 03494912 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 03394384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 03312128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 02862592 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 02825216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 02811392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 02566656 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 02544128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 02537472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 02428928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 02368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 02288640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 02165760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01929608 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01767440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01757184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01653352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01640960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01621504 _____ (Microsoft Corporation) C:\WINDOWS\system32\RacEngn.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01581968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01576960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 01496576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01474104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01445616 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01435304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01428480 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 01392640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01290688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01283584 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 01258496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RacEngn.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01227776 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01224192 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01215832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01206000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 01192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01163264 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01162752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01152512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2014-09-25 03:30 - 2014-09-25 03:30 - 01147904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01136128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2014-09-25 03:30 - 2014-09-25 03:30 - 01132032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\perftrack.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01077944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01067080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01063976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 01011712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01011280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00994136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2014-09-25 03:30 - 2014-09-25 03:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00943104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00935424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00934856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00924504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2014-09-25 03:30 - 2014-09-25 03:30 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00902144 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00883184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00876544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00813568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00800552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00797696 _____ (Microsoft Corporation) C:\WINDOWS\system32\PurchaseWindowsLicense.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00796928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00761792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00669896 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2014-09-25 03:30 - 2014-09-25 03:30 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00650736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\riched20.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\OobeFldr.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OobeFldr.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00628224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00617472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsdyn.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\recimg.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfrgui.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dfrgui.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00526304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmIndexer.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2014-09-25 03:30 - 2014-09-25 03:30 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00506120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.ContentPrefetchTask.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00484864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceCenter.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2014-09-25 03:30 - 2014-09-25 03:30 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00461176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx
2014-09-25 03:30 - 2014-09-25 03:30 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appmgr.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00407536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\provsvc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00397824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2014-09-25 03:30 - 2014-09-25 03:30 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WLanConn.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00391512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00391008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DfpCommon.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00372360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgr.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\livessp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwizeng.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\srchadmin.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provsvc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00317584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srchadmin.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdprint.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00289752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmdskmgr.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsku.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00262335 _____ () C:\WINDOWS\system32\dfpinc.dat
2014-09-25 03:30 - 2014-09-25 03:30 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdprint.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00251504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powrprof.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00249688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2014-09-25 03:30 - 2014-09-25 03:30 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00244848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\miutils.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionQueue.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cleanmgr.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cleanmgr.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00209160 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\aelupsvc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmdskmgr.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCoreConfProv.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2014-09-25 03:30 - 2014-09-25 03:30 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00188464 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgrade.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\korwbrkr.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\miutils.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncui.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00170952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ocsetapi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ocsetapi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-09-25 03:30 - 2014-09-25 03:30 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsClassExtension.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitagent.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00153600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\diskpart.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-09-25 03:30 - 2014-09-25 03:30 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2014-09-25 03:30 - 2014-09-25 03:30 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-09-25 03:30 - 2014-09-25 03:30 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00140456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00139600 _____ () C:\WINDOWS\system32\systemsf.ebd
2014-09-25 03:30 - 2014-09-25 03:30 - 00139464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\diskpart.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\netid.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsutil.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msched.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00131168 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-power-events.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2014-09-25 03:30 - 2014-09-25 03:30 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContent.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WorkFoldersRes.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersRes.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fsutil.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\scavengeui.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AltTab.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\RestoreOptIn.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00100197 _____ () C:\WINDOWS\SysWOW64\RacRules.xml
2014-09-25 03:30 - 2014-09-25 03:30 - 00100197 _____ () C:\WINDOWS\system32\RacRules.xml
2014-09-25 03:30 - 2014-09-25 03:30 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netid.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-09-25 03:30 - 2014-09-25 03:30 - 00096088 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedapplauncher.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\spcompat.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeResults.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00089848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RestoreOptIn.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00089848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2014-09-25 03:30 - 2014-09-25 03:30 - 00083120 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhost.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Utilman.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00080048 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostex.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00079496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2014-09-25 03:30 - 2014-09-25 03:30 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00071888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2014-09-25 03:30 - 2014-09-25 03:30 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhevents.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Renewal.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConfigureExpandedStorage.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrTasks.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AepRoam.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys
2014-09-25 03:30 - 2014-09-25 03:30 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftp.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAConn.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00050053 _____ () C:\WINDOWS\system32\srms.dat
2014-09-25 03:30 - 2014-09-25 03:30 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ftp.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00044936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00043408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\f3ahvoas.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00041320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00038680 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00036200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserAccountBroker.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfp.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00029912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserAccountBroker.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofTasks.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbrand.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentHost.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsvcctl.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofUtil.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\energytask.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxshared.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\slpts.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\finger.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slpts.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msshooks.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\finger.exe
2014-09-25 03:30 - 2014-09-25 03:30 - 00011109 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-09-25 03:30 - 2014-09-25 03:30 - 00011109 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-09-25 03:30 - 2014-09-25 03:30 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msshooks.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00008192 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-private-l1-1-1.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00007762 _____ () C:\WINDOWS\SysWOW64\connectedsearch-suggestions.searchconnector-ms
2014-09-25 03:30 - 2014-09-25 03:30 - 00007762 _____ () C:\WINDOWS\system32\connectedsearch-suggestions.searchconnector-ms
2014-09-25 03:30 - 2014-09-25 03:30 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\shimeng.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00007130 _____ () C:\WINDOWS\SysWOW64\connectedsearch-zeroinput.searchconnector-ms
2014-09-25 03:30 - 2014-09-25 03:30 - 00007130 _____ () C:\WINDOWS\system32\connectedsearch-zeroinput.searchconnector-ms
2014-09-25 03:30 - 2014-09-25 03:30 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2014-09-25 03:30 - 2014-09-25 03:30 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-session-winsta-l1-1-0.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-private-l1-1-0.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-networking-wcmapi-l1-1-0.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-kernel32-package-l1-1-1.dll
2014-09-25 03:30 - 2014-09-25 03:30 - 00002440 ___RS () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk
2014-09-25 03:30 - 2014-09-25 03:30 - 00002255 _____ () C:\WINDOWS\SysWOW64\WimBootCompress.ini
2014-09-25 03:30 - 2014-09-25 03:30 - 00002255 _____ () C:\WINDOWS\system32\WimBootCompress.ini
2014-09-25 03:30 - 2014-09-25 03:30 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-09-25 03:30 - 2014-09-25 03:30 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-09-25 03:30 - 2014-09-25 03:30 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-09-25 03:30 - 2014-09-25 03:30 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-09-25 03:29 - 2014-09-25 03:29 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 03085824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 01943536 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 01927600 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 01791752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 01727760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 01369736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 01341440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 01017936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 01000424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00825344 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00753664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00745328 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00578952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00552632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00551256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2014-09-25 03:29 - 2014-09-25 03:29 - 00539992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2014-09-25 03:29 - 2014-09-25 03:29 - 00531128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\riched20.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00490136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00424280 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00422968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00410568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-09-25 03:29 - 2014-09-25 03:29 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2014-09-25 03:29 - 2014-09-25 03:29 - 00369288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00345552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-09-25 03:29 - 2014-09-25 03:29 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\system32\powrprof.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2014-09-25 03:29 - 2014-09-25 03:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-09-25 03:29 - 2014-09-25 03:29 - 00232896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\PkgMgr.exe
2014-09-25 03:29 - 2014-09-25 03:29 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PkgMgr.exe
2014-09-25 03:29 - 2014-09-25 03:29 - 00194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00189784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2014-09-25 03:29 - 2014-09-25 03:29 - 00175960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VerifierExt.sys
2014-09-25 03:29 - 2014-09-25 03:29 - 00171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00171864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_8086.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00152848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00151384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-09-25 03:29 - 2014-09-25 03:29 - 00148824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-09-25 03:29 - 2014-09-25 03:29 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\korwbrkr.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00142576 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2014-09-25 03:29 - 2014-09-25 03:29 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-09-25 03:29 - 2014-09-25 03:29 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imm32.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00137344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2014-09-25 03:29 - 2014-09-25 03:29 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SSShim.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00105864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2014-09-25 03:29 - 2014-09-25 03:29 - 00094560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-09-25 03:29 - 2014-09-25 03:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2014-09-25 03:29 - 2014-09-25 03:29 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Utilman.exe
2014-09-25 03:29 - 2014-09-25 03:29 - 00066904 _____ (Microsoft Corporation) C:\WINDOWS\system32\PSHED.DLL
2014-09-25 03:29 - 2014-09-25 03:29 - 00057176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2014-09-25 03:29 - 2014-09-25 03:29 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-09-25 03:29 - 2014-09-25 03:29 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2014-09-25 03:29 - 2014-09-25 03:29 - 00033056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2014-09-25 03:29 - 2014-09-25 03:29 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\f3ahvoas.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-09-25 03:29 - 2014-09-25 03:29 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\clrhost.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clrhost.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00008192 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-1.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-session-winsta-l1-1-0.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-0.dll
2014-09-25 03:29 - 2014-09-25 03:29 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-kernel32-package-l1-1-1.dll
2014-09-25 03:21 - 2014-10-14 02:34 - 00996656 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-09-25 03:15 - 2014-09-25 03:15 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-09-25 03:15 - 2014-09-25 03:15 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-09-25 03:11 - 2014-09-25 03:39 - 02406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2014-09-25 02:58 - 2013-08-22 17:51 - 00036235 _____ () C:\WINDOWS\Professional.xml
2014-09-25 02:57 - 2014-10-13 03:55 - 00000000 ____D () C:\WINDOWS\ShellNew
2014-09-25 02:57 - 2014-09-25 05:59 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-25 02:57 - 2014-09-25 02:57 - 02176000 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 02129408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsCpl.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 02119680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsCpl.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmclient.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 01230848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSh.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 01165824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDistSh.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00935424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmclient.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCacheProvider.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00788480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mblctr.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmscan.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\csc.sys
2014-09-25 02:57 - 2014-09-25 02:57 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrptadm.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmscan.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SnippingTool.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrptadm.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\StikyNot.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCleaner.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscobj.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrpUxNativeSnapIn.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00304128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SrpUxNativeSnapIn.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppIdPolicyEngineApi.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00291808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpendp.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\umrdp.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\srm.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srm.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmstormod.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00267528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpendp.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddputils.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SNTSearch.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppIdPolicyEngineApi.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuditNativeSnapIn.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2014-09-25 02:57 - 2014-09-25 02:57 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuditNativeSnapIn.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddpchunk.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationSettings.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDist.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmstormod.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscobj.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2014-09-25 02:57 - 2014-09-25 02:57 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\hwrreg.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\appmgmts.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistWSDDiscoProv.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmshell.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDist.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveprompt.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinput.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgmts.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00147439 _____ () C:\WINDOWS\SysWOW64\gpedit.msc
2014-09-25 02:57 - 2014-09-25 02:57 - 00147439 _____ () C:\WINDOWS\system32\gpedit.msc
2014-09-25 02:57 - 2014-09-25 02:57 - 00146389 _____ () C:\WINDOWS\system32\printmanagement.msc
2014-09-25 02:57 - 2014-09-25 02:57 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\CscMig.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddptrace.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\adrclient.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbusr.sys
2014-09-25 02:57 - 2014-09-25 02:57 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmshell.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00120458 _____ () C:\WINDOWS\system32\secpol.msc
2014-09-25 02:57 - 2014-09-25 02:57 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\baaupdate.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adrclient.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerWizardElev.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerWizard.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\auditpolmsg.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\auditpolmsg.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00090464 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeyboardFilterSvc.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmlib.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmlib.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmtrace.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2014-09-25 02:57 - 2014-09-25 02:57 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DFDWiz.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuditPolicyGPInterop.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintBrmUi.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmtrace.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsp.sys
2014-09-25 02:57 - 2014-09-25 02:57 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpcivsp.sys
2014-09-25 02:57 - 2014-09-25 02:57 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddp_ps.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuditPolicyGPInterop.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistHttpTrans.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2014-09-25 02:57 - 2014-09-25 02:57 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\RotMgr.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfdts.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00043566 _____ () C:\WINDOWS\SysWOW64\rsop.msc
2014-09-25 02:57 - 2014-09-25 02:57 - 00043566 _____ () C:\WINDOWS\system32\rsop.msc
2014-09-25 02:57 - 2014-09-25 02:57 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hwrcomp.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistAD.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00040288 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeyboardFilterCore.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00039264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmbeddedAppLauncherConfig.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00037216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\terminpt.sys
2014-09-25 02:57 - 2014-09-25 02:57 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vid.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00034144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KeyboardFilterCore.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\srm_ps.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\qwinsta.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00027488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2014-09-25 02:57 - 2014-09-25 02:57 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorPerformanceEvents.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\qprocess.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msg.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jnwmon.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\quser.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tskill.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\qappsrv.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\chgport.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsdiscon.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscon.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00022272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbldfltr.sys
2014-09-25 02:57 - 2014-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetppui.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\rwinsta.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoff.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\chgusr.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\chglogon.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srm_ps.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\reset.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\change.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\query.exe
2014-09-25 02:57 - 2014-09-25 02:57 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspiper.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeSysprep.dll
2014-09-25 02:57 - 2014-09-25 02:57 - 00000000 __SHD () C:\WINDOWS\BitLockerDiscoveryVolumeContents
2014-09-25 02:57 - 2014-09-25 02:57 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
2014-09-25 02:57 - 2014-09-25 02:57 - 00000000 ____D () C:\WINDOWS\SKB
2014-09-25 02:35 - 2014-10-13 03:55 - 00000000 ____D () C:\WINDOWS\en-GB
2014-09-25 02:35 - 2014-10-13 03:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-09-25 02:35 - 2014-10-13 03:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-09-25 02:35 - 2014-10-13 03:51 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-09-25 02:35 - 2014-09-25 02:35 - 00000000 ____D () C:\WINDOWS\SysWOW64\winrm
2014-09-25 02:35 - 2014-09-25 02:35 - 00000000 ____D () C:\WINDOWS\SysWOW64\slmgr
2014-09-25 02:35 - 2014-09-25 02:35 - 00000000 ____D () C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2014-09-25 02:35 - 2014-09-25 02:35 - 00000000 ____D () C:\WINDOWS\SysWOW64\Drivers\en-GB
2014-09-25 02:35 - 2014-09-25 02:35 - 00000000 ____D () C:\WINDOWS\SysWOW64\0409
2014-09-25 02:35 - 2014-09-25 02:35 - 00000000 ____D () C:\WINDOWS\system32\winrm
2014-09-25 02:35 - 2014-09-25 02:35 - 00000000 ____D () C:\WINDOWS\system32\slmgr
2014-09-25 02:35 - 2014-09-25 02:35 - 00000000 ____D () C:\WINDOWS\system32\Printing_Admin_Scripts
2014-09-25 02:35 - 2014-09-25 02:35 - 00000000 ____D () C:\WINDOWS\system32\Drivers\en-GB
2014-09-25 02:35 - 2014-09-25 02:35 - 00000000 ____D () C:\WINDOWS\system32\0409
2014-09-24 19:08 - 2014-10-13 03:38 - 00002478 _____ () C:\WINDOWS\PFRO.log
2014-09-24 04:39 - 2014-09-24 04:39 - 00004892 _____ () C:\Users\E\Documents\cc_20140924_033858.reg
2014-09-24 04:31 - 2014-09-24 04:31 - 00244042 _____ () C:\Users\E\Documents\cc_20140924_033145.reg
2014-09-24 04:30 - 2014-10-13 03:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-09-24 04:30 - 2014-09-24 04:30 - 00002764 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-09-24 04:30 - 2014-09-24 04:30 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-24 04:30 - 2014-09-24 04:30 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-24 04:28 - 2014-09-24 04:28 - 00000000 ____D () C:\Users\E\Downloads\CCleaner Professional & Business v4.14.4707 - [MUMBAI-TPB]
2014-09-24 04:22 - 2014-10-13 03:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-09-24 04:22 - 2014-09-24 04:22 - 00001077 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-09-24 04:22 - 2014-09-24 04:22 - 00000000 ____D () C:\Users\E\AppData\Local\VS Revo Group
2014-09-24 04:22 - 2014-09-24 04:22 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-09-24 04:22 - 2014-09-24 04:22 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-09-24 04:22 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2014-09-24 04:20 - 2014-09-24 04:20 - 00000000 ____D () C:\Users\E\Downloads\Revo Uninstaller Pro 3.0.8 Final (32-64 Bit)
2014-09-24 04:16 - 2014-09-24 04:22 - 00000000 ____D () C:\Users\E\AppData\Local\Adobe Tool
2014-09-24 04:15 - 2014-09-24 04:15 - 00000000 ____D () C:\Users\E\Downloads\Adobe Tool 3.7
2014-09-24 03:22 - 2014-09-24 03:22 - 00000000 ____D () C:\Users\E\AppData\Roaming\PDAppFlex
2014-09-24 03:20 - 2014-09-24 03:20 - 00760080 _____ () C:\Users\E\Downloads\xperia.zip
2014-09-24 03:20 - 2013-08-03 19:37 - 00016288 _____ () C:\Users\E\Downloads\Xperia.ttf
2014-09-24 00:49 - 2014-09-24 00:49 - 00021516 _____ () C:\Users\E\Downloads\unlearn2.ttf
2014-09-16 02:18 - 2014-09-16 02:18 - 06057862 _____ (Tim Kosse) C:\Users\E\Downloads\FileZilla_3.9.0.5_win32-setup.exe
2014-09-14 21:16 - 2014-10-13 03:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-09-14 21:14 - 2014-10-02 08:48 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-14 21:14 - 2014-09-14 21:14 - 01054896 _____ (Microsoft Corporation) C:\Users\E\Downloads\Setup.X86.en-US_O365ProPlusRetail_a06f8af0-e055-4370-9650-72be0ba3c1f0_TX_PR_.exe
2014-09-14 19:53 - 2014-10-13 03:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-14 19:53 - 2014-09-14 19:53 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-14 19:52 - 2014-09-14 19:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-14 19:52 - 2014-09-14 19:53 - 00000000 ____D () C:\Program Files\iTunes
2014-09-14 19:52 - 2014-09-14 19:52 - 00000000 ____D () C:\Program Files\iPod

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-14 22:00 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-14 21:58 - 2012-11-20 00:17 - 00000000 ____D () C:\Users\E\AppData\Roaming\uTorrent
2014-10-14 21:57 - 2012-11-19 22:50 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3017090963-2871392586-185075185-1001
2014-10-14 21:56 - 2012-11-22 18:39 - 00000000 ____D () C:\Users\E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-10-14 21:56 - 2012-11-20 00:03 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-14 21:54 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-10-14 21:52 - 2012-11-20 00:41 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-14 21:52 - 2012-11-20 00:40 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-14 21:52 - 2012-11-19 22:43 - 00000000 ____D () C:\Users\E\AppData\Roaming\Adobe
2014-10-14 21:49 - 2012-11-20 00:38 - 00000000 ____D () C:\Users\E\AppData\Local\Adobe
2014-10-14 21:48 - 2013-08-23 01:46 - 00382730 _____ () C:\WINDOWS\setupact.log
2014-10-14 21:48 - 2012-12-23 22:11 - 00402944 ___SH () C:\Users\E\Downloads\Thumbs.db
2014-10-14 21:46 - 2014-04-10 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-14 21:46 - 2014-04-10 22:41 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-14 21:46 - 2014-03-20 03:53 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-14 21:29 - 2012-11-22 18:34 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-10-14 21:15 - 2012-11-19 23:35 - 00000908 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-14 19:15 - 2012-11-19 23:35 - 00000904 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-14 15:57 - 2012-07-26 18:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-10-14 08:54 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-14 05:37 - 2014-04-10 22:42 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-14 03:31 - 2013-08-23 00:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-10-14 03:09 - 2012-11-19 23:57 - 00000000 ____D () C:\Users\E\AppData\Local\Last.fm
2014-10-14 02:29 - 2013-05-29 19:50 - 00000000 ___RD () C:\Users\E\Dropbox
2014-10-14 02:29 - 2013-05-29 19:48 - 00000000 ____D () C:\Users\E\AppData\Roaming\Dropbox
2014-10-14 02:27 - 2013-08-23 01:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-14 02:20 - 2013-08-23 00:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-13 21:11 - 2013-09-01 22:55 - 00000000 ____D () C:\Users\E\Documents\WB Games
2014-10-13 17:06 - 2012-11-19 22:43 - 00000000 ____D () C:\Users\E\AppData\Local\Packages
2014-10-13 14:34 - 2013-08-23 02:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-10-13 14:29 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\inetsrv
2014-10-13 14:29 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2014-10-13 14:29 - 2013-08-22 22:25 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2014-10-13 14:29 - 2013-08-22 22:22 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2014-10-13 14:29 - 2013-08-22 22:19 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2014-10-13 14:29 - 2013-08-22 22:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2014-10-13 14:29 - 2013-08-22 22:18 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2014-10-13 14:29 - 2013-08-22 21:03 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2014-10-13 14:29 - 2013-08-22 14:58 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2014-10-13 14:29 - 2013-08-22 14:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2014-10-13 14:29 - 2013-08-22 14:53 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2014-10-13 14:29 - 2013-08-22 14:53 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2014-10-13 14:29 - 2013-08-22 14:51 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2014-10-13 14:29 - 2013-08-22 13:54 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2014-10-13 04:09 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-13 04:07 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-10-13 04:04 - 2013-08-23 02:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-10-13 04:04 - 2013-08-23 02:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-10-13 03:58 - 2013-08-23 01:44 - 05101448 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-13 03:55 - 2014-08-07 01:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-10-13 03:55 - 2014-06-27 07:11 - 00000000 ____D () C:\Users\E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SoulseekQt
2014-10-13 03:55 - 2014-06-02 04:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freecorder
2014-10-13 03:55 - 2014-05-19 04:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio
2014-10-13 03:55 - 2014-03-02 00:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-10-13 03:55 - 2014-02-23 22:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-10-13 03:55 - 2014-02-15 04:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLAC
2014-10-13 03:55 - 2014-02-15 01:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy
2014-10-13 03:55 - 2014-01-05 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlacSquisher
2014-10-13 03:55 - 2013-10-26 22:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Audio Extractor
2014-10-13 03:55 - 2013-09-09 21:13 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-10-13 03:55 - 2013-09-09 21:13 - 00000000 ____D () C:\WINDOWS\en
2014-10-13 03:55 - 2013-09-09 21:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2014-10-13 03:55 - 2013-06-26 03:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-10-13 03:55 - 2013-05-29 19:49 - 00000000 ____D () C:\Users\E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-10-13 03:55 - 2013-04-27 23:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-13 03:55 - 2013-03-12 02:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics
2014-10-13 03:55 - 2013-01-27 23:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm
2014-10-13 03:55 - 2012-12-30 02:37 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-10-13 03:55 - 2012-12-23 23:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
2014-10-13 03:55 - 2012-12-15 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2014-10-13 03:55 - 2012-12-05 05:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArtMoney SE
2014-10-13 03:55 - 2012-12-04 06:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-10-13 03:55 - 2012-11-20 06:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4Musics FLAC to MP3 Converter
2014-10-13 03:55 - 2012-11-20 04:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2014-10-13 03:55 - 2012-11-20 00:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2014-10-13 03:55 - 2012-11-20 00:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-10-13 03:55 - 2012-11-20 00:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-10-13 03:55 - 2012-11-20 00:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-10-13 03:55 - 2012-11-19 23:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-10-13 03:55 - 2012-11-19 23:50 - 00000000 ____D () C:\Users\E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-10-13 03:55 - 2012-11-19 23:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-10-13 03:55 - 2012-11-19 23:48 - 00000000 ____D () C:\Users\E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Detector Plug-in
2014-10-13 03:55 - 2012-11-19 23:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2014-10-13 03:55 - 2012-11-19 23:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-13 03:51 - 2013-12-15 04:16 - 00000000 ____D () C:\WINDOWS\SysWOW64\AGEIA
2014-10-13 03:51 - 2013-09-09 21:07 - 00000000 ____D () C:\WINDOWS\SysWOW64\xlive
2014-10-13 03:51 - 2013-08-23 02:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log
2014-10-13 03:51 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-10-13 03:51 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-10-13 03:51 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-10-13 03:51 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2014-10-13 03:51 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\en-GB
2014-10-13 03:51 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-10-13 03:51 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-10-13 03:51 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-10-13 03:51 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2014-10-13 03:51 - 2013-08-23 00:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-10-13 03:51 - 2012-07-26 16:37 - 00000000 ____D () C:\Users\Default.migrated
2014-10-13 03:50 - 2013-09-01 22:52 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2014-10-13 03:50 - 2013-08-23 02:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-10-13 03:50 - 2013-08-23 02:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-10-13 03:50 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\Resources
2014-10-13 03:50 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\Help
2014-10-13 03:50 - 2012-12-16 19:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2014-10-13 03:50 - 2012-11-19 22:43 - 00000000 ____D () C:\ProgramData\PRICache
2014-10-13 03:49 - 2013-12-04 02:28 - 00000000 ____D () C:\Program Files\ASUS
2014-10-13 03:49 - 2013-08-23 02:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-10-13 03:49 - 2013-08-23 02:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-10-13 03:46 - 2014-06-19 23:11 - 00000000 ____D () C:\Users\E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-10-13 03:46 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-10-13 03:46 - 2012-07-26 19:12 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-10-13 03:42 - 2013-08-23 00:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-10-13 03:42 - 2012-08-12 12:40 - 00000000 __SHD () C:\Recovery
2014-10-13 03:38 - 2013-08-23 00:36 - 00000000 __RHD () C:\Users\Default
2014-10-13 02:42 - 2012-07-26 19:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-10-12 21:09 - 2012-12-16 19:37 - 00280064 ___SH () C:\Users\E\Desktop\Thumbs.db
2014-10-12 12:00 - 2013-06-26 03:34 - 00001868 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-10-10 02:58 - 2014-02-23 22:28 - 00000000 ____D () C:\Users\E\AppData\Roaming\FileZilla
2014-10-10 02:10 - 2014-08-07 01:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-10 02:10 - 2013-07-17 20:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer
2014-10-10 02:05 - 2013-09-08 20:24 - 00000000 ____D () C:\Program Files (x86)\Anvisoft
2014-10-04 09:20 - 2014-08-30 09:54 - 00055109 _____ () C:\Users\E\Desktop\New Text Document (4).txt
2014-10-03 11:56 - 2014-08-30 09:55 - 00000004 _____ () C:\Users\E\AppData\Roaming\appdataFr2.bin
2014-10-01 11:11 - 2014-04-10 22:41 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-10-01 11:11 - 2014-04-10 22:41 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-10-01 11:11 - 2014-03-20 03:53 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-09-29 02:02 - 2014-01-21 22:22 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-29 02:02 - 2013-02-21 02:55 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-27 04:08 - 2014-02-23 22:27 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-09-25 06:05 - 2013-08-23 01:46 - 00005446 _____ () C:\WINDOWS\vmgcoinstall.log
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\zh-HK
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\uk-UA
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\tr-TR
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\th-TH
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\sr-Latn-RS
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\sl-SI
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\sk-SK
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\ro-RO
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\lv-LV
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\lt-LT
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\hr-HR
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\he-IL
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\et-EE
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\bg-BG
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\ar-SA
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\zh-HK
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\uk-UA
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\tr-TR
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\th-TH
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\sl-SI
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\sk-SK
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\ro-RO
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\lv-LV
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\lt-LT
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\hr-HR
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\he-IL
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\et-EE
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\bg-BG
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\ar-SA
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2014-09-25 05:59 - 2013-08-23 02:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-09-25 05:59 - 2013-08-23 00:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2014-09-25 05:59 - 2013-08-23 00:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-09-25 05:59 - 2013-08-23 00:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-09-25 05:59 - 2013-08-23 00:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-09-25 05:59 - 2013-08-23 00:36 - 00000000 ____D () C:\WINDOWS\servicing
2014-09-25 05:58 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2014-09-25 05:58 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-09-25 05:58 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2014-09-25 05:58 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-09-25 05:58 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-09-25 02:57 - 2013-08-23 02:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-25 02:57 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\security
2014-09-25 02:35 - 2013-08-23 02:36 - 00000000 ___SD () C:\WINDOWS\system32\dsc
2014-09-25 02:35 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Com
2014-09-25 02:35 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\Com
2014-09-25 02:35 - 2013-08-23 02:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-09-25 02:35 - 2013-08-23 02:36 - 00000000 ____D () C:\Program Files\Common Files\System
2014-09-25 02:35 - 2013-08-23 02:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-09-23 23:54 - 2014-02-24 03:19 - 00000600 _____ () C:\Users\E\AppData\Local\PUTTY.RND
2014-09-23 20:40 - 2013-05-29 19:50 - 00001006 _____ () C:\Users\E\Desktop\Dropbox.lnk
2014-09-17 03:50 - 2014-02-15 01:56 - 00000000 ____D () C:\EAC
2014-09-14 22:09 - 2014-08-30 04:45 - 00000000 ____D () C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-14 21:18 - 2012-11-20 00:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-09-14 21:15 - 2012-11-19 22:43 - 00000000 ____D () C:\Users\E\AppData\Local\VirtualStore
2014-09-14 19:53 - 2012-11-19 23:56 - 00000000 ____D () C:\Program Files (x86)\iTunes

Some content of TEMP:
====================
C:\Users\E\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkfcdki.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-13 03:38

==================== End Of Log ============================

and the addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-10-2014 02
Ran by E at 2014-10-14 00:44:18
Running from C:\Users\E\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Lavasoft Ad-Aware (Disabled - Up to date) {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Lavasoft Ad-Aware (Disabled - Up to date) {5BB89C30-6480-BC7C-9F17-199BD76F557A}
FW: Lavasoft Ad-Aware (Disabled) {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.2.0 - )
4Musics FLAC to MP3 Converter 4.0 (HKLM-x32\...\4Musics FLAC to MP3 Converter 4.0 Shareware_is1) (Version:  - NeSoft)
Ad-Aware Antivirus (HKLM-x32\...\{944167EA-7F89-4705-8DCD-1D63B53141B0}) (Version: 10.5.3.4405 - Lavasoft)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.05 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArtMoney SE v7.40.2 (HKLM-x32\...\ArtMoney SE_is1) (Version: 7.40.2 - System SoftLab)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Batman: Arkham City™ GOTY (HKLM-x32\...\GFWL_{57520FA0-DF38-46A1-8046-3B1000008500}) (Version: 1.0.0000.133 - WB Games)
Batman: Arkham City™ GOTY (x32 Version: 1.0.0000.133 - WB Games) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CamStudio (HKLM-x32\...\CamStudio) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Cloud System Booster (HKLM-x32\...\Cloud System Booster) (Version: 3.5 - Anvisoft)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
Dragon Age: Origins - Ultimate Edition (HKLM-x32\...\Steam App 47810) (Version:  - BioWare)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
DVD Audio Extractor 7.1.2 (HKLM-x32\...\DVD Audio Extractor_is1) (Version:  - Computer Application Studio)
EPUB File Reader (HKLM-x32\...\{818C5857-5C74-4CAC-9F43-E5597086852D}_is1) (Version:  - )
Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
FLAC 1.2.1b (remove only) (HKLM-x32\...\FLAC) (Version: 1.2.1b - Xiph.org)
FlacSquisher 1.2.0 (HKLM-x32\...\FlacSquisher) (Version: 1.2.0 - FlacSquisher)
Freecorder 5 (HKLM-x32\...\Freecorder5.11) (Version: 5.11 - Applian Technologies Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 32.0.1700.107 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.0 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
IBM SPSS Statistics 21 (HKLM\...\{1E26B9C2-ED08-4EEA-83C8-A786502B41E5}) (Version: 21.0.0.0 - IBM Corp)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
K-Lite Codec Pack 8.7.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.7.0 - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Last.fm Scrobbler 2.1.33 (HKLM-x32\...\LastFM_is1) (Version:  - Last.fm)
LAV Filters 0.51.3 (HKLM-x32\...\lavfilters_is1) (Version: 0.51.3 - Hendrik Leppkes)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Medieval II: Total War (HKLM-x32\...\Steam App 4700) (Version:  - The Creative Assembly)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4649.1003 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ Run Time  Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version:  - Monolith Productions, Inc.)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Mp3tag v2.53 (HKLM-x32\...\Mp3tag) (Version: v2.53 - Florian Heidenreich)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA 3D Vision Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Control Panel 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.154.1150 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version:  - Thomson Reuters)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SimCity 4 Deluxe (HKLM-x32\...\Steam App 24780) (Version:  - EA - Maxis)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SoulseekQt (HKLM-x32\...\SoulseekQt) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Supreme Commander (HKLM-x32\...\Steam App 9350) (Version:  - Gas Powered Games)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version:  - Telltale Games)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZip 17.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D7}) (Version: 17.0.10283 - WinZip Computing, S.L. )
Wondershare PDF to Word (Build 3.5.0) (HKLM-x32\...\{DE718DF0-3874-4873-9BC3-3A94944C916E}_is1) (Version: 3.5.0 - Wondershare Software)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3017090963-2871392586-185075185-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\E\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3017090963-2871392586-185075185-1001_Classes\CLSID\{3560575F-7C2D-48AE-AB45-DAD430A95EBE}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-3017090963-2871392586-185075185-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\E\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3017090963-2871392586-185075185-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\E\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3017090963-2871392586-185075185-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\E\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3017090963-2871392586-185075185-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\E\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3017090963-2871392586-185075185-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\E\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3017090963-2871392586-185075185-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\E\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3017090963-2871392586-185075185-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\E\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3017090963-2871392586-185075185-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\E\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3017090963-2871392586-185075185-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\E\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3017090963-2871392586-185075185-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\E\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3017090963-2871392586-185075185-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\E\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3017090963-2871392586-185075185-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\E\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 16:26 - 2014-09-24 04:16 - 00001952 ___RA C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com 3dns.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.adobe.com activate.wip.adobe.com 
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com adobe-dns.adobe.com 
127.0.0.1 adobeereg.com crl.verisign.net ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com 
127.0.0.1 lm.licenses.adobe.com lmlicenses.wip4.adobe.com na2m-pr.licenses.adobe.com ood.opsource.net practivate.adobe practivate.adobe.com practivate.adobe.ipp practivate.adobe.newoa practivate.adobe.ntp 
127.0.0.1 wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com wwis-dubc1-vip60.adobe.com www.adobeereg.com www.wip.adobe.com www.wip1.adobe.com 
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com cmdls.adobe.com na1r.services.adobe.com prod-rel-ffc-ccm.oobesaas.adobe.com 


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0088B22B-8FC6-4909-9D79-E3F2BF970A90} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-09-26] (Microsoft Corporation)
Task: {035792A1-D4EF-4A78-BF9A-AA9628C281A3} - System32\Tasks\Microsoft\Windows\Setup\SetupCleanupTask
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0AD061FA-4825-452A-8B2D-EE206501CA69} - System32\Tasks\RDReminder => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1A608752-1349-45C9-BD6F-3280DAEADC3C} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {1BEB037C-641C-4E61-A61B-2E1960675C2F} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {285E8E70-E07D-491E-B8D7-6C40B9386A3F} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-thepokey@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {3119B0FA-1D75-4423-8564-15048425E249} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-09-25] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3A12A225-863E-408A-BBCD-CB7464072CCF} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-09-26] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4DDAFE20-1ACB-4F76-AF88-937673559453} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-19] (Google Inc.)
Task: {59B245E2-D387-4603-BD70-6D3AC6B6D624} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6EC990F5-31E1-4CF1-ADBA-2416FF576F2E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-09-11] (Microsoft Corporation)
Task: {70055D2E-D207-4940-9DE2-92E8DD16158B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-19] (Google Inc.)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7ECD14B7-4AAB-4592-9CA3-31B54A94D694} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-09-26] (Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {C50B3EA8-01C6-4C98-9179-BC9E9EB8FD1B} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher.exe [2013-06-13] (Lavasoft Limited)
Task: {C7C4CA5F-00F6-4639-9FFE-4B23C296E426} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-12] (Microsoft Corporation)
Task: {CF99003B-3335-4516-AE51-1C2B6CB5B0D9} - \Dealply No Task File <==== ATTENTION
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E092CC58-ED49-4586-8344-AFD1DB1A5C3A} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EEC452A5-5117-4FAC-8D17-473492C809E1} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {F1FC99CE-8734-40BA-95FB-87CEE5FD2B99} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-21] (Piriform Ltd)
Task: {FCD98F7C-9A0A-4EA6-AE23-2F54E7CCB170} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-10-13 03:39 - 2014-07-03 05:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-09-14 21:14 - 2014-05-20 10:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-09-14 21:20 - 2014-09-26 07:33 - 08894120 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:40 - 2010-01-21 01:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-05-02 06:29 - 2014-05-02 06:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-06-26 03:39 - 2014-06-20 07:08 - 00192376 _____ () C:\Program Files (x86)\Ad-Aware Antivirus\Definitions\libBase64.dll
2013-06-26 03:39 - 2014-06-20 07:08 - 00180088 _____ () C:\Program Files (x86)\Ad-Aware Antivirus\Definitions\libMachoUniv.dll
2014-09-14 21:15 - 2014-09-26 07:33 - 08894120 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2010-01-09 20:18 - 2010-01-09 20:18 - 04254560 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:34 - 2010-01-21 01:34 - 08793952 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-10-13 17:06 - 2014-10-13 17:06 - 00043008 _____ () c:\users\e\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmps_pja5.dll
2013-08-24 06:01 - 2013-08-24 06:01 - 25100288 _____ () C:\Users\E\AppData\Roaming\Dropbox\bin\libcef.dll
2014-02-04 13:11 - 2014-02-02 10:41 - 00715592 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libglesv2.dll
2014-02-04 13:11 - 2014-02-02 10:41 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libegl.dll
2014-02-04 13:11 - 2014-02-02 10:42 - 04055368 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll
2014-02-04 13:11 - 2014-02-02 10:42 - 00399688 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
2014-02-04 13:11 - 2014-02-02 10:41 - 01634632 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
2014-09-01 02:06 - 2014-08-22 05:15 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-09-01 02:06 - 2014-08-22 05:15 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-09-01 02:06 - 2014-08-22 05:15 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2013-03-12 17:10 - 2014-09-04 06:28 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-25 00:40 - 2014-09-23 15:32 - 02226880 _____ () C:\Program Files (x86)\Steam\video.dll
2014-09-01 02:06 - 2014-08-22 05:15 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-09-01 02:06 - 2014-08-22 05:15 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2012-11-20 00:05 - 2014-09-23 15:32 - 00679616 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2012-11-20 00:05 - 2014-09-05 10:29 - 34589376 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\E\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "AdobeCS5.5ServiceManager"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "Ad-Aware Antivirus"
HKLM\...\StartupApproved\Run32: => "Ad-Aware Browsing Protection"
HKLM\...\StartupApproved\Run32: => "Search Protection"
HKCU\...\StartupApproved\StartupFolder: => "OneNote 2010 Screen Clipper and Launcher.lnk"
HKCU\...\StartupApproved\Run: => "Steam"
HKCU\...\StartupApproved\Run: => "CloudSystemBooster"
HKCU\...\StartupApproved\Run: => "Optimizer Pro"
HKCU\...\StartupApproved\Run: => "msnmsgr"

========================= Accounts: ==========================

Administrator (S-1-5-21-3017090963-2871392586-185075185-500 - Administrator - Disabled)
E (S-1-5-21-3017090963-2871392586-185075185-1001 - Administrator - Enabled) => C:\Users\E
Guest (S-1-5-21-3017090963-2871392586-185075185-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3017090963-2871392586-185075185-1007 - Limited - Enabled)
UpdatusUser (S-1-5-21-3017090963-2871392586-185075185-1004 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/13/2014 05:04:48 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (3560) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Error: (10/13/2014 05:04:38 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (4036) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Error: (10/10/2014 02:17:44 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: TUCKERBOX)
Description: App Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo did not launch within its allotted time.

Error: (10/09/2014 03:01:47 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.

Error: (10/09/2014 03:00:24 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (10/08/2014 03:01:35 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.

Error: (10/08/2014 03:00:26 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (10/07/2014 03:01:40 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.

Error: (10/07/2014 03:00:20 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (10/06/2014 03:01:45 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.


System errors:
=============
Error: (10/13/2014 06:11:44 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk2\DR2, has a bad block.

Error: (10/13/2014 04:08:08 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The BranchCache service terminated with the following service-specific error: 
%%1260

Error: (10/13/2014 04:08:03 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (10/13/2014 04:07:38 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error: 
%%1058

Error: (10/13/2014 04:07:38 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error: 
%%1058

Error: (10/13/2014 04:07:38 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error: 
%%1058

Error: (10/13/2014 04:07:36 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error: 
%%1058

Error: (10/13/2014 04:07:36 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error: 
%%1058

Error: (10/13/2014 04:07:36 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error: 
%%1058

Error: (10/13/2014 04:07:36 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error: 
%%1058


Microsoft Office Sessions:
=========================
Error: (10/13/2014 05:04:48 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail3560WindowsMail0:

Error: (10/13/2014 05:04:38 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail4036WindowsMail0:

Error: (10/10/2014 02:17:44 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: TUCKERBOX)
Description: Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo

Error: (10/09/2014 03:01:47 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: c:\program files\WinZip\adxloader.dll.Manifestc:\program files\WinZip\adxloader.dll.Manifest2

Error: (10/09/2014 03:00:24 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1

Error: (10/08/2014 03:01:35 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: c:\program files\WinZip\adxloader.dll.Manifestc:\program files\WinZip\adxloader.dll.Manifest2

Error: (10/08/2014 03:00:26 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1

Error: (10/07/2014 03:01:40 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: c:\program files\WinZip\adxloader.dll.Manifestc:\program files\WinZip\adxloader.dll.Manifest2

Error: (10/07/2014 03:00:20 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1

Error: (10/06/2014 03:01:45 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: c:\program files\WinZip\adxloader.dll.Manifestc:\program files\WinZip\adxloader.dll.Manifest2


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 25%
Total physical RAM: 16335.79 MB
Available physical RAM: 12138.32 MB
Total Pagefile: 19279.79 MB
Available Pagefile: 13808.4 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.92 GB) (Free:1194.27 GB) NTFS
Drive d: (MIDDLE_EARTH_SOM_D5) (CDROM) (Total:2.08 GB) (Free:0 GB) UDF
Drive e: (Elements) (Fixed) (Total:931.28 GB) (Free:216.2 GB) FAT32
Drive f: (Seagate Expansion Drive) (Fixed) (Total:1863.01 GB) (Free:865.95 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 5042E78B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: E8900690)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=0C)

========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: E1AFE29B)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End Of Log ============================


#15 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:37 AM

Posted 16 October 2014 - 09:05 AM

Going over your logs I noticed that you have µTorrent installed.

  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall µTorrent, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.
If you wish to keep it, please do not use it until your computer is cleaned.

 

 

 

 

We need to remove some programs with Revo Uninstaller Free:


Note: Revo Uninstaller is more thorough in deleting programs on your computer than using the Add/Remove option in Windows. Since it is a more powerful tool, please be sure to follow the instructions carefully.
Note: If the program you want to uninstall is not listed by Revo, let me know and we will try an altenate method of removal.

  • Please download and install Revo Uninstaller Free
    note: there is no need to click anything on that page, the download will start automatically
  • Double click Revo Uninstaller to run it
  • From the list of programs double click on the listed program(s), or anything similar, to remove it:
    Freecorder 5
  • When prompted if you want to uninstall click Yes
  • Be sure the Moderate option is selected then click Next
  • The program will run, If prompted again click Yes
  • When the built-in uninstaller is finished click on Next
  • Once the program has searched for leftovers click Next
  • Check the items in bold only on the list then click Delete
    note: you may have to expand some folders by clicking the "+" mark
  • When prompted click on Yes and then on Next
  • Put a check on any folders that are found and select Delete
  • When prompted select Yes then Next
  • Once done click Finish

 

 

 

 

Fix with FRST (normal mode)

WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

  • Download the attached fixlist.txt and save it to the location where FRST is saved to.
  • Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

Full System Scan with Malwarebytes Antimalware

  • If not existing, please download Malwarebytes Anti-Malware to your desktop.
  • Double-click the downloaded setup file and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:

    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.

  • Click Finish.


If the program is already installed:
  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.


  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

Attached Files


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users